Suchen
SupportKonsoleEntwicklerDemo startenKontakt

Dieser Inhalt ist in der von Ihnen ausgewählten Sprache nicht verfügbar.

Chapter 5. Building and managing customized RHEL images

download PDF

You can use a blueprint to build customized RHEL images for a variety of deployment types by using Insights Images. You can build Conventional (RPM-DNF) images or Immutable (OSTree) images.

  • You can only launch customized images directly from the Hybrid Cloud Console to the AWS, GCP, and Microsoft Azure public clouds.
  • The VMDK customized images must first be uploaded to VMWare vSphere, deployed there, and then you can create a VM.
  • For the Guest image (.qcow2), and Installer (.iso), you can download these images and deploy them directly to virtual machines.
Warning

Red Hat Hybrid Cloud Console does not support uploading Amazon Web Services (AWS), Google Cloud Platform (GCP), and *Microsoft Azure images to GovCloud regions.

5.1. About building customized images

You can build either Conventional (RPM-DNF) images or Immutable (OStree) images from a blueprint.

  • The Conventional (RPM-DNF) enables you to manage or modify the system software by using the DNF package manager and updated RPM packages.
  • The Immutable (OStree) images contain a complete operating system ready to be remotely installed and allows you to manage the system software by referencing a central image repository. For more details, see Create RHEL for Edge images and configure automated management.

The image artifacts are saved for 14 days and expire after that. To avoid losing the image, transfer the image to your account before the expiration date. If an image has already expired, you can also re-create the exact image based on an existing blueprint to reuse the previous configuration.

You can share an existing AWS image to a new region to run on your AWS account so that all regions can launch with the same configuration.

You can also download the compose request of your image and use the image builder API to automate your image building tasks.

5.2. Building customized RHEL system image

Create customized RHEL system images from a blueprint by using Insights Images, and deploy the images on your target environment.

Prerequisites

Procedure

  1. Access Insights Images. The list of existing blueprints appears.

  2. Select the blueprint that you want to build an image from.

    1. Optionally, you can select the blueprint version from the dropdown menu.

  3. Click Build images. A pop-up alert informs that the image is being built.

    After the image process status is marked as Ready, you can use it in your deployments.

5.3. Accessing your customized RHEL image for AWS from your account

After you built your image, uploaded it to AWS, and the cloud registration process status is marked as Ready, you can access the image that you created and shared with your AWS EC2 account.

The shared image expire within 14 days. To permanently access your image, copy the image to your own AWS account.

Prerequisites

Procedure

  1. Access your AWS account and navigate to Service→EC2.
  2. In the navigation bar, verify if you are under the correct region: us-east-1.

  3. Click Images, and choose AMIs.

    The dashboard with the Owned by me images opens.

  4. From the dropdown menu, choose Private images.

    You can see the image successfully shared with the AWS account you specified.

5.4. Launching your customized RHEL system image for AWS from your AWS EC2

Launch the image that you shared with your AWS account to the Amazon Elastic Compute Cloud(Amazon EC2) compute platform.

Prerequisites

Procedure

  1. From the dropdown menu, under Private images, locate the image that you shared to the AWS account you specified.
  2. Select the image you want to launch.
  3. On the top of the panel, click Launch. You are redirected to the Choose an Instance Type window.
  4. Choose the instance type according to the resources you need to launch your image. Click Review and Launch.
  5. Review your instance launch details. You can edit each section, such as Security, Storage, for example, if you need to make any changes. After you finish the review, click Launch.

  6. To launch the instance, you must select a public key to access it.

    Create a new key pair in EC2 and attach it to the new instance.

    1. From the drop-down menu list, select Create a new key pair.
    2. Enter the name to the new key pair. It generates a new key pair.
    3. Click Download Key Pair to save the new key pair on your local system.

  7. Then, you can click Launch Instance to launch your instance.

    You can check the status of the instance, it shows as Initializing.

  8. After the instance status is running, the Connect button turns available.

  9. Click Connect. A popup window appears with instructions on how to connect by using SSH.

    1. Select the preferred connection method to A standalone SSH client and open a terminal.

    2. In the location you store your private key, make sure that your key is publicly viewable for SSH to work. To do so, run the command: 

      $ chmod 400 <your-instance-name.pem>

    3. Connect to your instance by using its Public DNS: 

      $ ssh -i "<_your-instance-name.pem_> ec2-user@<_your-instance-IP-address_>"
    4. Type yes to confirm that you want to continue connecting.

As a result, you are connected to your instance over SSH.

Verification

  • From a terminal, check if you are able to perform any action while connected to your instance by using SSH.

5.5. Copying your customized RHEL system image for AWS to a different region on your AWS EC2

You can copy the image you successfully shared with the Amazon Web Services EC2 to your own account. Doing so, you grant that the image you shared and copied is available until you delete it, instead of expiring after some time. To copy your image to your own account, follow the steps:

Prerequisites

  • You have access to your customized image on AWS.

Procedure

  1. From the list of Public images, select the image you want to copy.
  2. On the top of the panel, click Actions.
  3. From the dropdown menu, choose Copy AMI. A popup window appears.

  4. Choose the Destination region and click Copy AMI.

    After the copying process is complete, you are provided with the new AMI ID. You can launch a new instance in the new region.

    Note

    When you copy an image to a different region, it results in a separate and new AMI in the destination region, with a unique AMI ID.

5.6. Sharing AWS images to other regions

You can share an existing AWS image to a new region. Sharing the image configures it for the new regions to run on your AWS account. After configuring new regions, all these regions launch with the same configuration as the original AWS image.

Prerequisites

  • You created an AWS image.

Procedure

  1. From the Images table, select the image you want to share with other regions.
  2. From the Node options menu (⫶), select Share to new region. The Share to new region wizard opens.

  3. From the Select region dropdown menu, select the region to share the image.

    You can choose more than one region to share your image with.

  4. Click Share.

    Your image is built, uploaded to AWS, and shared to the regions you selected.

    Note

    The shared image expires in 14 days.

  5. To ensure that you can access the image permanently, copy the Red Hat image to your own AWS account.

5.7. Authorizing image builder to push images to Microsoft Azure Cloud

You must authorize Insights image builder to push images to the Microsoft Azure cloud. This is a one-time action. he following are high-level steps:

  • Configure Insights Images as an authorized application for your tenant GUID

  • Give the role of Contributor to at least one resource group of the authorized application .

    To authorize Image Builder as an authorized application, follow the steps:

Prerequisites

  • You have an existing Resource Group in Microsoft Azure portal.
  • You have the User Access Administrator role rights.
  • Your Microsoft Azure subscription has Microsoft.Storage and Microsoft.Compute as a resource provider.

Procedure

  1. Access Hybrid Cloud Console on a browser.
  2. Click Red Hat Insights > RHEL > Inventory > Images. The Insights image builder dashboard appears.

  3. Click Create blueprint.

    The Image output dialog wizard opens.

On the Image output page, complete the following steps:

  1. From the Release list, select the release that you want to use.

  2. From the Select target environments option, select Microsoft Azure.

    Click Next.

    1. On the Target Environment - Microsoft Azure window, to add Image Builder as an authorized application, select one of the following share method options:

  3. Use an account configured from Sources:

    1. From the Source name dropdown menu, select the source that you previously configured. See Connecting Microsoft Azure account to the Red Hat Hybrid Cloud Console.

      1. The Azure tenant GUID, the Subscription ID, and the Resource group are automatically completed, and the Authorize image builder button becomes available.

        Image builder checks if your Tenant GUID is correctly formatted and the Authorize image builder button becomes available.

  4. Manually enter the account information:

    1. Enter your Azure Tenant GUID.

      Image builder checks if your Tenant GUID is correctly formatted and the Authorize image builder button becomes available.

  5. One time action: Click Authorize image builder to authorize Image Builder to push images to the Microsoft Azure cloud.

    This redirects you to the Microsoft Azure portal.

    1. Login with your credentials.
    2. Click Accept the Permission requested. Note that, if you already went through the authentication process before, you will not see the Permission requested. It is already granted.

  6. Confirm that Image Builder is authorized for your tenant.

    1. In the search bar, search for Azure Active Directory.
    2. From the Services menu, click Microsoft Entra ID, from the left menu. The Azure Active Directory page opens.
    3. Search for Insights image builder and confirm it is authorized.
    4. In the Azure Active Directory, from the Services list, select Enterprise applications.
    5. In the Enterprise applications page, from the Manage list menu, click All applications. You can see Red Hat Image Builder is authorized in the Microsoft Azure cloud.

