Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build a centos desktop image #48

Open
middlestone opened this issue Aug 14, 2021 · 10 comments
Open

build a centos desktop image #48

middlestone opened this issue Aug 14, 2021 · 10 comments

Comments

@middlestone
Copy link

I want to create a centos desktop image, and refer to the ubuntu example, but there are so many details that I can not figure out quickly, is there any guide about how to do it? thanks in advance.

@tinyzimmer
Copy link
Collaborator

No guide, but that is definitely among the things that is needed. I can try to help you here if you can share what you have so far. I imagine a fair chunk of the ubuntu stuff is transferable, but the init script almost certainly would need changes.

@middlestone
Copy link
Author

@tinyzimmer thank you very much for your quickly reply, currently I only transfer Dockerfile.base, Dockerfile.desktop and Dockerfile.demo,without changing init script,when I launch the session, kvi-app pod throws error below.

 "Error creating connection to proxy server	{"error": "dial unix /var/run/kvdi/display.sock: connect: no such file or directory"}". 

I am still try to figure out what is wrong.

@middlestone
Copy link
Author

middlestone commented Aug 14, 2021

below are the whole error log and dockerfiles that I changed

2021-08-14T08:15:59.599Z INFO lock Releasing lock {"Lock.Name": "display-default-centos-xfce-sbmxb"}
2021-08-14T08:15:59.602Z INFO lock Releasing lock {"Owner": {"apiVersion":"v1","kind":"Pod","name":"kvdi-app-7984768859-k7xg4","uid":"f4b31786-786d-4de7-ae98-097146eee962","controller":true,"blockOwnerDeletion":false}}
{"time":"2021-08-14T08:15:59.57077754Z","method":"GET","path":"/api/desktops/ws/default/centos-xfce-sbmxb/display","statusCode":400,"size":121,"remoteHost":"192.168.8.128"}
2021/08/14 08:15:59 http: TLS handshake error from 192.168.8.128:30072: remote error: tls: unknown certificate
{"time":"2021-08-14T08:15:59.640536701Z","method":"GET","path":"/api/desktops/ws/default/centos-xfce-sbmxb/status","statusCode":200,"size":0,"remoteHost":"192.168.8.128"}
2021/08/14 08:16:01 http: TLS handshake error from 192.168.8.128:59734: remote error: tls: unknown certificate
2021-08-14T08:16:01.675Z INFO lock Acquiring lock {"Lock.Name": "display-default-centos-xfce-sbmxb"}
2021-08-14T08:16:01.692Z INFO lock Lock acquired {"Lock.Name": "display-default-centos-xfce-sbmxb"}
2021-08-14T08:16:01.696Z INFO api Connecting to desktop proxy {"Path": "/api/desktops/ws/default/centos-xfce-sbmxb/display"}
2021-08-14T08:16:01.696Z INFO api Dialing proxy instance {"Address": "10.104.149.55:8443"}
2021-08-14T08:16:01.719Z ERROR api Error creating connection to proxy server {"error": "dial unix /var/run/kvdi/display.sock: connect: no such file or directory"}
github.com/go-logr/zapr.(*zapLogger).Error
/go/pkg/mod/github.com/go-logr/[email protected]/zapr.go:132
github.com/tinyzimmer/kvdi/pkg/api.(*desktopAPI).ServeWebsocketProxy
/build/pkg/api/get_websockify.go:168
github.com/tinyzimmer/kvdi/pkg/api.(*desktopAPI).GetWebsockify
/build/pkg/api/get_websockify.go:86
net/http.HandlerFunc.ServeHTTP
/usr/local/go/src/net/http/server.go:2069
github.com/tinyzimmer/kvdi/pkg/api.(*desktopAPI).ValidateUserGrants.func1
/build/pkg/api/api_validate_perms.go:553
net/http.HandlerFunc.ServeHTTP
/usr/local/go/src/net/http/server.go:2069
github.com/tinyzimmer/kvdi/pkg/api.(*desktopAPI).ValidateUserSession.func1
/build/pkg/api/api_validate_user_session.go:74
net/http.HandlerFunc.ServeHTTP
/usr/local/go/src/net/http/server.go:2069
github.com/tinyzimmer/kvdi/pkg/api.DecodeRequest.func1
/build/pkg/api/api_decoder.go:81
net/http.HandlerFunc.ServeHTTP
/usr/local/go/src/net/http/server.go:2069
github.com/tinyzimmer/kvdi/pkg/api.doWebsocketMetrics
/build/pkg/api/api_metrics.go:198
github.com/tinyzimmer/kvdi/pkg/api.prometheusMiddleware.func1
/build/pkg/api/api_metrics.go:155
net/http.HandlerFunc.ServeHTTP
/usr/local/go/src/net/http/server.go:2069
github.com/gorilla/mux.(*Router).ServeHTTP
/go/pkg/mod/github.com/gorilla/[email protected]/mux.go:210
github.com/tinyzimmer/kvdi/pkg/api.(*desktopAPI).ServeHTTP
/build/pkg/api/api_router.go:163
github.com/gorilla/mux.(*Router).ServeHTTP
/go/pkg/mod/github.com/gorilla/[email protected]/mux.go:210
github.com/gorilla/handlers.loggingHandler.ServeHTTP
/go/pkg/mod/github.com/gorilla/[email protected]/logging.go:47
github.com/gorilla/handlers.CompressHandlerLevel.func1
/go/pkg/mod/github.com/gorilla/[email protected]/compress.go:105
net/http.HandlerFunc.ServeHTTP
/usr/local/go/src/net/http/server.go:2069
github.com/gorilla/handlers.ProxyHeaders.func1
/go/pkg/mod/github.com/gorilla/[email protected]/proxy_headers.go:59
net/http.HandlerFunc.ServeHTTP
/usr/local/go/src/net/http/server.go:2069
net/http.serverHandler.ServeHTTP
/usr/local/go/src/net/http/server.go:2887
net/http.(*conn).serve
/usr/local/go/src/net/http/server.go:1952

