diff --git a/daisy_workflows/build-publish/enterprise_linux/rocky_linux_8_optimized_gcp_with_nvidia_latest.publish.json b/daisy_workflows/build-publish/enterprise_linux/rocky_linux_8_optimized_gcp_nvidia_latest.publish.json similarity index 100% rename from daisy_workflows/build-publish/enterprise_linux/rocky_linux_8_optimized_gcp_with_nvidia_latest.publish.json rename to daisy_workflows/build-publish/enterprise_linux/rocky_linux_8_optimized_gcp_nvidia_latest.publish.json diff --git a/daisy_workflows/build-publish/enterprise_linux/rocky_linux_8_optimized_gcp_with_nvidia_latest.wf.json b/daisy_workflows/build-publish/enterprise_linux/rocky_linux_8_optimized_gcp_nvidia_latest.wf.json similarity index 97% rename from daisy_workflows/build-publish/enterprise_linux/rocky_linux_8_optimized_gcp_with_nvidia_latest.wf.json rename to daisy_workflows/build-publish/enterprise_linux/rocky_linux_8_optimized_gcp_nvidia_latest.wf.json index edc17a0bf..cb3972732 100644 --- a/daisy_workflows/build-publish/enterprise_linux/rocky_linux_8_optimized_gcp_with_nvidia_latest.wf.json +++ b/daisy_workflows/build-publish/enterprise_linux/rocky_linux_8_optimized_gcp_nvidia_latest.wf.json @@ -41,7 +41,7 @@ "build": { "TimeOut": "60m", "IncludeWorkflow": { - "Path": "${workflow_root}/image_build/enterprise_linux/rocky_linux_8_optimized_gcp_with_nvidia_latest.wf.json", + "Path": "${workflow_root}/image_build/enterprise_linux/rocky_linux_8_optimized_gcp_nvidia_latest.wf.json", "Vars": { "build_date": "${build_date}", "installer_iso": "${installer_iso}" diff --git a/daisy_workflows/build-publish/enterprise_linux/rocky_linux_9_optimized_gcp_with_nvidia_550.publish.json b/daisy_workflows/build-publish/enterprise_linux/rocky_linux_9_optimized_gcp_nvidia_latest.publish.json similarity index 82% rename from daisy_workflows/build-publish/enterprise_linux/rocky_linux_9_optimized_gcp_with_nvidia_550.publish.json rename to daisy_workflows/build-publish/enterprise_linux/rocky_linux_9_optimized_gcp_nvidia_latest.publish.json index 3d1cce94c..895368d2d 100644 --- a/daisy_workflows/build-publish/enterprise_linux/rocky_linux_9_optimized_gcp_with_nvidia_550.publish.json +++ b/daisy_workflows/build-publish/enterprise_linux/rocky_linux_9_optimized_gcp_nvidia_latest.publish.json @@ -2,11 +2,11 @@ Template to publish Rocky 9 optimized for GCP/Nvidia images. By default this template is setup to publish to the 'gce-image-builder' project, the 'environment' variable can be used to publish to 'test', 'prod' - DeleteAfter is set to 180 days for all environments other than prod where no + DeleteAfter is set to 190 days for all environments other than prod where no time period is set. */}} { - "Name": "rocky-linux-9-optimized-gcp-with-nvidia-550", + "Name": "rocky-linux-9-optimized-gcp-nvidia-latest", {{$work_project := printf "%q" "gce-image-builder" -}} {{$endpoint := `"https://www.googleapis.com/compute/alpha/projects/"` -}} {{$delete_after := `"24h*30*4"` -}} @@ -33,9 +33,9 @@ {{$time := trimPrefix .publish_version "v"}} "Images": [ { - "Prefix": "rocky-linux-9-optimized-gcp-with-nvidia-550", - "Family": "rocky-linux-9-optimized-gcp-with-nvidia-550", - "Description": "Rocky Linux 9 optimized for GCP with Nvidia 550 built on {{$time}}", + "Prefix": "rocky-linux-9-optimized-gcp-nvidia-latest", + "Family": "rocky-linux-9-optimized-gcp-nvidia-latest", + "Description": "Rocky Linux 9 optimized for GCP with latest Nvidia driver built on {{$time}}", "Architecture": "X86_64", "Licenses": [ "https://www.googleapis.com/compute/v1/projects/accelerator-preview-images/global/licenses/accelerator-preview-image", diff --git a/daisy_workflows/build-publish/enterprise_linux/rocky_linux_9_optimized_gcp_with_nvidia_550.wf.json b/daisy_workflows/build-publish/enterprise_linux/rocky_linux_9_optimized_gcp_nvidia_latest.wf.json similarity index 73% rename from daisy_workflows/build-publish/enterprise_linux/rocky_linux_9_optimized_gcp_with_nvidia_550.wf.json rename to daisy_workflows/build-publish/enterprise_linux/rocky_linux_9_optimized_gcp_nvidia_latest.wf.json index a14a21479..d9799c585 100644 --- a/daisy_workflows/build-publish/enterprise_linux/rocky_linux_9_optimized_gcp_with_nvidia_550.wf.json +++ b/daisy_workflows/build-publish/enterprise_linux/rocky_linux_9_optimized_gcp_nvidia_latest.wf.json @@ -1,5 +1,5 @@ { - "Name": "rocky-linux-9-optimized-gcp-with-nvidia-550", + "Name": "rocky-linux-9-optimized-gcp-nvidia-latest", "Project": "gce-image-builder", "Zone": "us-central1-b", "GCSPath": "gs://gce-image-build-bucket/daisy/${USERNAME}", @@ -24,6 +24,10 @@ "Value": "${OUTSPATH}/export-image.sbom.json", "Description": "SBOM final export destination, copies in place by default" }, + "installer_iso": { + "Required": true, + "Description": "The Rocky Linux 9 installer ISO to build from." + }, "sbom_util_gcs_root": { "Value": "", "Description": "The root gcs bucket for sbomutil, if using sbomutil to generate the SBOM." @@ -37,22 +41,13 @@ "build": { "TimeOut": "60m", "IncludeWorkflow": { - "Path": "${workflow_root}/image_build/enterprise_linux/rocky_linux_9_optimized_gcp_with_nvidia_550.wf.json", + "Path": "${workflow_root}/image_build/enterprise_linux/rocky_linux_9_optimized_gcp_nvidia_latest.wf.json", "Vars": { - "build_date": "${build_date}" + "build_date": "${build_date}", + "installer_iso": "${installer_iso}" } } }, - "create-disk": { - "CreateDisks": [ - { - "Name": "disk-rocky-linux-9-optimized-gcp-with-nvidia-550", - "SourceImage": "rocky-linux-9-optimized-gcp-with-nvidia-550-v${build_date}", - "SizeGb": "30", - "Type": "pd-ssd" - } - ] - }, "export-image": { "Timeout": "60m", "IncludeWorkflow": { @@ -60,7 +55,7 @@ "Vars": { "destination": "${gcs_url}", "sbom_destination": "${sbom_destination}", - "source_disk": "disk-rocky-linux-9-optimized-gcp-with-nvidia-550", + "source_disk": "el-install-disk", "sbom_util_gcs_root": "${sbom_util_gcs_root}", "sha256_txt": "${sha256_txt}" } @@ -68,13 +63,12 @@ }, "cleanup-image": { "DeleteResources": { - "Images": ["rocky-linux-9-optimized-gcp-with-nvidia-550-v${build_date}"] + "Images": ["rocky-linux-9-optimized-gcp-nvidia-latest-v${build_date}"] } } }, "Dependencies": { - "create-disk": ["build"], - "export-image": ["create-disk"], + "export-image": ["build"], "cleanup-image": ["export-image"] } } diff --git a/daisy_workflows/image_build/enterprise_linux/build_rocky_linux_8_optimized_gcp_accelerated.sh b/daisy_workflows/image_build/enterprise_linux/build_rocky_linux_8_optimized_gcp_accelerated.sh deleted file mode 100644 index ef99480c1..000000000 --- a/daisy_workflows/image_build/enterprise_linux/build_rocky_linux_8_optimized_gcp_accelerated.sh +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/bash -dnf config-manager --add-repo https://developer.download.nvidia.com/compute/cuda/repos/rhel8/x86_64/cuda-rhel8.repo || echo "BuildFailure" -dnf install -y gcc make kernel-devel kernel || echo "BuildFailure" -test -f /var/tmp/kernel-upgrade-done || sh -c 'touch /var/tmp/kernel-upgrade-done && sync && reboot' -curl -L -o nvidia.run https://us.download.nvidia.com/tesla/550.90.12/NVIDIA-Linux-x86_64-550.90.12.run || echo "BuildFailure" -chmod +x ./nvidia.run || echo "BuildFailure" -# DKMS - not suitable for prod -./nvidia.run -s --kernel-source-path=/usr/src/kernels/$(uname -r)/ || echo "BuildFailure" -dnf install -y createrepo gdb-headless libtool autoconf rpm-build kernel-rpm-macros patch automake wget lsof tk gcc-gfortran tcl pciutils || echo "BuildFailure" -wget https://content.mellanox.com/ofed/MLNX_OFED-23.10-3.2.2.0/MLNX_OFED_LINUX-23.10-3.2.2.0-rhel8.9-x86_64.tgz || echo "BuildFailure" -tar xf MLNX_OFED_LINUX-23.10-3.2.2.0-rhel8.9-x86_64.tgz || echo "BuildFailure" -cd MLNX_OFED_LINUX-23.10-3.2.2.0-rhel8.9-x86_64 || echo "BuildFailure" -./mlnxofedinstall --guest --force --skip-distro-check --add-kernel-support || echo "BuildFailure" -cd .. -rm -rf MLNX_OFED_LINUX-23.10-3.2.2.0-rhel8.9-x86_64 MLNX_OFED_LINUX-23.10-3.2.2.0-rhel8.9-x86_64.tgz -echo "BuildSuccess" diff --git a/daisy_workflows/image_build/enterprise_linux/build_rocky_linux_9_optimized_gcp_accelerated.sh b/daisy_workflows/image_build/enterprise_linux/build_rocky_linux_9_optimized_gcp_accelerated.sh deleted file mode 100644 index 15815e878..000000000 --- a/daisy_workflows/image_build/enterprise_linux/build_rocky_linux_9_optimized_gcp_accelerated.sh +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/bash -dnf config-manager --add-repo https://developer.download.nvidia.com/compute/cuda/repos/rhel9/x86_64/cuda-rhel9.repo || echo "BuildFailure" -dnf install -y gcc make kernel-devel kernel || echo "BuildFailure" -test -f /var/tmp/kernel-upgrade-done || sh -c 'touch /var/tmp/kernel-upgrade-done && sync && reboot' -curl -L -o nvidia.run https://us.download.nvidia.com/tesla/550.90.12/NVIDIA-Linux-x86_64-550.90.12.run || echo "BuildFailure" -chmod +x ./nvidia.run || echo "BuildFailure" -# DKMS - not suitable for prod -./nvidia.run -s --kernel-source-path=/usr/src/kernels/$(uname -r)/ || echo "BuildFailure" -dnf install -y perl-File-Find perl-File-Copy perl-File-Compare perl-sigtrap wget lsof tk gcc-gfortran tcl pciutils || echo "BuildFailure" -wget https://content.mellanox.com/ofed/MLNX_OFED-23.10-3.2.2.0/MLNX_OFED_LINUX-23.10-3.2.2.0-rhel9.4-x86_64.tgz || echo "BuildFailure" -tar xf MLNX_OFED_LINUX-23.10-3.2.2.0-rhel9.4-x86_64.tgz || echo "BuildFailure" -cd MLNX_OFED_LINUX-23.10-3.2.2.0-rhel9.4-x86_64 || echo "BuildFailure" -./mlnxofedinstall --guest --force || echo "BuildFailure" -cd .. -rm -rf MLNX_OFED_LINUX-23.10-3.2.2.0-rhel9.4-x86_64 MLNX_OFED_LINUX-23.10-3.2.2.0-rhel9.4-x86_64.tgz -echo "BuildSuccess" diff --git a/daisy_workflows/image_build/enterprise_linux/kickstart/rocky_linux_8_optimized_gcp_accelerator.cfg b/daisy_workflows/image_build/enterprise_linux/kickstart/rocky_linux_8_optimized_gcp_accelerator.cfg index 68dedda24..bc4002c04 100644 --- a/daisy_workflows/image_build/enterprise_linux/kickstart/rocky_linux_8_optimized_gcp_accelerator.cfg +++ b/daisy_workflows/image_build/enterprise_linux/kickstart/rocky_linux_8_optimized_gcp_accelerator.cfg @@ -184,20 +184,33 @@ dnf install -y google-compute-engine google-osconfig-agent gce-disk-expand dnf install -y google-cloud-cli # Install Accelerator components: nvidia and mellanox drivers +tee -a /etc/yum.repos.d/Rocky-OpenGPU.repo << EOM +[open-gpu-kernel-modules-el8-x86_64] +name = Open gpu kernel modules (x86_64) +baseurl = https://depot.ciq.com/public/files/gce-accelerator/open-gpu-kernel-modules-el8-x86_64 +metadata_expire = 5 +priority = 50 +repo_gpgcheck = false +gpgcheck = false +enabled = true +skip_if_unavailable = true +EOM +tee -a /etc/yum.repos.d/Rocky-Mlx.repo << EOM +[nvidia-mellanox-ofed-driver-el8-x86_64] +name = Nvidia Mellanox OFED Drivers +baseurl = https://depot.ciq.com/public/files/gce-accelerator/nvidia-mellanox-ofed-driver-el8-x86_64 +metadata_expire = 5 +priority = 50 +repo_gpgcheck = false +gpgcheck = false +enabled = true +skip_if_unavailable = true +EOM + dnf config-manager --add-repo https://developer.download.nvidia.com/compute/cuda/repos/rhel8/x86_64/cuda-rhel8.repo -dnf install -y gcc make kernel-devel kernel -test -f /var/tmp/kernel-upgrade-done || sh -c 'touch /var/tmp/kernel-upgrade-done' -curl -L -o nvidia.run https://us.download.nvidia.com/tesla/550.90.12/NVIDIA-Linux-x86_64-550.90.12.run -chmod +x ./nvidia.run -# DKMS - not suitable for prod -./nvidia.run -s --kernel-source-path=/usr/src/kernels/$(uname -r)/ -dnf install -y createrepo gdb-headless libtool autoconf rpm-build kernel-rpm-macros patch automake wget lsof tk gcc-gfortran tcl pciutils -wget https://content.mellanox.com/ofed/MLNX_OFED-23.10-3.2.2.0/MLNX_OFED_LINUX-23.10-3.2.2.0-rhel8.9-x86_64.tgz -tar xf MLNX_OFED_LINUX-23.10-3.2.2.0-rhel8.9-x86_64.tgz -cd MLNX_OFED_LINUX-23.10-3.2.2.0-rhel8.9-x86_64 -./mlnxofedinstall --guest --force --skip-distro-check --add-kernel-support -cd .. -rm -rf MLNX_OFED_LINUX-23.10-3.2.2.0-rhel8.9-x86_64 MLNX_OFED_LINUX-23.10-3.2.2.0-rhel8.9-x86_64.tgz +dnf install -y open-gpu-kernel-modules-el8-x86_64 +dnf install -y nvidia-accelerated-graphics-driver +dnf install -y nvidia-mellanox-ofed-driver-el8-x86_64 # Send /root/anaconda-ks.cfg to our logs. cp /run/install/ks.cfg /tmp/anaconda-ks.cfg diff --git a/daisy_workflows/image_build/enterprise_linux/kickstart/rocky_linux_9_optimized_gcp_accelerator.cfg b/daisy_workflows/image_build/enterprise_linux/kickstart/rocky_linux_9_optimized_gcp_accelerator.cfg new file mode 100644 index 000000000..abcb71ae6 --- /dev/null +++ b/daisy_workflows/image_build/enterprise_linux/kickstart/rocky_linux_9_optimized_gcp_accelerator.cfg @@ -0,0 +1,274 @@ +# rocky-linux-9-optimized-gcp.cfg + +### Anaconda installer configuration. +# Install in text mode. +text --non-interactive +url --url="https://dl.rockylinux.org/pub/sig/9/cloud/x86_64/cloud-kernel" +repo --name=BaseOS --baseurl="https://dl.rockylinux.org/pub/rocky/9/BaseOS/x86_64/os" --excludepkgs="kernel,kernel-core" +repo --name=AppStream --baseurl="https://dl.rockylinux.org/pub/rocky/9/AppStream/x86_64/os" +repo --name=CRB --baseurl="https://dl.rockylinux.org/pub/rocky/9/CRB/x86_64/os" +poweroff + +# Network configuration +network --bootproto=dhcp --device=link + +### Installed system configuration. +firewall --enabled +services --enabled=sshd,rngd --disabled=sshd-keygen@ +skipx +timezone --utc UTC --ntpservers=metadata.google.internal +rootpw --iscrypted --lock * +firstboot --disabled +user --name=gce --lock + +### Disk configuration. +# Disk configuration is done by including a separate file with disk configuration, otherwise anaconda will try to validate that the disk exists before we configure udev rules. +%pre --interpreter=/usr/bin/bash +cp /run/install/isodir/65-gce-disk-naming.rules /etc/udev/rules.d/ +cp /run/install/isodir/google_nvme_id /usr/lib/udev/ +chmod +x /usr/lib/udev/google_nvme_id +# Wait for coldplug events from boot to settle, or we won't generate new events for the reload/trigger +udevadm settle +udevadm control --reload +udevadm trigger --settle +tee -a /tmp/disk-config << EOM +# build_installer.py will replace with the id of the install disk to avoid race conditions +bootloader --boot-drive=/dev/disk/by-id/google-el-install-disk --timeout=0 --append="net.ifnames=0 biosdevname=0 scsi_mod.use_blk_mq=Y" +# EFI partitioning, creates a GPT partitioned disk. +clearpart --drives=/dev/disk/by-id/google-el-install-disk --all +part /boot/efi --size=200 --fstype=efi --ondrive=/dev/disk/by-id/google-el-install-disk +part / --size=100 --grow --ondrive=/dev/disk/by-id/google-el-install-disk --label=root --fstype=xfs +EOM +%end +%include /tmp/disk-config + +# packages.cfg +# Contains a list of packages to be installed, or not, on all flavors. +# The %package command begins the package selection section of kickstart. +# Packages can be specified by group, or package name. @Base and @Core are +# always selected by default so they do not need to be specified. + +%packages +acpid +dhcp-client +dnf-automatic +net-tools +openssh-server +python3 +rng-tools +tar +vim +-subscription-manager +-alsa-utils +-b43-fwcutter +-dmraid +-eject +-gpm +-irqbalance +-microcode_ctl +-smartmontools +-aic94xx-firmware +-atmel-firmware +-b43-openfwwf +-bfa-firmware +-ipw2100-firmware +-ipw2200-firmware +-ivtv-firmware +-iwl100-firmware +-iwl1000-firmware +-iwl3945-firmware +-iwl4965-firmware +-iwl5000-firmware +-iwl5150-firmware +-iwl6000-firmware +-iwl6000g2a-firmware +-iwl6050-firmware +-kernel-firmware +-libertas-usb8388-firmware +-ql2100-firmware +-ql2200-firmware +-ql23xx-firmware +-ql2400-firmware +-ql2500-firmware +-rt61pci-firmware +-rt73usb-firmware +-xorg-x11-drv-ati-firmware +-zd1211-firmware +%end + +%post +tee -a /etc/yum.repos.d/google-cloud.repo << EOM +[google-compute-engine] +name=Google Compute Engine +baseurl=https://packages.cloud.google.com/yum/repos/google-compute-engine-el9-x86_64-stable +enabled=1 +gpgcheck=1 +repo_gpgcheck=0 +gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg + https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg +EOM +tee -a /etc/yum.repos.d/google-cloud.repo << EOM +[google-cloud-sdk] +name=Google Cloud SDK +baseurl=https://packages.cloud.google.com/yum/repos/cloud-sdk-el9-x86_64 +enabled=1 +gpgcheck=1 +repo_gpgcheck=0 +gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg + https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg +EOM + +# Rocky Linux Cloud Kernel repo. +tee -a /etc/yum.repos.d/Rocky-CloudKernel.repo << EOM +[cloud-kernel] +name=Rocky Linux 9 - Cloud Kernel +baseurl=https://dl.rockylinux.org/pub/sig/9/cloud/x86_64/cloud-kernel +enabled=1 +gpgcheck=1 +gpgkey=https://dl.rockylinux.org/pub/sig/9/cloud/x86_64/cloud-kernel/RPM-GPG-KEY-Rocky-SIG-Cloud +priority=-1 +EOM +tee -a /etc/yum.repos.d/Rocky-CloudKernel.repo << EOM +[cloud-kernel-source] +name=Rocky Linux 9 - Cloud Kernel Source +baseurl=https://dl.rockylinux.org/pub/sig/9/cloud/source/cloud-kernel +enabled=0 +gpgcheck=1 +gpgkey=https://dl.rockylinux.org/pub/sig/9/cloud/x86_64/cloud-kernel/RPM-GPG-KEY-Rocky-SIG-Cloud +priority=-1 +EOM +# Be sure we don't get kernels from the BaseOS repo +sed -i '/\[baseos\]/a exclude=kernel*' /etc/yum.repos.d/rocky.repo +%end +# Google Compute Engine kickstart config for Enterprise Linux 9. +%onerror +echo "Build Failed!" > /dev/ttyS0 +shutdown -h now +%end + +%post --erroronfail +set -x +exec &> /dev/ttyS0 +# Delete the dummy user account. +userdel -r gce + +# Import all RPM GPG keys. +curl -o /etc/pki/rpm-gpg/google-rpm-package-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg +curl -o /etc/pki/rpm-gpg/google-key.gpg https://packages.cloud.google.com/yum/doc/yum-key.gpg +curl -o /etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-SIG-Cloud https://dl.rockylinux.org/pub/sig/8/cloud/x86_64/cloud-kernel/RPM-GPG-KEY-Rocky-SIG-Cloud +rpm --import /etc/pki/rpm-gpg/* + +# Configure the network for GCE. +# Given that GCE users typically control the firewall at the network API level, +# we want to leave the standard Linux firewall setup enabled but all-open. +firewall-offline-cmd --set-default-zone=trusted + +cat >>/etc/dhcp/dhclient.conf <>/etc/default/instance_configs.cfg.distro << EOL +# Disable boto plugin setup. +[InstanceSetup] +set_boto_config = false +EOL + +# Install GCE guest packages. +dnf install -y google-compute-engine google-osconfig-agent gce-disk-expand +rpm -q google-compute-engine google-osconfig-agent gce-disk-expand || { echo "Build Failed!" > /dev/ttyS0; exit 1; } + +# Install the Cloud SDK package. +dnf install -y google-cloud-cli + +# Install Accelerator components: nvidia and mellanox drivers +tee -a /etc/yum.repos.d/Rocky-OpenGPU.repo << EOM +[open-gpu-kernel-modules-el9-x86_64] +name = Open gpu kernel modules (x86_64) +baseurl = https://depot.ciq.com/public/files/gce-accelerator/open-gpu-kernel-modules-el9-x86_64 +metadata_expire = 5 +priority = 50 +repo_gpgcheck = false +gpgcheck = false +enabled = true +skip_if_unavailable = true +EOM +tee -a /etc/yum.repos.d/Rocky-Mlx.repo << EOM +[nvidia-mellanox-ofed-driver-el9-x86_64] +name = Nvidia Mellanox OFED Drivers +baseurl = https://depot.ciq.com/public/files/gce-accelerator/nvidia-mellanox-ofed-driver-el9-x86_64 +metadata_expire = 5 +priority = 50 +repo_gpgcheck = false +gpgcheck = false +enabled = true +skip_if_unavailable = true +EOM + +dnf config-manager --add-repo https://developer.download.nvidia.com/compute/cuda/repos/rhel9/x86_64/cuda-rhel9.repo +dnf install -y open-gpu-kernel-modules-el9-x86_64 +dnf install -y nvidia-accelerated-graphics-driver +dnf install -y nvidia-mellanox-ofed-driver-el9-x86_64 + +# Send /root/anaconda-ks.cfg to our logs. +cp /run/install/ks.cfg /tmp/anaconda-ks.cfg + +# Remove files which shouldn't make it into the image. Its possible these files +# will not exist. +rm -f /etc/boto.cfg /etc/udev/rules.d/70-persistent-net.rules + +# Remove ens4 config from installer. +rm -f /etc/sysconfig/network-scripts/ifcfg-ens4 + +# Disable password authentication by default. +sed -i -e '/#PasswordAuthentication/s/.