构建自己的centos镜像 基于scratch

制作基础镜像：

打算sGitHub - CentOS/sig-cloud-instance-images: CentOS cloud images

未构建镜像制作基础系统tar包

GitHub - CentOS/sig-cloud-instance-build: CentOS Cloud Instance SIG: Metadata to build & release instances

[root@localhost scratch]# cat Dockerfile 
FROM scratch
ADD centos-7-x86_64-docker.tar.xz /

LABEL \
    org.label-schema.schema-version="1.0" \
    org.label-schema.name="CentOS Base Image" \
    org.label-schema.vendor="CentOS" \
    org.label-schema.license="GPLv2" \
    org.label-schema.build-date="20201113" \
    org.opencontainers.image.title="CentOS Base Image" \
    org.opencontainers.image.vendor="CentOS" \
    org.opencontainers.image.licenses="GPL-2.0-only" \
    org.opencontainers.image.created="2020-11-13 00:00:00+00:00"
RUN rm -rf /var/cache && rm -rf /tmp/*
CMD ["/bin/bash"]

centos-7-x86_64-docker.tar.xz：

 sig-cloud-instance-images/docker at CentOS-7.8.2003-x86_64 · CentOS/sig-cloud-instance-images · GitHub

[root@localhost scratch]# cat cccp.yaml 
job-id: centos-base
test-skip: true

 docker build -t  jenkins-centos7.9-2022 -f Dockerfile  .

sig-cloud-instance-build/docker at master · CentOS/sig-cloud-instance-build · GitHub

centos-7-x86_64-docker.tar.xz：制作

[root@localhost centos]# cat depen 
 libvirt-python lorax virt-install anaconda
livemedia-creator --make-tar --no-virt --iso=/root/work/base/iso/boot.iso --ks=/root/work/base/centos/sig-cloud-instance-build-master/docker/centos-7-x86_64.ks  --centos-7-x86_64-docker.tar.xz

livemedia-creator 完成后，您可以使用 Dockerfile-TEMPLATE 创建合适的 Dockerfile。 

/root/work/base/iso/boot.iso： 

curl http://mirror.centos.org/centos/7/os/x86_64/images/boot.iso -o /root/work/base/iso/boot.iso

centos-7-x86_64.ks： 

# This is a minimal CentOS kickstart designed for docker.
# It will not produce a bootable system
# To use this kickstart, run the following command
# livemedia-creator --make-tar \
#   --iso=/path/to/boot.iso  \
#   --ks=centos-7.ks \
#   --image-name=centos-root.tar.xz
#
# Once the image has been generated, it can be imported into docker
# by using: cat centos-root.tar.xz | docker import -i imagename

# Basic setup information
url --url="http://mirrors.kernel.org/centos/7/os/x86_64/"
install
keyboard us
rootpw --lock --iscrypted locked
timezone --isUtc --nontp UTC
selinux --enforcing
firewall --disabled
network --bootproto=dhcp --device=link --activate --onboot=on
shutdown
bootloader --disable
lang en_US

# Repositories to use
repo --name="CentOS" --baseurl=http://mirror.centos.org/centos/7/os/x86_64/ --cost=100
## Uncomment for rolling builds
repo --name="Updates" --baseurl=http://mirror.centos.org/centos/7/updates/x86_64/ --cost=100

# Disk setup
zerombr
clearpart --all --initlabel
part / --size 3000 --fstype ext4

# Package setup
%packages --excludedocs --instLangs=en --nocore
bind-utils
bash
yum
vim-minimal
centos-release
less
-kernel*
-*firmware
-firewalld-filesystem
-os-prober
-gettext*
-GeoIP
-bind-license
-freetype
iputils
iproute
systemd
rootfiles
-libteam
-teamd
tar
passwd
yum-utils
yum-plugin-ovl

%end

%pre
# Pre configure tasks for Docker

# Don't add the anaconda build logs to the image
# see /usr/share/anaconda/post-scripts/99-copy-logs.ks
touch /tmp/NOSAVE_LOGS
%end

%post --log=/anaconda-post.log
# Post configure tasks for Docker

# remove stuff we don't need that anaconda insists on
# kernel needs to be removed by rpm, because of grubby
rpm -e kernel

yum -y remove bind-libs bind-libs-lite dhclient dhcp-common dhcp-libs \
  dracut-network e2fsprogs e2fsprogs-libs ebtables ethtool file \
  firewalld freetype gettext gettext-libs groff-base grub2 grub2-tools \
  grubby initscripts iproute iptables kexec-tools libcroco libgomp \
  libmnl libnetfilter_conntrack libnfnetlink libselinux-python lzo \
  libunistring os-prober python-decorator python-slip python-slip-dbus \
  snappy sysvinit-tools which linux-firmware GeoIP firewalld-filesystem \
  qemu-guest-agent

yum clean all

#clean up unused directories
rm -rf /boot
rm -rf /etc/firewalld

# Lock roots account, keep roots account password-less.
passwd -l root

#LANG="en_US"
#echo "%_install_lang $LANG" > /etc/rpm/macros.image-language-conf

awk '(NF==0&&!done){print "override_install_langs=en_US.utf8\ntsflags=nodocs";done=1}{print}' \
    < /etc/yum.conf > /etc/yum.conf.new
mv /etc/yum.conf.new /etc/yum.conf
echo 'container' > /etc/yum/vars/infra


