 Hi, hi, one more time. The presentation will be for building a debut and base system images and the speaker Louvain, so Hope you'll enjoy it and thank you Well, this isn't really a presentation. It's the boss so and I don't really have any Huge experience with building Building devian images. I just know that there's a lot of different tools quite a bit of work going on to to develop those tools and Thought this would be I Can see there's a lot of people interested so hopefully you some of you have Tips and Recommendations for you know, what's what are the pros and cons of different tools? What what improvements you would like to see into the tools that you use And so and so I'll I'll start a goby document If I can remember I need to go goby devian.net, right? Yeah Yeah, okay, that's not working either I wonder why not mirror? Oh, that's not actually working. Is it get to that display? Okay, well anyone like to start off by advocating for their favorite tool that they think not and not enough people are using Do I have a microphone to give? You've got a microphone. Yeah, I So Enrico Zini Is Giving another talk but that conflicted with this one and he asked me to mention that He's working on an update to He has worked on an update to live rapper that removes the dependency on the empty bootstrap Which You may have seen is about to be removed from the archive So that might continue to be an option Hello, I maintain a goal on Application that builds images is called the boss when I didn't thank you listed in the system build tools We created this Collaborate for hand creating our own images is basically Infrastructure and then you just describe your images in a jammer file. So all the data you have you can Specify actions like you can run the bootstrap to create the initial file system and then on that you can add repositories and install extra packages and do whatever tweaks you need to do you can Get a binary file and flash it so on the Offset that you need for bootloaders So you are able to generate an image that later you can flash on an SD card and put on a target device Something like that. I guess it might it could also accommodate Cloud images, maybe but I'm not sure what the exactly requirements are for cloud images And I'm not sure what other kind of images we might need but I mean people want to have a look I'm far from an expert in it, but does it this out? Yeah, okay. I'm far from an expert in it but I've been Working a bit with the VM DB2 which is well by the same author as a VM the bootstrap by Lars and It's also based on a yaml description of the of the desired System I have found it to be well really easy and like expressive But again, I'm just getting to know it Anymore any more tools not mentioned that people would like to Applicate for Joey has his propeller tool that he did a talk about a dev conf last year is Configuration management, but you can just tell it This host that you're already configuring Please make an image that has all the properties that that host has which is quite nice so FAI is used by the Debian cloud team and It can do a lot of things so I think since there are it's very Major, I think I do this since 18 years and we have a lot of experiences and it works in a lot of Cases and it can also do Disc images or change wood environments and so on there's a tool called deba earth that can put a whole system in in the remapis For at times since no one else is talking I put a plug on my talk on Thursday, which will be about using FAI for building disk images on arm systems So I will probably talk more about it here now, but welcome on Thursday Steve would you like to talk about? the more about the WN cloud Build process So which Debbie and cloud build process So the moment there's a there's a whole slew of things. We've got people were using Bootstrap vz. I Think that as far as I understand Development of that has basically stopped, but some people are probably still using it. We're not A number of people who have moved over to using Using fi as Thomas said So he added support for building images about 18 months ago Yeah and so the current Images that are happening on AWS are built using that Google are still using I think bootstrap vz for what they're using for official images But people are working on moving over to to fire as well For the as your images The folks at credit if are doing those they were using a fork or like a few changes on top of Zego's Open stack build script and of course, we're still using that open stack build script for the Open stack images we build regularly. So yes, we have every tool going We have consensus in the cloud team that we want to move everything over to using fi The main thing reason for that is we want to get a consistent base Configuration that we can use because obviously most of the cloud images that we're building are 99% the same, you know, we're just making tiny tweaks for one provider or another Fi lets us do that in a much more sane fashion so we can then just check in the configuration and You know, obviously things can then derive from you know, a core set of classes It seems to work very well We're still working on Actually automating all of this with ci and stuff, but that's what we're up to So I have just I did it as a packer. I'm the maintainer. So package to create a VM images for multiply and forms such as Amazon Google cloud or other cloud provides or even background and and I think it's also also okay to create a VM images for over stack has anyone done comparison of several of these tools and Could explain why What's what they chose in the end why why it worked better for their Their use case so we had a need to build any images We were using linear oh The way linear was building images So the way they created they were creating What they call OS back Which is the general? applications the user land Created a star ball and I was using live build which was deprecated few years ago and then they had linear oh image tools which was creating a hardware pack Which was all the hardware specifics components in a separated? Turbo and then well turbo or image format So it was some some packages there and then it was mixing the hardware enablement with the User land so it could as a scale to generate several different images But since live build Got to maintain We