Suchen

Dieser Inhalt ist in der von Ihnen ausgewählten Sprache nicht verfügbar.

Chapter 7. Composing a customized RHEL system image

download PDF

7.1. Image builder description

To deploy a system on a cloud platform, create a system image. To create RHEL system images, use the image builder tool.

7.1.1. What is image builder?

You can use image builder to create customized system images of RHEL, including system images prepared for deployment on cloud platforms. Image builder automatically handles the setup details for each output type and is therefore easier to use and faster to work with than manual methods of image creation. You can access the image builder functionality through a command-line interface in the composer-cli tool, or a graphical user interface in the RHEL web console.

Note

From RHEL 8.3 onward, the osbuild-composer back end replaces lorax-composer. The new service provides REST APIs for image building.

7.1.2. Image builder terminology

Blueprint

A blueprint is a description of a customized system image. It lists the packages and customizations that will be part of the system. You can edit blueprints with customizations and save them as a particular version. When you create a system image from a blueprint, the image is associated with the blueprint in the image builder interface of the RHEL web console.

You can create blueprints in the TOML format.

Compose
Composes are individual builds of a system image, based on a specific version of a particular blueprint. Compose as a term refers to the system image, the logs from its creation, inputs, metadata, and the process itself.
Customizations
Customizations are specifications for the image that are not packages. This includes users, groups, and SSH keys.

7.1.3. Image builder output formats

Image builder can create images in multiple output formats shown in the following table. To check the supported types, run the command:

# composer-cli compose types
Table 7.1. Image builder output formats
DescriptionCLI namefile extension

QEMU QCOW2 Image

qcow2

.qcow2

TAR Archive

tar

.tar

Amazon Machine Image Disk

ami

.raw

Azure Disk Image

vhd

.vhd

Google Cloud Platform

gce

.vhd

VMware Virtual Machine Disk

vmdk

.vmdk

Openstack

openstack

.qcow2

RHEL for Edge Commit

edge-commit

.tar

RHEL for Edge Container

edge-container

.tar

RHEL for Edge Installer

edge-installer

.iso

RHEL for Edge Raw

edge-raw-image

.tar

RHEL for Edge Simplified Installer

edge-simplified-installer

.iso

ISO image

image-installer

.iso

7.1.4. Image builder system requirements

The environment where image builder runs, for example a dedicated virtual machine, must meet requirements listed in the following table.

Table 7.2. Image builder system requirements
ParameterMinimal Required Value

System type

A dedicated virtual machine. Note that image builder is not supported on containers, including Red Hat Universal Base Images (UBI).

Processor

2 cores

Memory

4 GiB

Disk space

20 GiB of free space in the /var filesystem

Access privileges

Administrator level (root)

Network

Internet connectivity

Note

If you do not have internet connectivity, you can use image builder in isolated networks if you reconfigure it to not connect to Red Hat Content Delivery Network (CDN). For that, you must override the default repositories to point to your local repositories. Ensure that you have your content mirrored internally or use Red Hat Satellite. See Managing repositories for more details.

7.2. Installing image builder

Image builder is a tool for creating custom system images. Before using image builder, you must install image builder in a virtual machine.

7.2.1. Image builder system requirements

The environment where image builder runs, for example a dedicated virtual machine, must meet requirements listed in the following table.

Table 7.3. Image builder system requirements
ParameterMinimal Required Value

System type

A dedicated virtual machine. Note that image builder is not supported on containers, including Red Hat Universal Base Images (UBI).

Processor

2 cores

Memory

4 GiB

Disk space

20 GiB of free space in the /var filesystem

Access privileges

Administrator level (root)

Network

Internet connectivity

Note

If you do not have internet connectivity, you can use image builder in isolated networks if you reconfigure it to not connect to Red Hat Content Delivery Network (CDN). For that, you must override the default repositories to point to your local repositories. Ensure that you have your content mirrored internally or use Red Hat Satellite. See Managing repositories for more details.

7.2.2. Installing image builder in a virtual machine

To install image builder on a dedicated virtual machine (VM), follow these steps:

Prerequisites

  • You must be connected to a RHEL VM.
  • The VM for image builder must be running and subscribed to Red Hat Subscription Manager (RHSM) or Red Hat Satellite.

Procedure

  1. Install the image builder and other necessary packages on the VM:

    • osbuild-composer - supported from RHEL 8.3 onward
    • composer-cli
    • cockpit-composer
    • bash-completion
    # yum install osbuild-composer composer-cli cockpit-composer bash-completion

    The web console is installed as a dependency of the cockpit-composer package.

  2. Enable image builder to start after each reboot:

    # systemctl enable --now osbuild-composer.socket
    # systemctl enable --now cockpit.socket

    The osbuild-composer and cockpit services start automatically on first access.

  3. Load the shell configuration script so that the autocomplete feature for the composer-cli command starts working immediately without reboot:

    $ source /etc/bash_completion.d/composer-cli
Important

The osbuild-composer package is the new backend engine that will be the preferred default and focus of all new functionality beginning with Red Hat Enterprise Linux 8.3 and later. The previous backend lorax-composer package is considered deprecated, will only receive select fixes for the remainder of the Red Hat Enterprise Linux 8 life cycle and will be omitted from future major releases. It is recommended to uninstall lorax-composer in favor of osbuild-composer.

Verification

You can use a system journal to track image builder service activities. Additionally, you can find the log messages in the file.

  • To find the journal output for traceback, run the following commands:

    $ journalctl | grep osbuild
  • To show both remote or local workers:

    $ journalctl -u osbuild-worker*
  • To show the running services:

    $ journalctl -u osbuild-composer.service

7.2.3. Reverting to lorax-composer image builder backend

The osbuild-composer backend, though much more extensible, does not currently achieve feature parity with the previous lorax-composer backend.

To revert to the previous backend, follow the steps:

Prerequisites

  • You have installed the osbuild-composer package

Procedure

  1. Remove the osbuild-composer backend.

    # yum remove osbuild-composer
    # yum remove weldr-client
  2. In the /etc/yum.conf file, add an exclude entry for osbuild-composer package.

    # cat /etc/yum.conf
    [main]
    gpgcheck=1
    installonly_limit=3
    clean_requirements_on_remove=True
    best=True
    skip_if_unavailable=False
    exclude=osbuild-composer weldr-client
  3. Install the lorax-composer package.

    # yum install lorax-composer composer-cli
  4. Enable and start the lorax-composer service to start after each reboot.

    # systemctl enable --now lorax-composer.socket
    # systemctl start lorax-composer

Additional resources

7.3. Creating system images using the image builder command-line interface

Image builder is a tool for creating custom system images. To control image builder and create your custom system images, you can use the command-line interface (CLI) or the web console interface. Currently, however, the CLI is the preferred method to use image builder.