  7. Add the Red Hat Image Builder as a contributor to your Resource Group.

    1. In the search bar, type Resource Groups and select the first entry under Services. This redirects you to the Resource Groups dashboard.
    2. Search and select your Resource Group by name.
    3. On the lateral menu, click Access control (IAM) to add a permission to the Red Hat Image Builder application to access your resource group.
    4. From the menu, click the tab Role assignments.
    5. Click +Add.

    6. From the dropdown menu, choose Add role assignment. A menu appears on the left side.

      Select role
      Assign the Contributor role.
      Assign access to
      Select the option Assign access to user, group, and service principal.
      Members
      Click +Select members and type Red Hat in the search bar. Click enter.
      Select
      Red Hat Image Builder application.

The Red Hat Image Builder application is now authorized to push images to the Microsoft Azure cloud.

Note

The Red Hat Image Builder application can locate resources only when the account administrator adds the shared application as a contributor under the IAM section of the resource group.

Verification

  • From the menu, click the tab Role assignments.

    You can see Red Hat Image Builder set as a Contributor of the Resource Group you selected.

Additional resources

5.8. Accessing your customized RHEL system image from your Microsoft Azure account

After finishing to build and upload the image, and the cloud registration process status is marked as Ready, you can access the Azure Disk Image from your Microsoft Azure account.

Prerequisites

Procedure

  • Access your Microsoft Azure dashboard and navigate to the Resource group page.

Verification

  1. After you access your Microsoft Azure Account, you can see that the image successfully shared with the resource group account you specified.

    Note

    If the image is not visible there, you might have issues with the upload process. Return to the Insights image builder dashboard and check if the image is marked as Ready.

5.9. Creating a VM instance by using your GCP image

After the image is built, uploaded, and the cloud registration process status is Ready, you can create a Virtual Machine (VM) instance by using the GCP image.

Prerequisites

Procedure

  1. From the Insights image builder dashboard, copy the image UUID of the image that you created.
  2. Access /composes/{composeId} API endpoint.
  3. Click Try it Out to activate the composeId string path.
  4. Enter the UUID into the composes/{composeId} field in the API endpoint.

  5. Click Execute. The API endpoint generates a response in the Response body, for example: 

    {
  "image_status": {
    "status": "success",
    "upload_status": {
      "options": {
        "image_name": "composer-api-03f0e19c-0050-4c8a-a69e-88790219b086",
        "project_id": "red-hat-image-builder"
      },
      "status": "success",
      "type": "gcp"
    }
  }
}
  6. From the Response body field, copy the image_name and project_id to access the image from the Google Cloud Platform environment.

  7. From your browser, access Google Cloud Shell and set your Google Cloud Platform Project ID as the default GCP project. You can find the Product ID of your project by accessing the Google Cloud Platform dashboard. 

    $ gcloud config set project PROJECT_ID
  8. In the Authorize Cloud Shell window prompt, click Authorize to allow this and future calls that require your credentials.

  9. Create a VM instance with the image by using the gcloud command in the Google Cloud Shell: 

    $ gcloud compute instances create INSTANCE_NAME \
  --image-project PROJECT_ID_FROM_RESPONSE \
  --image IMAGE_NAME \
  --zone GCP_ZONE

    Where:

    • INSTANCE_NAME is the name for your instance;
    • PROJECT_ID_FROM_RESPONSE is the project_id generated by Response body;
    • IMAGE_NAME is the image_name generated by Response body;
    • GCP_ZONE is the GCP zone in which the instance will be created.

Verification

  1. Verify that Compute Engine created the VM: 

    $ gcloud compute instances describe INSTANCE_NAME

  2. Connect to the VM instance using SSH: 

    $ gcloud compute ssh --project=PROJECT_ID --zone=ZONE INSTANCE_NAME

Additional resources

5.10. Copying the GCE image to your project group

You can create a Virtual Machine (VM) instance using the GCE image.

Prerequisites

  • The universally unique identifier (UUID) of the image you created.
  • Access to the Image-builder service API endpoint.
  • Access to the Google Cloud Shell from your browser.