were looking other options So we're looking VM the bootstrap, which it was missing some of the features That live build had that we could not I think we could not include it was not easy to To add customizations that we had to do with this tool So it was not not good enough then the bootstrap be set with just some Python script very Right in command sequentially and generating an image at the end so you we could not either remove and add or Customizations either and it's pitch out only one image while we probably need to generate multiple images With different characteristics, and we don't want to like waste a lot of space So that's there we like to have one OS pack and then we can Increment incrementally add more things to this OS pack and combine with a hardware pack and generate an image So it's quite a storage efficient This way so at the end We yes, we also look a propeller. It looked nice, but it was Haskell has a bit of a barrier because not everyone is Comfortable hacking on Haskell And then I think we also look at the VM DB to It was Python based, but you didn't feel the requirements very well So why did it not fit the requirements? What was specifically was missing remember very well, but I think we need We want to build without root so we create a fake machine Which uses KVM to to build the image so you see if you have access to KVM You don't need the root access for to build the image so at the end we just implemented This tool called devos to try to fulfill our requirements I don't think there was more And also fine look look a bit A bit complicated the code base was a bit mean it's been like growing Organically It didn't look easy to customize for needs that we have Generating multiple images and so on I had a talk about this two years ago in Heidelberg basically, I think the Main conclusion was that it's usually just easier to write your own tools and try to understand the existing tools and There's always a kind of a good feeling when you have your own tool that you have written exactly to that your use case While when you're working on someone else's code base, you have to like consider everyone else's use cases and you have to make compromises Generally, I think it's not a very hard thing to write your own image writing tool. So that's why they appear so quickly But then a few years down the line, you've collected more use cases and then you're working on Someone else's code that someone else being the past you who didn't understand the problem as well I think if you should or if you want to select the tool You should think about do I only need to create images on the Architecture that I'm running the tools on or is it possible to create cross architecture images or I think often creating the image or creating the change route environment. So just the file system is Nearly the same and I don't know if if all the tools support both So if you want to have a disk image, you may for debugging purpose Without extracting the file system from the image just do the same process to get just the file system for Looking into it. I'd like to share their experiences with some of these tools I was using I'm wanting a group to I start developing the kernel and I like a tool to build a devian image really quickly so we can use with KVM to test the kernel and I was using VM boots the bootstrap for that but it had a bug and I sent I Filed the bug report in the In bug training system and somebody just reply me. I probably should use another tool because the tool is kind of dead So yeah, that was my experience and I just want a simple tool Create an image with a simple common line, and you haven't found one yet Yeah, the other ones seem complicated. I need to do configurations and things seems like that Actually, I didn't really look at the others I would be interested in if if it's important for people to have a tool that does not need root X root for being run so Currently, I don't know how to do Mounting or some other things or are there already tools that do not need rule route Or which are the parts that still need root access? Probably you could look into a leap guest FS to access leap guest FS Have you looked into that? That would be worse So actually, this is one thing I do know about a little bit because I started working on regression tests for a new reference in it ram FS tools and try to get those working as without root and So far I have got to I can build an X2 file system using Gen X to FS But I didn't find any way to set up Anything more complicated than that like for an X4 file system or LVM Just using Disc images rather than devices does live Does live with guest FS? What exactly does that Do for you having a look at the docs for the guest FS It actually does really really complicated scary things underneath essentially running Running an emulator and running a machine inside of VM and Then exporting access to basically to allow you to to do the mcnod call Which of course is the one you can't do any other way without being root Okay, it runs of the end so it's you're you're you're gonna have a certain kind of a power system proxy into That's exactly how it works. Yes. Okay, so it then X so it's it's got bindings for most common languages I know in Lenovo. We use it a lot in Lava to help us Allow us to then go and modify random file system images and add extra things into them after they've been built It's very powerful as they're also quite scary under the hood if you go and have a look But otherwise, you know, my experience is whenever we end up building images and I don't hold loaded different types It always ends up coming down to can you run mcnod? So that's why you end up by the building in a VM or something to get around that I'm curious which of the tools mentioned can do bare metal installs as well because I'd be interested in a system where you could create a virtual machine cloud image An arm image and and also install on bare metal Okay, so Thomas Langeff I can do that my Script that is currently used for building the official the bn images you can do it too. Well, what else? Is there any other of the mentioned tools that can do bare metal I don't think so Well, there'd be an install with preceding But that only does yeah, I'm still using a send create image which has a simple configuration Isn't much being worked