forked from podman-desktop/podman-desktop
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
docs: add microshift podman desktop example blog
### What does this PR do? * Creates a bootc blog using microshift and podman desktop * Blog covers how to create a microshift container with RHEL / Red Hat tools and then create it all via Podman Desktop ### Screenshot / video of UI <!-- If this PR is changing UI, please include screenshots or screencasts showing the difference --> N/A ### What issues does this PR fix or reference? <!-- Include any related issues from Podman Desktop repository (or from another issue tracker). --> Closes podman-desktop/extension-bootc#816 ### How to test this PR? <!-- Please explain steps to verify the functionality, do not forget to provide unit/component tests --> Follow the steps. N/A on unit tests Signed-off-by: Charlie Drage <charlie@charliedrage.com>
- Loading branch information
Showing
9 changed files
with
284 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,284 @@ | ||
--- | ||
title: Creating a MicroShift bootable image with Podman Desktop | ||
description: Learn how to create a bootable image featuring MicroShift, using BootC and Podman Desktop. | ||
authors: [cdrage] | ||
tags: [podman-desktop, podman, rhel, bootc, extensions] | ||
hide_table_of_contents: false | ||
--- | ||
|
||
import Tabs from '@theme/Tabs'; | ||
import TabItem from '@theme/TabItem'; | ||
|
||
![banner](img/bootc-microshift/redhat_selkie.png) | ||
|
||
If you're unfamiliar with [Image Mode for RHEL](https://developers.redhat.com/products/rhel-image-mode/overview), it offers an impressive method for deploying applications directly to bare metal from either a single Containerfile or a pre-existing bootc-supported image. | ||
|
||
A "bootable" image, known as a BootC container image, allows you to use a simple container image to create a full bootable operating system, whether it's a `raw` virtual machine image or an `iso` for USB installation! | ||
|
||
This capability is ideal for a variety of uses, from a simple HTTP server to an OS powering a full-stack application. | ||
|
||
In this tutorial, we'll deploy an OpenShift derivative called [MicroShift](https://www.redhat.com/en/topics/edge-computing/microshift), an edge-optimized version of OpenShift designed for single-node setups. Think of it as a compact version of OpenShift! | ||
|
||
This entire process is carried out using a single Containerfile (or Dockerfile). | ||
|
||
## Requirements | ||
|
||
Before starting the tutorial, ensure you have: | ||
|
||
- An active [Red Hat account](https://developers.redhat.com/articles/2024/05/07/podman-desktop-red-hat-developer-subscription) | ||
- Access to an [OpenShift Hybrid Cloud pull secret](https://console.redhat.com/openshift/install/pull-secret) | ||
- [Podman Desktop installed](https://podman-desktop.io/downloads) | ||
- [Podman Desktop BootC Extension](https://github.com/containers/podman-desktop-extension-bootc) | ||
- Your preferred VM-running software (e.g., [using libvirt](https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/8/html/configuring_and_managing_virtualization/getting-started-with-virtualization-in-rhel-8_configuring-and-managing-virtualization#enabling-virtualization-in-rhel8_virt-getting-started) or [qemu](https://www.qemu.org/)) | ||
|
||
## Building the BootC container image | ||
|
||
First, we'll build the initial BootC container image from which we'll later create a bootable OS. | ||
|
||
### Logging into Red Hat registry | ||
|
||
Before proceeding, download the Red Hat Authentication extension from the catalog to enable access to Red Hat registries: | ||
|
||
![red hat login](img/bootc-microshift/redhat_login.png) | ||
|
||
Then log into your account: | ||
|
||
![red hat login sign in](img/bootc-microshift/redhat_login2.png) | ||
|
||
### Creating the Containerfile (or Dockerfile) | ||
|
||
The Containerfile is crucial for creating the bootable image. | ||
|
||
It's important to note that we will be providing two arguments during the build: an SSH public key to access the OS post-boot, and your OpenShift Pull Secret to enable MicroShift to pull necessary container images. | ||
|
||
