suse-edge/Factory
SHA256
14
0
Fork 15
Code Issues Pull Requests 4 Actions Packages Projects Releases Wiki Activity

Add support for uEFI aarch64 images without rpi config as default #135

Merged
roxenham merged 1 commits from roxenham/Factory:aarch64-uefi into main 2025-04-29 16:33:27 +02:00
Conversation 8 Commits 1 Files Changed 5 +191 -16
roxenham commented 2025-04-28 18:34:56 +02:00
Owner
Copy Link

Previously, the default model for aarch64 raw disk images assumes that
you're deploying on Raspberry Pi, and not standard aarch64 systems. This
meant that all raw disk images were built with RPi firmware, and an MBR
boot record, which made it incompatible with systems that require uEFI/GPT
compatibility, especially with Edge Image Builder and Metal3/CAPI deployment
usage.

This PR introduces the following changes:

  • Introduces new Default-RPi and Base-RPi profiles for compatibility with RPi users
  • Forces Base and Base-RT profiles to use GPT based images (not MBR)
  • Introduces a new Base-RT-RPi profile for kernel-rt on RPi (with MBR)
  • Removes Raspberry Pi firmware packages from anything other than RPi profiles
  • Adds a modified editbootinstall_rpi.sh script to support container builds for RPi installs
  • Adds policycoreutils-python-utils to the list of packages (for semanage)

See: https://bugzilla.suse.com/show_bug.cgi?id=1240619

Previously, the default model for aarch64 raw disk images assumes that you're deploying on Raspberry Pi, and not standard aarch64 systems. This meant that all raw disk images were built with RPi firmware, and an MBR boot record, which made it incompatible with systems that require uEFI/GPT compatibility, especially with Edge Image Builder and Metal3/CAPI deployment usage. This PR introduces the following changes: * Introduces new `Default-RPi` and `Base-RPi` profiles for compatibility with RPi users * Forces `Base` and `Base-RT` profiles to use GPT based images (not MBR) * Introduces a new `Base-RT-RPi` profile for kernel-rt on RPi (with MBR) * Removes Raspberry Pi firmware packages from anything other than RPi profiles * Adds a modified `editbootinstall_rpi.sh` script to support container builds for RPi installs * Adds `policycoreutils-python-utils` to the list of packages (for semanage) See: https://bugzilla.suse.com/show_bug.cgi?id=1240619
roxenham added 1 commit 2025-04-28 18:34:57 +02:00
Add support for uEFI aarch64 images without rpi config as default
Some checks failed
Build PR in OBS / Build PR in OBS (pull_request_target) Failing after 47m48s
Details
84784c7b24 
Previously, the default model for aarch64 raw disk images assumes that
you're deploying on Raspberry Pi, and not standard aarch64 systems. This
meant that all raw disk images were built with RPi firmware, and an MBR
boot record, which made it incompatible with systems that require uEFI/GPT
compatibility, especially with Edge Image Builder and Metal3/CAPI deployment
usage.

This PR introduces the following changes:

* Introduces a new 'rpi' profile for backwards compatibility for RPi users
* Forces `Base` and `Base-RT` profiles to use GPT based images (not MBR)
* Introduces a new 'Base-RT-Pi' profile for kernel-rt on RPi (with MBR)
* Removes Raspberry Pi firmware packages from anything other than Pi profiles
* Modifies the `editbootinstall_rpi.sh` script to support container builds

See: https://bugzilla.suse.com/show_bug.cgi?id=1240619
roxenham requested review from amorgante 2025-04-28 18:39:56 +02:00
roxenham requested review from fdegirmenci 2025-04-28 18:39:56 +02:00
roxenham requested review from nbelouin 2025-04-28 18:39:56 +02:00
roxenham requested review from steven.hardy 2025-04-28 18:39:56 +02:00
amorgante commented 2025-04-29 10:36:07 +02:00
Owner
Copy Link

Testing it in the following scenario:

