KylinV10 桌面版容器镜像制作
准备 buildah
构建 buildah
$ sudo apt install libgpgme-dev libdevmapper-dev libseccomp-dev
$ git clone https://github.com/containers/buildah.git
$ cd buildah/
$ git checkout v1.26.1
$ make
$ sudo cp bin/buildah /usr/bin/
$ buildah --version
buildah version 1.26.1 (image-spec 1.0.2-dev, runtime-spec 1.0.2-dev)
配置 buildah
$ sudo mkdir /etc/containers/
$ sudo vi /etc/containers/policy.json
{
"default": [
{
"type": "insecureAcceptAnything"
}
]
}
containers-policy.json
https://github.com/containers/image/blob/v5.21.1/docs/containers-policy.json.5.md
准备 debootstrap
安装 debootstrap
$ sudo apt install debootstrap
测试 debootstrap
debootstrap 命令行参数如下:
$ debootstrap [OPTION]... <suite> <target> [<mirror> [<script>]]
<mirror> 为 apt 源地址,参数根据实际情况进行调整,当前 KylinV10 桌面版的地址如下:
deb http://archive.kylinos.cn/kylin/KYLIN-ALL 10.1 main universe multiverse restricted
deb http://archive2.kylinos.cn/deb/kylin/production/PART-V10-SP1/custom/partner/V10-SP1 default all
<script> 在 Ubuntu 下(KylinV10 桌面版实际上就是 Ubuntu)都是指向的 gutsy:
$ ls -l /usr/share/debootstrap/scripts/focal
lrwxrwxrwx 1 root root 5 Apr 27 00:56 /usr/share/debootstrap/scripts/focal -> gutsy
$ ls -l /usr/share/debootstrap/scripts/jammy
lrwxrwxrwx 1 root root 5 Apr 27 00:56 /usr/share/debootstrap/scripts/jammy -> gutsy
可以通过 --print-debs 测试看看效果:
$ debootstrap --print-debs --variant minbase --no-check-gpg 10.1 /tmp/$$ \
http://archive.kylinos.cn/kylin/KYLIN-ALL gutsy
$ debootstrap --print-debs --variant minbase --include bash --no-check-gpg --verbose 10.1 /tmp/$$ \
http://archive.kylinos.cn/kylin/KYLIN-ALL gutsy
制作镜像
制作镜像的命令行如下:
$ sudo su
# buildah from scratch
working-container
# scratchmnt=$(buildah mount working-container)
# debootstrap --components main,universe,multiverse,restricted \
--variant minbase --include libc6,kysec-utils --exclude bash --no-check-gpg \
10.1 $scratchmnt \
http://archive.kylinos.cn/kylin/KYLIN-ALL gutsy
# buildah config --cmd /bin/sh working-container
# buildah commit working-container kylinv10d
# buildah unmount working-container
可以将制作的镜像转成本地 docker 镜像:
# buildah push kylinv10d docker-daemon:kylinv10d:latest
# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
kylinv10d latest f2c291e1ff10 19 seconds ago 363MB
注意:当前 KylinV10 桌面版的 bash 安装包存在如下问题,所以需要在上面的命令行中将 bash 排除(可以后面再通过 dpkg 解压 bash 安装包来进行手工安装)。
Preparing to unpack .../bash_5.0-6kylin1k6_amd64.deb ...
dpkg (subprocess): unable to execute new bash package pre-installation script (/var/lib/dpkg/tmp.ci/preinst): No such file or directory
dpkg: error processing archive /var/cache/apt/archives/bash_5.0-6kylin1k6_amd64.deb (--unpack):
new bash package pre-installation script subprocess returned error exit status 2
Errors were encountered while processing:
/var/cache/apt/archives/bash_5.0-6kylin1k6_amd64.deb
E: Sub-process /usr/bin/dpkg returned an error code (1)
故障规避
使用 buildah 的过程中,使用 buildah run 运行容器可能会出现如下的错误(通过 unshare 命令可以模拟出来这个错误):
# buildah run working-container id
error running container: error from creating container for [/usr/bin/id]: : fork/exec : no such file or directory
ERRO[0000] did not get container create message from subprocess: EOF
error while running runtime: exit status 1
通过添加 --isolation chroot 选项可以规避这个问题:
# buildah run --isolation chroot working-container id
uid=0(root) gid=0(root) groups=0(root)
使用 docker 运行容器没有这个问题。
最后修改于 2022-06-12