[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: virt-builder metadata for Debian cloud images

On Wed, Jul 22, 2015 at 11:24:09AM +0200, Pino Toscano wrote:
>On Wednesday 22 July 2015 00:13:43 Steve McIntyre wrote:
>> The build is done insida a VM hosted on our CD / live image production
>> machine (pettersson.debian.org) - that's where the openstack images
>> are made. It's not easy to give out access to that VM, but it's easy
>> enough to add extra steps to the image production code that runs
>> there. There's a slight snag, though - the signing process is outside
>> of the VM so we'd probably have to generate the index file then
>> post-process it to add the signature.
>Sounds OK for me -- we can create the snippet of index for each image
>generated during that process, and later when publishing the image
>aggregate all the index snippets into a single index file.
>Could you please point me to the build scripts, so I can start taking
>a look at them?

Sure. My wrapper code is in


There's not much magic there - look at
available/run-30openstack-build, which calls
build-openstack-debian-image for the heavy lifting.

>Regarding signing: let's start generating the index for the images as
>first step, so we have the process running, and later get the signing


>> >Also, a different chapter would be having proper non-cloud qcow2
>> >images available (always with virt-builder metadata, of course).
>> >This, other than allowing us to avoid maintaining Debian images, would
>> >mean virt-builder users can get official images of stable released,
>> >updated periodically.
>> >Would that be something useful? If so, how/where/etc could this process
>> >get started?
>> Sure, we can do that too - we have scope for producing all sorts of
>> images. It's something that there's going to be discussion about at
>> DebConf next month, in fact!
>If it could be helpful, we use d-i based scripts for generate the
>templates we host on libguestfs.org: you can see at [1] debian.sh and
>debian.preseed for the actual image building, and compress.sh for the
>cleaning up and compression. They should be runnable as normal user,
>so there could be even no need for additional VM for building them.
>[1] https://github.com/libguestfs/libguestfs/tree/master/builder/website

Cool, that looks useful. We're using the VM explicitly to allow for
some root access, so it would be nice to play with alternatives.

Steve McIntyre, Cambridge, UK.                                steve@einval.com
  Getting a SCSI chain working is perfectly simple if you remember that there
  must be exactly three terminations: one on one end of the cable, one on the
  far end, and the goat, terminated over the SCSI chain with a silver-handled
  knife whilst burning *black* candles. --- Anthony DeBoer

Reply to: