[elbe-devel] How to create an encrypted rootfs image using Elbe?
Manuel Traut
manuel.traut at linutronix.de
Tue Jul 4 19:06:22 CEST 2017
Hi,
> >Installing cryptsetup etc. into the initvm is already possible by
> >providing a customized <initvm> description in XML.
>
> Yes, that solves this part of my problem.
>
> >Currently finetuning runce twice. Once before extracting and once after
> >extracting the archive. That should be also controlable.
>
> Hm.. I thought it was the other way round, i.e. that the archive gets extracted twice: once before running the finetuning commands and once after running the finetuning commands - at least that's how my version of elbe (v1.2) reports it in the elbe-report.txt:
>
> ...
> archive extract before finetuning
> ...
> finetuning log
> ...
> archive extract after finetuning
> ...
You are right! Extracting the archive is done twice at the moment. But this
should also be controlable with an additional attribute (before_ft, after_ft)
if not given: old behaviour.
> >I think about allowing a list of <finetuning> sections and adding some
> >attributes, e.g. <finetuning runafter='imagegen'>. Or sth. like this..
>
> Yes, that would be exactly what would be needed here! This way you would define a sequence of "build steps" and assign commands to those steps. I find the idea promising.
>
> One design comment: I would not mix finetuning commands for different "steps" in one XML section. If you did, you would have ended up with a section with interleaved commands from different steps that implicitly depend on each other and whose order of execution matters! That would be very difficult to read/understand/debug. Instead I would define a separate section for each step. Oh, but that's what you are proposing actually, isn't it?
Jepp it is!
Do you mind adding this to the github issues list? I think implementing it is
not that hard, but i don't want to put it into 2.0.
Regards,
Manuel
More information about the elbe-devel
mailing list