Work arounds

Author: ibuildthecloud

Dockerfile

@@ -72,7 +72,7 @@ RUN zypper in -y \
     vim \
     which
 
-RUN curl -L https://github.com/rancher/rancherd/releases/download/v0.0.1-alpha04/rancherd-${ARCH} > /usr/bin/rancherd && \
+RUN curl -L https://github.com/rancher/rancherd/releases/download/v0.0.1-alpha05/rancherd-${ARCH} > /usr/bin/rancherd && \
     chmod +x /usr/bin/rancherd
 
 ARG CACHEBUST

files/etc/cos/bootargs.cfg

@@ -0,0 +1,8 @@
+set kernel=/boot/vmlinuz
+if [ -n "$recoverylabel" ]; then
+    set kernelcmd="console=tty1 console=ttyS0 root=live:LABEL=$recoverylabel rd.live.dir=/ rd.live.squashimg=$img panic=5"
+else
+    set kernelcmd="console=tty1 console=ttyS0 root=LABEL=$label cos-img/filename=$img panic=5 security=selinux selinux=1"
+fi
+
+set initramfs=/boot/initrd

files/usr/lib/issue.d/90-SUSE files/etc/issue.d/10-SUSEfiles/usr/lib/issue.d/90-SUSE renamed to files/etc/issue.d/10-SUSE

@@ -13,6 +13,5 @@ repositories:
   priority: 1
   verify: false
   urls:
-  - "ibuildthecloud/releases-sle"
-    #- "quay.io/costoolkit/releases-opensuse"
+  - "quay.io/costoolkit/releases-opensuse"
 

files/etc/luet/luet.yaml

@@ -0,0 +1,14 @@
+[Unit]
+Description=cOS system early rootfs setup
+DefaultDependencies=no
+After=initrd-root-fs.target
+Requires=initrd-root-fs.target
+Conflicts=initrd-switch-root.target
+
+[Service]
+Type=oneshot
+ExecStartPre=/usr/bin/ln -sf -t / /sysroot/system
+ExecStart=/usr/bin/cos-setup rootfs
+
+[Install]
+RequiredBy=initrd-fs.target

files/lib/systemd/system/cos-setup-rootfs.service

@@ -0,0 +1,22 @@
+[Unit]
+Description=Rancher Bootstrap
+Documentation=https://github.com/rancher/rancherd
+Wants=network-online.target
+After=network-online.target
+
+[Install]
+WantedBy=multi-user.target
+
+[Service]
+Type=oneshot
+EnvironmentFile=-/etc/default/%N
+EnvironmentFile=-/etc/sysconfig/%N
+KillMode=process
+# Having non-zero Limit*s causes performance problems due to accounting overhead
+# in the kernel. We recommend using cgroups to do container-local accounting.
+LimitNOFILE=1048576
+LimitNPROC=infinity
+LimitCORE=infinity
+TasksMax=infinity
+TimeoutStartSec=0
+ExecStart=/usr/bin/rancherd bootstrap

files/lib/systemd/system/rancherd.service

@@ -1,36 +1,40 @@
 name: "ROS Rootfs Layout Settings"
 stages:
-  rootfs.after:
+  initramfs:
     - if: '[ -z "$(blkid -L COS_SYSTEM || true)" ]'
       commands:
       - |
-        set -x
-        target=/sysroot/usr/local/.ros-state
+        target=/usr/local/.ros-state
 
         # Always want the latest update of systemd conf from the image
         mkdir -p ${target}/etc/systemd/
-        rsync -a /sysroot/etc/systemd/ ${target}/etc/systemd/
+        rsync -av /etc/systemd/ ${target}/etc/systemd/
 
         # Only populate ssh conf once
         if [ ! -e ${target}/etc/ssh ]; then
           mkdir -p ${target}/etc/ssh/
-          rsync -a /sysroot/etc/ssh/ ${target}/etc/ssh/
+          rsync -a /etc/ssh/ ${target}/etc/ssh/
         fi
 
+        sed -i '/overlay \/home /d' /etc/fstab
+        sed -i '/overlay \/opt /d' /etc/fstab
+        nsenter -m -t 1 -- umount /sysroot/home
+        nsenter -m -t 1 -- umount /sysroot/opt
+
         # setup directories as persistent
         for i in root opt home var/lib/rancher var/lib/kubelet etc/systemd etc/rancher etc/ssh usr/libexec var/log var/lib/wicked; do
-          mkdir -p ${target}/$i /sysroot/$i
-          mount ${target}/$i /sysroot/$i -t none -o bind
+          mkdir -p ${target}/$i /$i
+          nsenter -m -t 1 -- mount /sysroot${target}/$i /sysroot/$i -t none -o bind
         done
 
         # This is hidden so that if you run some selinux label checking or relabeling the bind
         # mount won't screw up things.  If you have two files at different paths they will get
         # labeled with two different labels.
         mkdir -p ${target}/empty
-        mount ${target}/empty ${target} -o bind,ro
+        nsenter -m -t 1 -- mount /sysroot${target}/empty /sysroot${target} -o bind,ro
 
         # ensure /var/log/journal exists so it's labeled correctly
-        mkdir -p /sysroot/var/log/journal
+        nsenter -m -t 1 -- mkdir -p /sysroot/var/log/journal
   initramfs.after:
     - if: '[ -z "$(blkid -L COS_SYSTEM || true)" ]'
       commands: