10.3. 使用 Subscription Manager 运行构建
10.3.1. 将 Subscription Manager 配置添加到构建中
使用 Subscription Manager 安装内容的构建必须为订阅的存储库提供适当的配置文件和证书颁发机构。
先决条件
您必须有权访问 Subscription Manager 的配置和证书颁发机构文件。
流程
为 Subscription Manager 配置创建 ConfigMap:
$ oc create configmap rhsm-conf --from-file /path/to/rhsm/rhsm.conf
为证书颁发机构创建 ConfigMap:
$ oc create configmap rhsm-ca --from-file /path/to/rhsm/ca/redhat-uep.pem
将 Subscription Manager 配置和证书颁发机构添加到 BuildConfig 中:
source: configMaps: - configMap: name: rhsm-conf destinationDir: rhsm-conf - configMap: name: rhsm-ca destinationDir: rhsm-ca
10.3.2. 使用 Subscription Manager 执行 Docker 构建
Docker 策略构建可以使用 Subscription Manager 来安装订阅内容。
先决条件
必须添加授权密钥、Subscription Manager 配置和 Subscription Manager 证书颁发机构,作为构建输入。
流程
使用以下示例 Dockerfile 来通过 Subscription Manager 安装内容:
FROM registry.redhat.io/rhel7:latest
USER root
# Copy entitlements
COPY ./etc-pki-entitlement /etc/pki/entitlement
# Copy subscription manager configurations
COPY ./rhsm-conf /etc/rhsm
COPY ./rhsm-ca /etc/rhsm/ca
# Delete /etc/rhsm-host to use entitlements from the build container
RUN rm /etc/rhsm-host && \
# Initialize /etc/yum.repos.d/redhat.repo
# See https://access.redhat.com/solutions/1443553
yum repolist --disablerepo=* && \
subscription-manager repos --enable <enabled-repo> && \
yum -y update && \
yum -y install <rpms> && \
# Remove entitlements and Subscription Manager configs
rm -rf /etc/pki/entitlement && \
rm -rf /etc/rhsm
# OpenShift requires images to run as non-root by default
USER 1001
ENTRYPOINT ["/bin/bash"]