Minimize base image.
This commit is contained in:
parent
7b4e013126
commit
67b144cbf9
|
|
@ -23,10 +23,10 @@
|
||||||
# Because it's generating a base image and uses containerization features itself.
|
# Because it's generating a base image and uses containerization features itself.
|
||||||
# In the future some of this can be lifted.
|
# In the future some of this can be lifted.
|
||||||
|
|
||||||
FROM quay.io/fedora/fedora:rawhide as repos
|
FROM quay.io/fedora/fedora:41 as repos
|
||||||
|
|
||||||
# BOOTSTRAPPING: This can be any image that has rpm-ostree and selinux-policy-targeted.
|
# BOOTSTRAPPING: This can be any image that has rpm-ostree and selinux-policy-targeted.
|
||||||
FROM quay.io/fedora/fedora:rawhide as builder
|
FROM quay.io/fedora/fedora:41 as builder
|
||||||
RUN dnf -y install rpm-ostree selinux-policy-targeted
|
RUN dnf -y install rpm-ostree selinux-policy-targeted
|
||||||
ARG MANIFEST=fedora-bootc.yaml
|
ARG MANIFEST=fedora-bootc.yaml
|
||||||
COPY --from=repos /etc/dnf/vars /etc/dnf/vars
|
COPY --from=repos /etc/dnf/vars /etc/dnf/vars
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,5 @@
|
||||||
|
podman build \
|
||||||
|
--security-opt=label=disable \
|
||||||
|
--cap-add=all \
|
||||||
|
--device /dev/fuse \
|
||||||
|
-t localhost/fedora-bootc .
|
||||||
|
|
@ -3,15 +3,8 @@
|
||||||
packages:
|
packages:
|
||||||
# Additional file compression/decompression
|
# Additional file compression/decompression
|
||||||
- bzip2 zstd
|
- bzip2 zstd
|
||||||
# Improved MOTD experience
|
|
||||||
- console-login-helper-messages-issuegen
|
|
||||||
- console-login-helper-messages-profile
|
|
||||||
# kdump support
|
# kdump support
|
||||||
# https://github.com/coreos/fedora-coreos-tracker/issues/622
|
# https://github.com/coreos/fedora-coreos-tracker/issues/622
|
||||||
- kexec-tools
|
- kexec-tools
|
||||||
# Container tooling
|
|
||||||
- toolbox
|
|
||||||
# nvme-cli for managing nvme disks
|
# nvme-cli for managing nvme disks
|
||||||
- nvme-cli
|
- nvme-cli
|
||||||
# Used by admins interactively
|
|
||||||
- lsof
|
|
||||||
|
|
|
||||||
|
|
@ -3,28 +3,18 @@ recommends: true
|
||||||
|
|
||||||
include:
|
include:
|
||||||
- ../tier-x/manifest.yaml
|
- ../tier-x/manifest.yaml
|
||||||
- autoupdates.yaml
|
|
||||||
- networking-tools.yaml
|
- networking-tools.yaml
|
||||||
- system-configuration.yaml
|
- system-configuration.yaml
|
||||||
- coreos-user-experience.yaml
|
- coreos-user-experience.yaml
|
||||||
- persistent-journal.yaml
|
- persistent-journal.yaml
|
||||||
- initramfs-full.yaml
|
- initramfs-full.yaml
|
||||||
- generic-growfs.yaml
|
|
||||||
|
|
||||||
packages:
|
packages:
|
||||||
# Include and set the default editor
|
|
||||||
- nano
|
|
||||||
- nfs-utils
|
- nfs-utils
|
||||||
# Additional firewall support; we aren't including these in RHCOS or they
|
# Additional firewall support; we aren't including these in RHCOS or they
|
||||||
# don't exist in RHEL
|
# don't exist in RHEL
|
||||||
- iptables-services
|
- iptables-services
|
||||||
- WALinuxAgent-udev
|
- WALinuxAgent-udev
|
||||||
# Allow communication between sudo and SSSD
|
|
||||||
# for caching sudo rules by SSSD.
|
|
||||||
# https://github.com/coreos/fedora-coreos-tracker/issues/445
|
|
||||||
- libsss_sudo
|
|
||||||
# SSSD; we only ship a subset of the backends
|
|
||||||
- sssd-client sssd-ad sssd-ipa sssd-krb5 sssd-ldap
|
|
||||||
# Used by admins interactively
|
# Used by admins interactively
|
||||||
- openssl
|
- openssl
|
||||||
# Provides terminal tools like clear, reset, tput, and tset
|
# Provides terminal tools like clear, reset, tput, and tset
|
||||||
|
|
@ -34,19 +24,10 @@ packages:
|
||||||
# zram-generator (but not zram-generator-defaults) for F33 change
|
# zram-generator (but not zram-generator-defaults) for F33 change
|
||||||
# https://github.com/coreos/fedora-coreos-tracker/issues/509
|
# https://github.com/coreos/fedora-coreos-tracker/issues/509
|
||||||
- zram-generator
|
- zram-generator
|
||||||
# This one is in Python so isn't in FCOS, but we can safely add it here.
|
|
||||||
- sos
|
|
||||||
|
|
||||||
# These are random architecture-specific packages
|
# These are random architecture-specific packages
|
||||||
packages-x86_64:
|
packages-x86_64: []
|
||||||
- irqbalance
|
packages-aarch64: []
|
||||||
packages-ppc64le:
|
|
||||||
- irqbalance
|
|
||||||
- librtas
|
|
||||||
- powerpc-utils-core
|
|
||||||
- ppc64-diag-rtas
|
|
||||||
packages-aarch64:
|
|
||||||
- irqbalance
|
|
||||||
|
|
||||||
postprocess:
|
postprocess:
|
||||||
# Undo RPM scripts enabling units; we want the presets to be canonical
|
# Undo RPM scripts enabling units; we want the presets to be canonical
|
||||||
|
|
|
||||||
|
|
@ -3,9 +3,6 @@
|
||||||
packages:
|
packages:
|
||||||
# Explicit dep for RHEL >= 10
|
# Explicit dep for RHEL >= 10
|
||||||
- crypto-policies-scripts
|
- crypto-policies-scripts
|
||||||
# Configuring SSH keys, cloud provider check-in, etc
|
|
||||||
# TODO: needs Ignition kargs
|
|
||||||
# - afterburn afterburn-dracut
|
|
||||||
# NTP support
|
# NTP support
|
||||||
- chrony
|
- chrony
|
||||||
# Storage configuration/management
|
# Storage configuration/management
|
||||||
|
|
@ -25,6 +22,3 @@ packages:
|
||||||
# /etc/logrotate.d to work. Really, this is a legacy thing, but if we don't
|
# /etc/logrotate.d to work. Really, this is a legacy thing, but if we don't
|
||||||
# have it then people's disks will slowly fill up with logs.
|
# have it then people's disks will slowly fill up with logs.
|
||||||
- logrotate
|
- logrotate
|
||||||
# Boost starving threads
|
|
||||||
# https://github.com/coreos/fedora-coreos-tracker/issues/753
|
|
||||||
- stalld
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue