-
Notifications
You must be signed in to change notification settings - Fork 170
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
docs/cosa/run: Add PXE with Shim and UEFI Secure Boot example #3806
Conversation
2bf428c
to
5de93ac
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
small typo otherwise LGTM
I did not replicate though
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice! Thanks for looking at this.
docs/cosa/run.md
Outdated
|
||
1. Download a kernel, initramfs, rootfs and shim binary | ||
2. Combine initramfs + roots into a single file: `cat kernel.img initramfs.img > combined.img` | ||
3. Create an empty disk image (bug in kola): `touch disk.img` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What did you hit?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
kola asks for a disk image:
$ cosa run -c --netboot pxe/shimx64.efi -m 4096 --qemu-firmware uefi-secure
COREOS_ASSEMBLER_ADD_CERTS=y
+cosa:16> podman run --rm -ti --security-opt 'label=disable' --privileged '--uidmap=1000:0:1' '--uidmap=0:1:1000' --uidmap 1001:1001:64536 -v /var/home/tim/projects/rhcos.images:/srv/ --device /dev/kvm --device /dev/fuse --tmpfs /tmp -v /var/tmp:/var/tmp '--volume=/etc/pki/ca-trust:/etc/pki/ca-trust:ro' quay.io/coreos-assembler/coreos-assembler:latest run -c --netboot pxe/shimx64.efi -m 4096 --qemu-firmware uefi-secure
Error: No disk image provided
2024-05-16T15:41:40Z cli: No disk image provided
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not sure why, have not dig into this yet
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
#3807 thanks to @jbtrystram
f2afb02
to
c242445
Compare
docs/cosa/run.md
Outdated
1. Download a kernel, initramfs, rootfs, shim and GRUB binary | ||
3. Create an empty disk image (bug in kola): `touch disk.img` | ||
4. Setup `grub.cfg` | ||
5. Netboot the result. Be patient as TFTP is slow. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
5. Netboot the result. Be patient as TFTP is slow. | |
5. Netboot the result. Be patient as TFTP is slow. Alternatively, use `coreos.live.rootfs_url` to fetch the rootfs over HTTP (see previous example) and remove it from the `initrd` line below. |
I guess I should've mentioned that kola http-server
is a thing in these instructions.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah, I didn't know that existed :). Will take a look.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @jlebon for the pointer,
- run
cosa shell
, then runkola http-server
to start http server. - run
podman exec -it cosa bash
, then run command usingcoreos.live.rootfs_url=http://10.0.2.2:8000/live-rootfs.x86_64.img
works.
c242445
to
38b025e
Compare
38b025e
to
0b53c4e
Compare
OK, this is now updated with the latest suggestions from #3806 (comment) and this boots quickly! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
# multiple instances of cosa (see https://coreos.github.io/coreos-assembler/building-fcos/#running-multiple-instances) | ||
$ podman ps | grep quay.io/coreos-assembler/coreos-assembler | ||
7fedc84484a6 quay.io/coreos-assembler/coreos-assembler:latest kola http-server 5 minutes ago Up 5 minutes hopeful_haibt | ||
$ podman exec -ti 7fedc84484a6 bash |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
FYI there is podman exec -l
to target the last created container :)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That sounds like a good idea but I'm not fully aware of the semantics thus not confident in replacing those "manual" instructions.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Will have to give it a try.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yeah 100%. Your instructions are safer here. I learned about it recently so I thought I'd share the tip
/override rhcos |
@travier: /override requires failed status contexts, check run or a prowjob name to operate on.
Only the following failed contexts/checkruns were expected:
If you are trying to override a checkrun that has a space in it, you must put a double quote on the context. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
/override ci/prow/rhcos |
@travier: Overrode contexts on behalf of travier: ci/prow/rhcos In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
echo "Loading kernel" | ||
linux /rhcos-4.14.0-x86_64-live-kernel-x86_64 ignition.firstboot ignition.platform.id=metal console=ttyS0 coreos.live.rootfs_url=http://10.0.2.2:8000/pxe/rhcos-4.14.0-x86_64-live-rootfs.x86_64.img ignition.config.url=http://10.0.2.2:8000/pxe/config.ign | ||
echo "Loading initrd" | ||
initrd rhcos-4.14.0-x86_64-live-initramfs.x86_64.img rhcos-4.14.0-x86_64-live-rootfs.x86_64.img |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We should only list the initramfs here now that we're serving the rootfs over HTTP.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah good point. I'll make a followup
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
See: coreos#3806 (comment) Fixes: 0b53c4e docs/cosa/run: Add PXE with Shim and UEFI Secure Boot example
See: coreos#3806 (comment) Fixes: 0b53c4e docs/cosa/run: Add PXE with Shim and UEFI Secure Boot example
See: #3806 (comment) Fixes: 0b53c4e docs/cosa/run: Add PXE with Shim and UEFI Secure Boot example
Fixes: #3804