Build the Custom RHCOS Image

Step 1: Identify the Base RHCOS Image

First, you need to determine the exact base RHCOS image used by your cluster. This ensures your custom image is built on the correct foundation.

  1. Execute the following command to get the image reference:

    oc adm release info --image-for rhel-coreos
    Example Output:
    quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:cbe2965ad3a408286fe06e4a7a58e006621f33847c17f8e8ff84504dbeebe666

    Take note of the full image URL with the SHA256 digest. You will use this as the FROM image in your Dockerfile.

Step 2: Build the Custom RHCOS Image on a RHEL Host

Next, prepare a build environment on your RHEL host to create the layered image.

1. Prepare the Build Directory and RPMs

Create a working directory and download the necessary RPM packages and their dependencies. We need rsyslog for logging, plymouth to help write logs to /var/log/boot.log during startup, and other required libraries.

  1. Create a working directory and download the RPMs.

    mkdir -p ~/rhcos-build

cd ~/rhcos-build

dnf download --resolve --destdir=. rsyslog libestr libfastjson logrotate plymouth plymouth-core-libs plymouth-scripts

2. Create the Dockerfile

Create a Dockerfile (or Containerfile) to define the build process for your custom image. This file will start from the base RHCOS image, copy the downloaded RPMs, install them, and then commit the changes to the OS layer.

  1. Define the base image using the output from Step 1 and create the Dockerfile.

    RHCOS_IMAGE=$(oc adm release info --image-for rhel-coreos)

tee ~/rhcos-build/rhcos.dockerfile << EOF
FROM ${RHCOS_IMAGE}

# Install the RPMs using dnf and commit the layer to ostree
RUN --mount=type=bind,source=./,target=/wzh/ \
      cd /wzh && \
      dnf install --nobest -y ./*.x86_64.rpm && \
      dnf clean all && \
      ostree container commit

EOF

3. Build and Push the Image

Now, build the image using podman and push it to your container registry. Make sure you are logged into your registry and have your pull secret available.

  1. Define your custom image tag, then build and push the image.

    # an example of custom image:
# CUSTOM_IMAGE="quay.io/wangzheng422/qimgs:rhcos-4.18-rsyslog-$(date +%Y.%m.%d)-v01"
CUSTOM_IMAGE="<your custom image tag>"

  2. Then build and push the image.

    podman build --security-opt label=disable \
--authfile ~/pull-secret.json \
-t ${CUSTOM_IMAGE} \
-f ~/rhcos-build/rhcos.dockerfile \
~/rhcos-build

# login to your registry
# an example of login command
# podman login quay.io -u <your username> -p <your password>

podman push ${CUSTOM_IMAGE}