The official base Clear Linux* OS container image is published on Docker* Hub and is updated on a regular basis. This guide contains the steps to build a custom container image.

Prerequisites

  • You must perform these steps on a Clear Linux OS system because the swupd is used to manage bundles in the container.
  • You must install the containers-basic bundle on the Clear Linux OS system or Docker will not work.
  • You have a basic understanding of Docker.

Build the base container image

  1. Log in and get root privileges.

    sudo -s
    
  2. Verify Docker is installed and running.

    docker info
    

    If Docker is installed and running, the output is similar to this example:

    Containers: 0
     Running: 0
     Paused: 0
     Stopped: 0
    Images: 4
    Server Version: 17.05.0-ce
    Storage Driver: overlay
     Backing Filesystem: extfs
     Supports d_type: true
    Logging Driver: json-file
    Cgroup Driver: cgroupfs
    Plugins:
     Volume: local
     Network: bridge host macvlan null overlay
    Swarm: inactive
    Runtimes: runc
    Default Runtime: runc
    Init Binary: docker-init
    containerd version:  (expected: 9048e5e50717ea4497b757314bad98ea3763c145)
    runc version: N/A (expected: 9c2d8d184e5da67c95d601382adf14862e4f2228)
    init version: N/A (expected: )
    Kernel Version: 4.12.7-377.native
    Operating System: Clear Linux OS for Intel Architecture
    OSType: linux
    Architecture: x86_64
    CPUs: 4
    Total Memory: 15.62GiB
    Name: clr-os
    ID: XQHJ:DYEM:3Q4D:DKLM:JOA4:RUSF:GAFR:DLPA:HOJP:W5FF:ULEE:7HZ3
    Docker Root Dir: /var/lib/docker
    Debug Mode (client): false
    Debug Mode (server): false
    Registry: https://index.docker.io/v1/
    Experimental: false
    Insecure Registries:
     127.0.0.0/8
    Live Restore Enabled: false
    

    If Docker is not installed, enter the commands:

    swupd bundle-add containers-basic
    systemctl start docker
    
  3. Create the directory structure to build the Clear Linux OS container.

    mkdir -p ./custom-clear-linux-container/base/usr/share/clear/bundles
    cd custom-clear-linux-container
    

    Note

    • The directories custom-clear-linux-container and base are used for staging. You can rename these directories.
    • The directories /usr/share/clear/bundles are mandatory and cannot be renamed.
  4. Create the reference files of the minimum required Clear Linux OS bundles, os-core and os-core-update. The software updater uses the reference filenames to determine which bundles to download and install.

    touch ./base/usr/share/clear/bundles/os-core
    touch ./base/usr/share/clear/bundles/os-core-update
    

    Note

    • os-core provides the minimal Linux namespace.
    • os-core-update provides the basic suite for running the Clear Linux OS updater.
  5. Optionally, you can include additional bundles with the base image.

    1. Identify the desired bundles on the Clear Linux OS website’s Available bundles page or execute the swupd bundle-list -a command.

    2. Create reference files for the identified bundles. For example, to include the editors and network-basic bundles, enter the commands:

      touch ./base/usr/share/clear/bundles/editors
      touch ./base/usr/share/clear/bundles/network-basic
      
  6. Use swupd to download and install the bundles.

    swupd verify --install --path="base" --manifest 17870 \
    --url https://cdn.download.clearlinux.org/update \
    --statedir "$PWD/swupd-state" --no-boot-update
    

    The swupd example uses the following flags:

    • verify –-install tells swupd to download and install.
    • –path specifies the root path where the bundles are to be installed.
    • –manifest specifies the version of the Clear Linux OS bundles.
    • –url specifies the URL of the bundles repository.
    • –statedir specifies the state directory where downloaded bundles and any state information are stored.
    • –no-boot-update tells swupd to skip updating boot files because boot files are not required for a container.

    For more information on swupd flags, enter the swupd verify -h command.

    Example output:

    swupd-client software verify 3.12.2
    Copyright (C) 2012-2017 Intel Corporation
    
    Verifying version 17870
    Attempting to download version string to memory
    Downloading packs...
    
    Extracting python-basic pack for version 17820
      ...14%
    Extracting perl-basic pack for version 17790
      ...28%
    Extracting openssh-server pack for version 17660
      ...42%
    Extracting editors pack for version 17850
      ...57%
    Extracting network-basic pack for version 17650
      ...71%
    Extracting os-core pack for version 17870
      ...85%
    Extracting os-core-update pack for version 17870
      ...100%
    Adding any missing files
      ...88%
    Inspected 33982 files
      33974 files were missing
        33974 of 33974 missing files were replaced
        0 of 33974 missing files were not replaced
    Calling post-update helper scripts.
    WARNING: boot files update skipped due to --no-boot-update argument
    Fix successful
    

    Note

    The WARNING message is expected and can be ignored.