Procedure

  1. From the Images dashboard, copy the UUID image of the image you created.
  2. Access /composes/{composeId} API endpoint.
  3. Click the Try it Out button to activate the composeId string path.
  4. Enter the UUID into the composes/{composeId} field in the API endpoint.

  5. Click Execute. The API endpoint generates a response in the Response body, for example: 

    {
  "image_status": {
    "status": "success",
    "upload_status": {
      "options": {
        "image_name": "composer-api-03f0e19c-0050-4c8a-a69e-88790219b086",
        "project_id": "red-hat-image-builder"
      },
      "status": "success",
      "type": "gcp"
    }
  }
}

  6. From the Response body field, copy the image_name and project_id to access the image from the Google Cloud Platform environment. From the Response body: 

    "image_name": "composer-api-03f0e19c-0050-4c8a-a69e-88790219b086",
"project_id": "red-hat-image-builder"
  7. From your browser, access Google Cloud Shell.

  8. Set your Google Cloud Platform Project ID as the default GCP project. You can find the Product ID of your project by accessing the Google Cloud Platform dashboard. 

    $ gcloud config set project PROJECT_ID
  9. In the Authorize Cloud Shell window prompt, click Authorize to allow this and future calls that require your credentials.

  10. Copy the image to your project by using the gcloud command: 

    $ gcloud compute images create MY_IMAGE_NAME \
  --source-image-project red-hat-image-builder \
  --source-image IMAGE_NAME

    Where:

    • MY_IMAGE_NAME is the name you give to your instance;
    • red-hat-image-builder is the project_id generated by Response body;
    • IMAGE_NAME is the image_name generated by Response body;

Verification

Confirm that the image has been successfully copied to your project:

  • Using the Google Cloud Platform UI, by accessing the Compute Engine / Images section.

  • Using the gcloud tool, by running the command in Google Cloud Shell: 

    $ gcloud compute images list --no-standard-images

Additional resources

5.11. Creating a new image from an existing build

You can create a new image from an existing customized RHEL image by using Insights Images. The Insights Images re-creates the exact image, with a different UUID, which you can use to identify the image in the Hybrid Cloud Console. The new image also fetches package updates and refreshes the content with those updates. You can customize this new image to fit your requirements.

Note

You can re-create images from failed builds.

Prerequisites

  • You created an AWS image with Insights Images.

Procedure

  1. From the Images dashboard, select the image from which you want to create your customized image.

  2. Click the Node options menu (⫶) and select Re-create image. The Create image wizard opens.

    Note

    If the image status is Expired, click the Re-create image button.

    1. Optional: You can customize the new image by using the Navigation panel to open a step and making changes. Click Next.
    2. On the Review page, click Create image.

The Insights Images dashboard opens. The image build starts to re-create the image and lists the following information:

  • Image name
  • UUID
  • Cloud target environment
  • Image operating system release
  • Status of the image creation

Verification

  • From the Status column, check if the image is Ready.
  • Optional: Click Image details to display additional information about the re-created image.

5.12. Downloading the JSON compose request

If you download the .json compose request of your image, you can use the image builder API to automate your image building tasks, such as:

  • Customizing the image with extra packages
  • Customizing the partition layout
  • Embedding an activation key.

Prerequisites

  • You created an image with Insights Images.

Procedure

  1. From the Images table, select the image that you want to download as a .json compose request.

  2. Click the Node options () menu and select Download compose request (.json).

    The .json compose request is now saved to your host server. To use the image builder API, see Using hosted image builder via its API.

Red Hat logoGithubRedditYoutubeTwitter

Lernen

Testen, kaufen und verkaufen

Communitys

Über Red Hat Dokumentation

Wir helfen Red Hat Benutzern, mit unseren Produkten und Diensten innovativ zu sein und ihre Ziele zu erreichen – mit Inhalten, denen sie vertrauen können.

Mehr Inklusion in Open Source

Red Hat hat sich verpflichtet, problematische Sprache in unserem Code, unserer Dokumentation und unseren Web-Eigenschaften zu ersetzen. Weitere Einzelheiten finden Sie in Red Hat Blog.

Über Red Hat

Wir liefern gehärtete Lösungen, die es Unternehmen leichter machen, plattform- und umgebungsübergreifend zu arbeiten, vom zentralen Rechenzentrum bis zum Netzwerkrand.

© 2024 Red Hat, Inc.