7.3.1. Introducing the image builder command-line interface

The image builder command-line interface (CLI) is currently the preferred method to use image builder. It offers more functionality than the web console interface. To use the CLI, run the composer-cli command with the suitable options and subcommands.

The workflow for the command-line interface can be summarized as follows:

  1. Export (save) the blueprint definition to a plain text file
  2. Edit this file in a text editor
  3. Import (push) the blueprint text file back into image builder
  4. Run a compose to build an image from the blueprint
  5. Export the image file to download it

Apart from the basic subcommands to achieve this procedure, the composer-cli command offers many subcommands to examine the state of configured blueprints and composes.

To run the composer-cli commands as non-root, the user must be in the weldr or root groups.

  • To add a user to the weldr or root groups, run the following commands:

    $ sudo usermod -a -G weldr user
    $ newgrp weldr

7.3.2. Creating an image builder blueprint using the command-line interface

You can create a new image builder blueprint using the command-line interface (CLI). The blueprint describes the final image and its customizations, such as packages, and kernel customizations.

Prerequisite

  • Access to the image builder tool.

Procedure

  1. Create a plain text file with the following contents:

    name = "BLUEPRINT-NAME"
    description = "LONG FORM DESCRIPTION TEXT"
    version = "0.0.1"
    modules = []
    groups = []

    Replace BLUEPRINT-NAME and LONG FORM DESCRIPTION TEXT with a name and description for your blueprint.

    Replace 0.0.1 with a version number according to the Semantic Versioning scheme.

  2. For every package that you want to be included in the blueprint, add the following lines to the file:

    [[packages]]
    name = "package-name"
    version = "package-version"

    Replace package-name with the name of the package, such as httpd, gdb-doc, or coreutils.

    Replace package-version with the version to use. This field supports dnf version specifications:

    • For a specific version, use the exact version number such as 8.7.0.
    • For the latest available version, use the asterisk *.
    • For the latest minor version, use formats such as 8.*.
  3. Customize your blueprints to suit your needs. For example, disable Simultaneous Multi Threading (SMT), add the following lines to the blueprint file:

    [customizations.kernel]
    append = "nosmt=force"

    For additional customizations available, see Supported Image Customizations.

  4. Save the file, for example, as BLUEPRINT-NAME.toml and close the text editor.
  5. Push (import) the blueprint:

    # composer-cli blueprints push BLUEPRINT-NAME.toml

    Replace BLUEPRINT-NAME with the value you used in previous steps.

    Note

    To create images using composer-cli as non-root, add your user to the weldr or root groups.

    # usermod -a -G weldr user
    $ newgrp weldr

Verification

  • List the existing blueprints to verify that the blueprint has been pushed and exists:

    # composer-cli blueprints list
  • Display the blueprint configuration you have just added:

    # composer-cli blueprints show BLUEPRINT-NAME
  • Check whether the components and versions listed in the blueprint and their dependencies are valid:

    # composer-cli blueprints depsolve BLUEPRINT-NAME

    If image builder is unable to depsolve a package from your custom repositories, follow the steps:

  • Remove the osbuild-composer cache:

    $ sudo rm -rf /var/cache/osbuild-composer/*
    $ sudo systemctl restart osbuild-composer

7.3.3. Editing an image builder blueprint with command-line interface

You can edit an existing image builder blueprint in the command-line (CLI) interface to, for example, add a new package, or define a new group, and to create your customized images. For that, follow the steps:

Prerequisites

  • You have created a blueprint.

Procedure

  1. Save (export) the blueprint to a local text file:

    # composer-cli blueprints save BLUEPRINT-NAME
  2. Edit the BLUEPRINT-NAME.toml file with a text editor and make your changes.
  3. Before finishing the edits, verify that the file is a valid blueprint:

    1. Remove this line, if present:

      packages = []
    2. Increase the version number, for example, fro 0.0.1 to 0.1.0. Remember that image builder blueprint versions must use the Semantic Versioning scheme. Note also that if you do not change the version, the patch version component increases automatically.
    3. Check if the contents are valid TOML specifications. See the TOML documentation for more information.

      Note

      TOML documentation is a community product and is not supported by Red Hat. You can report any issues with the tool at https://github.com/toml-lang/toml/issues

  4. Save the file and close the text editor.
  5. Push (import) the blueprint back into image builder:

    # composer-cli blueprints push BLUEPRINT-NAME.toml
    Note

    To import the blueprint back into image builder, supply the file name including the .toml extension, while in other commands use only the blueprint name.

  6. To verify that the contents uploaded to image builder match your edits, list the contents of blueprint:

    # composer-cli blueprints show BLUEPRINT-NAME
  7. Check whether the components and versions listed in the blueprint and their dependencies are valid:

    # composer-cli blueprints depsolve BLUEPRINT-NAME

Additional resources

7.3.4. Creating a system image with image builder in the command-line interface

You can build a custom image using the image builder command-line interface.

Prerequisites

Procedure

  1. Start the compose:

    # composer-cli compose start BLUEPRINT-NAME IMAGE-TYPE

    Replace BLUEPRINT-NAME with name of the blueprint, and IMAGE-TYPE with the type of the image. For the available values, see the output of the composer-cli compose types command.

    The compose process starts in the background and shows the composer Universally Unique Identifier (UUID).

  2. Wait until the compose process is finished. The image creation can take up to ten minutes to complete.

    To check the status of the compose:

    # composer-cli compose status

    A finished compose shows the FINISHED status value. To identify your compose in the list, use its UUID.

  3. After the compose process is finished, download the resulting image file:

    # composer-cli compose image UUID

    Replace UUID with the UUID value shown in the previous steps.

Verification

After you create your image, you can check the image creation progress using the following commands:

  • Check the compose status:

    $ sudo composer-cli compose status
  • Download the metadata of the image:

    $ sudo composer-cli compose metadata UUID
  • Download the logs of the image:

    $ sudo composer-cli compose logs UUID

    The command creates a .tar file that contains the logs for the image creation. If the logs are empty, you can check the journal.

  • Check the journal:

    $ journalctl | grep osbuild
  • Check the manifest:

    $ sudo cat /var/lib/osbuild-composer/jobs/job_UUID.json

    You can find the job_UUID.json in the journal.

Additional resources

7.3.5. Basic image builder command-line commands

The image builder command-line interface offers the following subcommands.

Blueprint manipulation

List all available blueprints
# composer-cli blueprints list
Show a blueprint contents in the TOML format
# composer-cli blueprints show BLUEPRINT-NAME
Save (export) blueprint contents in the TOML format into a file BLUEPRINT-NAME.toml
# composer-cli blueprints save BLUEPRINT-NAME
Remove a blueprint
# composer-cli blueprints delete BLUEPRINT-NAME
Push (import) a blueprint file in the TOML format into image builder
# composer-cli blueprints push BLUEPRINT-NAME

Composing images from blueprints

List the available image types
# composer-cli compose types
Start a compose
# composer-cli compose start BLUEPRINT COMPOSE-TYPE

Replace BLUEPRINT with the name of the blueprint to build, and COMPOSE-TYPE with the output image type.

List all composes
# composer-cli compose list
List all composes and their status
# composer-cli compose status
Cancel a running compose
# composer-cli compose cancel COMPOSE-UUID
Delete a finished compose
# composer-cli compose delete COMPOSE-UUID
Show detailed information about a compose
# composer-cli compose info COMPOSE-UUID
Download image file of a compose
# composer-cli compose image COMPOSE-UUID
See more subcommands and options
# composer-cli help

Additional resources

  • composer-cli(1) man page

7.3.6. Image builder blueprint format

Image builder blueprints are presented to the user as plain text in the TOML format.

The elements of a typical blueprint file include the following:

The blueprint metadata
name = "BLUEPRINT-NAME"
description = "LONG FORM DESCRIPTION TEXT"
version = "VERSION"

The BLUEPRINT-NAME and LONG FORM DESCRIPTION TEXT field are a name and description for your blueprint.

The VERSION is a version number according to the Semantic Versioning scheme.

This part is present only once for the entire blueprint file.

The modules entry lists the package names and versions of packages to be installed into the image.

The group entry describes a group of packages to be installed into the image. Groups use the following package categories:

  • Mandatory
  • Default
  • Optional

    Blueprints install the mandatory and default packages. There is no mechanism for selecting optional packages.

Groups to include in the image
[[groups]]
name = "group-name"

The group-name is the name of the group, for example, anaconda-tools, widget, wheel or users.

Packages to include in the image
[[packages]]
name = "package-name"
version = "package-version"

package-name is the name of the package, such as httpd, gdb-doc, or coreutils.

package-version is a version to use. This field supports dnf version specifications:

  • For a specific version, use the exact version number such as 8.7.0.
  • For latest available version, use the asterisk *.
  • For a latest minor version, use a format such as 8.*.

Repeat this block for every package to include.

Note

Currently there are no differences between packages and modules in the image builder tool. Both are treated as RPM package dependencies.

7.3.7. Supported image customizations

You can customize your image by adding to your blueprint an additional RPM package, by enabling a service, or by customizing a kernel command line parameter. You can use several image customizations within blueprints. To make use of these options, you must configure the customizations in the blueprint and import (push) it to image builder.

Note

These customizations are not supported when using image builder in the web console.

Select a package group
[[packages]]
name = "package_group_name"

Replace "package_group_name" with the name of the group. For example, "@server with gui".

Set the image hostname
[customizations]
hostname = "baseimage"
User specifications for the resulting system image
[[customizations.user]]
name = "USER-NAME"
description = "USER-DESCRIPTION"
password = "PASSWORD-HASH"
key = "PUBLIC-SSH-KEY"
home = "/home/USER-NAME/"
shell = "/usr/bin/bash"
groups = ["users", "wheel"]
uid = NUMBER
gid = NUMBER

The GID is optional and must already exist in the image. Optionally, a package creates it, or the blueprint creates the GID by using the [[customizations.group]] entry.

Important

To generate the password hash, you must install python3 on your system.

# yum install python3

Replace PASSWORD-HASH with the actual password hash. To generate the password hash, use a command such as:

$ python3 -c 'import crypt,getpass;pw=getpass.getpass();print(crypt.crypt(pw) if (pw==getpass.getpass("Confirm: ")) else exit())'

Replace PUBLIC-SSH-KEY with the actual public key.

Replace the other placeholders with suitable values.

You must enter the name. You can omit any of the lines that you do not need.

Repeat this block for every user to include.

Group specifications for the resulting system image
[[customizations.group]]
name = "GROUP-NAME"
gid = NUMBER

Repeat this block for every group to include.

Set an existing users SSH key
[[customizations.sshkey]]
user = "root"
key = "PUBLIC-SSH-KEY"
Note

The "Set an existing users SSH key" customization is only applicable for existing users. To create a user and set an SSH key, see the User specifications for the resulting system image customization.

Append a kernel boot parameter option to the defaults
[customizations.kernel]
append = "KERNEL-OPTION"
By default, image builder builds a default kernel into the image. But, you can customize the kernel with the following configuration in blueprint
[customizations.kernel]
name = "KERNEL-rt"
Define a kernel name to use in an image
[customizations.kernel.name]
name = "KERNEL-NAME"
Set the timezone and the Network Time Protocol (NTP) servers for the resulting system image
[customizations.timezone]
timezone = "TIMEZONE"
ntpservers = "NTP_SERVER"

If you do not set a timezone, the system uses Universal Time, Coordinated (UTC) as default. Setting NTP servers is optional.

Set the locale settings for the resulting system image
[customizations.locale]
languages = ["LANGUAGE"]
keyboard = "KEYBOARD"

Setting both the language and the keyboard options is mandatory. You can add many other languages. The first language you add will be the primary language and the other languages will be secondary. For example:

[customizations.locale]
languages = ["en_US.UTF-8"]
keyboard = "us"

To list the values supported by the languages, run the following command:

$ localectl list-locales

To list the values supported by the keyboard, run the following command:

$ localectl list-keymaps
Set the firewall for the resulting system image
[customizations.firewall]
port = ["PORTS"]

To enable lists, you can use numeric ports, or their names from the /etc/services file.

Customize the firewall services

Review the available firewall services.

$ firewall-cmd --get-services

In the blueprint, under section customizations.firewall.service, specify the firewall services that you want to customize.

[customizations.firewall.services]
enabled = ["SERVICES"]
disabled = ["SERVICES"]

The services listed in firewall.services are different from the service-names available in the /etc/services file.

Note

If you do not want to customize the firewall services, omit the [customizations.firewall] and [customizations.firewall.services] sections from the blueprint.

Set which services to enable during the boot time
[customizations.services]
enabled = ["SERVICES"]
disabled = ["SERVICES"]

You can control which services to enable during the boot time. Some image types already have services enabled or disabled to ensure that the image works correctly and this setup cannot be overridden. The [customizations.services] customization in the blueprint do not replace these services, but add them to the list of services already present in the image templates.

Note

Each time a build starts, it clones the repository of the host system. If you refer to a repository with a large amount of history, it might take some time to clone and it uses a significant amount of disk space. Also, the clone is temporary and the build removes it after it creates the RPM package.