*/PasswordAuthentication no/' /etc/ssh/sshd_config + +# Set ServerAliveInterval and ClientAliveInterval to prevent SSH +# disconnections. The pattern match is tuned to each source config file. +# The $'...' quoting syntax tells the shell to expand escape characters. +sed -i -e $'/^\tServerAliveInterval/d' /etc/ssh/ssh_config +sed -i -e $'/^Host \\*$/a \\\tServerAliveInterval 420' /etc/ssh/ssh_config +sed -i -e '/ClientAliveInterval/s/^.*/ClientAliveInterval 420/' /etc/ssh/sshd_config + +# Disable root login via SSH by default. +sed -i -e '/#PermitRootLogin/s/.*/PermitRootLogin no/' /etc/ssh/sshd_config + +# Update all packages. +dnf -y update + +# Make changes to dnf automatic.conf +# Apply updates for security (RHEL) by default. NOTE this will not work in CentOS. +sed -i 's/upgrade_type =.*/upgrade_type = security/' /etc/dnf/automatic.conf +sed -i 's/apply_updates =.*/apply_updates = yes/' /etc/dnf/automatic.conf +# Enable the DNF automatic timer service. +systemctl enable dnf-automatic.timer + +# Cleanup this repo- we don't want to continue updating with it. +# Depending which repos are used in build, one or more of these files will not +# exist. +rm -f /etc/yum.repos.d/google-cloud-unstable.repo \ + /etc/yum.repos.d/google-cloud-staging.repo + +# Clean up the cache for smaller images. +dnf clean all +rm -fr /var/cache/dnf/* + +# Blacklist the floppy module. +echo "blacklist floppy" > /etc/modprobe.d/blacklist-floppy.conf +restorecon /etc/modprobe.d/blacklist-floppy.conf + +# Generate initramfs from latest kernel instead of the running kernel. +kver="$(ls -t /lib/modules | head -n1)" +dracut -f --kver="${kver}" + +# Fix selinux contexts on /etc/resolv.conf. +restorecon /etc/resolv.conf +%end + +# Cleanup. +%post --nochroot --log=/dev/ttyS0 +set -x +rm -Rf /mnt/sysimage/tmp/* +%end + diff --git a/daisy_workflows/image_build/enterprise_linux/rocky_linux_8_optimized_gcp_with_nvidia_latest.wf.json b/daisy_workflows/image_build/enterprise_linux/rocky_linux_8_optimized_gcp_nvidia_latest.wf.json similarity index 95% rename from daisy_workflows/image_build/enterprise_linux/rocky_linux_8_optimized_gcp_with_nvidia_latest.wf.json rename to daisy_workflows/image_build/enterprise_linux/rocky_linux_8_optimized_gcp_nvidia_latest.wf.json index ec4299b78..576149db1 100644 --- a/daisy_workflows/image_build/enterprise_linux/rocky_linux_8_optimized_gcp_with_nvidia_latest.wf.json +++ b/daisy_workflows/image_build/enterprise_linux/rocky_linux_8_optimized_gcp_nvidia_latest.wf.json @@ -1,5 +1,5 @@ { - "Name": "build-rocky-8-optimized-gcp-2204-nvidia-latest", + "Name": "build-rocky-8-optimized-gcp-nvidia-latest", "Vars": { "installer_iso": { "Required": true, diff --git a/daisy_workflows/image_build/enterprise_linux/rocky_linux_9_optimized_gcp_nvidia_latest.wf.json b/daisy_workflows/image_build/enterprise_linux/rocky_linux_9_optimized_gcp_nvidia_latest.wf.json new file mode 100644 index 000000000..dfd723c1c --- /dev/null +++ b/daisy_workflows/image_build/enterprise_linux/rocky_linux_9_optimized_gcp_nvidia_latest.wf.json @@ -0,0 +1,47 @@ +{ + "Name": "build-rocky-9-optimized-gcp-nvidia-latest", + "Vars": { + "installer_iso": { + "Required": true, + "Description": "The Rocky Linux 9 installer ISO to build from." + }, + "build_date": { + "Value": "${TIMESTAMP}", + "Description": "Build datestamp used to version the image." + }, + "publish_project": { + "Value": "${PROJECT}", + "Description": "A project to publish the resulting image to." + } + }, + "Steps": { + "build-rocky": { + "Timeout": "60m", + "IncludeWorkflow": { + "Path": "./enterprise_linux.wf.json", + "Vars": { + "el_release": "rocky-linux-9-optimized-gcp", + "kickstart_config": "./kickstart/rocky_linux_9_optimized_gcp_accelerator.cfg", + "installer_iso": "${installer_iso}" + } + } + }, + "create-image": { + "CreateImages": [ + { + "Name": "rocky-linux-9-optimized-gcp-nvidia-latest-v${build_date}", + "SourceDisk": "el-install-disk", + "Description": "Rocky Linux 9 optimized for gcp with latest Nvidia driver built on ${build_date}", + "Family": "rocky-linux-9-optimized-gcp-nvidia-latest", + "Project": "${publish_project}", + "NoCleanup": true, + "ExactName": true, + "GuestOsFeatures": [] + } + ] + } + }, + "Dependencies": { + "create-image": ["build-rocky"] + } +} diff --git a/daisy_workflows/image_build/enterprise_linux/rocky_linux_9_optimized_gcp_with_nvidia_550.wf.json b/daisy_workflows/image_build/enterprise_linux/rocky_linux_9_optimized_gcp_with_nvidia_550.wf.json deleted file mode 100644 index 122ba27a0..000000000 --- a/daisy_workflows/image_build/enterprise_linux/rocky_linux_9_optimized_gcp_with_nvidia_550.wf.json +++ /dev/null @@ -1,59 +0,0 @@ -{ - "Name": "build-rocky-9-optimized-gcp-2204-with-nvidia-550", - "Vars": { - "machine_type": { - "Value": "e2-standard-4", - "Description": "The machine type to use during build." - }, - "source_image": { - "Value": "projects/rocky-linux-cloud/global/images/family/rocky-linux-9-optimized-gcp", - "Description": "The image to use for the build" - }, - "rocky_version": { - "Value": "9" - }, - "nvidia_driver_version": { - "Value": "550", - "Description": "The nvidia driver version to install" - }, - "build_date": { - "Value": "${TIMESTAMP}", - "Description": "Build datestamp used to version the image." - }, - "publish_project": { - "Value": "${PROJECT}", - "Description": "A project to publish the resulting image to." - } - }, - "Steps": { - "build-rocky-9-optimized-gcp": { - "Timeout": "60m", - "IncludeWorkflow": { - "Path": "./rocky_accelerated.wf.json", - "Vars": { - "source_image": "${source_image}", - "rocky_version": "${rocky_version}", - "machine_type": "${machine_type}", - "nvidia_driver_version": "${nvidia_driver_version}" - } - } - }, - "create-image": { - "CreateImages": [ - { - "Name": "rocky-linux-9-optimized-gcp-with-nvidia-${nvidia_driver_version}-v${build_date}", - "SourceDisk": "rocky-optimized-gcp-accelerated-installer", - "Description": "Rocky Linux 9 optimized for gcp with Nvidia ${nvidia_driver_version} built on ${build_date}", - "Family": "rocky-linux-9-optimized-gcp-accelerated-with-nvidia-${nvidia_driver_version}", - "Project": "${publish_project}", - "NoCleanup": true, - "ExactName": true, - "GuestOsFeatures": [] - } - ] - } - }, - "Dependencies": { - "create-image": ["build-rocky-9-optimized-gcp"] - } -}