=========================================
Building and updating Fedora Atomic image
=========================================

For Magnum development, we use a Fedora Atomic image prebuilt with a certain
version of Docker, Kubernetes, etcd and Flannel.  This document details
instructions for building the image update it to incorporate your own changes.

The basic steps are:

1. Choose the packages and build a package repo.
2. Run a Docker container with Fedora 21 and build the rpm-ostree repo.
3. Create the new glance image from this Docker container.
4. Alternatively, update an existing container from this rpm-ostree repo.

This document was tested with Fedora 21.  This should also work for
Fedora 22 or other version with minor adjustment, and the document will be
updated when they are tested.

Create the package repo
=======================

Find the package version that you want from::

    https://kojipkgs.fedoraproject.org/packages/<packagename>

This URL does not contain a package name, so you will provide the package name
in the URL. For our case, we will use the three packages named 'kubernetes',
'etcd', and 'flannel'.

For example::

    https://kojipkgs.fedoraproject.org/packages/kubernetes/0.20.0/0.3.git835eded.fc23/src/kubernetes-0.20.0-0.3.git835eded.fc23.src.rpm
    https://kojipkgs.fedoraproject.org/packages/etcd/2.0.13/2.fc23/src/etcd-2.0.13-2.fc23.src.rpm
    https://kojipkgs.fedoraproject.org/packages/flannel/0.5.0/1.fc23/src/flannel-0.5.0-1.fc23.src.rpm


Next we build a package repo for these particular packages.  We use an
automated package builder from::

    https://copr.fedoraproject.org/coprs

If you don't have an account, you can create one on::

    http://fedoraproject.org

Once you log into Fedora copr via https://copr.fedoraproject.org, follow these
steps:

- Click on "Add a new project" and fill in the necessary information.
- Check the box for fedora-21-x86_64.
- In the box "Initial packages to build", refer the kojipkgs site mentioned
  above.  Cut and paste the links for the desired src.rpm package.
- Click build.

The build may take some time depending on how busy the system is.

When the build completes successfully, go to the Overview tab and look under
the column for "Yum repo". Find the link for a repo file to point to your
newly built package in copr. Save the text from this link to use later.

Build and host rpm-ostree repo
==============================

You will need a server with Docker installed.
Download this build configuration::

    git clone https://github.com/jasonbrooks/byo-atomic.git

Make sure httpd is not running on your server since we need to map port 80
to apache that will run in the Docker instance.  If port 80 is already in use,
we will get an error when starting the Docker instance indicating that the
address is already in use.

Verify that port tcp/80 is vacant by running this command::

    sudo netstat -antp | grep :80

The output should show no process on port 80.  For example, if apache is
using port 80, you would see something like::

    tcp6   0    0 :::80     :::*      LISTEN  26981/apache2

In the Dockerfile, we download the fedora 21 image and set up the environment.
If you are running on Ubuntu, the Dockerfile does need a minor workaround for
the httpd logs directory. Edit the Dockerfile and in the line with mkdir,
insert a command for "mkdir /etc/httpd/logs" as follows::

    mkdir /etc/httpd/logs && mkdir -p /srv/rpm-ostree/repo && cd /srv/rpm-ostree/ && ostree --repo=repo init --mode=archive-z2

Build a Docker container image to be used for hosting the rpm-ostree repo::

    sudo docker build --rm -t $USER/atomicrepo byo-atomic/.

where $USER is the user logged in.

When the build completes, you can see the image by running::

    sudo docker images

Start a container using the new Docker image. This will start apache in the
new container with tcp/80 mapped to the host::

    sudo docker run --privileged -d -p 80:80 --name atomicrepo $USER/atomicrepo

Then log into this Docker container::

    sudo docker exec -it atomicrepo bash

Once inside the Docker container, run the commands::

    cd fedora-atomic
    git checkout f21
    nscd

Edit the file fedora-atomic-docker-host.json to add the repo pointing to the
copr package repo.  Update the line "repos" as follows::

    "repos": ["fedora-21" , "my-copr-repo"],

You can rename "my-copr-repo" as needed, but make sure to use the same name
in the two steps following.  From the link on the copr site above, save the
content for the repo pointer in a file named "my-copr-repo.repo" in the same
directory, then make the following changes in the file.

Rename the first line as::

    [my-copr-repo]

And modify this flag::

    gpgcheck=0

Then build the rpm-ostree::

    rpm-ostree compose tree --repo=/srv/rpm-ostree/repo fedora-atomic-docker-host.json

When this is completed, Apache should be running on the Docker container and
serving the content of the new rpm-ostree repo.  From outside the container,
the repo can be accessed as::

    http://<ip>/repo

Create the new image
====================

From within the Docker container where the rpm-ostree repo has been built,
install additional tools::

    yum install -y rpm-ostree-toolbox nss-altfiles yum-plugin-protectbase

Create a new glance image::

    export LIBGUESTFS_BACKEND=direct
    rpm-ostree-toolbox create-vm-disk /srv/rpm-ostree/repo fedora-atomic-host fedora-atomic/f21/x86_64/docker-host my-new-f21-atomic.qcow2

The new image my-new-f21-atomic.qcow2 is in the current directory.

Update an existing Fedora Atomic server
=======================================

You may update an existing Fedora Atomic server to derive a new one.
If you have a nova instance created from an existing Fedora Atomic glance
image, you may update it from the rpm-ostree repo above. On this server,
edit this file as root::

    sudo vi /etc/ostree/remotes.d/fedora-atomic.conf

Add the content (substitute the <ip> for your Docker instance)::

    [remote "fedora-atomic-host"]
    url=http://<ip>/repo
    branches=fedora-atomic/21/x86_64/docker-host;
    gpg-verify=false

Run the command::

    sudo rpm-ostree upgrade

When the upgrade is completed, reboot to switch to the new version::

    sudo systemctl reboot

Once you have the modified server, you may snapshot it to create a new glance
image from it, and use that new glance image for subsequent new Magnum bays.
Note however that because of the way Atomic manages backup, this approach will
bloat the image size.
