Red Hat Enterprise Linux 8 Troubleshooting: Image Builder

Red Hat Enterprise Linux 8 Image Builder is an image-building tool and a live bootable image creator allowing the end-user to create customized and supported Red Hat Enterprise Linux image. This course teaches students how to define, list features, configure, and install Image Builder. Students will also learn how to modify packages selected for building images, customize a blueprint for post-installation tasks, and identify common issues.

Image Builder (Composer)

Objectives

On completing this training, you should be able to:

• Define Image Builder in Red Hat Enterprise Linux 8 and list some of its features
• Install and configure Image Builder and its web console plugin in RHEL 8
• Use Image Builder in the web console to modify packages selected for building images
• Customize a blueprint for post-installation tasks like adding users and SSH keys
• Identify and investigate common issues with Image Builder

Prerequisites

This training assumes that you are a Red Hat Certified System Administrator (RHCSA) or that you have equivalent experience with RHEL.

Image Builder Overview

What is Image Builder?

Image Builder is an image-building tool and live bootable image creator.

• Introduced in RHEL 7.6 and RHEL 8
• Create custom deployable images (selected packets, post-install configuration, etc.)
• Customize images for third-party packages and updated RHEL Errata content
• Create images in a variety of formats for deployment to a variety of environments

Image Builder was called Composer through the RHEL 8 Beta.

Before Image Builder:

• Creating customized RHEL images was unsupported
• Clients and partners often requested the ability to customize
• Customization grew in importance for cloud environments

Features & benefits

• Provides an end user with the ability to create supported custom RHEL images according to their needs
• Reduces deployment and configuration time on public cloud services
• Supports various output image formats for various environments
• Can be used to create images for deployment in a disconnected environment
• Output images can be configured for custom repositories (diverge from the Red Hat Content Delivery Network defaults)
• Provides package selection and configuration from a user-friendly web UI in the RHEL 8 web console
• Allows users to save and alter image configuration to create multiple replicas with a few clicks

Output image formats

Image Builder allows you to build custom images in various formats, including:

• Raw disk (.img)
• Live ISO (.iso)
• File system (.img)
• Tarball (.tar.xz)
• VMDK (VMware? vSphere? Hypervisor)
• AMI (Amazon Web Services?)
• VHD (Microsoft? Azure?)
• QCOW2 for KVM, Red Hat Virtualization, Red Hat Satellite, and Red Hat CloudForms
• QCOW2 for OpenStack

Image Builder Interfaces

Image Builder API & back end

• Image Builder is an application programming interface (API) server for building disk images.
• Image Builder provides its functionality through API endpoints.
• Two front-end tools use this API:
• Command-line interface (composer-cli)
• Plugin for the RHEL 8 web console (cockpit-composer)

Behind the API: Image Builder uses the Lorax and livemedia-creator tool, which uses Anaconda and other utilities to create images:

Image Builder CLI

• Command: composer-cli
• Provides a command-line interface for using Image Builder
• Has some functions that are only available in the CLI (e.g. post-install configuration)

Image Builder plugin for the RHEL 8 web console

• Plugin: cockpit-composer
• A GUI for Image Builder within the RHEL 8 web console
• Allows using Image Builder remotely from a web interface
• Does not require having the GUI packages installed on the RHEL system
• Currently: the Image Builder functions available in the web console are more limited than in the CLI

How to Install Image Builder

Before installing Composer, ensure that you have:

• Installed RHEL 8
• Enabled networking
• Registered the system and attached a valid subscription

Install composer with both the CLI and the web console plugin:

# yum install lorax lorax-composer composer-cli cockpit-composer

Recall: Lorax is a back-end tool that Image Builder uses to create Anaconda install images.

Enable and start the lorax-composer service:

# systemctl enable --now lorax-composer.socket

Restart the cockpit service to load the newly installed Image Builder plugin in the web console:

# systemctl restart cockpit.service

Note

If you use the terminal in the web console to restart cockpit.service, you will be disconnected from the console. Log in again after the service restart to resume using the console.

How to Use Image Builder

Create blueprints

• Blueprint = a list of preselected components (packages or software groups) that form a template for a custom image
• Create multiple images in multiple supported formats from the same blueprint
• A blueprint saves a record of the inputs and instructions for an image build

Customize blueprints

• Create Blueprint opens the interface shown here
• Select components to customize the system
• A component can be either an RPM package or a Yum module
• Click Commit to save that blueprint
• Edit the blueprint as needed to add or remove components

Note

Recall that post-installation configuration is not yet implemented in the web console interface for Image Builder.

Create images

• After creating a blueprint, you can create images based on that blueprint
• The pages for viewing and for editing a blueprint each include a button to build an image
• Image Builder allows building any of the supported images from a blueprint

Lab 1

In this lab, you will create one blueprint and create one tar image using that blueprint.