  • Edge 388 (x86_64) mgmt cluster -> using the factory PR for metal3
  • ARM3 baremetal server (aarch64)
  • Capi standard workflow (without telco stuff due to the NIC issue)
  • Image provided by Rhys built with the kiwi workaround as a base-image for EIB to build the final image
Testing it in the following scenario: - Edge 388 (x86_64) mgmt cluster -> using the factory PR for metal3 - ARM3 baremetal server (aarch64) - Capi standard workflow (without telco stuff due to the NIC issue) - Image provided by Rhys built with the kiwi workaround as a base-image for EIB to build the final image
amorgante commented 2025-04-29 11:31:10 +02:00
Owner
Copy Link
suse@edge388:~$ k get bmh
NAME      STATE         CONSUMER                          ONLINE   ERROR   AGE
sv-arm3   provisioned   test-cluster-controlplane-g5ptg   true             56m

but rke2-install failed due to semanage
image.png

``` suse@edge388:~$ k get bmh NAME STATE CONSUMER ONLINE ERROR AGE sv-arm3 provisioned test-cluster-controlplane-g5ptg true 56m ``` but rke2-install failed due to semanage ![image.png](/attachments/d6d7f43c-b035-4174-9fa7-36074a9db660)
image.png
122 KiB
roxenham force-pushed aarch64-uefi from 84784c7b24 to 5252f75133 2025-04-29 12:13:19 +02:00 Compare
roxenham commented 2025-04-29 12:15:48 +02:00
Author
Owner
Copy Link

Thanks for checking @amorgante - looks like policycoreutils-python-utils isn't being pulled in by default. I've made sure that this is in the package list alongside the SELinux base pattern. I've tested this locally, but if you could re-check, I'd appreciate it!

Thanks for checking @amorgante - looks like `policycoreutils-python-utils` isn't being pulled in by default. I've made sure that this is in the package list alongside the SELinux base pattern. I've tested this locally, but if you could re-check, I'd appreciate it!
iivanov commented 2025-04-29 12:18:53 +02:00
First-time contributor
Copy Link

Could we have more consistent naming on these, like use "rpi" or "RPi" or "RaspberryPI", just "Pi" sounds unusual. Thanks!

Could we have more consistent naming on these, like use "rpi" or "RPi" or "RaspberryPI", just "Pi" sounds unusual. Thanks!
roxenham force-pushed aarch64-uefi from 5252f75133 to 59931bfd44 2025-04-29 12:29:48 +02:00 Compare
roxenham commented 2025-04-29 12:30:02 +02:00
Author
Owner
Copy Link

Done @iivanov - thanks for the good suggestion!

Done @iivanov - thanks for the good suggestion!
amorgante commented 2025-04-29 13:29:17 +02:00
Owner
Copy Link

@roxenham worked now:
image.png

@roxenham worked now: ![image.png](/attachments/aa204bb0-3857-4d89-a2db-25efafc87764)
image.png
170 KiB
roxenham force-pushed aarch64-uefi from 59931bfd44 to 27aa096244 2025-04-29 15:56:33 +02:00 Compare
amorgante approved these changes 2025-04-29 16:00:18 +02:00
amorgante left a comment
Owner
Copy Link

LGTM

LGTM
nbelouin approved these changes 2025-04-29 16:05:28 +02:00
nbelouin left a comment
Owner
Copy Link

LGTM

LGTM
roxenham merged commit a473d935f9 into main 2025-04-29 16:33:27 +02:00
roxenham deleted branch aarch64-uefi 2025-04-29 16:33:28 +02:00
Sign in to join this conversation.
Reviewers
No Reviewers
fdegirmenci
steven.hardy
amorgante
nbelouin
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
amorgante atanasdinov atrendafilov dbekhit dprodanov eminguez fdegirmenci geoagriogiannis ipetrov117 jtomasek kzhelyazkov mchiappero nbelouin roxenham steven.hardy
No Assignees
4 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: suse-edge/Factory#135
No description provided.
Delete Branch "roxenham/Factory:aarch64-uefi"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?