test notes for ch4

RedHatQuickCourses · Oct 9, 2024 · c8df9ef · c8df9ef
1 parent 6136bb2
commit c8df9ef
Show file tree

Hide file tree

Showing 2 changed files with 336 additions and 3 deletions.
diff --git a/modules/ch4-update/pages/s2-deltas-lab.adoc b/modules/ch4-update/pages/s2-deltas-lab.adoc
@@ -0,0 +1,336 @@
+:time_estimate: 11
+
+= Lab: Create And Publish Edge Image Updates
+
+_Estimated reading time: *{time_estimate} minutes*._
+
+Objective::
+
+Build RHEL for Edge image updates and publish them as OSTree deltas.
+
+WARNING: Work in Progress
+
+== Before you Begin
+
+You need a _development machine_ with RHEL and configured with the Image Builder service, its CLI and web UI, and a user that is member of the `weldr` group. Make sure your development machine was configured and verified by following the instructions from the xref:ch1-build:s4-install-lab.adoc[first lab].
+
+You also need a _web server machine_ which serves an OSTree repository. Make sure that machine was configured and verified by following the instructions from xref:ch2-publish:s2-ostree-lab.adoc[a previous lab].
+
+Finally, you need the _test VM_ that you created and published in xref:ch2-publish:s2-boot-lab.adoc[another lab].
+
+These instructions were tested on RHEL 9.4 [tentative!] but should work with minimal or no change on and newer and older RHEL 9.x releases.
+
+If you are using the course classroom, you will log in on the `workstation` VM as the user `student` with password `student`, and you start SSH sessions to the `servera` VM from the same user. In this case, the `workstation` VM is your _development machine_, and the `servera` VM is your _web server_ machine. If not, please adapt the instructions to your test environment. 
+
+[ REVIEW NEXT PARA ]
+
+You will some steps in this lab on your _development machine_ and some steps on the _web server_ machine.
+
+[ Make one lab perform an update without a delta, and the other with a delta? ]
+
+== Instructions
+
+1. On your _development machine_, verify that you have the prerequisites from previous labs.
+
+.. Verify that the Image Builder service is active and that the current Linux user can submit requests to it.
++
+[source,subs="verbatim,quotes"]
+--
+$ *composer-cli status show*
+API server status:
+    Database version:   0
+    Database supported: true
+    Schema version:     0
+    API version:        1
+    Backend:            osbuild-composer
+    Build:              NEVRA:osbuild-composer-76-2.el9_2.x86_64
+...
+--
+
+.. Check that a remote client can access the OSTree repository in the web server machine.
++
+[source,subs="verbatim,quotes"]
+--
+$ *curl http://servera.lab.example.com/repo/config*
+[core]
+repo_version=1
+mode=archive-z2
+--
+
+.. Check that you can get the current commit ID the OSTree branch with the httpd edge system image that you created in xref:ch2-publish:s3-ostree-lab.adoc[a previous lab]. Your will get a different ID:
++
+[source,subs="verbatim,quotes"]
+--
+$ *curl http://servera.lab.example.com/repo/refs/heads/rhel/9/x86_64/edge*
+4afeda6a96ec8b2c263b6965a9c3f92db1db2436ae1e1233da70b7776fc6137b
+--
++
+Pay attention to the final path element of the URL, which should be "edge".
+
+.. Check that you can manage local VMs, and there's a VM left from the xref:s2-boot-lab:[previous lab] named `edge-test-1`.
++
+[source,subs="verbatim,quotes"]
+--
+$ *virsh list --all*
+ Id   Name          State
+---------------------------
+ 1    edge-test-1   shut-off
+ 2    edge-db-1     shut-off
+---
++
+It's fine the existing VM displays an status of "running" instead of "shut off".
+
+2. Make changes to the edge image blueprint to add a custom welcome page to the Apache Web Server.
+
+.. Open the `rhel9-httpd.toml` file which you created in a xref:ch1-build-blueprint-lab.adoc[previous lab], with any text editor.
+
+.. Increment the version number, in tbe beginning of the TOML file, and add a `customizations.file` section with an inline HTML page, to the end of the TOML file.
++
+[ didn't work, switch to adding the cockpit package ]
++
+[source,subs="verbatim,quotes"]
+--
+name = "rhel9-edge"
+description = "blueprint-rhel9-edge"
+version = "0.0.2"
+...
+[[customizations.files]]
+path = "/var/www/html/index.html"
+mode = "0644"
+user = "root"
+group = "root"
+data = """
+<html>
+<body>
+<h1>I am an Edge Device!</h1>
+</body>
+</html>
+"""--
+
+.. Push the updated blueprint.
++
+[source,subs="verbatim,quotes"]
+--
+$ *composer-cli push blueprints rhde-build-samples/blueprints/rhel9-httpd-v2.toml*
+--
+
+.. Verify that the blueprint in the Image Builder service contains your changes.
++
+[source,subs="verbatim,quotes"]
+--
+$ *composer-cli blueprints list*
+mysql-installer
+rhel9-edge
+rhel9-mysql
+$ *composer-cli blueprints show rhel9-edge*
+name = "rhel9-edge"
+description = "blueprint-rhel9-edge"
+version = "0.0.2"
+...
