Chapter 4. Composing a RHEL for Edge image using image builder in RHEL web console

Use RHEL image builder to create a custom RHEL for Edge image (OSTree commit).

To access RHEL image builder and to create your custom RHEL for Edge image, you can either use the RHEL web console interface or the command-line interface.

You can compose RHEL for Edge images using RHEL image builder in RHEL web console by performing the following high-level steps:

  1. Access RHEL image builder in RHEL web console
  2. Create a blueprint for RHEL for Edge image.

  3. Create a RHEL for Edge image. You can create the following images:

    • RHEL for Edge Commit image.
    • RHEL for Edge Container image.
    • RHEL for Edge Installer image.
  4. Download the RHEL for Edge image

4.1. Accessing RHEL image builder in the RHEL web console

To access RHEL image builder in RHEL web console, ensure that you have met the following prerequisites and then follow the procedure.

Prerequisites

  • You have installed a RHEL system.
  • You have administrative rights on the system.
  • You have subscribed the RHEL system to Red Hat Subscription Manager (RHSM) or to Red Hat Satellite Server.
  • The system is powered on and accessible over network.
  • You have installed RHEL image builder on the system.

Procedure

  1. On your RHEL system, access https://localhost:9090/ in a web browser.
  2. For more information about how to remotely access RHEL image builder, see Managing systems using the RHEL 8 web console document.
  3. Log in to the web console using an administrative user account.
  4. On the web console, in the left hand menu, click Apps.

  5. Click Image Builder.

    The RHEL image builder dashboard opens in the right pane. You can now proceed to create a blueprint for the RHEL for Edge images.

4.2. Creating a blueprint for a RHEL for Edge image using image builder in the web console

To create a blueprint for a RHEL for Edge image by using RHEL image builder in RHEL web console, ensure that you have met the following prerequisites and then follow the procedure.

Prerequisites

  • On a RHEL system, you have opened the RHEL image builder dashboard.

Procedure

  1. On the RHEL image builder dashboard, click Create Blueprint.

    The Create Blueprint dialogue box opens.

  2. On the Details page:

    1. Enter the name of the blueprint and, optionally, its description. Click Next.

  3. Optional: In the Packages page:

    1. On the Available packages search, enter the package name and click the > button to move it to the Chosen packages field. Search and include as many packages as you want. Click Next.

      Note

      These customizations are all optional unless otherwise specified.

  4. On the Kernel page, enter a kernel name and the command-line arguments.
  5. On the File system page, select Use automatic partitioning. OSTree systems do not support filesystem customization, because OSTree images have their own mount rule, such as read-only. Click Next.

  6. On the Services page, you can enable or disable services:

    1. Enter the service names you want to enable or disable, separating them by a comma, by space, or by pressing the Enter key. Click Next.

  7. On the Firewall page, set up your firewall setting:

    1. Enter the Ports, and the firewall services you want to enable or disable.
    2. Click the Add zone button to manage your firewall rules for each zone independently. Click Next.

  8. On the Users page, add a users by following the steps:

    1. Click Add user.
    2. Enter a Username, a password, and a SSH key. You can also mark the user as a privileged user, by clicking the Server administrator checkbox. Click Next.

  9. On the Groups page, add groups by completing the following steps:

    1. Click the Add groups button:

      1. Enter a Group name and a Group ID. You can add more groups. Click Next.

  10. On the SSH keys page, add a key:

    1. Click the Add key button.

      1. Enter the SSH key.
      2. Enter a User. Click Next.

  11. On the Timezone page, set your timezone settings:

    1. On the Timezone field, enter the timezone you want to add to your system image. For example, add the following timezone format: "US/Eastern".

      If you do not set a timezone, the system uses Universal Time, Coordinated (UTC) as default.

    2. Enter the NTP servers. Click Next.

  12. On the Locale page, complete the following steps:

    1. On the Keyboard search field, enter the package name you want to add to your system image. For example: ["en_US.UTF-8"].
    2. On the Languages search field, enter the package name you want to add to your system image. For example: "us". Click Next.

  13. On the Others page, complete the following steps:

    1. On the Hostname field, enter the hostname you want to add to your system image. If you do not add a hostname, the operating system determines the hostname.
    2. Mandatory only for the Simplifier Installer image: On the Installation Devices field, enter a valid node for your system image. For example: dev/sda. Click Next.

  14. Mandatory only when building FIDO images: On the FIDO device onboarding page, complete the following steps:

    1. On the Manufacturing server URL field, enter the following information:

      1. On the DIUN public key insecure field, enter the insecure public key.
      2. On the DIUN public key hash field, enter the public key hash.
      3. On the DIUN public key root certs field, enter the public key root certs. Click Next.

  15. On the OpenSCAP page, complete the following steps:

    1. On the Datastream field, enter the datastream remediation instructions you want to add to your system image.
    2. On the Profile ID field, enter the profile_id security profile you want to add to your system image. Click Next.

  16. Mandatory only when building Ignition images: On the Ignition page, complete the following steps:

    1. On the Firstboot URL field, enter the package name you want to add to your system image.
    2. On the Embedded Data field, drag or upload your file. Click Next.
  17. . On the Review page, review the details about the blueprint. Click Create.

The RHEL image builder view opens, listing existing blueprints.

4.3. Creating a RHEL for Edge Commit image by using image builder in web console

You can create a “RHEL for Edge Commit” image by using RHEL image builder in RHEL web console. The “RHEL for Edge Commit (.tar)” image type contains a full operating system, but it is not directly bootable. To boot the Commit image type, you must deploy it in a running container.

Prerequisites

  • On a RHEL system, you have accessed the RHEL image builder dashboard.

