Skip to content

iso: Support build on Fedora - aarch64 #22056

New issue
New issue
Open
#22097
Open
iso: Support build on Fedora - aarch64#22056
#22097
Assignees
vtri950
Labels
area/guest-vmGeneral configuration issues with the minikube guest VMkind/improvementCategorizes issue or PR as related to improving upon a current feature.
@nirs

Description

@nirs
nirs
opened on Dec 7, 2025

Since we removed gluster, we don't need the legacy python2 dependency and we can support building on more modern distros like Fedora.

Building the aarch64 version on Fedora 42 and 43 has 2 issues:

selinux issue when running chown via a container

Error:

if ! grep -sq 'docker\|lxc' /proc/1/cgroup; then \   docker run --rm -v /home/nsoffer/minikube/out/buildroot/output-aarch64/build/cri-dockerd-aarch64-55d6e1a1d6f2ee58949e13a0c66afe7d779ac942/packaging/static/build/win:/v -w /v alpine sh -c 'apk update  && apk add zip && zip -r cri-dockerd-0.4.1.win.amd64.zip cri-dockerd'; \   docker run --rm -v /home/nsoffer/minikube/out/buildroot/output-aarch64/build/cri-dockerd-aarch64-55d6e1a1d6f2ee58949e13a0c66afe7d779ac942/packaging/static:/v -w /v alpine chown -R 1000:1000 build; \  fi  Unable to find image 'alpine:latest' locally  latest: Pulling from library/alpine  014e56e61396: Pull complete  Digest: sha256:51183f2cfa6320055da30872f211093f9ff1d3cf06f39a0bdb212314c5dc7375  Status: Downloaded newer image for alpine:latest  v3.23.0_rc2-34-g319b82182d1 [https://dl-cdn.alpinelinux.org/alpine/v3.23/main]  v3.23.0-1-gbad45407d26 [https://dl-cdn.alpinelinux.org/alpine/v3.23/community]  OK: 27555 distinct packages available  (1/2) Installing unzip (6.0-r16)  (2/2) Installing zip (3.0-r13)  Executing busybox-1.37.0-r29.trigger  OK: 8 MiB in 18 packages   zip warning: name not matched: cri-dockerd    zip error: Nothing to do! (try: zip -r cri-dockerd-0.4.1.win.amd64.zip . -i cri-dockerd)  chown: build: Permission denied  make[4]: *** [Makefile:73: cross-win] Error 1  make[4]: Leaving directory '/home/nsoffer/minikube/out/buildroot/output-aarch64/build/cri-dockerd-aarch64-55d6e1a1d6f2ee58949e13a0c66afe7d779ac942/packaging/static'  make[3]: *** [Makefile:29: static] Error 1  make[3]: Leaving directory '/home/nsoffer/minikube/out/buildroot/output-aarch64/build/cri-dockerd-aarch64-55d6e1a1d6f2ee58949e13a0c66afe7d779ac942/packaging'  make[2]: *** [Makefile:42: static] Error 2  make[2]: Leaving directory '/home/nsoffer/minikube/out/buildroot/output-aarch64/build/cri-dockerd-aarch64-55d6e1a1d6f2ee58949e13a0c66afe7d779ac942'  make[1]: *** [package/pkg-generic.mk:273: /home/nsoffer/minikube/out/buildroot/output-aarch64/build/cri-dockerd-aarch64-55d6e1a1d6f2ee58949e13a0c66afe7d779ac942/.stamp_built] Error 2  make[1]: Leaving directory '/home/nsoffer/minikube/out/buildroot'  make: *** [Makefile:296: minikube-iso-aarch64] Error 2  rm deploy/iso/minikube-iso/board/minikube/aarch64/rootfs-overlay/usr/bin/auto-pause

chown does not have permissions:

chown: build: Permission denied

The docker command is wrong, not using :Z for the mounts:

docker run \ --rm \ -v /home/nsoffer/minikube/out/buildroot/output-aarch64/build/cri-dockerd-aarch64-55d6e1a1d6f2ee58949e13a0c66afe7d779ac942/packaging/static:/v \ -w /v \ alpine chown -R 1000:1000 build

It should be:

docker run \ --rm \ -v /home/nsoffer/minikube/out/buildroot/output-aarch64/build/cri-dockerd-aarch64-55d6e1a1d6f2ee58949e13a0c66afe7d779ac942/packaging/static:/v:Z \ -w /v \ alpine chown -R 1000:1000 build

Running with selinux permissive mode works around this issue:

sudo setenforce 0 make minikube-iso-aarch64

This should be fixed in the cri-dockerd package - not sure if this is an issue in the buildroot package (minikube issue) or upstream issue.

The best way is to run the chown command directly on the host - there is no reason to use a container for running chown on a build machine. This is one reason why we cannot run the build in a container, since it depends on running docker in docker.

For now we can document that you need to use permissive mode to build the iso on Fedora. This is a reasonable limitation.

post-image script failure

With selinux issue fixed we fail in the post-image script:

>>> Executing post-image script /home/nsoffer/minikube/deploy/iso/minikube-iso/board/minikube/aarch64/post-image.sh INFO: cmd: "mkdir -p "/home/nsoffer/minikube/out/buildroot/output-aarch64/build/genimage.tmp"" (stderr): INFO: cmd: "rm -rf "/home/nsoffer/minikube/out/buildroot/output-aarch64/build/genimage.tmp"/*" (stderr): INFO: cmd: "mkdir -p "/home/nsoffer/minikube/out/buildroot/output-aarch64/build/genimage.tmp"" (stderr): INFO: cmd: "cp -a "/tmp/tmp.SFqt1c7qYu" "/home/nsoffer/minikube/out/buildroot/output-aarch64/build/genimage.tmp/root"" (stderr): INFO: cmd: "mkdir -p "/home/nsoffer/minikube/out/buildroot/output-aarch64/images"" (stderr): INFO: vfat(efiboot.img): cmd: "mkdosfs -n 'EFIBOOTISO' '/home/nsoffer/minikube/out/buildroot/output-aarch64/images/efiboot.img'" (stderr): INFO: vfat(efiboot.img): adding file 'efi-part/EFI' as 'EFI' ... INFO: vfat(efiboot.img): cmd: "MTOOLS_SKIP_CHECK=1 mcopy -sp -i '/home/nsoffer/minikube/out/buildroot/output-aarch64/images/efiboot.img' '/home/nsoffer/minikube/out/buildroot/output-aarch64/images/efi-part/EFI' '::EFI'" (stderr): INFO: cmd: "rm -rf "/home/nsoffer/minikube/out/buildroot/output-aarch64/build/genimage.tmp/"" (stderr): xorriso 1.5.6 : RockRidge filesystem manipulator, libburnia project. Drive current: -outdev 'stdio:boot.iso' Media current: stdio file, overwriteable Media status : is blank Media summary: 0 sessions, 0 data blocks, 0 data, 67.4g free xorriso : FAILURE : -as genisofs: Unrecognized option '-eltorito-platform=efi' xorriso : aborting : -abort_on 'FAILURE' encountered 'FAILURE' make[1]: *** [Makefile:830: target-post-image] Error 5 make[1]: Leaving directory '/home/nsoffer/minikube/out/buildroot' make: *** [Makefile:296: minikube-iso-aarch64] Error 2 rm deploy/iso/minikube-iso/board/minikube/aarch64/rootfs-overlay/usr/bin/auto-pause

The error comes from this script:

minikube/deploy/iso/minikube-iso/board/minikube/aarch64/post-image.sh

Line 31 in 5df4e21

mkisofs \

We run mkisofs but the actual tool implementing it is xorriso, using the option

-as genisofs

When it emulates genisofs, it does not support the option:

'-eltorito-platform=efi'

Gemini suggests to switch the command to xorisso using this command:

xorriso \ -out boot.iso \ -joliet on \ -rockridge on \ -zisofs on \ -as_needed on \ -not_leaf 'EFI/BOOT' \ -volid 'EFIBOOTISO' \ -publisher 'EFI Boot ISO' \ -map root / \ -boot_image any platform=efi \ -boot_image any efi_path=EFI/BOOT/efiboot.img \ -boot_image any cat_path=/boot.cat

The command should work also on Ubuntu. I did not test it.

/kind improvement
/cc @ vtri950

Metadata

Metadata

Assignees

Labels

area/guest-vmGeneral configuration issues with the minikube guest VMkind/improvementCategorizes issue or PR as related to improving upon a current feature.

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions