Jump to contentJump to page navigation: previous page [access key p]/next page [access key n]
SUSE Edge Documentation / How-To Guides / Building Updated SUSE Linux Micro Images with Kiwi

25 Building Updated SUSE Linux Micro Images with Kiwi

 

This section explains how to generate updated SUSE Linux Micro images to be used with Edge Image Builder, with Cluster API (CAPI) + Metal^3, or to write the disk image directly to a block device. This process is useful in situations where the latest patches are required to be included in the initial system boot images (to minimise patch transfer post-installation), or for scenarios where CAPI is used, where it’s preferred to reinstall the operating system with a new image rather than upgrading the hosts in place.

This process makes use of Kiwi to run the image build. SUSE Edge ships with a containerized version that simplifies the overall process with a helper utility baked in, allowing to specify the target profile required. The profile defines the type of output image that is required, with the common ones listed below:

  • "Base" - A SUSE Linux Micro disk image with a reduced package set (it includes podman).

  • "Base-SelfInstall" - A SelfInstall image based on the "Base" above.

  • "Base-RT" - Same as "Base" above but using a real-time (rt) kernel instead.

  • "Base-RT-SelfInstall" - A SelfInstall image based on the "Base-RT" above

  • "Default" - A SUSE Linux Micro disk image based on the "Base" above but with a few more tools, including the virtualization stack, Cockpit and salt-minion.

  • "Default-SelfInstall" - A SelfInstall image based on the "Default" above

See SUSE Linux Micro 6.0 documentation for more details.

This process works for both x86_64 and aarch64 architectures, although not all image profiles are available for both architectures, e.g. in SUSE Edge 3.2, where SUSE Linux Micro 6.0 is used, a profile with a real-time kernel (i.e. "Base-RT" or "Base-RT-SelfInstall") is not currently available for aarch64.

Note
Note

It is required to use a build host with the same architecture of the images being built. In other words, to build an aarch64 image, it is required to use an aarch64 build host, and vice-versa for x86_64 - cross-builds are not supported at this time.

25.1 Prerequisites

 

Kiwi image builder requires the following:

  • A SUSE Linux Micro 6.0 host ("build system") with the same architecture of the image being built.

  • The build system needs to be already registered via SUSEConnect (the registration is used to pull the latest packages from the SUSE repositories)

  • An internet connection that can be used to pull the required packages. If connected via proxy, the build host needs to be pre-configured.

  • SELinux needs to be disabled on the build host (as SELinux labelling takes place in the container and it can conflict with the host policy)

  • At least 10GB free disk space to accommodate the container image, the build root, and the resulting output image(s)

25.2 Getting Started

 

Due to certain limitations, it is currently required to disable SELinux. Connect to the SUSE Linux Micro 6.0 image build host and ensure SELinux is disabled:

# setenforce 0

Create an output directory to be shared with the Kiwi build container to save the resulting images:

# mkdir ~/output

Pull the latest Kiwi builder image from the SUSE Registry:

# podman pull registry.suse.com/edge/3.2/kiwi-builder:10.1.16.0
(...)

25.3 Building the Default Image

 

This is the default behavior of the Kiwi image container if no arguments are provided during the container image run. The following command runs podman with two directories mapped to the container:

  • The /etc/zypp/repos.d SUSE Linux Micro package repository directory from the underlying host.

  • The output ~/output directory created above.

The Kiwi image container requires to run the build-image helper script as:

# podman run --privileged -v /etc/zypp/repos.d:/micro-sdk/repos/ -v ~/output:/tmp/output \
    -it registry.suse.com/edge/3.2/kiwi-builder:10.1.16.0 build-image
(...)
Note
Note

It’s expected that if you’re running this script for the first time that it will fail shortly after starting with "ERROR: Early loop device test failed, please retry the container run.", this is a symptom of loop devices being created on the underlying host system that are not immediately visible inside of the container image. Simply re-run the command again and it should proceed without issue.

After a few minutes the images can be found in the local output directory:

(...)
INFO: Image build successful, generated images are available in the 'output' directory.

# ls -1 output/
SLE-Micro.x86_64-6.0.changes
SLE-Micro.x86_64-6.0.packages
SLE-Micro.x86_64-6.0.raw
SLE-Micro.x86_64-6.0.verified
build
kiwi.result
kiwi.result.json

25.4 Building images with other profiles

 

In order to build different image profiles, the "-p" command option in the Kiwi container image helper script is used. For example, to build the "Default-SelfInstall" ISO image:

# podman run --privileged -v /etc/zypp/repos.d:/micro-sdk/repos/ -v ~/output:/tmp/output \
    -it registry.suse.com/edge/3.2/kiwi-builder:10.1.16.0 build-image -p Default-SelfInstall
(...)
Note
Note

To avoid data loss, Kiwi will refuse to run if there are images in the output directory. It is required to remove the contents of the output directory before proceeding with rm -f output/*.

Alternatively, to build a SelfInstall ISO image with the RealTime kernel ("kernel-rt"):

# podman run --privileged -v /etc/zypp/repos.d:/micro-sdk/repos/ -v ~/output:/tmp/output \
    -it registry.suse.com/edge/3.2/kiwi-builder:10.1.16.0 build-image -p Base-RT-SelfInstall
(...)

25.5 Building images with large sector sizes

 

Some hardware requires an image with a large sector size, i.e. 4096 bytes rather than the standard 512 bytes. The containerized Kiwi builder supports the ability to generate images with large block size by specifying the "-b" parameter. For example, to build a "Default-SelfInstall" image with a large sector size:

# podman run --privileged -v /etc/zypp/repos.d:/micro-sdk/repos/ -v ~/output:/tmp/output \
    -it registry.suse.com/edge/3.2/kiwi-builder:10.1.16.0 build-image -p Default-SelfInstall -b
(...)

25.6 Using a custom Kiwi image definition file

 

For advanced use-cases a custom Kiwi image definition file (SL-Micro.kiwi) can be used along with any necessary post-build scripts. This requires overriding the default definitions pre-packaged by the SUSE Edge team.

Create a new directory and map it into the container image where the helper script is looking (/micro-sdk/defs):

# mkdir ~/mydefs/
# cp /path/to/SL-Micro.kiwi ~/mydefs/
# cp /path/to/config.sh ~/mydefs/
# podman run --privileged -v /etc/zypp/repos.d:/micro-sdk/repos/ -v ~/output:/tmp/output -v ~/mydefs/:/micro-sdk/defs/ \
    -it registry.suse.com/edge/3.2/kiwi-builder:10.1.16.0 build-image
(...)
Warning
Warning

This is only required for advanced use-cases and may cause supportability issues. Please contact your SUSE representative for further advice and guidance.

To get the default Kiwi image definition files included in the container, the following commands can be used:

$ podman create --name kiwi-builder registry.suse.com/edge/3.2/kiwi-builder:10.1.16.0
$ podman cp kiwi-builder:/micro-sdk/defs/SL-Micro.kiwi .
$ podman cp kiwi-builder:/micro-sdk/defs/SL-Micro.kiwi.4096 .
$ podman rm kiwi-builder
$ ls ./SL-Micro.*
(...)