Failed to build a RHEL 9-based image using Image Baker in an air-gapped environment
search cancel

Failed to build a RHEL 9-based image using Image Baker in an air-gapped environment

book

Article ID: 440322

calendar_today

Updated On:

Products

VMware vSphere Kubernetes Service

Issue/Introduction

Image Baker fails in restricted environments where an HTTP proxy is required:

$ sudo -E vcf kr bake -f rhel-9.yaml --log-level DEBUG

✖  error creating ova rhel-9-amd64-v1.35.2---vmware.1-vkr.3: error creating vmdk: error creating disk image: error debootstrapping OS: error baking sysprep layer of rhel-9 image: error building final rhel state: error solving docker template: failed to solve: process "dnf install -y coreutils --allowerasing" did not complete successfully: exit code: 1

Environment

VKS 3.6.0

Cause

Proxy settings are not applied to the container during the build process, which prevents it from connecting to Red Hat sites when executing the dnf or subscription-manager commands.

Resolution

Currently, Image Baker does not implement the functionality to apply proxy settings to the container during the build process.

Workaround: Build a Docker image that configures proxy settings for dnf and subscription-manager, and then bake it.

Example of execution steps

1. Start the local registry on the Docker host by running the following command:

docker run -d -p 5000:5000 --name registry registry:2

2. Create a Dockerfile with the following content:

FROM registry.access.redhat.com/ubi9/ubi

ARG PROXY_HOST="proxy.example.com"
ARG PROXY_PORT="8080"
ARG PROXY_URL="http://${PROXY_HOST}:${PROXY_PORT}"

RUN echo "proxy=${PROXY_URL}" >> /etc/dnf/dnf.conf

RUN sed -i -e "s|^proxy_hostname =.*|proxy_hostname = ${PROXY_HOST}|" \
           -e "s|^proxy_port =.*|proxy_port = ${PROXY_PORT}|" \
           /etc/rhsm/rhsm.conf

 

Note: Replace the proxy settings with those appropriate for your environment.
Additionally, Ensure that the proxy allows connections to Red Hat sites: cdn-ubi.redhat.com, cdn.redhat.com, subscription.rhsm.redhat.com

3. Build a UBI with the proxy settings configured and push it to the local registry:

docker build -t localhost:5000/ubi-with-proxy .
docker push localhost:5000/ubi-with-proxy

4. Create a rhel-9.yaml file with the following configuration. Ensure that you specify the image created in Step 3 in the spec.osSpec.image field:

apiVersion: imageconfiguration.vmware.com/v1alpha1
kind: Image
metadata:
  # name format: {os}-{os-version}-{arch}-{kubernetes-version}---{vmware-version}
  name: rhel-9-amd64-v1.35.2---vmware.1-vkr.3
spec:
  osSpec:
    name: rhel
    version: "9"
    image: localhost:5000/ubi-with-proxy
  kubernetesSpec:
    # Reference the VKS Kubernetes distribution
    image: projects.packages.broadcom.com/vsphere/iaas/kubernetes-release/1.35.2/kubernetes-distribution-image:v1.35.2_vmware.1-vkr.3
  # Optional: Customize Node Configuration
  diskSize: 20Gi

5. Create the VKS node image by executing the following command:

sudo -E vcf kr bake -f ./rhel-9.yaml

Powered by Wolken Software