Skip to content

[enterprise-4.12] OSDOCS-4872: change variant rhcos to openshift #58850

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Apr 17, 2023
Merged

[enterprise-4.12] OSDOCS-4872: change variant rhcos to openshift #58850

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
78 changes: 20 additions & 58 deletions modules/creating-custom-live-rhcos-iso.adoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,71 +18,47 @@ You can create a live {op-system} ISO with SSHd enabled and with predefined cred

. Download the `coreos-installer` binary from the `coreos-installer` image link:https://mirror.openshift.com/pub/openshift-v4/clients/coreos-installer/latest/[mirror] page.

. Download the latest live {op-system} ISO from link:https://mirror.openshift.com/pub/openshift-v4/x86_64/dependencies/rhcos/latest/rhcos-live.x86_64.iso[mirror.openshift.com].
. Download the latest live {op-system} ISO from link:https://mirror.openshift.com/pub/openshift-v4/x86_64/dependencies/rhcos/4.12/latest/[mirror.openshift.com].

. Create the `embedded.yaml` file that the `butane` utility uses to create the Ignition file:
+
[source,yaml]
[source,yaml,subs="attributes+"]
----
variant: rhcos
version: 0.1.0
variant: openshift
version: {product-version}.0
metadata:
name: sshd
labels:
machineconfiguration.openshift.io/role: worker
passwd:
users:
- name: root
- name: core <1>
ssh_authorized_keys:
- '<ssh_key>'
password_hash: '$2b$05$aAd9TkvWnvUmeDQEA9vkiOoCqCZgd6cWn0xXwe.ii/TqeCxUC0Z0G' <1>
storage:
files:
- path: /etc/ssh/sshd_config
contents:
local: ./live-sshd_config
mode: 0600
overwrite: true
----
<1> `yescrypt` passwords are not supported in {op-system}. Use `bcrypt` instead when you create the `password_hash`.
<1> The `core` user has sudo privileges.

. Create the `files-dir/` folder and copy the default `sshd_config` file into the folder.

. Update the following fields in the `files-dir/sshd_config` file:
+
[source,bash]
----
[...]
PermitRootLogin yes <1>
[...]
PasswordAuthentication yes <2>
----
<1> Allows access to the server as a root user.
<2> Allows access to the server by using a password.

+
[IMPORTANT]
====
The modified `sshd_config` file overrides the default `sshd_config` file.
====

. Pass the YAML file and the folder to the `butane` utility:
. Run the `butane` utility to create the Ignition file using the following command:
+
[source,terminal]
----
$ butane -p embedded.yaml -d files-dir/ > embedded.ign
$ butane -pr embedded.yaml -o embedded.ign
----

. Once the Ignition file is created, you can include the configuration in a new live {op-system} ISO, which is named `rhcos-sshd-4.12.0-x86_64-live.x86_64.iso`, with the `coreos-installer` utility:
. After the Ignition file is created, you can include the configuration in a new live {op-system} ISO, which is named `rhcos-sshd-{product-version}.0-x86_64-live.x86_64.iso`, with the `coreos-installer` utility:
+
[source,terminal]
[source,terminal,subs="attributes+"]
----
$ coreos-installer iso ignition embed -i embedded.ign rhcos-4.12.0-x86_64-live.x86_64.iso -o rhcos-sshd-4.12.0-x86_64-live.x86_64.iso
$ coreos-installer iso ignition embed -i embedded.ign rhcos-{product-version}.0-x86_64-live.x86_64.iso -o rhcos-sshd-{product-version}.0-x86_64-live.x86_64.iso
----

.Verification

. Check that the custom live ISO can be used to boot the server by running the following command:
* Check that the custom live ISO can be used to boot the server by running the following command:
+
[source,terminal]
[source,terminal,subs="attributes+"]
----
# coreos-installer iso ignition show rhcos-sshd-4.12.0-x86_64-live.x86_64.iso
# coreos-installer iso ignition show rhcos-sshd-{product-version}.0-x86_64-live.x86_64.iso
----

+
Expand All @@ -96,26 +72,12 @@ $ coreos-installer iso ignition embed -i embedded.ign rhcos-4.12.0-x86_64-live.x
"passwd": {
"users": [
{
"name": "root",
"passwordHash": "$2b$05$aAd9TkvWnvUmeDQEA9vkiOoCqCZgd6cWn0xXwe.ii/TqeCxUC0Z0G",
"name": "core",
"sshAuthorizedKeys": [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCZnG8AIzlDAhpyENpK2qKiTT8EbRWOrz7NXjRzopbPu215mocaJgjjwJjh1cYhgPhpAp6M/ttTk7I4OI7g4588Apx4bwJep6oWTU35LkY8ZxkGVPAJL8kVlTdKQviDv3XX12l4QfnDom4tm4gVbRH0gNT1wzhnLP+LKYm2Ohr9D7p9NBnAdro6k++XWgkDeijLRUTwdEyWunIdW1f8G0Mg8Y1Xzr13BUo3+8aey7HLKJMDtobkz/C8ESYA/f7HJc5FxF0XbapWWovSSDJrr9OmlL9f4TfE+cQk3s+eoKiz2bgNPRgEEwihVbGsCN4grA+RzLCAOpec+2dTJrQvFqsD alosadag@sonnelicht.local"
]
}
]
},
"storage": {
"files": [
{
"overwrite": true,
"path": "/etc/ssh/sshd_config",
"contents": {
"compression": "gzip",
"source": "data:;base64,H4sIAAAAAAAC/4RXX2/bOBJ/16eYWy2QFoj/pdtDN8A9qI6SGLEdw3b22qeAlsY21xQpkJQd3cN99sUMZcUuvFsXbUXO8Mf5P8MYwu/X5xL118XdLTi3zV8zo9dyc72HQXfQ/wQ3/cGXXv+3Xv93uOnf/ja4vbkB/yekbyX8GkUxLLfSgXTgt8jnwaHdowVXO49F5yBzhABZWeGl0bCWCrsAC8QoPr3yw+ePsDYWCmMRpF4bW/CBbnsN4x+Eg8wUpVSYw0H6LcyS5eN/epWzPWUyoXorqW952X6Efdeu6SugIjhvhcdNDZXDnAUwJV3rQGrWKse1qJQ/FRXcVpZlc38UA1lwsXhkOxhwJWZyXbc4LKTforQt1l6oCuGwRUtGKI1zcqXwGlaVB4Vij8RfkJ4Fao95F+BFt6sW2ezRWrKw3xLOGTqbbbSG2lRwENqTZNlW6A1zQ2msB6NBwCIdS129NR675gNbFsGAR6WiuGURK1N58OSLANUlF2IhtNg0kB0BHbbVKy1fPXRK8FkJ8ex5vpy+TL6m8yiO4hnx3txEcZLnFp27F4VUNQhdR/FYOo+6IUC/y39+3L69jaJH4/wT1tBDn/Wc29Lf161x/tU68brD+h84MMt/zpPffP48+J25ohiGstyidSB0Djuspd5E8Rx3WI9lIX1rfW00vocsG5UCY22UMgepN+epYevSGyiNklnd5YAMlqVIiuKWbk2J1kt08KER4xomydBdQ7fb/QgHqRRo44PjhK4B12vMPFCEdUOk14FrhcewyVHDquYgEzrvKKmxjaxSOEoHCgHKEc7pKKaAadiB2Al5plA4vIZsi9kOCqEroaAUpAElU1XmwmMn6NFhPSW6D18+shnP059Ddmw2GzbtonbKbO5FJpX0NSQvy8fowt5sPvojisdmM8Y9KhhN758JJqn8FrWXGdeQ24hZpH6wIsOlLBBuimiGtpB+boxnGtToonjhrcz8xOTowsZEvBHY0pL1/83rBTrHZhr0oyieVasd1ucX8tGmwhwDI1SHYKeV8VvoUrSJym+Nlf/DnOIsRNclwk0Uc3nwTcE9caIzILXzQilxrDhKgdGqbm67hBcl7foJa3cvFYZ+cJE5it/ZZ1bqTJZChUNNvJ/DDZsoYeJl2otDC9qsTM7ZdW9s0M0bOBi7C4WLFBHKGdCIOVBWAltJ6vN83Wlz0Jy1Loopo1fCYf6DTzRl1LCpgYZcBDIUyNzoKw/eVs7D/3tsgRNECuQohr+BjeLRRhuLpM8THXrkM3zZHeNaFDnnUeXQXjm6wQZgMhHd11wjFQVcgJuHvWMcGcilEyuF4CutkZpfplBY8PjmOV0Pxubuuq3xBrTh9P9XFM8a8oUYjUMSpEXp6yMbC/8PZ86sqA39exTO9XZYv4sTxcOtUAr1BufoSqMdXsD7GY82dOUT2hVa4441KoqPOxfcfCQ92zH1flYmDwofSUuZ7dAPFQpdleekB/TJ/WJpdniO9uLwiXxodkc7PCwWyWzUihSWF1QMhOayocWc6EKFMAnEUHiSLMPSGzvkxGWpAvkJ6/Stce77oVST2XefSSrXGGqBvs2kqxrdFX0gM8IsmYA4E+8aRJaZSntqMhkVNr25juJQnkOdO6F0aaQ4lqCAmV9fQOXMpYqFIKjvUS/ZWlNteBKCn3lc6Jxay8UQ7ALcYYk6p15K5jWVZQnOxkxS4YJYeyl+enkhaljVFMNR3LQ/7/myNfzyY8+g4c5UvnMM+V+672PXn1ROwuy1bUzfmPrUuFyi2Vm2avEuSn9NOProSvYCdQSH/m9M1bjxZwpTnGhzRZL/N5lPR9OHW7h6cUgSaHNFrqbZwlUlzXSYU/W9x9xYwfBkr0xUjgy1RyvI76U1K4WF60YNTsiXhGIh2aD298YehGUfcpAzZZmVP+4/CI8HUdO8yPH9bTD4keXbYHAnXalE/bxekzEGfd58ccjJz13jpNYtl9+P6TvirmwxjNZ5mHhIk1IUr4XxedtoSlF08x6/QKjXUkU3a6BW6CfG55wxDiTj8QumjUbyFZlpj9YJL9lzIjwtVpVUviM10/ip0wKGXOblWDgKtqDCcjh7QiwTJfd4qhR1n1TvpTWaHglcIoamKG0TZTkqUWMeDZVE7fn4SHu0e6Fg8KUfxSeEIcXoRLzBpyh+cXg3XTDcTObc8Ht7YXu20myNbinzMBN5YX1V0kx0+6l/O+j3W3tzwwoSba0x/k5azLyxdTMe/BG0T2iYyauinaC1aWenldAaLZSC3ltfw+LIFkom8CMPOxaVoBjFE2PshZXkBxcF3lTvYZxMH2A8fB0uv89S+pi+TNL5aEify9GEt4bP43Gy5M/J8zRdJvPv/J0uFslDujhFG77Oklk6Z6AknE7u7ubpYsGA6TidPT5PA1SaLF7m6SSdLs8RRnfpdDm6Hw2T5eh5yhDjMQv6kjykJ7zfJs93o/tROl+Q/u0r8GgssybTuWoVXhouWhw/mye/W/uS/g+PY7nCN8x6pkTN49Tal51m4o9iSN9EUSok0OYifsOEkujCE7JE26EOBCvhJI/MPtsCD3hCG53tqZKG33n+8pAUfhcKwAn1PXNPNu+NzfA4aWZ7d3yn/BUAAP//SwsNmNoQAAA="
},
"mode": 384
}
]
}
}
----
----