+--
+
+3. Still on your _development machine_, build an edge commit image from your changed blueprint.
+
+.. Start a compose for an edge commit image and copy its UUID to a shell variable.
++
+[ do I need a parent? looks like I have to reference the external repo ]
++
+[source,subs="verbatim,quotes"]
+--
+$ *composer-cli compose start-ostree rhel9-edge edge-commit --url http://servera.lab.example.com/repo --ref rhel/9/x86_64/edge*
+Compose fb5ef664-1def-4589-919d-1a0681f86371 added to the queue
+$ *UUID=fb5ef664-1def-4589-919d-1a0681f86371*
+--
+
+.. Wait until the compose finishes. To avoid clutter from previous labs, this time we filter the list of composes.
++
+[ try a better filter with jq. why can't I ask just the status of a given compose? :-() ]
++
+[source,subs="verbatim,quotes"]
+--
+$ *composer-cli compose list running*
+ID                                     Status    Blueprint    Version   Type
+fb5ef664-1def-4589-919d-1a0681f86371   RUNNING   rhel9-edge   0.0.2     edge-commit
+$ *composer-cli compose list running*
+ID   Status   Blueprint   Version   Type
+$ *composer-cli compose list finished*
+ID                                     Status     Blueprint     Version   Type
+...
+fb5ef664-1def-4589-919d-1a0681f86371   FINISHED   rhel9-edge    0.0.2     edge-commit
+--
+
+.. Download the edge commit image and copy it to your _web sever machine_.
++
+[source,subs="verbatim,quotes"]
+--
+$ *composer-cli compose image $UUID*
+fb5ef664-1def-4589-919d-1a0681f86371-commit.tar
+$ *scp $UUID-commit.tar servera:~*
+...
+--
+
+4. On your _web server machine_, copy the new edge image to the OSTree repository.
+
+.. Copy the shell variable with the UUID of the new edge commit image and check that it exists on your home folder.
++
+[source,subs="verbatim,quotes"]
+--
+$ *UUID=fb5ef664-1def-4589-919d-1a0681f86371*
+$ *ls $UUID-commit.tar*
+fb5ef664-1def-4589-919d-1a0681f86371-commit.tar
+--
+
+.. Extract the edge commit image and pull it into the OSTree repository.
++
+[source,subs="verbatim,quotes"]
+--
+$ *mkdir delete-me*
+$ *tar xf $UUID-commit.tar -C delete-me/*
+$ *sudo ostree pull-local --repo=/var/www/html/repo delete-me/repo*
+506 metadata, 1893 content objects imported; 0 bytes content written
+--
+
+.. Verify that the OSTree repo contains the same branch than your new edge commit image. The OSTree repo should contain additional branches.
++
+[source,subs="verbatim,quotes"]
+--
+$ *ostree refs --repo=delete-me/repo*
+rhel/9/x86_64/edge
+$ *ostree refs --repo=/var/www/html/repo*
+rhel/9/x86_64/edge
+rhel/9/x86_64/db
+--
+
+.. Verify that the OSTree repo contains the same commit than your new edge commit image.
++
+[ looks like my pull overwrote everything in the branch with the new commit and discarded the old one :-( ]
++
+[ do I fix this at build time or at pull time? looks like at build time ]
++
+[ parent must be 4afeda6a96ec8b2c263b6965a9c3f92db1db2436ae1e1233da70b7776fc6137b for consistency with previous labs ]
++
+[source,subs="verbatim,quotes"]
+--
+$ *ostree log rhel/9/x86_64/edge --repo=delete-me/repo*
+commit 4caef3752842366bbeab77b57b79854c6cb7bf4f2b62e82190cfba5d1cc3c12b
+Parent:  7ff678881e89e96c90eb083b905dce411740caf19c524481d7c1b848647b5746
+ContentChecksum:  94e275f4f9c9a9f68426ed9421845a48065467aea8bfcb57d826ed43fa50a253
+Date:  2024-10-09 22:43:27 +0000
+Version: 9.2
+(no subject)
+
+<< History beyond this commit not fetched >>
+$ *ostree log rhel/9/x86_64/edge --repo=/var/www/html/repo*
+commit 4caef3752842366bbeab77b57b79854c6cb7bf4f2b62e82190cfba5d1cc3c12b
+Parent:  7ff678881e89e96c90eb083b905dce411740caf19c524481d7c1b848647b5746
+ContentChecksum:  94e275f4f9c9a9f68426ed9421845a48065467aea8bfcb57d826ed43fa50a253
+Date:  2024-10-09 22:43:27 +0000
+Version: 9.2
+(no subject)
+
+commit 7ff678881e89e96c90eb083b905dce411740caf19c524481d7c1b848647b5746
+ContentChecksum:  f938c449602ad38c31a74bd35f0e438beb833e8ca592c07c87ef90a56f659586
+Date:  2024-10-09 20:25:03 +0000
+Version: 9.2
+(no subject)
+
+--
+
+5. Now how do I get and apply the update to the test VM?
