EKS Anywhere, RHEL 9.2 OS Images for bare-metal clusters

This article is part of the EKS Anywhere series EKS Anywhere, extending the Hybrid cloud momentum | by Ambar Hassani

In this blog, we will observe the creation of RHEL 9.2 OS image for the cluster nodes in EKS Anywhere.

Incidentally, one can use an Ubuntu OR RHEL based bare-metal server to serve as an Image-builder. Generally a lot of teams prefer to double up the existing EKS Anywhere Admin server as an Image-builder too. It really does not matter whether one uses a Ubuntu or RHEL based server to create the bare metal OS images via image-builder as long as Virtualization is enabled in BIOS and the required pre-requisites are fulfilled! which is good in a way and non-constraining while building OS images for bare metal.

I will be using a bare-metal server configured with ubuntu 22.04 and Image-builder utility to create the RHEL 9.2 OS images for my EKS Anywhere bare metal cluster.

Quick video demonstration

Ensure that the following changes are done for the SSH configuration files

sudo sed -i 's/PasswordAuthentication no/PasswordAuthentication yes/PasswordAuthentication yes/g' /etc/ssh/sshd_config
sudo sed -i 's/^#PermitRootLogin prohibit-password/PermitRootLogin yes/g' /etc/ssh/sshd_config
sudo sed -i 's/^#PermitEmptyPasswords no/PermitEmptyPasswords yes/g' /etc/ssh/sshd_config
sudo /etc/init.d/ssh force-reload
sudo /etc/init.d/ssh restart

Download the image-builder utility

#
EKSA_RELEASE_VERSION=$(curl -sL https://anywhere-assets.eks.amazonaws.com/releases/eks-a/manifest.yaml | yq ".spec.latestVersion")
#
cd /tmp
BUNDLE_MANIFEST_URL=$(curl -s https://anywhere-assets.eks.amazonaws.com/releases/eks-a/manifest.yaml | yq ".spec.releases[] | select(.version==\"$EKSA_RELEASE_VERSION\").bundleManifestUrl")
IMAGEBUILDER_TARBALL_URI=$(curl -s $BUNDLE_MANIFEST_URL | yq ".spec.versionsBundles[0].eksD.imagebuilder.uri")
curl -s $IMAGEBUILDER_TARBALL_URI | tar xz ./image-builder
sudo install -m 0755 ./image-builder /usr/local/bin/image-builder   
cd -
#

We will then create a user named image-builder and render certain pre-requisites and package installations that are required for the OS build.

sudo adduser image-builder
sudo usermod -aG sudo image-builder
su image-builder
cd /home/$USER
echo "EKSA_SKIP_VALIDATE_DEPENDENCIES=true; export EKSA_SKIP_VALIDATE_DEPENDENCIES" >> ~/.profile
source .profile
sudo apt update -y
sudo apt install jq make qemu-kvm libvirt-daemon-system libvirt-clients virtinst cpu-checker libguestfs-tools libosinfo-bin unzip -y
sudo snap install yq
sudo usermod -a -G kvm $USER
sudo chmod 666 /dev/kvm
sudo chown root:kvm /dev/kvm
mkdir -p /home/$USER/.ssh
echo "HostKeyAlgorithms +ssh-rsa" >> /home/$USER/.ssh/config
echo "PubkeyAcceptedKeyTypes +ssh-rsa" >> /home/$USER/.ssh/config
sudo chmod 600 /home/$USER/.ssh/config 
python3 -m pip install --user ansible

Login to your account and download the image locally

https://developers.redhat.com/

Login with your user id and password > 
Go to Downloads >
Search for 9.2 >
Copy the URL and Checksum

Next

cd $HOME
wget "URL-OF-FILE" -O rhel-9.2-x86_64-dvd.iso

#Replace the checksum along with username and password

cat << EOF > baremetal-rhel.json
{
  "iso_url": "/home/image-builder/rhel-9.2-x86_64-dvd.iso",
  "iso_checksum": "a18bf014e2cb5b6b9cee3ea09ccfd7bc2a84e68e09487bb119a98aa0e3563ac2",
  "iso_checksum_type": "sha256",
  "rhel_username": "username",
  "rhel_password": "password"
}

Create the OS Image for RHEL 9.2

cd $HOME
rm -rf tmp eks eks-anywhere-build-tooling
export ANSIBLE_SCP_EXTRA_ARGS="'-O'"
image-builder build --os redhat --os-version 9 --hypervisor baremetal --release-channel 1-29 --baremetal-config baremetal-rhel.json --firmware efi

Final snippet of successful image build

==> qemu: Goss validate ran successfully
==> qemu:
==> qemu:
==> qemu:
==> qemu: Downloading spec file and debug info
    qemu: Downloading Goss specs from, /tmp/goss-spec.yaml and /tmp/debug-goss-spec.yaml to current dir
==> qemu: Gracefully halting virtual machine...
==> qemu: Running post-processor: compress
==> qemu (compress): Using pgzip compression with 80 cores for ./output/rhel-9-kube-v1.29.8.gz
==> qemu (compress): Archiving output/rhel-9-kube-v1.29.8/rhel-9-kube-v1.29.8 with pgzip
==> qemu (compress): Archive ./output/rhel-9-kube-v1.29.8.gz completed
==> qemu: Running post-processor: custom-post-processor (type shell-local)
==> qemu (shell-local): Running local shell script: /tmp/packer-shell3112708589
Build 'qemu' finished after 21 minutes 17 seconds.

==> Wait completed after 21 minutes 17 seconds

==> Builds finished. The artifacts of successful builds are:
--> qemu: VM files in directory: ./output/rhel-9-kube-v1.29.8
--> qemu: compressed artifacts in: ./output/rhel-9-kube-v1.29.8.gz
--> qemu: VM files in directory: ./output/rhel-9-kube-v1.29.8
make[1]: Leaving directory '/home/image-builder/eks-anywhere-build-tooling/projects/kubernetes-sigs/image-builder/image-builder/images/capi'
------------------- 2024-11-06T13:37:16.173+0000 Finished target=local-build-raw-redhat-9 duration=1283.178 seconds -------------------

make: Leaving directory '/home/image-builder/eks-anywhere-build-tooling/projects/kubernetes-sigs/image-builder'
2024/11/06 13:37:16 Image Build Successful
 Please find the output artifact at /home/image-builder/redhat-9-kube-1-29.gz
2024/11/06 13:37:16 Moving artifacts from build directory to current working directory
2024/11/06 13:37:16 Cleaning up cache build files
2024/11/06 13:37:17 Build Successful. Output artifacts located at current working directory

Hope the share is useful,

cheers,

Ambar@thecloudgarage

#iwork4dell