Specify a custom filesystem configuration

You can specify a custom filesystem configuration in your blueprints and therefore create images with a specific disk layout, instead of the default layout configuration. By using the non-default layout configuration in your blueprints, you can benefit from:

  • security benchmark compliance
  • protection against out-of-disk errors
  • improved performance
  • consistency with existing setups

    To customize the filesystem configuration in your blueprint:

    [[customizations.filesystem]]
    mountpoint = "MOUNTPOINT"
    size = MINIMUM-PARTITION-SIZE

    The blueprint supports the following mountpoints and their sub-directories:

    • / - the root mount point
    • /var
    • /home
    • /opt
    • /srv
    • /usr
    • /app
    • /data
    • /boot - Supported from RHEL 8.7 and RHEL 9.1 onward.

      Note

      Customizing mount points is only supported from RHEL 8.5 and RHEL 9.0 distributions onward, by using the CLI. In earlier distributions, you can only specify the root partition as a mount point and specify the size argument as an alias for the image size.

      If you have more than one partition in the customized image, you can create images with a customized file system partition on LVM and resize those partitions at runtime. To do this, you can specify a customized filesystem configuration in your blueprint and therefore create images with the desired disk layout. The default filesystem layout remains unchanged - if you use plain images without file system customization, and cloud-init resizes the root partition.

      Note

      From 8.6 onward, for the osbuild-composer-46.1-1.el8 RPM and later version, the physical partitions are no longer available and filesystem customizations create logical volumes.

      The blueprint automatically converts the file system customization to a LVM partition.

      The MINIMUM-PARTITION-SIZE value has no default size format. The blueprint customization supports the following values and units: kB to TB and KiB to TiB. For example, you can define the mount point size in bytes:

      [[customizations.filesystem]]
      mountpoint = "/var"
      size = 1073741824

      You can also define the mount point size by using units.

      Note

      You can only define the mount point size by using units for the package version provided for RHEL 8.6 and RHEL 9.0 distributions onward.

      For example:

      [[customizations.filesystem]]
      mountpoint = "/opt"
      size = "20 GiB"
      
      or
      
      [[customizations.filesystem]]
      mountpoint = "/boot"
      size = "1 GiB"

7.3.8. Packages installed by image builder

When you create a system image using image builder, the system installs a set of base packages. By default, image builder uses the Core group as the base list of packages.

Table 7.4. Default packages to support image type creation
Image typeDefault Packages

ami

checkpolicy, chrony, cloud-init, cloud-utils-growpart, @Core, dhcp-client, gdisk, insights-client, kernel, langpacks-en, net-tools, NetworkManager, redhat-release, redhat-release-eula, rng-tools, rsync, selinux-policy-targeted, tar, yum-utils

openstack

@core, langpacks-en

qcow2

@core, chrony, dnf, kernel, yum, nfs-utils, dnf-utils, cloud-init, python3-jsonschema, qemu-guest-agent, cloud-utils-growpart, dracut-norescue, tar, tcpdump, rsync, dnf-plugin-spacewalk, rhn-client-tools, rhnlib, rhnsd, rhn-setup, NetworkManager, dhcp-client, cockpit-ws, cockpit-system, subscription-manager-cockpit, redhat-release, redhat-release-eula, rng-tools, insights-client

tar

policycoreutils, selinux-policy-targeted

vhd

@core, langpacks-en

vmdk

@core, chrony, cloud-init, firewalld, langpacks-en, open-vm-tools, selinux-policy-targeted

edge-commit

attr, audit, basesystem, bash, bash-completion, chrony, clevis, clevis-dracut, clevis-luks, container-selinux, coreutils,criu, cryptsetup, curl, dnsmasq, dosfstools, dracut-config-generic, dracut-network, e2fsprogs, firewalld, fuse-overlayfs, fwupd, glibc, glibc-minimal-langpack, gnupg2, greenboot, gzip, hostname, ima-evm-utils, iproute, iptables, iputils, keyutils, less, lvm2, NetworkManager, NetworkManager-wifi, NetworkManager-wwan, nss-altfiles, openssh-clients, openssh-server, passwd, pinentry, platform-python, podman, policycoreutils, policycoreutils-python-utils, polkit, procps-ng, redhat-release, rootfiles, rpm, rpm-ostree, rsync, selinux-policy-targeted, setools-console, setup, shadow-utils, shadow-utils, skopeo, slirp4netns, sudo, systemd, tar, tmux, traceroute, usbguard, util-linux, vim-minimal, wpa_supplicant, xz

edge-container

dnf, dosfstools, e2fsprogs, glibc, lorax-templates-generic, lorax-templates-rhel, lvm2, policycoreutils, python36, python3-iniparse, qemu-img, selinux-policy-targeted, systemd, tar, xfsprogs, xz

edge-installer

aajohan-comfortaa-fonts, abattis-cantarell-fonts, alsa-firmware, alsa-tools-firmware, anaconda, anaconda-install-env-deps, anaconda-widgets, audit, bind-utils, bitmap-fangsongti-fonts, bzip2, cryptsetup, dbus-x11, dejavu-sans-fonts, dejavu-sans-mono-fonts, device-mapper-persistent-data, dnf, dump, ethtool, fcoe-utils, ftp, gdb-gdbserver, gdisk, gfs2-utils, glibc-all-langpacks, google-noto-sans-cjk-ttc-fonts, gsettings-desktop-schemas, hdparm, hexedit, initscripts, ipmitool, iwl3945-firmware, iwl4965-firmware, iwl6000g2a-firmware, iwl6000g2b-firmware, jomolhari-fonts, kacst-farsi-fonts, kacst-qurn-fonts, kbd, kbd-misc, kdump-anaconda-addon, khmeros-base-fonts, libblockdev-lvm-dbus, libertas-sd8686-firmware, libertas-sd8787-firmware, libertas-usb8388-firmware, libertas-usb8388-olpc-firmware, libibverbs, libreport-plugin-bugzilla, libreport-plugin-reportuploader, libreport-rhel-anaconda-bugzilla, librsvg2, linux-firmware, lklug-fonts, lldpad, lohit-assamese-fonts, lohit-bengali-fonts, lohit-devanagari-fonts, lohit-gujarati-fonts, lohit-gurmukhi-fonts, lohit-kannada-fonts, lohit-odia-fonts, lohit-tamil-fonts, lohit-telugu-fonts, lsof, madan-fonts, metacity, mtr, mt-st, net-tools, nmap-ncat, nm-connection-editor, nss-tools, openssh-server, oscap-anaconda-addon, pciutils, perl-interpreter, pigz, python3-pyatspi, rdma-core, redhat-release-eula, rpm-ostree, rsync, rsyslog, sg3_utils, sil-abyssinica-fonts, sil-padauk-fonts, sil-scheherazade-fonts, smartmontools, smc-meera-fonts, spice-vdagent, strace, system-storage-manager, thai-scalable-waree-fonts, tigervnc-server-minimal, tigervnc-server-module, udisks2, udisks2-iscsi, usbutils, vim-minimal, volume_key, wget, xfsdump, xorg-x11-drivers,xorg-x11-fonts-misc,xorg-x11-server-utils,xorg-x11-server-Xorg, xorg-x11-xauth

