Skip to main content

Creating Azure Linux Images with Image Customizer

Goals

To deploy an operating system, Trident requires COSI files. This document describes how to create a COSI file with Image Customizer.

Prerequisites

  1. Ensure that oras is installed.
  2. Ensure Image Customizer container is accessible.

Instructions

Step 1: Download the minimal base image

Pull minimal-os as a base image from MCR by running:

mkdir -p $HOME/staging
pushd $HOME/staging
oras pull mcr.microsoft.com/azurelinux/3.0/image/minimal-os:latest --platform linux/amd64
popd

Step 2: Build Trident RPMs

Build the Trident RPMs by running:

make bin/trident-rpms.tar.gz

After running this make command, the RPMs will be built and packaged into bin/trident-rpms.tar.gz and unpacked into bin/RPMS/x86_64:

$ ls bin/RPMS/x86_64/
trident-0.3.DATESTRING-dev.COMMITHASH.azl3.x86_64.rpm
trident-install-service-0.3.DATESTRING-dev.COMMITHASH.azl3.x86_64.rpm
trident-provisioning-0.3.DATESTRING-dev.COMMITHASH.azl3.x86_64.rpm
trident-service-0.3.DATESTRING-dev.COMMITHASH.azl3.x86_64.rpm
trident-static-pcrlock-files-0.3.DATESTRING-dev.COMMITHASH.azl3.x86_64.rpm
trident-update-poll-0.3.DATESTRING-dev.COMMITHASH.azl3.x86_64.rpm

Copy RPMs to staging folder:

cp -r bin/RPMS $HOME/staging

Step 3: Define COSI Configuration

Follow the Image Customizer documentation to configure $HOME/staging/ic-config.yaml:

storage:
bootType: efi

disks:
- partitionTableType: gpt
maxSize: 4G
partitions:
- id: esp
type: esp
size: 8M

- id: rootfs
size: grow

filesystems:
- deviceId: esp
type: fat32
mountPoint:
path: /boot/efi
options: umask=0077

- deviceId: rootfs
type: ext4
mountPoint:
path: /

os:
bootloader:
resetType: hard-reset
hostname: testimage

kernelCommandLine:
extraCommandLine:
- rd.info
- log_buf_len=1M

packages:
remove:
- grub2-efi-binary

install:
# replace grub2-efi-binary with grub2-efi-binary-noprefix
- grub2-efi-binary-noprefix
- curl
- dnf
- efibootmgr
- iproute
- iptables
- lsof
- mdadm
- netplan
- openssh-server
- tpm2-tools
- trident-service
- vim
- audit

services:
enable:
- sshd
- trident

Step 4: Invoke Image Customizer

Assuming RPMs, a base image image.vhdx and Image Customizer configuration ic-config.yaml found in $HOME/staging.

Invoke Image Customizer, paying special attention to specify --output-image-format=cosi:

pushd $HOME/staging
docker run \
--rm \
--privileged=true \
-v /dev:/dev \
-v ".:/staging:z" \
mcr.microsoft.com/azurelinux/imagecustomizer:0.18.0 \
--image-file "/staging/image.vhdx" \
--config-file "/staging/ic-config.yaml" \
--rpm-source "/staging/RPMS/x86_64" \
--build-dir "/build" \
--output-image-format "cosi" \
--output-image-file "/staging/out/image.cosi"
popd