+
+
++
+[source,subs="verbatim,quotes"]
+--
+[core@edge ~]$  rpm-ostree status
+State: idle
+Deployments:
+● edge:rhel/9/x86_64/edge
+                  Version: 9.2 (2024-10-09T20:25:03Z)
+                   Commit: 7ff678881e89e96c90eb083b905dce411740caf19c524481d7c1b848647b5746
+[core@edge ~]$ sudo rpm-ostree upgrade --check
+2 metadata, 0 content objects fetched; 18 KiB transferred in 0 seconds; 0 bytes content written
+Note: --check and --preview may be unreliable.  See https://github.com/coreos/rpm-ostree/issues/1579
+AvailableUpdate:
+        Version: 9.2 (2024-10-09T22:43:27Z)
+         Commit: 4caef3752842366bbeab77b57b79854c6cb7bf4f2b62e82190cfba5d1cc3c12b
+           Diff: 46 added
+[core@edge ~]$ sudo rpm-ostree upgrade
+[ 9130.645481] SELinux:  Context system_u:object_r:cockpit_ws_exec_t:s0 is not valid (left unmapped).
+[ 9130.658824] SELinux:  Context system_u:object_r:cockpit_session_exec_t:s0 is not valid (left unmapped).
+[ 9131.532015] SELinux:  Context system_u:object_r:cockpit_unit_file_t:s0 is not valid (left unmapped).
+⠴ Receiving objects; 66% (1605/2400) 58.1 MB/s 116.3 MB                         507 metadata, 1893 content objects fetched; 118645 KiB transferred in 3 seconds; 187.9 MB content written
+Receiving objects; 66% (1605/2400) 58.1 MB/s 116.3 MB... done
+Staging deployment... done
+Added:
+  adobe-source-code-pro-fonts-2.030.1.050-12.el9.1.noarch
+  cockpit-286.1-1.el9.x86_64
+...
+Run "systemctl reboot" to start a reboot
+$ systemctl reboot
+...
+boot messages
+...
+new login
+...
+[core@edge ~]$ rpm-ostree status
+State: idle
+Deployments:
+● edge:rhel/9/x86_64/edge
+                  Version: 9.2 (2024-10-09T22:43:27Z)
+                   Commit: 4caef3752842366bbeab77b57b79854c6cb7bf4f2b62e82190cfba5d1cc3c12b
+
+  edge:rhel/9/x86_64/edge
+                  Version: 9.2 (2024-10-09T20:25:03Z)
+                   Commit: 7ff678881e89e96c90eb083b905dce411740caf19c524481d7c1b848647b5746
+
+[core@edge ~]$ ostree log rhel/9/x86_64/edge
+commit 4caef3752842366bbeab77b57b79854c6cb7bf4f2b62e82190cfba5d1cc3c12b
+Parent:  7ff678881e89e96c90eb083b905dce411740caf19c524481d7c1b848647b5746
+ContentChecksum:  94e275f4f9c9a9f68426ed9421845a48065467aea8bfcb57d826ed43fa50a253
+Date:  2024-10-09 22:43:27 +0000
+Version: 9.2
+(no subject)
+
+commit 7ff678881e89e96c90eb083b905dce411740caf19c524481d7c1b848647b5746
+ContentChecksum:  f938c449602ad38c31a74bd35f0e438beb833e8ca592c07c87ef90a56f659586
+Date:  2024-10-09 20:25:03 +0000
+Version: 9.2
+(no subject)
+
+[core@edge ~]$ rpm -q cockpit
+cockpit-286.1-1.el9.x86_64
+--
++
+Notice the bullet on rpm-ostree status to show which is the active deployment
+
+[ do static detlas now or later? ]
+
+[ I didn't do "ostreee summary -u"  what is its purpose? ]
+
++
+[source,subs="verbatim,quotes"]
+--
+[core@edge ~]$ ostree remote refs edge
+error: Remote refs not available; server has no summary file
+
+after [student@servera ~]$ sudo ostree summary -u --repo=/var/www/html/repo
+
+[core@edge ~]$ ostree remote refs edge
+edge:rhel/9/x86_64/edge
+--
+
+[ with the edge-db VM, you need to configure a remote before applying updates ]
+
+[ there's rpm-ostree update, to get a newer commit of the same branch, and rpm-ostree rebase, to switch to a different branch which uses a different RHEL release ]
+
+
+[ to make a lab using the edge-db VM more interesting (instead of 90%+ the same as this) could configure automatic image updates
+But then we'd miss automatic rollbacks (greenboot) which I didn't put in scope here, this course is already too long
+ https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html-single/composing_installing_and_managing_rhel_for_edge_images/index#proc_upgrading-your-rhel-8-system-to-rhel-9_managing-rhel-for-edge-images ]
+
+[ After an update, grub shows two entries (new and old deployment) show it here or in the next lab with the db VM? ]
+
+[ should I start with an empty remote ostree repo and reference it since the first build? The way it is now, the first build is different than other builds. ]
+
+[ Use --filename to not have to deal with UUIDs? ]
diff --git a/modules/ch4-update/pages/section2.adoc b/modules/ch4-update/pages/section2.adoc