edge-simplified-installer

attr, basesystem, binutils, bsdtar, clevis-dracut, clevis-luks, cloud-utils-growpart, coreos-installer, coreos-installer-dracut, coreutils, device-mapper-multipath, dnsmasq, dosfstools, dracut-live, e2fsprogs, fcoe-utils, fdo-init, gzip, ima-evm-utils, iproute, iptables, iputils, iscsi-initiator-utils, keyutils, lldpad, lvm2, passwd, policycoreutils, policycoreutils-python-utils, procps-ng, rootfiles, setools-console, sudo, traceroute, util-linux

image-installer

anaconda-dracut, curl, dracut-config-generic, dracut-network, hostname, iwl100-firmware, iwl1000-firmware, iwl105-firmware, iwl135-firmware, iwl2000-firmware, iwl2030-firmware, iwl3160-firmware, iwl5000-firmware, iwl5150-firmware, iwl6000-firmware, iwl6050-firmware, iwl7260-firmware, kernel, less, nfs-utils, openssh-clients, ostree, plymouth, prefixdevname, rng-tools, rpcbind, selinux-policy-targeted, systemd, tar, xfsprogs, xz

edge-raw-image

dnf, dosfstools, e2fsprogs, glibc, lorax-templates-generic, lorax-templates-rhel, lvm2, policycoreutils, python36, python3-iniparse, qemu-img, selinux-policy-targeted, systemd, tar, xfsprogs, xz

gce

@core, langpacks-en, acpid, dhcp-client, dnf-automatic, net-tools, python3, rng-tools, tar, vim

Note

When you add additional components to your blueprint, ensure that the packages in the components you added do not conflict with any other package components. Otherwise, the system fails to solve dependencies and creating your customized image fails. You can check if there is no conflict between the packages by running the command:

# composer-cli blueprints depsolve BLUEPRINT-NAME

Additional resources

7.3.9. Enabled services on custom images

When you use image builder to configure a custom image, the default services that the image uses are determined by the following:

  • The RHEL release on which you use the osbuild-composer utility
  • The image type

For example, the ami image type enables the sshd, chronyd, and cloud-init services by default. If these services are not enabled, the custom image does not boot.

Table 7.5. Enabled services to support image type creation
Image typeDefault enabled Services

ami

sshd, cloud-init, cloud-init-local, cloud-config, cloud-final

openstack

sshd, cloud-init, cloud-init-local, cloud-config, cloud-final

qcow2

cloud-init

rhel-edge-commit

No extra service enables by default

tar

No extra service enables by default

vhd

sshd, chronyd, waagent, cloud-init, cloud-init-local, cloud-config, cloud-final

vmdk

sshd, chronyd, vmtoolsd, cloud-init

Note: You can customize which services to enable during the system boot. However, the customization does not override services enabled by default for the mentioned image types.

Additional resources

7.4. Creating system images using the image builder web console interface

Image builder is a tool for creating custom system images. To control image builder and create your custom system images, you can use the web console interface. Note that the command line interface is the currently preferred alternative, because it offers more features.

7.4.1. Accessing the image builder GUI in the RHEL web console

With the cockpit-composer plugin for the RHEL web console, you can manage image builder blueprints and composes using a graphical interface. The preferred method for controlling image builder is the command-line interface.

Prerequisites

  • You must have root access to the system.
  • You installed image builder.

Procedure

  1. Open https://localhost:9090/ in a web browser on the system where image builder is installed.

    For more information about how to remotely access image builder, see Managing systems using the RHEL web console document.

  2. Log in to the web console as the root user.
  3. To display the image builder controls, click the image builder icon, in the upper-left corner of the window.

    The image builder view opens, listing existing blueprints.

7.4.2. Creating an image builder blueprint in the web console interface

Creating a blueprint is a necessary step before describing the customized system image.

Prerequisites

Procedure

  1. Click Create Blueprint in the upper-right corner.

    A dialog wizard with fields for the blueprint name and description opens.

  2. Enter the name of the blueprint and, optionally, its description.
  3. Click Create.

The image builder view opens, listing existing blueprints.

7.4.3. Creating a system image using image builder in the web console interface

You can create a system image from a blueprint by completing the following steps:

Prerequisites

  • You opened the image builder app from web console in a browser.
  • You created a blueprint.

Procedure

  1. Click Back to blueprints to show the blueprints table.
  2. On the blueprint table, find the blueprint you want to build an image.

    1. Optionally, you can find the blueprint using the search box. Enter the blueprint name.
  3. On the right side of the chosen blueprint, click Create Image. The Create image dialog wizard opens.
  4. On the Image output page, complete the following steps:

    1. From the Image output type list, select the image type you want.

      1. You can upload some images to their target cloud environment, such as Amazon Web Service and Oracle Cloud Infrastructure. For that, check the Upload to Target cloud box .
      2. You are prompted to add credentials for the cloud environment on the next page.
  5. From the Image Size field, enter the image size. The minimum size depends on the image type. Click Next.
  6. On the Upload to Targeted_Cloud page, complete the following steps:

    NOTE:This page is not visible if you did not check the box to upload your image to the cloud environment.

    1. On the Authentication page, enter the information related to your target cloud account ID and click Next.
    2. On the Destination page, enter the information related to your target cloud account type and click Next.
  7. On the Customizations page, complete the following steps:

    1. On the System page, enter the Hostname. If you do not enter a hostname, the operating system determines a hostname for your system.
    2. On the Users page, click Add user:

      1. Mandatory: Enter a Username.
      2. Enter a password.
      3. Enter an SSH key.
      4. Check the box if you want to make the user a Server administrator. Click Next.
  8. On the Package page, complete the following steps:

    1. On the Available packages search field, enter the package name you want to add to your system image.

      Note

      Searching for the package can take some time to complete.

    2. Click the > arrow to add the selected package or packages. Click Next.
  9. On the Review page, review the details about the image creation. Click Save blueprint to save the customizations you added to your blueprint. Click Create image.

    The image build starts and takes up to 20 minutes to complete.

7.5. Preparing and uploading cloud images using image builder

Image builder can create custom system images ready for use on various cloud platforms. To use your customized RHEL system image in a cloud, create the system image with image builder using the respective output type, configure your system for uploading the image, and upload the image to your cloud account. You can push customized image clouds through the image builder application in the RHEL web console, available for a subset of the service providers that we support, such as AWS and Microsoft Azure clouds. See Pushing images to AWS Cloud AMI and Pushing VHD images to Microsoft Azure cloud.

