controling kiwi rsync exclude list internally
22 views
Skip to first unread message
prakash mohanty
Jan 12, 2023, 5:22:36 AM1/12/23
to kiwi
In my docker image build through kiwi , internal rsync command excluding "/run/" path.
That Path need to be inside my container . Current command looks like this .
[rsync -a -H -X -A --one-file-system --inplace --delete --exclude /image --exclude /.profile --exclude /.kconfig --exclude /run/* --exclude /tmp/* --exclude /.buildenv --exclude /var/cache/kiwi --exclude /dev/* --exclude /sys/* --exclude /proc/* /build/var_jenkins/workspace/se-docker-laurel/ContainerImaging/image/build/image-root/ /var/tmp/kiwi_oci_root_dir.hnogt_k4/rootfs]
Can anyone help How to control this or remove the path /run/ from exclude list ?
Marcus Schäfer
Jan 13, 2023, 8:24:22 AM1/13/23
to kiwi-...@googlegroups.com
Hi,
> In my docker image build through kiwi , internal rsync command
> excluding "/run/" path.
We exclude the contents of /run, the directory itself "/run" should
be part of your container archive.
> That Path need to be inside my container . Current command looks like
> this .
>
> [rsync -a -H -X -A --one-file-system --inplace --delete --exclude
> /image --exclude /.profile --exclude /.kconfig --exclude /run/*
> --exclude /tmp/* --exclude /.buildenv --exclude /var/cache/kiwi
> --exclude /dev/* --exclude /sys/* --exclude /proc/*
> /build/var_jenkins/workspace/se-docker-laurel/ContainerImaging/image/bu
> ild/image-root/ /var/tmp/kiwi_oci_root_dir.hnogt_k4/rootfs]
>
> Can anyone help How to control this or remove the path /run/ from
> exclude list ?
I'm a bit concerned why you want /run to be included in your
container archive. /run is a tmpfs holding non permanent runtime
information. Including it into the container archive (or any
other image type) would be considered a mistake because the
appliance build process would add runtime data of the host which
builds your appliance into your image. Can you clarify on the
motivation ?
Thanks
Regards,
Marcus
--
Public Key available via: https://keybase.io/marcus_schaefer/key.asc
keybase search marcus_schaefer
-------------------------------------------------------
Marcus Schäfer Brunnenweg 18
Tel: +49 7562 905437 D-88260 Argenbühl
Germany
-------------------------------------------------------
> In my docker image build through kiwi , internal rsync command
> excluding "/run/" path.
be part of your container archive.
> That Path need to be inside my container . Current command looks like
> this .
>
> [rsync -a -H -X -A --one-file-system --inplace --delete --exclude
> /image --exclude /.profile --exclude /.kconfig --exclude /run/*
> --exclude /tmp/* --exclude /.buildenv --exclude /var/cache/kiwi
> --exclude /dev/* --exclude /sys/* --exclude /proc/*
> /build/var_jenkins/workspace/se-docker-laurel/ContainerImaging/image/bu
> ild/image-root/ /var/tmp/kiwi_oci_root_dir.hnogt_k4/rootfs]
>
> Can anyone help How to control this or remove the path /run/ from
> exclude list ?
container archive. /run is a tmpfs holding non permanent runtime
information. Including it into the container archive (or any
other image type) would be considered a mistake because the
appliance build process would add runtime data of the host which
builds your appliance into your image. Can you clarify on the
motivation ?
Thanks
Regards,
Marcus
--
Public Key available via: https://keybase.io/marcus_schaefer/key.asc
keybase search marcus_schaefer
-------------------------------------------------------
Marcus Schäfer Brunnenweg 18
Tel: +49 7562 905437 D-88260 Argenbühl
Germany
-------------------------------------------------------
prakash mohanty
Jan 13, 2023, 10:01:54 AM1/13/23
to kiwi
As I build container , I consume some of the rpms from other applications. Those rpms are build with scripts which all are residing in the path /run/* . I don't have control to chnage the path of those scripts.
I assume prior to kiwi version 9.24* this path (/run/*) was not included in the exclude list. Now We are migrating to SLES15 SP4 which has higher verison kiwi and this /run/* scripts are not shiping into continer.
So please suggest to approach to remove the path ( /run/) from exclude list , without changing source code .
prakash mohanty
Jan 16, 2023, 10:34:22 AM1/16/23
to kiwi
Hi Marcus,
Any suggestion please.
