Since IBM/Red Hat changed their minds about "free loaders", it has become difficult to build packages for RHEL systems. At the same time the widely used alternative CentOS has disappeared, at least as a RHEL clone. Time to test a new alternative distribution: Rocky Linux.
Rocky Linux can be run as LXC container on another distribution. This is handy, especially as I am more a Debian user than anything else.
By using the lxc-download template, many distributions can be installed into the containers rootfs. With the --list flag (after using -t download) these distributions and their releases can be listed.
You might get a GPG error though. This could be due to the GPG key server being down.
root@debian ~ # lxc-create -n rocky9 -B lvm --vgname=vglxc --fstype=ext4 --fssize=20G -t download -- --list
Setting up the GPG keyring
ERROR: Unable to fetch GPG key from keyserver
lxc-create: rocky9: lxccontainer.c: create_run_template: 1617 Failed to create container from template
lxc-create: rocky9: tools/lxc_create.c: main: 327 Failed to create container rocky9
You can select a GPG different key server or append the flag --no-validate to the lxc-create command:
root@debian ~ # lxc-create -n rocky9 -B lvm --vgname=vglxc --fstype=ext4 --fssize=20G -t download -- --list --no-validate
Downloading the image index
WARNING: Running without gpg validation!
---
DIST RELEASE ARCH VARIANT BUILD
---
almalinux 8 amd64 default 20230815_00:01
almalinux 8 arm64 default 20230814_23:08
almalinux 9 amd64 default 20230814_23:08
almalinux 9 arm64 default 20230815_00:34
alpine 3.15 amd64 default 20230815_13:00
[...]
rockylinux 8 amd64 default 20230815_02:06
rockylinux 8 arm64 default 20230815_02:06
rockylinux 9 amd64 default 20230815_02:44
rockylinux 9 arm64 default 20230815_02:06
[...]
Nice, Rocky Linux 9 is available. Let's create our LXC container:
root@debian ~ # lxc-create -n rocky9 -B lvm --vgname=vglxc --fstype=ext4 --fssize=20G -t download -- -d rockylinux -r 9 -a amd64 --no-validate
Downloading the image index
WARNING: Running without gpg validation!
Downloading the rootfs
Downloading the metadata
The image cache is now ready
Unpacking the rootfs
---
You just created a Rockylinux 9 x86_64 (20230815_02:44) container.
Start the container, attach it (login into it) and verify the container is indeed running Rocky Linux 9:
root@debian ~ # lxc-start -n rocky9
root@debian ~ # lxc-ls -f | grep rocky
rocky9 RUNNING 0 - - - false
root@debian ~ # lxc-attach -n rocky9
root@rocky9 ~ # cat /etc/os-release
NAME="Rocky Linux"
VERSION="9.2 (Blue Onyx)"
ID="rocky"
ID_LIKE="rhel centos fedora"
VERSION_ID="9.2"
PLATFORM_ID="platform:el9"
PRETTY_NAME="Rocky Linux 9.2 (Blue Onyx)"
ANSI_COLOR="0;32"
LOGO="fedora-logo-icon"
CPE_NAME="cpe:/o:rocky:rocky:9::baseos"
HOME_URL="https://rockylinux.org/"
BUG_REPORT_URL="https://bugs.rockylinux.org/"
SUPPORT_END="2032-05-31"
ROCKY_SUPPORT_PRODUCT="Rocky-Linux-9"
ROCKY_SUPPORT_PRODUCT_VERSION="9.2"
REDHAT_SUPPORT_PRODUCT="Rocky Linux"
REDHAT_SUPPORT_PRODUCT_VERSION="9.2"
Even though LXC is able to set static IP addresses using a container's config file (default location: /var/lib/lxc/containername/config), this doesn't work fully with Rocky Linux 9.
I tried the following network configuration inside the container's config file:
# networking
lxc.net.0.type = veth
lxc.net.0.flags = up
lxc.net.0.link = virbr0
lxc.net.0.ipv4.address = 192.168.100.155/24
lxc.net.0.veth.pair = veth0-rocky9
lxc.net.0.ipv4.gateway = 192.168.100.1
Although the ip address actually shows up, the eth0 interface is shown as DOWN inside the container:
root@rocky9 ~ # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
94: eth0@if95: <BROADCAST,MULTICAST> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
link/ether 54:52:00:15:01:55 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 192.168.100.155/24 brd 192.168.100.255 scope global eth0
valid_lft forever preferred_lft forever
Consequently a ping to the gateway (192.168.100.1) doesn't work either:
root@rocky9 ~ # ping 192.168.100.1
ping: connect: Network is unreachable
LXC's static network configuration doesn't work so well with certain network managers/services. Netplan is a trouble maker for Ubuntu containers, NetworkManager seems to be the culprit on Rocky Linux containers.
