Leonard Cohnen 2d8fcd9bf4 monorepo
Co-authored-by: Malte Poll <mp@edgeless.systems>
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: Thomas Tendyck <tt@edgeless.systems>
Co-authored-by: Benedict Schlueter <bs@edgeless.systems>
Co-authored-by: leongross <leon.gross@rub.de>
Co-authored-by: Moritz Eckert <m1gh7ym0@gmail.com>
2022-03-22 16:09:39 +01:00
..
2022-03-22 16:09:39 +01:00

Constellation-OS Assembler

This container image uses coreos assembler as a base (quay.io/coreos-assembler/coreos-assembler) to facilitate a build environment for the Constellation-OS. The root filesystem takes its contents (OSTree) from constellation-fedora-coreos-config. The constellation specific changes are tracked in this repository: https://github.com/edgelesssys/constellation-coreos-assembler And the Constellation-OS Assembler can be pulled from ghcr.io/edgelesssys/constellation-coreos-assembler

Setup

Prerequisites: podman and qemu-kvm are installed, nested virtualization is enabled. Make sure your user is allowed read and write access on /dev/kvm. If the device is not mounted in the container try the following command, and restart the container:

sudo chmod 666 /dev/kvm

Using the Assembler to create a bootable operating system

  1. Create the assembler image as described here
  2. Source the fcos/.env file to enable the cosa bash alias:
    source fcos/.env
    
  3. Set the COORDINATOR_BINARY environment variable to a path of the compiled coordinator binary. It will be mounted in the cosa container and copied into the resulting coreos image.
    COORDINATOR_BINARY="/path/to/coordinator"
    
  4. Go into the build folder and initialize cosa:
    cd fcos/build
    cosa init https://github.com/edgelesssys/constellation-fedora-coreos-config
    cosa fetch
    
  5. Build the OS image:
    cosa build
    
  6. Create an image for a cloud provider
    cosa buildextend-gcp
    cosa buildextend-aws
    cosa buildextend-azure
    [...]
    

Using a locally checked out git repo of the coreos-config during development

Simply set the environment variable COREOS_ASSEMBLER_CONFIG_GIT to the local folder and perform the rest of the steps as usual:

COREOS_ASSEMBLER_CONFIG_GIT=/path/to/constellation-fedora-coreos-config