# <a name="bookmark0">Modify Compute Image to Install Kubernetes</a>

## Prerequisites

*   The Cray command line interface (CLI) tool is initialized and configured on the system. See "Configure the Cray Command Line Interface (CLI)" in the _Cray Software Preview System Administration Guide_ for more information.

*   System management services (SMS) are running in a Kubernetes cluster on non-compute nodes (NCN) and include the following deployments:

    *   cray-ars<span class="s1">, the Artifact Repository Service (ARS)</span>

    *   cray-ims<span class="s1">, the Image Management Service (IMS)</span>

## About this task

### LEVEL Level 3 PaaS.

### ROLE <span class="s1">System administrator</span>

### OBJECTIVE <span class="s1">Use the Image Management Service (IMS) to modify the compute image to install the base software required for Shasta Linux Compute Kubernetes (ck8s) deployments.</span>

### LIMITATIONS <span class="s1">None.</span>

### NEW IN RELEASE <span class="s1">This entire procedure is new in this release.</span>

## Procedure

---
PREPARE TO CREATE THE IMAGE

---

[//]: # (Since we are operating in a container and not on the host, we nned to COPY-IN the raw archive)

1.  Set up the environment.

In [None]:
export myname="ck8s"
export tmpdir="ims-${myname}-image"
export image_archive_name="my_${myname}_image"

2.  Copy-in the source.

In [None]:
cd /tmp/
[ -f sles_15_image.txz ] && rm -f sles_15_image.txz
wget http://10.2.0.1:8888/shasta-cd-repo/isos/sles_15_image.txz

3.  Extract the image.

In [None]:
[ -d /tmp/my-image-root ] && rm -rf /tmp/my-image-root 
mkdir -p /tmp/my-image-root && cd /tmp
tar xf /tmp/sles_15_image.txz -C /tmp/my-image-root

3.  Convert the image to SquashFS.

In [None]:
[ -d my-image-root ] && mksquashfs my-image-root ck8s

---
UPLOAD SQUASHFS IMAGE ROOT TO ARS

---

4.  Set Cray CLI credentials in not already set

In [None]:
cray --version

In [None]:
cray init --no-auth --configuration default --overwrite --hostname "https://api-gw-service-nmn.local"

5.  Create an artifact record in ARS for the image root archive.

In [None]:
artifact_id=$(cray ars artifacts create --atype generic --name ${myname} --version 0.1 | grep artifact_id | awk '{print $3}' | sed "s/\"//g")
echo "artifact_id:${artifact_id}"

6. Create an ARS upload request using the _artifact_id_ obtained in the previous step.

In [None]:
upload_id=$(cray ars uploads create --artifact-id ${artifact_id} | grep upload_id | awk '{print $3}' | sed "s/\"//g")
echo "upload_id:${upload_id}"

7. Upload the image root archive to ARS using the _ARS_UPLOAD_ID_ returned by the upload request that was just created.

In [None]:
cray ars uploads update --artifact ${myname} ${upload_id}

8. Verify that the image root is available in ARS.

In [None]:
cray ars artifacts describe ${artifact_id}

---
REGISTER THE ARS IMAGE ROOT WITH THE IMS SERVICE

---

9. Create an IMS image record.

In [None]:
image_id=$(cray ims images create --name ${myname}_image | grep id | awk '{print $3}' | sed "s/\"//g")
echo "image_id:${image_id}"

10. Create an image artifact record using the _ARS_ARTIFACT_ID_ and _IMS_IMAGE_ID_ values.

In [None]:
cray ims image-artifacts create --name ${myname}_image_root --ars-artifact-id ${artifact_id} --ims-image-id ${image_id} --artifact-type rootfs

11. Get the IMS public key record.

In [None]:
public_key=$(cray ims public-keys list)
echo ${public_key} | grep "results = \[\]" 2>&1 >/dev/null
if [ $? -eq 0 ] ; then 
   echo "No public keys set... setting a default"
   cray ims public-keys create --name "my public key" --public-key ~/.ssh/id_rsa.pub
fi
public_key=$(cray ims public-keys list | grep id | awk '{print $3}' | sed "s/\"//g")
echo ${public_key}

12. Locate the IMS image record for the image that is being customized.

In [None]:
cray ims images list

---
SUBMIT THE KUBERNETES IMAGE CUSTOMIZATION JOB

---

In [None]:
cray ims jobs create --job-type customize \
    --image-root-archive-name ${image_archive_name} \
    --build-env-size 20 --kernel-file-name vmlinuz \
    --initrd-file-name initrd --artifact-id $image_id \
    --public-key-id $public_key  2>&1 > kubejob.out
sleep 5
kubernetes_job=$(cat kubejob.out | grep kubernetes_job | awk '{print $3}' | sed "s/\"//g")
echo "kubernetes IMS Job:${kubernetes_job}"
kubernetes_job_id=$(cat kubejob.out | grep id | head -2 | tail -1 | awk '{print $3}' | sed "s/\"//g")
echo "kubernetes IMS Job ID:${kubernetes_job_id}"

13. Use _kubectl_ and the returned _kuberentes_job_ value to describe the image customization job.

In [None]:
kubectl describe job ${kubernetes_job}

If successful, note the Kubernetes Pod name from the job description.

In [None]:
export pod=$(kubectl describe job ${kubernetes_job} | grep "Created pod: cray-ims" | awk '{print $7}' | sed "s/\"//g")
sleep 15

14. Review the container logs to obtain the __SSH__ address and port number to use to connect to the customization environment.

In [None]:
kubectl logs ${pod} -c prepare
echo $?

In [None]:
kubectl logs ${pod} -c buildenv
echo $?