Below is the Containerfile we will use, with explanations in the comments: | ||
|
||
```Dockerfile | ||
# Use a BootC supported base image such as rhel-bootc | ||
FROM registry.redhat.io/rhel9/rhel-bootc:9.4 | ||
|
||
# For access to your OS after it boots, lets add your SSH public key | ||
ARG SSH_PUBLIC_KEY | ||
RUN set -eu; mkdir -p /usr/ssh && \ | ||
echo 'AuthorizedKeysFile /usr/ssh/%u.keys .ssh/authorized_keys .ssh/authorized_keys2' >> /etc/ssh/sshd_config.d/30-auth-system.conf && \ | ||
echo ${SSH_PUBLIC_KEY} > /usr/ssh/root.keys && chmod 0600 /usr/ssh/root.keys | ||
|
||
# For simplicity, we echo the repo location for to /etc/yum.repos.d/minishift.repo | ||
RUN echo -e '# OpenShift 4.17 release\n\ | ||
[ocp]\n\ | ||
name=OpenShift 4.17\n\ | ||
baseurl=https://mirror.openshift.com/pub/openshift-v4/$basearch/microshift/ocp/latest-4.17/el9/os/\n\ | ||
enabled=1\n\ | ||
gpgcheck=0\n\ | ||
\n\ | ||
# Dependencies\n\ | ||
[ocp-deps]\n\ | ||
name=OpenShift 4.17 dependencies\n\ | ||
baseurl=https://mirror.openshift.com/pub/openshift-v4/$basearch/dependencies/rpms/4.17-el9-beta/\n\ | ||
enabled=1\n\ | ||
gpgcheck=0' > /etc/yum.repos.d/minishift.repo | ||
|
||
# Install MicroShift | ||
RUN dnf install -y microshift | ||
|
||
# Enable MicroShift on boot | ||
RUN systemctl enable microshift | ||
|
||
# For MicroShift to access the required containers to pull we will provide our OpenShift Pull Secret from https://console.redhat.com/openshift/install/pull-secret | ||
ARG OPENSHIFT_PULL_SECRET | ||
RUN echo $OPENSHIFT_PULL_SECRET > /etc/crio/openshift-pull-secret | ||
RUN chmod 600 /etc/crio/openshift-pull-secret | ||
``` | ||
|
||
Copy the above Containerfile to a new file which we will be building with Podman Desktop. | ||
|
||
### Build with Podman Desktop | ||
|
||
Select the Containerfile and build it within Podman Desktop. | ||
|
||
You will need to provide: | ||
|
||
- Your public SSH key (if available) so you may remotely access your build | ||
- An [OpenShift Hybrid Cloud pull secret](https://console.redhat.com/openshift/install/pull-secret) | ||
|
||
Pass these as `SSH_PUBLIC_KEY` and `OPENSHIFT_PULL_SECRET` in the build page arguments. | ||
|
||
![build](img/bootc-microshift/build.png) | ||
|
||
## Build the bootable image with BootC Podman Desktop extension | ||
|
||
### Install | ||
|
||
Install the BootC Podman Desktop extension from the extensions catalog: | ||
|
||
![install](img/bootc-microshift/install.png) | ||
|
||
### Build the image | ||
|
||
Now, create the bootable image from our container image! | ||
|
||
Click the new BootC icon on the navigation bar and go to build: | ||
|
||
![build_button](img/bootc-microshift/build_button.png) | ||
|
||
Once the build is complete, you'll see a confirmation on the dashboard. | ||
|
||
Next, select the image we built and choose an appropriate output format for testing the bootable image. **RAW** is a common choice for local testing with QEMU and other VM software like libvirt. | ||
|
||
## Testing the image | ||
|
||
Explore various ways to test your image, using local software or cloud platforms. Here are some common steps for using the **RAW** output bootable image. | ||
|
||
### Running the Virtual Machine | ||
|
||
This guide doesn't cover all methods for running a virtual machine, but here are the most common: | ||
|
||
<Tabs> | ||
<TabItem value="win" label="Windows (.vhd)" className="markdown"> | ||
|
||
When using Hyper-V, create a `.vhd` image with BootC: | ||
|
||
1. When building, select the `.vhd` option. | ||
2. [Install Hyper-V](https://learn.microsoft.com/en-us/virtualization/hyper-v-on-windows/quick-start/enable-hyper-v) | ||
3. [Import the virtual machine](https://learn.microsoft.com/en-us/windows-server/virtualization/hyper-v/deploy/export-and-import-virtual-machines) | ||
|
||
</TabItem> | ||
<TabItem value="macOS" label="macOS Silicon (.raw)" className="markdown"> | ||
|
||
1. When building, select the `.raw` option and ARM64 architecture. | ||
|
||
2. Install QEMU: | ||
|
||
```sh | ||
$ brew install qemu | ||
``` | ||
|
||
3. Navigate to the directory containing your `disk.raw` file: | ||
|
||
```sh | ||
$ cd ~/output | ||
``` | ||
|
||
4. Run the `qemu` command: | ||
|
||
```sh | ||