To successfully complete this activity, you must:

• Install lorax-composer, cockpit-composer, and their dependencies on servera.example.com.
• Create a blueprint called composer-test in the web console.
• Add the bison package to the composer-test blueprint.
• Create a tar image using the composer-test blueprint. Please note that image creation takes more than five minutes.

Click here to watch Video Demonstation:-

Lab 2

In this lab, you will edit your previously created blueprint to add and remove packages. Then, you will create a QCOW2 image using that modified blueprint.

To successfully complete this activity, you must:

• Open the composer-test blueprint for editing.
• Remove the bison package.
• Add these packages: findutils, diffutils, pciutils
• Create a QCOW2 image for KVM using the composer-test blueprint

Click here to watch Video Demonstation:-

Issues & Troubleshooting

Where to investigate Image Builder issues

Configuration file:

/etc/lorax/composer.conf

Log files:

/var/log/lorax-composer/composer.log

/var/log/lorax-composer/dnf.log

/var/log/lorax-composer/program.log

/var/log/lorax-composer/server.log

Check the status and error messages for the lorax-composer service:

systemctl status lorax-composer.service

Get detailed logs about the lorax-composer service:

journalctl -fu lorax-composer

Get a list of blueprints:

composer-cli blueprints list

Confirm whether Image Builder is getting the Yum (DNF) sources correctly and not using a third-party image:

composer-cli sources list

Common issues

• Misconfigured repository sources
• lorax-composer.socket is not enabled
• Error message in the web console: 'An error occurred. not-found'
• Old version of Image Builder needed SELinux needs to be Permissive
• This is fixed in the latest version
• Bug addressing this limitation: https://bugzilla.redhat.com/show_bug.cgi?id=1645189

Known issue: user accounts on images generated from the web console

Images created with Image Builder in the web console:

• Have their root account locked for security purposes
• By default, do not have any other users configured
• Cannot have a user added using just the web console (requires the CLI)

This results in images that have no way to log in.

Workaround for clouds only:

• Deploy the image on a cloud and use cloud_init to add new users to them.
• See RHEL 8 Beta documentation for vendor-specific instructions:
• Installing and deploying RHEL (RHEL 8), Chapter 7, "Creating Cloud Images With Composer"

Otherwise use the Image Builder CLI (composer-cli) or edit blueprints manually.

Track this bug: Bug 1655862 - Option to include username or custom settings in the blueprint

Note

You can view some screen captures of a proposed fix here on GitHub. That final fix may differ from this proposal.

Customize a blueprint

To customize a blueprint:

1. Download a copy of the blueprint configuration file from Image Builder:

composer-cli blueprints save <blueprint-name>

2. Edit that file (e.g. blueprint-name.toml).

3. Push the revised blueprint configuration file back to Image Builder:

composer-cli blueprints push <blueprint-name.toml>

Blueprint configuration files follow TOML (Tom's Obvious, Minimal Language) format, which uses key/value pairs. For more information, see TOML on GitHub.

Add SSH keys for root

Append lines to the blueprint configuration file to add SSH keys for a user.

SSH keys for the root user:

[[customizations.sshkey]]
user = "root"
key = "<public SSH key>"

If you copy the contents of your personal public key file (e.g. .ssh/id_rsa.pub) to the value of key, you should be able to use SSH to log in as root on systems launched from the resulting image.

Add users

Append lines to the blueprint configuration file to add a new user.

New user myuser:

[[customizations.user]]
name = "myuser"
password = "<password in plain text OR an encrypted password string>"
key = "<public SSH key>"
shell = "/usr/bin/bash"
groups = ["users", "wheel"]
uid = 1001
gid = 1001

To generate encrypted password string:

python3 -c "import crypt, getpass; print(crypt.crypt(getpass.getpass(), crypt.METHOD_SHA512))"

Note

Demonstration of editing a blueprint configuration:

RHEL 8 Beta - Building Custom RHEL Images With Image Builder (Composer) (YouTube)

Lab 3

In this lab, you will modify the composer-test blueprint configuration file to add new user user1 and to add a public SSH key for the root user. Then, you will create a QCOW2 image using that modified blueprint.

To successfully complete this activity, you must:

• Save the composer-test blueprint to /root on your servera system using the composer-cli command.
• Configure a new user user1 with password pass1, and that user belongs to the wheel and users groups.
• Configure an SSH key for the root user. You can find your root user's public key file on servera at /root/.ssh/composer_rsa.pub.
• Push the modified composer-test blueprint, and confirm that your changes are applied.
• Use the RHEL 8 web console to create a QEMU QCOW2 Image (.qcow2) using the composer-test blueprint.

Feedback

Thank you for taking time to provide feedback about this training using the form below.

How likely are you to recommend this article module to other associates?

-:Click here for feedback:-

Join the Summer Internship 2020:-

Registration Link:- Click Here

?