  7. Create a tarball and compress it.

    tar -C base -cf base.tar .
    xz -v -T0 base.tar
    
  8. Create the Dockerfile to build the image.

    cat > Dockerfile << EOF
    FROM scratch
    MAINTAINER First Last <first.last@example.com>
    ADD base.tar.xz /
    CMD ["/bin/bash"]
    EOF
    
  9. Build the Clear Linux OS container image.

    docker build -t my-custom-clear-linux-container .
    

    Example output:

    Sending build context to Docker daemon  806.5MB
    Step 1/4 : FROM scratch
      --->
    Step 2/4 : MAINTAINER First Last <first.last@example.com>
      ---> Running in 7238f35abcd0
      ---> ec5064287c60
    Removing intermediate container 7238f35abcd0
    Step 3/4 : ADD base.tar.xz /
      ---> 2723b7d20716
    Removing intermediate container 16e3ed0df8da
    Step 4/4 : CMD /bin/bash
      ---> Running in efa893350647
      ---> 5414c3a12993
    Removing intermediate container efa893350647
    Successfully built 5414c3a12993
    Successfully tagged my-custom-clear-linux-container:latest
    
  10. List the newly created Clear Linux OS container image.

    docker images
    

    Example output:

    REPOSITORY                        TAG                 IMAGE ID            CREATED              SIZE
    my-custom-clear-linux-container   latest              5414c3a12993        About a minute ago   616MB
    
  11. Launch the built Clear Linux OS container.

    docker run -it my-custom-clear-linux-container
    

Manage bundles in a container

You can add and remove bundles from a Clear Linux OS container using the RUN swupd command in the Dockerfile.

Add a bundle

This example Dockerfile adds the pxe-server bundle to an existing Clear Linux OS Docker image:

cat > Dockerfile << EOF
FROM my-customer-clear-linux-container
MAINTAINER First Last <first.last@example.com>
RUN swupd bundle-add pxe-server
CMD ["/bin/bash/bash"]
EOF

Example output:

docker build -t my-clearlinux-with-pxe-server-bundle .

Sending build context to Docker daemon  806.5MB
Step 1/4 : FROM my-custom-clear-linux-container
 ---> 5414c3a12993
Step 2/4 : MAINTAINER First Last <first.last@example.com>
 ---> Running in 19b4411cf4bd
 ---> 08d400baffde
Removing intermediate container 19b4411cf4bd
Step 3/4 : RUN swupd bundle-add pxe-server
 ---> Running in 3e634d6e0792
swupd-client bundle adder 3.12.2
   Copyright (C) 2012-2017 Intel Corporation

Attempting to download version string to memory
Downloading packs...

Extracting pxe-server pack for version 17820
.
Installing bundle(s) files...
..............................................................................
..............................................................................
..............................................................................
..............................................................................
..............................................................................
..............................................................................
Calling post-update helper scripts.
WARNING: systemctl not operable, unable to run systemd update triggers
Bundle(s) installation done.
 ---> 8ead5f2c0c33
Removing intermediate container 3e634d6e0792
Step 4/4 : CMD /bin/bash
 ---> Running in 0ceae320279b
 ---> dcd9adb40611
Removing intermediate container 0ceae320279b
Successfully built dcd9adb40611
Successfully tagged my-clearlinux-with-pxe-server-bundle:latest

Note

The WARNING message can be ignored because systemd does not run inside a container.

Remove a bundle

This example Dockerfile removes the pxe-server bundle from an existing Clear Linux OS Docker image:

cat > Dockerfile << EOF
FROM my-clearlinux-with-pxe-server-bundle
MAINTAINER First Last <first.last@example.com>
RUN swupd bundle-remove pxe-server
CMD ["/bin/bash/bash"]
EOF

Example output:

docker build -t my-clearlinux-remove-pxe-server-bundle .

Sending build context to Docker daemon  806.5MB
Step 1/4 : FROM my-clearlinux-with-pxe-server-bundle
 ---> dcd9adb40611
Step 2/4 : MAINTAINER First Last <first.last@example.com>
 ---> Running in 71b60f15003e
 ---> 742192751c1a
Removing intermediate container 71b60f15003e
Step 3/4 : RUN swupd bundle-remove pxe-server
 ---> Running in ad28a3390ecc
swupd-client bundle remover 3.12.2
   Copyright (C) 2012-2017 Intel Corporation

Removing bundle: pxe-server
Deleting bundle files...
Total deleted files: 92
Untracking bundle from system...
Success: Bundle removed
1 bundle(s) were removed successfully
 ---> d6ee7903e14d
Removing intermediate container ad28a3390ecc
Step 4/4 : CMD /bin/bash
 ---> Running in 7694989e97de
 ---> ec23189ef954
Removing intermediate container 7694989e97de
Successfully built ec23189ef954
Successfully tagged my-clearlinux-remove-pxe-server-bundle:latest