I decided to simply keep the interface and link configuration in the container's config file:
# networking
lxc.net.0.type = veth
lxc.net.0.flags = up
lxc.net.0.link = virbr0
Inside the container, I set the static IP configuration using /etc/sysconfig/network-scripts/ifcfg-eth0:
root@rocky9 ~ # cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
BOOTPROTO=static
ONBOOT=yes
HOSTNAME=rocky9
TYPE=Ethernet
MTU=
IPADDR=192.168.100.155
NETMASK=255.255.255.0
GATEWAY=192.168.100.1
After a restart of NetworkManager, the IP configuration was completed and network connectivity works:
root@rocky9 ~ # systemctl restart NetworkManager
root@rocky9 ~ # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
96: eth0@if97: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 36:a3:5f:a4:60:a4 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 192.168.100.155/24 brd 192.168.100.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet6 fe80::34a3:5fff:fea4:60a4/64 scope link
valid_lft forever preferred_lft forever
root@rocky9 ~ # ping 192.168.100.1
PING 192.168.15.1 (192.168.15.1) 56(84) bytes of data.
64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=16.1 ms
64 bytes from 192.168.100.1: icmp_seq=2 ttl=64 time=0.278 ms
^C
--- 192.168.100.1 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 0.278/8.207/16.137/7.929 ms
Only DNS is yet to set, which can be done in /etc/resolv.conf:
root@rocky9 ~ # cat /etc/resolv.conf
nameserver 1.1.1.1
nameserver 8.8.8.8
The Rocky Linux container now has working network configuration and can refresh the repositories:
root@rocky9 ~ # dnf check-update
Rocky Linux 9 - BaseOS 3.2 MB/s | 1.9 MB 00:00
Rocky Linux 9 - AppStream 7.1 MB/s | 7.1 MB 00:01
Rocky Linux 9 - Extras 29 kB/s | 10 kB 00:00
Note: dnf replaces the older yum command in RHEL9 and similar distributions such as Rocky Linux or AlmaLinux.
By default, Rocky Linux comes with three repositories: BaseOS, AppStream and Extras:
root@rocky9 ~ # dnf repolist
repo id repo name
appstream Rocky Linux 9 - AppStream
baseos Rocky Linux 9 - BaseOS
extras Rocky Linux 9 - Extras
To enable EPEL on Rocky Linux 9, a few steps are required. First, the so-called "crb" repositories need to be enabled, as some packages from the epel repos might have package dependencies needing crb packages. But you might run into an error doing so:
root@rocky9 ~ # dnf config-manager --set-enabled crb
No such command: config-manager. Please use /usr/bin/dnf --help
It could be a DNF plugin command, try: "dnf install 'dnf-command(config-manager)'"
In this case the dnf command "config-manager" is missing and first needs to be installed:
root@rocky9 ~ # dnf install 'dnf-command(config-manager)'
[...]
Installed:
dbus-libs-1:1.12.20-7.el9_2.1.x86_64 dnf-plugins-core-4.3.0-5.el9_2.noarch python3-dateutil-1:2.8.1-6.el9.noarch python3-dbus-1.2.18-2.el9.x86_64 python3-dnf-plugins-core-4.3.0-5.el9_2.noarch python3-six-1.15.0-9.el9.noarch
python3-systemd-234-18.el9.x86_64
Complete!
The command should now be available to dnf and the crb repo can be enabled:
root@rocky9 ~ # dnf config-manager --set-enabled crb
It should now show up in the repo list:
root@rocky9 ~ # dnf repolist
repo id repo name
appstream Rocky Linux 9 - AppStream
baseos Rocky Linux 9 - BaseOS
crb Rocky Linux 9 - CRB
extras Rocky Linux 9 - Extras
The epel-release package can be installed. This is a meta package (from the extras repo) which configures the EPEL repository:
root@rocky9 ~ # dnf install epel-release
[...]
Many EPEL packages require the CodeReady Builder (CRB) repository.
It is recommended that you run /usr/bin/crb enable to enable the CRB repository.
Verifying : epel-release-9-4.el9.noarch 1/1
Installed:
epel-release-9-4.el9.noarch
Complete!
The EPEL repo now shows up in the repo list:
root@rocky9 ~ # dnf repolist
repo id repo name
appstream Rocky Linux 9 - AppStream
baseos Rocky Linux 9 - BaseOS
crb Rocky Linux 9 - CRB
epel Extra Packages for Enterprise Linux 9 - x86_64
extras Rocky Linux 9 - Extras
No comments yet.
AWS Android Ansible Apache Apple Atlassian BSD Backup Bash Bluecoat CMS Chef Cloud Coding Consul Containers CouchDB DB DNS Database Databases Docker ELK Elasticsearch Filebeat FreeBSD Galera Git GlusterFS Grafana Graphics HAProxy HTML Hacks Hardware Icinga Influx Internet Java KVM Kibana Kodi Kubernetes LVM LXC Linux Logstash Mac Macintosh Mail MariaDB Minio MongoDB Monitoring Multimedia MySQL NFS Nagios Network Nginx OSSEC OTRS Office OpenSearch PGSQL PHP Perl Personal PostgreSQL Postgres PowerDNS Proxmox Proxy Python Rancher Rant Redis Roundcube SSL Samba Seafile Security Shell SmartOS Solaris Surveillance Systemd TLS Tomcat Ubuntu Unix VMWare VMware Varnish Virtualization Windows Wireless Wordpress Wyse ZFS Zoneminder