Using External Service to Store OS Repo Resources¶
This document describes how to use a third-party storage service for OS repo resources and specify it during the installer installation. There are two supported types: S3-compatible services (such as MinIO) and non-S3-compatible services (such as Nginx).
Prerequisites¶
- Download the ISO operating system image file according to the environment to be deployed.
- Download the osPackage offline package according to the environment to be deployed.
Procedure¶
Using S3-Compatible Service¶
Configuring an S3-compatible service is straightforward and requires only simple configuration in the clusterConfig.yaml. No further actions are needed.
-
In the clusterConfig.yaml, configure the
osReporelated parameters:apiVersion: provision.daocloud.io/v1alpha3 kind: ClusterConfig metadata: spec: .......... osRepos: type: external isoPath: "/root/CentOS-7-x86_64-DVD-2009.iso" osPackagePath: "/root/os-pkgs-centos7-v0.4.4.tar.gz" externalRepoEndpoint: https://external-repo.daocloud.io externalRepoUsername: rootuser externalRepoPassword: rootpass123 ..........Note
The given username should have read and write permissions for the bucket.
Using Non-S3-Compatible Service¶
For non-S3-compatible services, you need to manually import the downloaded ISO operating system image file and osPackage offline package. Then, configure the relevant parameters in the clusterConfig.yaml.
The following content assumes that CentOS 7.9 x86_64 is used as the cluster node, and Nginx is used as the HTTP server. In theory, other commonly used HTTP servers should also be supported, but you need to pay attention to the mapping relationship between the URL access path and file path.
-
Ensure that an available Nginx service exists with login and file writing permissions on the node where the service is located.
-
Download/copy the ISO operating system image file and osPackage offline package to the node where the Nginx service is located. Also, copy the ISO import script from the bootstrap node to the node where the Nginx service is located.
Note
The ISO import script is located in the offline package at the path
./offline/offline-iso/import_iso.sh. -
Determine the path to import:
-
To check the mapping relationship between the file path on the Nginx service node and the URL path, use the nginx.conf file (
nginx -tcommand to view the file path). The example below is provided for reference:```bash http { server { listen 8080; server_name _; location / { root /usr/share/nginx/html; index index.html index.htm; } } } ```The above configuration indicates that the root path for accessing the nginx HTTP service is mapped to the local directory
/usr/share/nginx/html. -
If Nginx service is deployed in the usual way, select the import path as
/usr/share/nginx/html. -
If Nginx service is deployed in a container, the host path should be mounted into the container, and the mounted host path corresponds to the mapped local path of the container's HTTP service. This means that there is a relationship as follows:
http-path -> container-path -> host-path. The import path should be the host-path, which needs to be manually confirmed according to Appendix 2. -
Run the following command to import the ISO operating system image file and osPackage offline package:
cat > import.sh << "EOF" [ ! -d "${MAPPING_PATH}" ] && echo "mapping path ${MAPPING_PATH} not found" && exit 1 [ ! -x "${ISO_IMPORT_SH_PATH}" ] && echo "iso import script ${ISO_IMPORT_SH_PATH} not found or not executable" && exit 1 [ ! -f "${OS_PKGS_PATH}" ] && echo "os pkgs ${OS_PKGS_PATH} not found" && exit 1 [ ! -f "${ISO_PATH}" ] && echo "iso ${ISO_PATH} not found" && exit 1 tar -xzvf ${OS_PKGS_PATH} && for arch in amd64 arm64; do tar --strip-components=1 -xzvf os-pkgs/os-pkgs-${arch}.tar.gz -C ${MAPPING_PATH}; done && rm -rf os-pkgs bash ${ISO_IMPORT_SH_PATH} ${MAPPING_PATH} ${ISO_PATH} EOF export MAPPING_PATH="/usr/share/nginx/html" export ISO_IMPORT_SH_PATH="./import_iso.sh" export OS_PKGS_PATH="./os-pkgs-centos7-v0.4.5-rc3.tar.gz" export ISO_PATH="./CentOS-7-x86_64-DVD-2009.iso" bash ./import.shThe environment variable
MAPPING_PATHrepresents the import path mentioned in step 3. -
Verify the successful import
Log in to a node in the global service cluster. Assuming the Nginx access address is http://10.0.1.1:8080, refer to Appendix 1 for configuration and run the following command:
```bash
cat > /etc/yum.repos.d/test.repo << "EOF"
[test0]
baseurl = http://10.1.1.1:8080/centos/$releasever/os/$basearch
gpgcheck = 0
name = test0
[test1]
baseurl = http://10.1.1.1:8080/kubean/centos-iso/$releasever/os/$basearch
gpgcheck = 0
name = test0
EOF
yum clean all && yum makecache --disablerepo=* --enablerepo=test0,test1
```
!!! note
The same steps can be applied to other operating systems as well, as the software source configuration
for each specific operating system's package manager may have some differences.
-
In the clusterConfig.yaml, configure the
osReporelated parameters, and forexternalRepoURLs, refer to Appendix 1.apiVersion: provision.daocloud.io/v1alpha3 kind: ClusterConfig metadata: spec: .......... osRepos: type: external # `centos` as CentOS, RedHat,kylin AlmaLinux or Fedora,Openeuler # `debian` as Debian # `ubuntu` as Ubuntu externalRepoType: centos externalRepoURLs: - 'http://10.0.1.1:8080/centos/\$releasever/os/\$basearch/' - 'http://10.0.1.1:8080/centos-iso/\$releasever/os/\$basearch/' .......... -
After completing the above configuration, you can proceed with deploying DCE 5.0 Enterprise.
Appendix¶
1. Operating Systems and Corresponding RepoURLs¶
Replace ${address_prefix} with the external access address of the HTTP service, such as http://10.0.1.1:8080.
| OS | RepoURLs |
|---|---|
| CentOS | ['${address_prefix}/centos/\$releasever/os/\$basearch','${address_prefix}/centos-iso/\$releasever/os/\$basearch'] |
| RedHat | ['${address_prefix}/redhat/\$releasever/os/\$basearch','${address_prefix}/redhat-iso/\$releasever/os/\$basearch/BaseOS','${address_prefix}/redhat-iso/\$releasever/os/\$basearch/AppStream'] |
| Kylin V10 | ['${address_prefix}/kubean/kylin/\$releasever/os/\$basearch','${address_prefix}/kubean/kylin-iso/\$releasever/os/\$basearch'] |
| UOS V20 | ['${address_prefix}/kubean/uos/\$releasever/os/\$basearch','${address_prefix}/kubean/uos-iso/\$releasever/os/\$basearch/AppStream','${address_prefix}/kubean/uos-iso/\$releasever/os/\$basearch/BaseOS'] |
| Oracle 9 | ['${address_prefix}/kubean/oracle/\$releasever/os/\$basearch','${address_prefix}/kubean/oracle-iso/\$releasever/os/\$basearch/AppStream','${address_prefix}/kubean/oracle-iso/\$releasever/os/\$basearch/BaseOS'] |
| OpenEuler 20.03 | ['${address_prefix}/kubean/openeuler/22.03/os/\$basearch','${address_prefix}/kubean/openeuler-iso/22.03/os/\$basearch'] |
| Ubuntu bionic | ['deb [trusted=yes] ${address_prefix}/kubean/ubuntu/amd64 bionic/','deb [trusted=yes] ${address_prefix}/kubean/ubuntu-iso bionic main restricted'] |
| Ubuntu focal | ['deb [trusted=yes] ${address_prefix}/kubean/ubuntu/amd64 focal/','deb [trusted=yes] ${address_prefix}/kubean/ubuntu-iso focal main restricted'] |
2. View the list of mounted volumes for containers¶
| CLI tool | Command |
|---|---|
| docker | docker inspect ${CONTAINER_ID} -f '{{range .Mounts}}{{printf "hostPath: %s containerPath: %s\n" .Source .Destination}}{{end}}' |
| nerdctl | nerdctl inspect ${CONTAINER_ID} -f '{{range .Mounts}}{{printf "hostPath: %s containerPath: %s\n" .Source .Destination}}{{end}}' |
| podman | podman inspect ${CONTAINER_ID} -f '{{range .Mounts}}{{printf "hostPath: %s containerPath: %s\n" .Source .Destination}}{{end}}' |
| crictl | crictl inspect -o go-template --template '{{range .status.mounts}}{{printf "hostPath: %s containerPath: %s\n" .hostPath .containerPath }}{{end}}' ${CONTAINER_ID} |
| ctr | ctr c info ${CONTAINER_ID} --spec check the mounts field |
| kubectl | kubectl -n ${NAMESPACE} get pod ${POD_NAME} -oyaml Check the volumes and volumeMounts fields |