7.5.1. Preparing to upload AWS AMI images

Before uploading an AWS AMI image, you must configure a system for uploading the images.

Prerequisites

Procedure

  1. Install Python 3 and the pip tool:

    # yum install python3
    # yum install python3-pip
  2. Install the AWS command-line tools with pip:

    # pip3 install awscli
  3. Run the following command to set your profile. The terminal prompts you to provide your credentials, region and output format:

    $ aws configure
    AWS Access Key ID [None]:
    AWS Secret Access Key [None]:
    Default region name [None]:
    Default output format [None]:
  4. Define a name for your bucket and use the following command to create a bucket:

    $ BUCKET=bucketname
    $ aws s3 mb s3://$BUCKET

    Replace bucketname with the actual bucket name. It must be a globally unique name. As a result, your bucket is created.

  5. To grant permission to access the S3 bucket, create a vmimport S3 Role in the AWS Identity and Access Management (IAM), if you have not already done so in the past:

    $ printf '{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": "vmie.amazonaws.com" }, "Action": "sts:AssumeRole", "Condition": { "StringEquals":{ "sts:Externalid": "vmimport" } } } ] }' > trust-policy.json
    $ printf '{ "Version":"2012-10-17", "Statement":[ { "Effect":"Allow", "Action":[ "s3:GetBucketLocation", "s3:GetObject", "s3:ListBucket" ], "Resource":[ "arn:aws:s3:::%s", "arn:aws:s3:::%s/*" ] }, { "Effect":"Allow", "Action":[ "ec2:ModifySnapshotAttribute", "ec2:CopySnapshot", "ec2:RegisterImage", "ec2:Describe*" ], "Resource":"*" } ] }' $BUCKET $BUCKET > role-policy.json
    $ aws iam create-role --role-name vmimport --assume-role-policy-document file://trust-policy.json
    $ aws iam put-role-policy --role-name vmimport --policy-name vmimport --policy-document file://role-policy.json

7.5.2. Uploading an AMI image to AWS using the CLI

You can use image builder to build ami images and push them directly to Amazon AWS Cloud service provider using the CLI.

Prerequisites

  • You have an Access Key ID configured in the AWS IAM account manager.
  • You have a writable S3 bucket prepared.
  • You have a defined blueprint.

Procedure

  1. Using the text editor, create a configuration file with the following content:

    provider = "aws"
    
    [settings]
    accessKeyID = "AWS_ACCESS_KEY_ID"
    secretAccessKey = "AWS_SECRET_ACCESS_KEY"
    bucket = "AWS_BUCKET"
    region = "AWS_REGION"
    key = "IMAGE_KEY"

    Replace values in the fields with your credentials for accessKeyID, secretAccessKey, bucket, and region. The IMAGE_KEY value is the name of your VM Image to be uploaded to EC2.

  2. Save the file as CONFIGURATION-FILE.toml and close the text editor.
  3. Start the compose:

    # composer-cli compose start BLUEPRINT-NAME IMAGE-TYPE IMAGE_KEY CONFIGURATION-FILE.toml

    Replace:

    • BLUEPRINT-NAME with the name of the blueprint you created
    • IMAGE-TYPE with the ami image type.
    • IMAGE_KEY with the name of your VM Image to be uploaded to EC2.
    • CONFIGURATION-FILE.toml with the name of the configuration file of the cloud provider.

      Note

      You must have the correct IAM settings for the bucket you are going to send your customized image to. You have to set up a policy to your bucket before you are able to upload images to it.

  4. Check the status of the image build and upload it to AWS:

    # composer-cli compose status

    After the image upload process is complete, you can see the "FINISHED" status.

Verification

To confirm that the image upload was successful:

  1. Access EC2 on the menu and select the correct region in the AWS console. The image must have the available status, to indicate that it was successfully uploaded.
  2. On the dashboard, select your image and click Launch.

7.5.3. Pushing images to AWS Cloud AMI

You can push the output image that you create directly to the Amazon AWS Cloud AMI service provider.

Prerequisites

Procedure

  1. Click the blueprint name.
  2. Select the tab Images.
  3. Click Create Image to create your customized image.

    A pop-up window opens.

    1. From the Type drop-down menu list, select Amazon Machine Image Disk (.raw).
    2. Check the Upload to AWS check box to upload your image to the AWS Cloud and click Next.
    3. To authenticate your access to AWS, type your AWS access key ID and AWS secret access key in the corresponding fields. Click Next.

      Note

      You can view your AWS secret access key only when you create a new Access Key ID. If you do not know your Secret Key, generate a new Access Key ID.

    4. Type the name of the image in the Image name field, type the Amazon bucket name in the Amazon S3 bucket name field and type the AWS region field for the bucket you are going to add your customized image to. Click Next.
    5. Review the information and click Finish.

      Optionally, you can click Back to modify any incorrect detail.

      Note

      You must have the correct IAM settings for the bucket you are going to send your customized image. This procedure uses the IAM Import and Export, so you have to set up a policy to your bucket before you are able to upload images to it. For more information, see Required Permissions for IAM Users.

  4. A small pop-up on the upper right informs you of the saving progress. It also informs that the image creation has been initiated, the progress of this image creation and the subsequent upload to the AWS Cloud.

    After the process is complete, you can see the Image build complete status.

  5. Click Service→EC2 on the menu and choose the correct region in the AWS console. The image must have the Available status, to indicate that it is uploaded.
  6. On the dashboard, select your image and click Launch.
  7. A new window opens. Choose an instance type according to the resources you need to start your image. Click Review and Launch.
  8. Review your instance start details. You can edit each section if you need to make any changes. Click Launch
  9. Before you start the instance, select a public key to access it.

    You can either use the key pair you already have or you can create a new key pair. Alternatively, you can use image builder to add a user to the image with a preset public key. See Creating a user account with an SSH key for more details.

    Follow the next steps to create a new key pair in EC2 and attach it to the new instance.

    1. From the drop-down menu list, select Create a new key pair.
    2. Enter the name to the new key pair. It generates a new key pair.
    3. Click Download Key Pair to save the new key pair on your local system.
  10. Then, you can click Launch Instance to start your instance.

    You can check the status of the instance, which displays as Initializing.

  11. After the instance status is running, the Connect button becomes available.
  12. Click Connect. A pop-up window appears with instructions on how to connect using SSH.