$ qemu-system-aarch64 \ | ||
-m 8G \ | ||
-M virt \ | ||
-accel hvf \ | ||
-cpu host \ | ||
-smp 4 \ | ||
-serial mon:stdio \ | ||
-nographic \ | ||
-netdev user,id=mynet0,hostfwd=tcp::2222-:22 \ | ||
-device e1000,netdev=mynet0 \ | ||
-drive file=/opt/homebrew/share/qemu/edk2-aarch64-code.fd,format=raw,if=pflash,readonly=on \ | ||
-drive file=disk.raw,if=virtio,cache=writethrough,format=raw | ||
``` | ||
|
||
4. Verify the connection: | ||
|
||
With the above `qemu` command, a port has now been opened locally at :2222 to SSH forward to the bootable image. You can now access your virtual machine by doing the following: | ||
|
||
```sh | ||
$ sh localhost -p 2222 | ||
``` | ||
|
||
</TabItem> | ||
<TabItem value="linux" label="Linux (.raw)" className="markdown"> | ||
|
||
1. When building, select the `.raw` option and AMD64 architecture. | ||
|
||
2. [Install QEMU](https://www.qemu.org/download/#linux). | ||
|
||
3. Navigate to the directory containing your `disk.raw` file: | ||
|
||
```sh | ||
$ cd ~/output | ||
``` | ||
|
||
4. Run the `qemu` command: | ||
|
||
```sh | ||
$ qemu-system-x86_64 \ | ||
-m 8G \ | ||
-cpu Broadwell-v4 \ | ||
-nographic \ | ||
-netdev user,id=mynet0,hostfwd=tcp::2222-:22 \ | ||
-device e1000,netdev=mynet0 \ | ||
-snapshot disk.raw | ||
``` | ||
|
||
4. Verify the connection: | ||
|
||
With the above `qemu` command, a port has now been opened locally at :2222 to SSH forward to the bootable image. You can now access your virtual machine by doing the following: | ||
|
||
```sh | ||
$ sh localhost -p 2222 | ||
``` | ||
|
||
</TabItem> | ||
</Tabs> | ||
|
||
## Verifying MicroShift | ||
|
||
After you boot your virtual machine, you can now test the MicroShift connection by verifying and listing Pods. | ||
|
||
### Listing pods | ||
|
||
Below we will SSH into the virtual machine and confirm that MicroShift is deploying Pods correctly: | ||
|
||
1. SSH into the VM: | ||
|
||
```sh | ||
$ sh localhost -p 2222 | ||
``` | ||
|
||
2. Verify Pods are running by using `oc` or `kubectl`: | ||
|
||
```sh | ||
$ kubectl get pods -A | ||
NAMESPACE NAME READY STATUS RESTARTS AGE | ||
kube-system csi-snapshot-controller-856bb8b9bc-9n7lj 1/1 Running 1 3d23h | ||
kube-system csi-snapshot-webhook-7c64d4d4d7-98v6l 1/1 Running 1 3d23h | ||
openshift-dns dns-default-n2td4 2/2 Running 2 3d23h | ||
openshift-dns node-resolver-7cslg 1/1 Running 1 3d23h | ||
openshift-ingress router-default-7cbc67954b-nqqc6 1/1 Running 1 3d23h | ||
openshift-ovn-kubernetes ovnkube-master-zcqw5 4/4 Running 5 3d23h | ||
openshift-ovn-kubernetes ovnkube-node-crnn9 1/1 Running 2 3d23h | ||
openshift-service-ca service-ca-6799f567-k7lsc 1/1 Running 1 3d23h | ||
``` | ||
|
||
### Using Podman Desktop to verify MicroShift | ||
|
||
Alternatively, you can copy the MicroShift configuration file to your local machine and test it remotely on Podman Desktop. | ||
|
||
1. On your local machine, create the `.kube` directory if it does not exist already: | ||
|
||
```sh | ||
$ mkdir ~/.kube | ||
``` | ||
|
||
2. Copy the remote kubeadmin file to a local configuration file: | ||
|
||
Within MicroShift, a kubeconfig file is automatically created at `/var/lib/microshift/resources/kubeadmin/kubeconfig`. | ||
|
||
Copy the file over to your local `.kube/config` | ||
|
||
```sh | ||
scp -P 2222 root@localhost:/var/lib/microshift/resources/kubeadmin/kubeconfig ~/.kube/config | ||
``` | ||
|
||
3. Use Podman Desktop to verify the MicroShift cluster: | ||
|
||
Podman Desktop will automatically detect your `.kube/config` file. | ||
|
||
Note: You may need to modify your `.kube/config` file to reflect the correct domain or IP address of your cluster. | ||
|
||
![cluster](img/bootc-microshift/cluster.png) | ||
|
||
## Conclusion | ||
|
||
This tutorial provided a step-by-step guide on deploying a bootable MicroShift image using Podman Desktop and the BootC extension. By leveraging tools such as BootC and Podman, we've streamlined the process of creating a lightweight, yet fully functional, OpenShift environment suitable for single-node edge computing scenarios. | ||
|
||
Thank you for following along, and happy deploying! |
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.