on I think and it doesn't support the IPv6 Yeah, we've been also on the verge of creating something a phone Shall I scroll this down a little? People starting at the top. So which of the tools can cross build? Sorry going back to the vagrant question on the installer parts we also looking into Maybe calamaris It's something you can add into the image to get later being able to install this image into into the device or There's also a wikity From I think canonical To be able to to do the installation like you run a live image you can install the bare metal hardware So those are installers that we Were currently also interested that we as a collaborator No, it's interesting also to know if somebody else knows about installers Another question is there one of these tools that already particularly cares about image reproducibility? Like making sure that if someone else builds the same from the same git commit they will get a bit by bit for bit identical artifact as a result The problem is that you are writing on a file system and writing on on x2 As much as I know it's not reproducible Am I mistaking like that vagrant says? You have to answer that one You have 234 reproducibility you can generate The file system Without writing to it. I was just starting to say you the file system new UIDs and presumably partition new UIDs if you use a GPT are going to Well, obviously, they're supposed to be unique every time and I don't know what's the I Don't know whether there's a good way to override that I think Okay to FS lets you specify UID and you could you could derive the the value from the From something But I don't know if anything if anything does that what what's going on in what's the status of? tails CD images What we do at the moment? Well, we use quash FS. So we don't have any problem with x3 244 and Squash FS reproducibility is now a solved problem mostly and to build our rep iso images reproducibly we Well, when you type rate build we will build a Vagrant base box image with the end up strap. This one won't be reproducible, but we don't care and then It will be started with Vagrant inside leap forward KVM and then our big system We choose is an old version of live it will take over and in their produce repossible iso image Using snapshots of the Debian archive so we control our input. What's the question about cross build again? It's about cross building. It's which tools do so can support building a system image for another architecture However, the devos can build on a md-64. I think just uses a md-64 QMU So you are forced to use that architecture as build architecture, and then you can it's meant to To cross build images for any architecture you you want But actually we do it for for arm. I Have a question on calamaris isn't this Installer with a user interface or can it be run in a scripted mode? It depends on a bunch of pt stuff So you can only run it as agree at the moment now the script or back in but this is this session tomorrow for a few people who want to create something like calamaris, but Completely back in so that you can fold whatever front end you want to it Does it answer your question? Yes, so just checking With G disk for GPT partitioning your course were your you it's are normally Randomized and partition creation time or whatever. Obviously that will be a problem if you're going with usable You it does let you specify your own you you it's if you need so okay, so you can control that I've no idea about doing it for DOS partitioning Pass I guess I mean a lot of that comes down to timestamps and stuff to Parties don't have ideas today You're right good point, so then it will come down to the file systems you're using So yeah, X to three forward theory you should be able to do it All the file systems Yeah, you get to keep the pieces. I had the question at the bottom. It's About updaters is someone also Using updaters Besides APT Nowadays we were looking into OS 3 for assist atomic updates and also into CAC Inc Someone here is using this kind of Updating technologies you mean updating your disk image Yeah, I mean about like on-field upgrades. So for example there was we have support for OS 3. It's OS 3. Do you know? Okay, just a really quick Introduction it'll be like it but for a root file system. So you just You have a file system in a server and then you just get pull oyster pool And then you just update from that and you can roll back as well And it's an atomic atomic upgrade and it is the file system is just some objects that need to be downloaded and then you can Update your your system in field is for infield upgrades on for embedded devices So me a little bit like snapshots of the file system. Yeah Yeah In file you can create a disk image with butter FS file system. So this would be Concerning package upgrades. I think most people would say it just rebuild the new disk image So there's no special need if you have already a disk image to do an update or upgrade inside in it Because the build process is so fast just rebuild a disk image and and then you need to like I guess your use case is more into the cloud or Server, but if you have like in Internet of Things devices Around and you need to deploy updates into these devices and There's failures you need to fall back and things like that. Yeah as far as I know Most also embedded devices you will always write the whole disk Image onto it or is anybody using some delta images or updates? So I only know that people Get a new version of a disk image and write the whole disk image to the embedded device Well, there are a lot of projects to manage this kind of updates for undead with a B type system partitions It seems that many projects are slowly standardizing and rock AUC To do that and it has been it has gained ca sync support recently I think So the question for you then you organize the session what you're hoping to to get out of this Just a conversation about pros and cons and I mean, I mean there's already there's a wiki page Which hopefully should have links to all of these tools are you going to go through and update the links though and I could do Yes, please don't because obviously it would be great to share what we know what people have been talking about So it looks like that's People have said all they have to say Any last points? Okay, let's let's stop there