In [None]:
kubectl logs ${pod} -c buildenv-sidecar
echo $?

In [None]:
kubectl logs ${pod} -c buildenv-sidecar 2>&1 > pod.log
port=$(grep port pod.log | cut -d":" -f2 | cut -d',' -f1)
echo ${port}
connection_ident="ssh -p ${port} root@mgmt-plane-nmn.local"
echo ${connection_ident}

15. SSH to the container to access the debug shell.

For passwordless SSH to work, ensure that the correct public/private key pair is used. The private key will need to match the public key that was previously uploaded to the IMS service and specified in the IMS Job.

* Actions taken
  1. Update the images hosts file __/etc/hosts__
  1. Add Shasta repositories
  1. List known repositories
  1. Refresh the repositories and install all relevant packages
  1. Install the Kubernetes RPMs
  1. Download the Kubernetes files to a new directory.

In [None]:
ssh -p ${port} root@mgmt-plane-nmn.local << EOF
cd /mnt/image/
chroot image-root/
# update the images /etc/host file
echo "10.2.100.50        api-gw-service-nmn.local" >> /etc/hosts
# Add new Shasta repositories.
zypper addrepo http://api-gw-service-nmn.local/repositories/sle15-Module-Basesystem  SLES15_Module_Basesystem
zypper addrepo http://api-gw-service-nmn.local/repositories/sle15-Product-SLES SLES15_Product_SLES
zypper addrepo --gpgcheck-allow-unsigned http://api-gw-service-nmn.local/repositories/cray-sle15 DST_built_rpms
zypper addrepo http://api-gw-service-nmn.local/repositories/sle15-Module-Server-Applications SLES15_Module_Server_Applications
zypper refresh
zypper lr
zypper --no-gpg-checks install -y --allow-downgrade \
squashfs xfsprogs sudo socat wget \
python-devel \
libffi-devel \
python2-appdirs \
python2-packaging \
python2-pyparsing \
python2-setuptools \
python2-six \
python2-pip \
python2-MarkupSafe \
python2-urllib3 \
python2-chardet \
python2-idna \
python2-certifi \
python2-requests \
python2-pycparser \
python2-asn1crypto \
python2-cffi \
python2-bcrypt \
python2-ipaddress \
python2-enum34 \
python2-cryptography \
python2-Jinja2 \
python2-asn1crypto \
python2-PyNaCl \
python2-paramiko \
python2-pycparser

easy_install --allow-hosts=10.2.0.1:8888 http://10.2.0.1:8888/blob/shasta-cd-repo/bloblets/shasta-general/ck8s-artifacts/pip/sle15/ansible-2.7.9.tar.gz
easy_install --allow-hosts=10.2.0.1:8888 http://10.2.0.1:8888/blob/shasta-cd-repo/bloblets/shasta-general/ck8s-artifacts/pip/sle15/netaddr-0.7.19.tar.gz

zypper --non-interactive --no-gpg-checks install \
http://10.2.0.1:8888/shasta-cd-repo/bloblets/shasta-general/rpms/cray-sles15-cn/x86_64/singularity-3.2.1-627.gfae33077e.x86_64.rpm \
http://10.2.0.1:8888/shasta-cd-repo/bloblets/os/rpms/sles/15/SLE-Module-Basesystem/x86_64/squashfs-4.3-1.29.x86_64.rpm \
http://10.2.0.1:8888/shasta-cd-repo/bloblets/shasta-general/rpms/cray-sles15-cn/x86_64/docker-cray-addons-18.08-1.x86_64.rpm \
http://10.2.0.1:8888/shasta-cd-repo/bloblets/shasta-general/rpms/cray-sles15-cn/x86_64/docker-ce-18.09-2.el7.x86_64.rpm \
http://10.2.0.1:8888/shasta-cd-repo/bloblets/shasta-general/rpms/cray-sles15-cn/noarch/shasta-kubespray-1.13-4.noarch.rpm

mkdir /tmp/releases
wget -O /tmp/releases/hyperkube http://10.2.0.1:8888/blob/shasta-cd-repo/ck8s-artifacts/binaries/hyperkube
wget -O /tmp/releases/kubeadm http://10.2.0.1:8888/blob/shasta-cd-repo/ck8s-artifacts/binaries/kubeadm
exit
touch /mnt/image/complete
sleep 2
exit
EOF

16. Wait for the image building process to terminate.

In [None]:
kubectl logs -f $pod -c buildenv-sidecar
cray ims jobs list
cray ims jobs describe ${kubernetes_job_id}
cray ims image-artifacts list | grep -n5 ${image_archive_name}
if [ $? -eq 0 ]; then
   # Found the image, so we can delete the job
   cray ims jobs delete ${kubernetes_job_id}
fi
cray ims image-artifacts list

17. Look up the ID of the newly created image.

In [None]:
cray ims jobs list
cray ims jobs describe ${kubernetes_job_id}

18. Look up the newly created IMS image record using the _IMS_RESULTANT_IMAGE_ID_ value.

In [None]:
ims_resultant_image_id=$(cray ims jobs describe ${kubernetes_job_id} | grep resultant_image_id | awk '{print $3}' | sed "s/\"//g")
echo "IMS resulatant Image ID:${ims_resultant_image_id}"
cray ims images describe ${ims_resultant_image_id}

19. Look up the newly created IMS image artifact records.

In [None]:
cray ims image-artifacts list

20. Clean up the image customization environment.

In [None]:
cray ims image-artifacts list | grep -n5 ${image_archive_name}
if [ $? -eq 0 ]; then
   # Found the image, so we can delete the job
   cray ims jobs delete ${kubernetes_job_id}
fi
cray ims image-artifacts list