##Setup locale properly
# Commenting out, as this seems to no longer be needed
#rm -f /usr/lib/locale/locale-archive
#localedef -v -c -i en_US -f UTF-8 en_US.UTF-8

## Remove some things we don't need
rm -rf /var/cache/yum/x86_64
rm -f /tmp/ks-script*
rm -rf /etc/sysconfig/network-scripts/ifcfg-*
# do we really need a hardware database in a container?
rm -rf /etc/udev/hwdb.bin
rm -rf /usr/lib/udev/hwdb.d/*

## Systemd fixes
# no machine-id by default.
:> /etc/machine-id
# Fix /run/lock breakage since it's not tmpfs in docker
umount /run
systemd-tmpfiles --create --boot
# Make sure login works
rm /var/run/nologin


#Generate installtime file record
/bin/date +%Y%m%d_%H%M > /etc/BUILDTIME


%end

用法

从这里，您可以通过以下方式导入 docker 容器

cat centos-version-docker.tar.xz | docker import - container-name

或者你可以创建一个 Dockerfile 来直接在 docker 中构建镜像。

FROM scratch
MAINTAINER you<your@email.here> - ami_creator
ADD centos-version-docker.tar.xz

或

cat containerbuild.sh
#!/bin/bash
#--------------------------------------------------------------------
# Author: Jim Perrin
# Script: containerbuild.sh
# Desc: This script generates a rootfs tarball, and base Dockerfile
#       Run this script from the directory where the kickstarts are
#       located.
# Modified: Carl Thompson
# Update: Updated to use local boot.iso instead of downloading
# require preperation but is faster in building the image
# Requires: anaconda lorax
#--------------------------------------------------------------------
#### Basic VAR definitions
USAGE="USAGE: $(basename "$0") kickstart"
KICKSTART="$1"
KSNAME=${KICKSTART%.*}
BUILDDATE=$(date +%Y%m%d)
BUILDROOT=/var/tmp/containers/$BUILDDATE/$KSNAME
CONT_ARCH=$(uname -m)

#### Test for script requirements
# Did we get passed a kickstart
if [ "$#" -ne 1 ]; then
    echo "$USAGE"
    exit 1
fi

# Test for package requirements
PACKAGES=( anaconda-tui lorax yum-langpacks)
for Element in "${PACKAGES[@]}"
  do
    TEST=`rpm -q --whatprovides $Element`
    if [ "$?" -gt 0 ]
    then echo "RPM $Element missing"
    exit 1
    fi
done

# Is the buildroot already present
if [ -d "$BUILDROOT" ]; then
    echo "The Build root, $BUILDROOT, already exists.  Would you like to remove it? [y/N] "
    read REMOVE
    if [ "$REMOVE" == "Y" ] || [ "$REMOVE" == "y" ]
      then
      if [ ! "$BUILDROOT" == "/" ]
        then
        rm -rf $BUILDROOT
      fi
    else
      exit 1
    fi
fi

# Build the rootfs
time livemedia-creator --logfile=/tmp/"$KSNAME"-"$BUILDDATE".log \
     --no-virt --make-tar --ks "$KICKSTART" \
     --image-name="$KSNAME"-docker.tar.xz --project "CentOS 7 Docker" \
     --releasever "7"

# Put the rootfs someplace
mkdir -p $BUILDROOT/docker
mv /var/tmp/"$KSNAME"-docker.tar.xz $BUILDROOT/docker/

# Create a Dockerfile to go along with the rootfs.

BUILDDATE_RFC3339="$(date -d $BUILDDATE --rfc-3339=seconds)"
cat << EOF > $BUILDROOT/docker/Dockerfile
FROM scratch
ADD $KSNAME-docker.tar.xz /
LABEL \\
    org.label-schema.schema-version="1.0" \\
    org.label-schema.name="CentOS Base Image" \\
    org.label-schema.vendor="CentOS" \\
    org.label-schema.license="GPLv2" \\
    org.label-schema.build-date="$BUILDDATE" \\
    org.opencontainers.image.title="CentOS Base Image" \\
    org.opencontainers.image.vendor="CentOS" \\
    org.opencontainers.image.licenses="GPL-2.0-only" \\
    org.opencontainers.image.created="$BUILDDATE_RFC3339"
CMD ["/bin/bash"]
EOF

# Create cccp.yaml for testing
cat << EOF > $BUILDROOT/docker/cccp.yaml
job-id: centos-base
test-skip: true
EOF

 sudo ./containerbuild.sh centos-7.ks