Marcus Schäfer
Jan 16, 2023, 10:34:34 AM1/16/23
to kiwi-...@googlegroups.com
Hi,
> As I build container , I consume some of the rpms from other
> applications. Those rpms are build with scripts which all are residing
> in the path /run/* . I don't have control to chnage the path of those
> scripts.
ok got that. What you can do is:
1. In config.sh of the image description copy the scripts in question
to a location that better meets the FHS
cp /run/... /usr/local/bin
2. If the scripts has to reside in /run of the running container
you can add code to your entrypoint which moves it back to /run
<type image="docker">
<containerconfig name="...">
<entrypoint execute="/your/entrypoint"/>
</containerconfig>
</type>
In /your/entrypoint you can have something like
mv /usr/local/bin/... /run
> I assume prior to kiwi version 9.24* this path (/run/*) was not
> included in the exclude list.
Which was considered a mistake and fixed some time ago, in the same
way as /dev and other non permanent filesystem areas that are either
a tmpfs, devtmpfs or sort like it
> Now We are migrating to SLES15 SP4 which
> has higher verison kiwi and this /run/* scripts are not shiping into
> continer.
I understand the pain
> So please suggest to approach to remove the path ( /run/) from
> exclude list , without changing source code .
I hope the above suggestion meets your needs in some way shape or form.
I hope you agree with me that /run is a bad location to store scripts
as permanent execution programs and imho this is questionable design
by the packages you are consuming. I understand that you cannot influence
those and I hope the proposed workaround can be applied. Please also
understand I cannot revert back /run from being excluded as it would
re-open the issue for which this was changed.
You could also consider a small code change in kiwi to cary this
if the above solution is too much effort to maintain.
My /run is this:
tmpfs on /run type tmpfs (rw,nosuid,nodev,size=3261896k,nr_inodes=819200,mode=755)
I expect if the packages that installs to /run are used on newer
systems it will cause more trouble as all the data will be lost
right after boot ;)
Best regards,
> As I build container , I consume some of the rpms from other
> applications. Those rpms are build with scripts which all are residing
> in the path /run/* . I don't have control to chnage the path of those
> scripts.
1. In config.sh of the image description copy the scripts in question
to a location that better meets the FHS
cp /run/... /usr/local/bin
2. If the scripts has to reside in /run of the running container
you can add code to your entrypoint which moves it back to /run
<type image="docker">
<containerconfig name="...">
<entrypoint execute="/your/entrypoint"/>
</containerconfig>
</type>
In /your/entrypoint you can have something like
mv /usr/local/bin/... /run
> I assume prior to kiwi version 9.24* this path (/run/*) was not
> included in the exclude list.
way as /dev and other non permanent filesystem areas that are either
a tmpfs, devtmpfs or sort like it
> Now We are migrating to SLES15 SP4 which
> has higher verison kiwi and this /run/* scripts are not shiping into
> continer.
> So please suggest to approach to remove the path ( /run/) from
> exclude list , without changing source code .
I hope you agree with me that /run is a bad location to store scripts
as permanent execution programs and imho this is questionable design
by the packages you are consuming. I understand that you cannot influence
those and I hope the proposed workaround can be applied. Please also
understand I cannot revert back /run from being excluded as it would
re-open the issue for which this was changed.
You could also consider a small code change in kiwi to cary this
if the above solution is too much effort to maintain.
My /run is this:
tmpfs on /run type tmpfs (rw,nosuid,nodev,size=3261896k,nr_inodes=819200,mode=755)
I expect if the packages that installs to /run are used on newer
systems it will cause more trouble as all the data will be lost
right after boot ;)
Best regards,
prakash mohanty
Jan 16, 2023, 11:11:34 AM1/16/23
to kiwi
Thanks a lot . Here I am pasting some snippet of my code .
yeah , the scripts ( there are 9-10 scripst) has to be inside /run path .
So If I understand correctly the steps I have to do
1) in config.sh copy the scripts into a separate location . ( Lets Sau /run to /usr/local/bin )
2) The entrypoint code will move back again to /run path . below is the snippet of my config.xml file . Can you please mention the psudo code what I need to put .
<containerconfig name="vasa-hypermaxos" tag="">
<entrypoint execute="/run/start"> ## Ths 'star' is a script name
</entrypoint>
<expose>
<port number="22"/>
</expose>
</containerconfig>
<entrypoint execute="/run/start"> ## Ths 'star' is a script name
</entrypoint>
<expose>
<port number="22"/>
</expose>
</containerconfig>
Reply all
Reply to author
Forward
0 new messages