Procedure

  1. On the RHEL image builder dashboard click Create Image.

  2. On the Image output page, perform the following steps:

    1. From the Select a blueprint dropdown menu, select the blueprint you want to use.
    2. From the Image output type dropdown list, select “RHEL for Edge Commit (.tar)” for network-based deployment.
    3. Click Next.

    4. On the OSTree settings page, enter:

      1. Repository URL: specify the URL to the OSTree repository of the commit to embed in the image. For example, http://10.0.2.2:8080/repo/.
      2. Parent commit: specify a previous commit, or leave it empty if you do not have a commit at this time.
      3. In the Ref textbox, specify a reference path for where your commit is going to be created. By default, the web console specifies rhel/8/$ARCH/edge. The "$ARCH" value is determined by the host machine. Click Next.

    5. On the Review page, check the customizations and click Create.

      RHEL image builder starts to create a RHEL for Edge Commit image for the blueprint that you created.

      Note

      The image creation process takes up to 20 minutes to complete.

Verification

  1. To check the RHEL for Edge Commit image creation progress:

    1. Click the Images tab.

After the image creation process is complete, you can download the resulting “RHEL for Edge Commit (.tar)” image.

Additional resources

4.4. Creating a RHEL for Edge Container image by using RHEL image builder in RHEL web console

You can create RHEL for Edge images by selecting “RHEL for Edge Container (.tar)”. The RHEL for Edge Container (.tar) image type creates an OSTree commit and embeds it into an OCI container with a web server. When the container is started, the web server serves the commit as an OSTree repository.

Follow the steps in this procedure to create a RHEL for Edge Container image using image builder in RHEL web console.

Prerequisites

  • On a RHEL system, you have accessed the RHEL image builder dashboard.
  • You have created a blueprint.

Procedure

  1. On the RHEL image builder dashboard click Create Image.
  2. On the Image output page, perform the following steps:

  3. From the Select a blueprint dropdown menu, select the blueprint you want to use.

    1. From the Image output type dropdown list, select “RHEL for Edge Container (.tar)” for network-based deployment.
    2. Click Next.

    3. On the OSTree page, enter:

      1. Repository URL: specify the URL to the OSTree repository of the commit to embed in the image. For example, http://10.0.2.2:8080/repo/. By default, the repository folder for a RHEL for Edge Container image is "/repo".

        To find the correct URL to use, access the running container and check the nginx.conf file. To find which URL to use, access the running container and check the nginx.conf file. Inside the nginx.conf file, find the root directory entry to search for the /repo/ folder information. Note that, if you do not specify a repository URL when creating a RHEL for Edge Container image (.tar) by using RHEL image builder, the default /repo/ entry is created in the nginx.conf file.

      2. Parent commit: specify a previous commit, or leave it empty if you do not have a commit at this time.
      3. In the Ref textbox, specify a reference path for where your commit is going to be created. By default, the web console specifies rhel/8/$ARCH/edge. The "$ARCH" value is determined by the host machine. Click Next.
    4. On the Review page, check the customizations. Click Save blueprint.

  4. Click Create.

    RHEL image builder starts to create a RHEL for Edge Container image for the blueprint that you created.

    Note

    The image creation process takes up to 20 minutes to complete.

Verification

  1. To check the RHEL for Edge Container image creation progress:

    1. Click the Images tab.

After the image creation process is complete, you can download the resulting “RHEL for Edge Container (.tar)” image.

Additional resources

4.5. Creating a RHEL for Edge Installer image by using image builder in RHEL web console

You can create RHEL for Edge Installer images for non-network-based deployment by selecting RHEL for Edge Installer (.iso). The RHEL for Edge Installer (.iso) image type pulls the OSTree commit repository from the running container served by the RHEL for Edge Container (.tar) and creates an installable boot ISO image with a Kickstart file that is configured to use the embedded OSTree commit.

Follow the steps in this procedure to create a RHEL for Edge image using image builder in RHEL web console.

Prerequisites

Procedure

  1. On the RHEL image builder dashboard click Create Image.

  2. On the Image output page, perform the following steps:

    1. From the Select a blueprint dropdown menu, select the blueprint you want to use.
    2. From the Image output type dropdown list, select RHEL for Edge Installer (.iso) image.
    3. Click Next.

    4. On the OSTree settings page, enter:

      1. Repository URL: specify the URL to the OSTree repository of the commit to embed in the image. For example, http://10.0.2.2:8080/repo/.
      2. In the Ref textbox, specify a reference path for where your commit is going to be created. By default, the web console specifies rhel/8/$ARCH/edge. The "$ARCH" value is determined by the host machine. Click Next.
    5. On the Review page, check the customizations. Click Save blueprint.

  3. Click Create.

    RHEL image builder starts to create a RHEL for Edge Installer image for the blueprint that you created.

    Note

    The image creation process takes up to 20 minutes to complete.

Verification

After the image creation process is complete, you can download the resulting RHEL for Edge Installer (.iso) image.

  1. To check the RHEL for Edge Installer image creation progress:

    1. Click the Images tab.

After the image creation process is complete, you can download the resulting RHEL for Edge Installer (.iso) image and boot the ISO image into a device.

Additional resources

4.6. Downloading a RHEL for Edge image

After you successfully create the RHEL for Edge image by using RHEL image builder, download the image on the local host.

Procedure

To download an image:

  1. From the More Options menu, click Download.

    The RHEL image builder tool downloads the file at your default download location.

The downloaded file consists of a .tar file with an OSTree repository for RHEL for Edge Commit and RHEL for Edge Container images, or a .iso file for RHEL for Edge Installer images, with an OSTree repository. This repository contains the commit and a json file which contains information metadata about the repository content.

4.7. Additional resources