    1. Select A standalone SSH client as the preferred connection method to and open a terminal.
    2. In the location you store your private key, ensure that your key is publicly viewable for SSH to work. To do so, run the command:

      $ chmod 400 <your-instance-name.pem>_
    3. Connect to your instance using its Public DNS:

      $ ssh -i "<_your-instance-name.pem_"> ec2-user@<_your-instance-IP-address_>
    4. Type yes to confirm that you want to continue connecting.

      As a result, you are connected to your instance using SSH.

Verification

  1. Check if you are able to perform any action while connected to your instance using SSH.

7.5.4. Preparing to upload Microsoft Azure VHD images

You can use image builder to prepare a VHD image that can be uploaded to Microsoft Azure cloud.

Prerequisites

  • You must have a usable Microsoft Azure resource group and storage account.
  • You have python2 installed because the AZ CLI tool depends specifically on python 2.7.

Procedure

  1. Import the Microsoft repository key:

    # rpm --import https://packages.microsoft.com/keys/microsoft.asc
  2. Create a local azure-cli repository information:

    # sh -c 'echo -e "[azure-cli]\nname=Azure CLI\nbaseurl=https://packages.microsoft.com/yumrepos/azure-cli\nenabled=1\ngpgcheck=1\ngpgkey=https://packages.microsoft.com/keys/microsoft.asc" > /etc/yum.repos.d/azure-cli.repo'
  3. Install the Microsoft Azure CLI:

    # yumdownloader azure-cli
    # rpm -ivh --nodeps azure-cli-2.0.64-1.el7.x86_64.rpm
    Note

    The downloaded version of the Microsoft Azure CLI package may vary depending on the current available version.

  4. Run the Microsoft Azure CLI:

    $ az login

    The terminal shows the following message Note, we have launched a browser for you to login. For old experience with device code, use "az login --use-device-code. Then, the terminal opens a browser with a link to https://microsoft.com/devicelogin from where you can login.

    Note

    If you are running a remote (SSH) session, the https://microsoft.com/devicelogin link will not open in the browser. In this case, you can copy the link to a browser and login to authenticate your remote session. To sign in, use a web browser to open the page https://microsoft.com/devicelogin and enter the device code to authenticate.

  5. List the keys for the storage account in Microsoft Azure:

    $ GROUP=resource-group-name
    $ ACCOUNT=storage-account-name
    $ az storage account keys list --resource-group $GROUP --account-name $ACCOUNT

    Replace resource-group-name with name of your Microsoft Azure resource group and storage-account-name with name of your Microsoft Azure storage account.

    Note

    You can list the available resources using the following command:

    $ az resource list
  6. Make note of value key1 in the output of the previous command, and assign it to an environment variable:

    $ KEY1=value
  7. Create a storage container:

    $ CONTAINER=storage-account-name
    $ az storage container create --account-name $ACCOUNT \
    --account-key $KEY1 --name $CONTAINER

    Replace storage-account-name with name of the storage account.

Additional resources

7.5.5. Uploading VHD images to Microsoft Azure cloud

After you have created your customized VHD image, you can upload it to the Microsoft Azure cloud.

Prerequisites

  • Your system must be set up for uploading Microsoft Azure VHD images. See Preparing to upload Microsoft Azure VHD images.
  • You must have a Microsoft Azure VHD image created by image builder.

    • In the CLI, use the vhd output type.
    • In the GUI, use the Azure Disk Image (.vhd) image type.

      Procedure

      1. Push the image to Microsoft Azure and create an instance from it:

        $ VHD=25ccb8dd-3872-477f-9e3d-c2970cd4bbaf-disk.vhd
        $ az storage blob upload --account-name $ACCOUNT --container-name $CONTAINER --file $VHD --name $VHD --type page
        ...
      2. After the upload to the Microsoft Azure Blob storage completes, create a Microsoft Azure image from it:

        $ az image create --resource-group $GROUP --name $VHD --os-type linux --location eastus --source https://$ACCOUNT.blob.core.windows.net/$CONTAINER/$VHD
         - Running ...

Verification

  1. Create an instance either with the Microsoft Azure portal, or a command similar to the following:

    $ az vm create --resource-group $GROUP --location eastus --name $VHD --image $VHD --admin-username azure-user --generate-ssh-keys
     - Running ...
  2. Use your private key via SSH to access the resulting instance. Log in as azure-user.

7.5.6. Uploading VMDK images and creating a RHEL virtual machine in vSphere

Upload a .vmdk image to VMware vSphere using the govc import.vmdk CLI tool.

Note

Uploading the image via the UI is not supported.

Prerequisites

  • You created a blueprint with username and password customizations.
  • You created an .vmdk image by using image builder and downloaded it to your host system.
  • You installed the govc import.vmdk CLI tool.
  • You configured the govc import.vmdk CLI tool client.

    • you must set the following values in the environment:

      GOVC_URL
      GOVC_DATACENTER
      GOVC_FOLDER
      GOVC_DATASTORE
      GOVC_RESOURCE_POOL
      GOVC_NETWORK

Procedure

  1. Navigate to the directory where you downloaded your .vmdk image.
  2. Launch the image on vSphere by following the steps:

    1. Import the .vmdk image in to vSphere:

      $ govc import.vmdk ./composer-api.vmdk foldername
    2. Create the VM in VSphere without powering it on:

      govc vm.create \
      -net.adapter=vmxnet3 \
      -m=4096 -c=2 -g=rhel8_64Guest \
      -firmware=efi -disk=”foldername/composer-api.vmdk” \
      -disk.controller=scsi -on=false \
       vmname
    3. Power-on the VM:

      govc vm.power -on vmname
    4. Retrieve the VM IP address:

      HOST=$(govc vm.ip vmname)
    5. Use SSH to log in to the VM, using the username and password you specified in your blueprint:

      $ ssh admin@HOST
      Note

      If you copied the .vmdk image from your local host to the destination using the govc datastore.upload command, using the image is not supported. There is no option to use the import.vmdk command in the vSphere GUI and as a consequence, the vSphere GUI does not support the direct upload, as a consequence, the .vmdk image is not directly usable from the vSphere GUI.

7.5.7. Uploading images to GCP with image builder

With image builder you can build a gce image, provide credentials for your user or GCP service account, and then upload the gce image directly to the GCP environment.

7.5.7.1. Uploading a gce image to GCP using the CLI

Follow the procedure to set up a configuration file with credentials to upload your gce image to GCP.

Prerequisites

  • You have a user or service account Google credentials to upload images to GCP. The account associated with the credentials must have at least the following IAM roles assigned:

    • roles/storage.admin - to create and delete storage objects
    • roles/compute.storageAdmin - to import a VM image to Compute Engine.
  • You have an existing GCP bucket.

Procedure

  1. Using a text editor, create a gcp-config.toml configuration file with the following content:

    provider = "gcp"
    
    [settings]
    bucket = "GCP_BUCKET"
    region = "GCP_STORAGE_REGION"
    object = "OBJECT_KEY"
    credentials = "GCP_CREDENTIALS"

    Where:

    • GCP_BUCKET points to an existing bucket. It is used to store the intermediate storage object of the image which is being uploaded.
    • GCP_STORAGE_REGION is both a regular Google storage region and, a dual or multi region.
    • OBJECT_KEY is the name of an intermediate storage object. It must not exist before the upload, and it is deleted when the upload process is done. If the object name does not end with .tar.gz, the extension is automatically added to the object name.
    • GCP_CREDENTIALS is a Base64-encoded scheme of the credentials JSON file downloaded from GCP. The credentials determine which project the GCP uploads the image to.

      Note

      Specifying GCP_CREDENTIALS in the gcp-config.toml is optional if you use a different mechanism to authenticate with GCP. For more details on different ways to authenticate with GCP, see Authentication with GCP.

  2. Create a compose with an additional image name and cloud provider profile:

    $ sudo composer-cli compose start BLUEPRINT-NAME gce IMAGE_KEY gcp-config.toml

    Note: The image build, upload, and cloud registration processes can take up to ten minutes to complete.

Verification

  • Verify that the image status is FINISHED:

    $ sudo composer-cli compose status

7.5.7.2. Authenticating with GCP

You can use several different types of credentials with image builder to authenticate with GCP. If image builder configuration is set to authenticate with GCP using multiple sets of credentials, it uses the credentials in the following order of preference:

  1. Credentials specified with the composer-cli command in the configuration file.
  2. Credentials configured in the osbuild-composer worker configuration.
  3. Application Default Credentials from the Google GCP SDK library, which tries to automatically find a way to authenticate using the following options:

    1. If the GOOGLE_APPLICATION_CREDENTIALS environment variable is set, Application Default Credentials tries to load and use credentials from the file pointed to by the variable.
    2. Application Default Credentials tries to authenticate using the service account attached to the resource that is running the code. For example, Google Compute Engine VM.

      Note

      You must use the GCP credentials to determine which GCP project to upload the image to. Therefore, unless you want to upload all of your images to the same GCP project, you always must specify the credentials in the gcp-config.toml configuration file with the composer-cli command.

7.5.7.2.1. Specifying credentials with the composer-cli command

You can specify GCP authentication credentials in the provided upload target configuration gcp-config.toml. Use a Base64-encoded scheme of the Google account credentials JSON file to save time.

Procedure

  • In the provided upload target configuration gcp-config.toml, set the credentials:

    provider = "gcp"
    
    [settings]
    provider = "gcp"
    
    [settings]
    ...
    credentials = "GCP_CREDENTIALS"
  • To get the encoded content of the Google account credentials file with the path stored in GOOGLE_APPLICATION_CREDENTIALS environment variable, run the following command:

    $ base64 -w 0 "${GOOGLE_APPLICATION_CREDENTIALS}"
7.5.7.2.2. Specifying credentials in the osbuild-composer worker configuration

You can configure GCP authentication credentials to be used for GCP globally for all image builds. This way, if you want to import images to the same GCP project, you can use the same credentials for all image uploads to GCP.

Procedure

  • In the /etc/osbuild-worker/osbuild-worker.toml worker configuration, set the following credential value:

    [gcp]
    credentials = "PATH_TO_GCP_ACCOUNT_CREDENTIALS"

7.5.8. Pushing VMDK images to vSphere using the GUI image builder tool

You can build VMware images by using the GUI image builder tool and push the images directly to your vSphere instance, to avoid having to download the image file and push it manually. To create .vmdk images using image builder directly to vSphere instances service provider, follow the steps:

Prerequisites

Procedure

  1. For the blueprint you created, click the Images tab .
  2. Click Create Image to create your customized image.

    The Image type window opens.

  3. In the Image type window:

    1. From the dropdown menu, select the Type: VMware VSphere (.vmdk).
    2. Check the Upload to VMware checkbox to upload your image to the vSphere.
    3. Optional: Set the size of the image you want to instantiate. The minimal default size is 2GB.
    4. Click Next.
  4. In the Upload to VMware window, under Authentication, enter the following details:

    1. Username: username of the vSphere account.
    2. Password: pasword of the vSphere account.
  5. In the Upload to VMware window, under Destination, enter the following details:

    1. Image name: a name for the image to be uploaded.
    2. Host: The URL of your VMware vSphere where the image will be uploaded.
    3. Cluster: The name of the cluster where the image will be uploaded.
    4. Data center: The name of the data center where the image will be uploaded.
    5. Data store:The name of the Data store where the image will be uploaded.
    6. Click Next.
  6. In the Review window, review the details of the image creation and click Finish.

    You can click Back to modify any incorrect detail.

    Image builder adds the compose of a RHEL vSphere image to the queue, and creates and uploads the image to the Cluster on the vSphere instance you specified.

    Note

    The image build and upload processes take a few minutes to complete.

    After the process is complete, you can see the Image build complete status.

Verification

After the image status upload is completed successfully, you can create a Virtual Machine (VM) from the image you uploaded and login into it. To do so:

  1. Access VMware vSphere Client.
  2. Search for the image in the Cluster on the vSphere instance you specified.
  3. You can create a new VM from the image you uploaded:

    1. Select the image you uploaded.
    2. Right-click the selected image.
    3. Click New Virtual Machine.

      A New Virtual Machine window opens.

      In the New Virtual Machine window, provide the following details:

      1. Select New Virtual Machine.
      2. Select a name and a folder for your VM.
      3. Select a computer resource: choose a destination computer resource for this operation.
      4. Select storage: For example, select NFS-Node1
      5. Select compatibility: The image should be BIOS only.
      6. Select a guest operating system: For example, select Linux and Red Hat Fedora (64-bit).
      7. Customize hardware: When creating a VM, on the Device Configuration button on the upper right, delete the default New Hard Disk and use the drop-down to select an Existing Hard Disk disk image:
      8. Ready to complete: Review the details and click Finish to create the image.
    4. Navigate to the VMs tab.

      1. From the list, select the VM you created.
      2. Click the Start button from the panel. A new window appears, showing the VM image loading.
      3. Log in with the credentials you created for the blueprint.
      4. You can verify if the packages you added to the blueprint are installed. For example:

        $ rpm -qa | grep firefox

Additional resources

7.5.9. Pushing VHD images to Microsoft Azure cloud using the GUI image builder tool

You can create .vhd images using image builder. Then, you can push the .vhd images to a Blob Storage of the Microsoft Azure Cloud service provider.

Prerequisites

Procedure

  1. For the blueprint name, click the Images tab .
  2. Click Create Image