Changes

Page history
Update Installation instructions authored by Nikolai.Hartmann's avatar Nikolai.Hartmann
Show whitespace changes
Inline Side-by-side
Installation-instructions.md
View page @ 63b3344d
...@@ -28,23 +28,19 @@ git update-index --assume-unchanged /README.md ...@@ -28,23 +28,19 @@ git update-index --assume-unchanged /README.md
cd /var/local/mkosi cd /var/local/mkosi
# if not existing yet # if not existing yet
mkdir mkosi.cache mkdir mkosi.cache
# seems mkosi-10 from backports is not working
# most recent version from github works
# The following commands will install mkosi from the latest github version
# into a virtual environment inside the directory .venv
python3 -m venv .venv
source .venv/bin/activate
python3 -m pip install git+https://github.com/systemd/mkosi.git
# generate image (mkosi command available after source .venv/bin/activate) # generate image (mkosi command available after source .venv/bin/activate)
mkosi -i -t directory -o /var/lib/machines/xcache-$(date +%Y-%m-%d-%H%M) img_name=xcache-$(date +%Y-%m-%d-%H%M)
mkosi -i -t directory -o /var/lib/machines/$img_name
``` ```
# Build image (using manual `dnf --installroot`) **Alternative: Build image using manual `dnf --installroot`**
```bash ```bash
img_name=xcache-$(date +%Y-%m-%d-%H%M) img_name=xcache-$(date +%Y-%m-%d-%H%M)
build_image.sh /var/lib/machines/$img_name build_image.sh /var/lib/machines/$img_name
``` ```
**after building the image don't forget to [set the permissions for the image](#set-permissions-for-image)**
# Create xrootd user in host system # Create xrootd user in host system
We will map the xrootd user id inside the container (typically 999) to one shifted by 65536 * 10 on the host system. This is an arbitrary choice and one should check this range of user ids is not used by anything else. Problem with this: what if we create a new image and for some reason xrootd ends up being a different user - then it won't be correct anymore for this image. One solution would be to force the user id inside the container to be a fixed one during image building ... We will map the xrootd user id inside the container (typically 999) to one shifted by 65536 * 10 on the host system. This is an arbitrary choice and one should check this range of user ids is not used by anything else. Problem with this: what if we create a new image and for some reason xrootd ends up being a different user - then it won't be correct anymore for this image. One solution would be to force the user id inside the container to be a fixed one during image building ...
```bash ```bash
...@@ -57,6 +53,12 @@ useradd --no-create-home --system -u $XRD_UID_HOST xrootd ...@@ -57,6 +53,12 @@ useradd --no-create-home --system -u $XRD_UID_HOST xrootd
groupmod -g $XRD_GID_HOST xrootd groupmod -g $XRD_GID_HOST xrootd
``` ```
# Set permissions for image
To be able to mount the image read-only the permissions need to be set correctly once. This can be achieved with the following command
```
systemd-nspawn --volatile=no --private-users-chown --private-users=655360 -D /var/lib/machines/$img_name ls -la /
```
# Directories for bind mounts # Directories for bind mounts
Create directories for bind mounts and make them owned by xrootd where nescessary. Here one needs to check that the data directory is the correct path (e.g. the path where the raid system is mounted) and possibly adjust the bind mount in `/etc/systemd/nspawn/xcache.nspawn` Create directories for bind mounts and make them owned by xrootd where nescessary. Here one needs to check that the data directory is the correct path (e.g. the path where the raid system is mounted) and possibly adjust the bind mount in `/etc/systemd/nspawn/xcache.nspawn`
... ...
......