root@kubernetes:~/images/centos# cat Dockerfile.base

FROM centos:8.2.2004 as base-system

RUN rm -rf /etc/yum.repos.d/*
COPY centos8.repo /etc/yum.repos.d/centos8.repo

COPY web-assets-filesystem-5-10.el8.noarch.rpm /tmp

RUN yum install -y https://mirrors.aliyun.com/epel/epel-release-latest-8.noarch.rpm
&& yum makecache
&& yum install -y /tmp/web-assets-filesystem-5-10.el8.noarch.rpm
&& yum install -y
coreutils-single iputils sudo curl net-tools zenity xz
dbus-x11 xorg-x11-utils alsa-utils glx-utils mesa-libGL tigervnc-server xpra
systemd systemd-sysv pulseaudio pavucontrol firefox vim expect ca-certificates
&& yum clean all
&& rm -rf /tmp/* /var/tmp/*
&& cd /usr/lib/systemd/system/sysinit.target.wants/
&& ls | grep -v systemd-tmpfiles-setup | xargs rm -f $1
&& rm -f /usr/lib/systemd/system/multi-user.target.wants/*
/etc/systemd/system/.wants/
/usr/lib/systemd/system/local-fs.target.wants/*
/usr/lib/systemd/system/sockets.target.wants/udev
/usr/lib/systemd/system/sockets.target.wants/initctl
/usr/lib/systemd/system/basic.target.wants/*
/usr/lib/systemd/system/anaconda.target.wants/*
/usr/lib/systemd/system/plymouth*
/usr/lib/systemd/system/systemd-update-utmp*

COPY rootfs /

RUN chmod +x /usr/local/sbin/init && chmod +x /usr/local/sbin/fakegetty
&& systemctl --user --global enable display.service
&& systemctl enable user-init
&& systemctl --user --global enable pulseaudio

WORKDIR /root
VOLUME ["/sys/fs/cgroup"]
ENTRYPOINT ["/usr/local/sbin/init"]

root@kubernetes:~/images/centos# cat Dockerfile.desktop

ARG BASE_IMAGE=centos8.2:base
FROM ${BASE_IMAGE}

ARG DESKTOP_PACKAGE=Xfce
ENV DESKTOP_PACKAGE ${DESKTOP_PACKAGE}
RUN yum makecache
&& yum groupinstall -y ${DESKTOP_PACKAGE}
&& yum clean all

COPY systemd/${DESKTOP_PACKAGE}.service /etc/systemd/user/desktop.service

RUN systemctl --user --global enable desktop.service
&& systemctl disable display-manager
&& systemctl disable wpa_supplicant

root@kubernetes:~/images/centos# cat Dockerfile.demo

FROM centos8.2:desktop

RUN yum makecache
&& yum groupinstall -y "Office Suite and Productivity"
&& yum install -y
htop net-tools bind-utils

@tinyzimmer
Copy link
Collaborator

You might be able to find better logs if you tail the desktop container instead of the proxy container. You are looking for why display.service isn't starting at the moment. But this is probably going to be a longer adventure than that.


This is the sorta thing that will require debugging outside of kvdi first. The main thing you are bumping into right now as stated above is getting the Xvnc process to start. That's what the following error means:

{"error": "dial unix /var/run/kvdi/display.sock: connect: no such file or directory"}

There will likely be more issues after that, but this is where you probably want to try to run partially built containers locally, figuring out what is actually wrong when you do something like (e.g.) systemctl start display. It's not so straightforward unfortunately, and this is where I could definitely use better documentation. The tldr when trying to run a container like this locally (particularly placating systemd) is to use privileged mode and bind-mount /sys directories.

You could also skip the systemd and custom init entirely, just install the programs you want, run the container and start tinkering with getting Xvnc to start.

My assumption is you'll get an error. If using systemd still you may have to pop into journalctl -u display to see it.


I haven't had a ton of time to devote to this project recently, and have been actively looking for more people to contribute. But this particular issue intrigues me and might not be terribly difficult to figure out. If I have time tomorrow I may take a stab at it.

@tinyzimmer
Copy link
Collaborator

It has required quite a bit of hacking so far - but I'm close to a workable image. I'll tell you though...it ain't tiny

centos-desktop                      latest         bafee8482454   3 minutes ago    4.01GB

I might see what else I can slim out of it - but I'm not sure if I want to publish something that big. I'd at the very least publish the dockerfiles and stuff though if I get it working well.

@middlestone
Copy link
Author

middlestone commented Aug 15, 2021

@tinyzimmer I greatly apprecite your help, you are rgiht, the display.sock is caused by Xvnc(display service)not startup.
After bringing it up, the screen is black on the console, so I still try to figure it out, and it is really a great news that you have made it work although the image is too large, my image is about 2.8G, so it seems that I miss a lot of things currently.

@middlestone
Copy link
Author

middlestone commented Aug 15, 2021

I build a centos image according to your dockerfile, centos desktop can be seen, but when I try to launch terminal or other appliction inside centos, it failed to open them and no error message, so weird.

@tinyzimmer
Copy link
Collaborator

Yea what I pushed up is only partially working. And the problems I was still trying to figure out are exactly what you describe. Some apps just don't want to open. Once I figured that out, I wanted to try to slim it down further. Instead of doing a full groupinstall workstation, isolate just the minimal packages needed.

@tinyzimmer
Copy link
Collaborator

Latest commit to that centos directory appears to be mostly working. The issues above were two-fold - locales not being present and dbus not launching. Feel free to play with it and let me know what you think. I'm going to venture into slimming it down into a more minimal base image later.

@middlestone
Copy link
Author

@tinyzimmer thank you very much, I am still testing and learning this project, if there is any problem found, I will let you know.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants