public_git
/
Docker-OSX
mirror of https://github.com/sickcodes/Docker-OSX.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

fix helm initial disk creation process and add installation instructions

This commit is contained in:
peter 2021-01-14 21:56:20 -08:00
parent ce3ce48eb1
commit 1fcd56339f
4 changed files with 162 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
helm/README.md
View File

@ -42,3 +42,27 @@ This installs `docker-osx` in Kubernetes.
```
_Do not worry about passing `CPU`, `RAM`, etc as they are handled in `values.yaml` now._
### Installation
In `values.yaml`..
1) Set a unique password for `vnc.password`.
1) Re-generate SMBIOS `MLB`, `SystemSerialNumber`, and `SystemUUID` for iServices to work.
1) Update `serverName` to reflect the unique name (in the case more than one deployment is required).
1) Configure `downloadDelay` (in a period of seconds) that reflects how long your internet connection will download
around 500MB (BaseSystem.dmg) + uncompress the file (which took about the same time for me to download on a 1gig internet connection).
1) Set `service.ip` to reflect an IP address of your choice, or use ingress.
1) Update `extraVolumes.hostPath.path` to something useful for you.
Afterwards..
1) Launch your VNC viewer of choice and connect to the IP/hostname you defined + the port `8888` with the password specified
for `vnc.password`.
1) Install macOS like usual.
_Please note, after you have installed macOS feel free to set `downloadDelay` to nothing, as BaseSystem.dmg will be stored in the path defined for `extraVolumes.hostPath.path`_
#### Resources
Please note, resource limits may vary based on hardware. The ones currently defined are ones that worked for me personally.

114
helm/templates/configmap.yaml
View File

@ -1115,7 +1115,7 @@ data:
<qemu:arg value='-smbios'/>
<qemu:arg value='type=2'/>
<qemu:arg value='-device'/>
<qemu:arg value='vmware-svga'/>
<qemu:arg value='{{ .Values.qemu.softwareGpu }}'/>
<qemu:arg value='-cpu'/>
<qemu:arg value='{{ .Values.qemu.cpu }}'/>
<!-- <qemu:arg value='Penryn,vendor=GenuineIntel,+hypervisor,+invtsc,kvm=on,+fma,+avx,+avx2,+aes,+ssse3,+sse4_2,+popcnt,+sse4a,+bmi1,+bmi2'/> -->
@ -1129,27 +1129,61 @@ data:
Launch_custom.sh: |-
#/bin/sh
if ! [ -f "/system_image/{{ .Values.serverName }}/mac_hdd_ng.img" ]; then
echo "Creating a ${SIZE} /system_image/{{ .Values.serverName }}/mac_hdd_ng.img for system partition.."
qemu-img create -f qcow2 /system_image/{{ .Values.serverName }}/mac_hdd_ng.img "{{ .Values.qemu.diskSize }}"
if ! [ -d "/system_image/installers" ]; then
mkdir -p /system_image/installers
fi
if ! [ -d "/system_image/{{ .Values.serverName }}" ]; then
mkdir -p "/system_image/{{ .Values.serverName }}"
fi
# Download and build installer image if no system drive found..
if ! [ -f "/system_image/installers/BaseSystem{{ .Values.qemu.systemInstaller.version }}.img" ]; then
echo "Downloading {{ .Values.qemu.systemInstaller.version }} base image.."
python fetch-macOS.py --version {{ .Values.qemu.systemInstaller.version }}
echo 'Converting downloaded BaseSystem.dmg into BaseSystem.img'
qemu-img convert BaseSystem.dmg -O qcow2 -p -c /system_image/installers/BaseSystem{{ .Values.qemu.systemInstaller.version }}.img
rm -f BaseSystem.dmg
else
echo 'Base Image downloaded and converted into img already..'
fi
if ! [ -f "/system_image/{{ .Values.serverName }}/mac_hdd_ng.img" ]; then
echo "Creating a {{ .Values.qemu.diskSize }} /system_image/{{ .Values.serverName }}/mac_hdd_ng.img for system partition.."
qemu-img create -f qcow2 /system_image/{{ .Values.serverName }}/mac_hdd_ng.img "{{ .Values.qemu.diskSize }}"
echo 'Finished creating system partition!'
else
echo 'Image already created. Skipping creation..'
fi
# Start VNC..
sudo rm -f /tmp/.X99-lock
export DISPLAY=:99
vncpasswd -f < vncpasswd_file > ${HOME}/.vnc/passwd
/usr/bin/Xvnc -geometry 1920x1080 -rfbauth "${HOME}/.vnc/passwd" :99 &
#!/bin/sh
/usr/bin/Xvnc -geometry 1920x1080 -rfbauth "${HOME}/.vnc/passwd" :99 &\
{{- if .Values.qemu.gpu.enabled }}
ulimit -l $(( 8*1048576+100000 ))
user hard memlock $(( 8*1048576+100000 ))
user soft memlock $(( 8*1048576+100000 ))
{{- end }}
# Start QEMU..
set -eu
sudo chown $(id -u):$(id -g) /dev/kvm 2>/dev/null || true
sudo chown -R $(id -u):$(id -g) /dev/snd 2>/dev/null || true
exec qemu-system-x86_64 -m {{ .Values.resources.requests.memory | trimSuffix "i" }} \
-cpu {{ .Values.qemu.cpu }} \
-machine q35,accel=kvm:tcg \
{{- if .Values.qemu.gpu.enabled }}
-vga none \
-device pcie-root-port,bus=pcie.0,multifunction=on,port=1,chassis=1,id=port.1 \
-device vfio-pci,host={{ .Values.qemu.gpu.hardwareId }}.0,multifunction=on,x-vga=on,rombar=1 \
-device vfio-pci,host={{ .Values.qemu.gpu.hardwareId }}.1,bus=port.1 \
-display none \
{{- else -}}
-vga {{ .Values.qemu.softwareGpu }} \
{{- end }}
-smp {{ .Values.resources.requests.cpu }},cores={{ .Values.resources.requests.cpu }} \
-usb -device usb-kbd -device usb-tablet \
-device isa-applesmc,osk=ourhardworkbythesewordsguardedpleasedontsteal\(c\)AppleComputerInc \
@ -1163,13 +1197,73 @@ data:
-drive id=OpenCoreBoot,if=none,snapshot=on,format=qcow2,file=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2 \
-device ide-hd,bus=sata.2,drive=OpenCoreBoot \
-device ide-hd,bus=sata.3,drive=InstallMedia \
-drive id=InstallMedia,if=none,file=/home/arch/OSX-KVM/BaseSystem.img,format=qcow2 \
-drive id=InstallMedia,if=none,file=/system_image/installers/BaseSystem{{ .Values.qemu.systemInstaller.version }}.img,format=qcow2 \
-drive id=MacHDD,if=none,file=/system_image/{{ .Values.serverName }}/mac_hdd_ng.img,format=qcow2 \
-device ide-hd,bus=sata.4,drive=MacHDD \
-netdev user,id=net0,hostfwd=tcp::${INTERNAL_SSH_PORT:-10022}-:22,hostfwd=tcp::${SCREEN_SHARE_PORT:-5900}-:5900,{{ .Values.qemu.netdev.extraArgs }} -device e1000-82545em,netdev=net0,id=net0,mac=52:54:00:09:49:17 \
-monitor stdio \
-vga vmware \
${EXTRA:-}
vncpasswd_file: |-
{{ .Values.vnc.password }}
limits.conf: |-
#This file sets the resource limits for the users logged in via PAM.
#It does not affect resource limits of the system services.
#
#Also note that configuration files in /etc/security/limits.d directory,
#which are read in alphabetical order, override the settings in this
#file in case the domain is the same or more specific.
#That means, for example, that setting a limit for wildcard domain here
#can be overriden with a wildcard setting in a config file in the
#subdirectory, but a user specific setting here can be overriden only
#with a user specific setting in the subdirectory.
#
#Each line describes a limit for a user in the form:
#
#<domain> <type> <item> <value>
#
#Where:
#<domain> can be:
# - a user name
# - a group name, with @group syntax
# - the wildcard *, for default entry
# - the wildcard %, can be also used with %group syntax,
# for maxlogin limit
#
#<type> can have the two values:
# - "soft" for enforcing the soft limits
# - "hard" for enforcing hard limits
#
#<item> can be one of the following:
# - core - limits the core file size (KB)
# - data - max data size (KB)
# - fsize - maximum filesize (KB)
# - memlock - max locked-in-memory address space (KB)
# - nofile - max number of open file descriptors
# - rss - max resident set size (KB)
# - stack - max stack size (KB)
# - cpu - max CPU time (MIN)
# - nproc - max number of processes
# - as - address space limit (KB)
# - maxlogins - max number of logins for this user
# - maxsyslogins - max number of logins on the system
# - priority - the priority to run user process with
# - locks - max number of file locks the user can hold
# - sigpending - max number of pending signals
# - msgqueue - max memory used by POSIX message queues (bytes)
# - nice - max nice priority allowed to raise to values: [-20, 19]
# - rtprio - max realtime priority
#
#<domain> <type> <item> <value>
#
#* soft core 0
#* hard rss 10000
#@student hard nproc 20
#@faculty soft nproc 20
#@faculty hard nproc 50
#ftp hard nproc 0
#@student - maxlogins 4
@arch soft memlock unlimited
@arch hard memlock unlimited
# End of file

15
helm/templates/deployment.yaml
View File

@ -38,9 +38,15 @@ spec:
livenessProbe:
tcpSocket:
port: http
{{- if .Values.qemu.systemInstaller.downloadDelay }}
initialDelaySeconds: {{ .Values.qemu.systemInstaller.downloadDelay }}
{{- end }}
readinessProbe:
tcpSocket:
port: http
{{- if .Values.qemu.systemInstaller.downloadDelay }}
initialDelaySeconds: {{ .Values.qemu.systemInstaller.downloadDelay }}
{{- end }}
env:
- name: CORES
value: "{{ .Values.resources.requests.cpu }}"
@ -65,11 +71,14 @@ spec:
- mountPath: /home/arch/OSX-KVM/vncpasswd_file
subPath: vncpasswd_file
name: boot-components
- mountPath: /etc/security/limits.conf
subPath: limits.conf
name: boot-components
- mountPath: /dev/kvm
name: kvm
- mountPath: /dev/net/tun
name: tun
- mountPath: /dev/vfio/vfio
- mountPath: /dev/vfio
name: vfio
- mountPath: /dev/snd
name: snd
@ -95,6 +104,8 @@ spec:
path: Launch_custom.sh
- key: vncpasswd_file
path: vncpasswd_file
- key: limits.conf
path: limits.conf
- name: kvm
hostPath:
path: /dev/kvm
@ -103,7 +114,7 @@ spec:
path: /dev/net/tun
- name: vfio
hostPath:
path: /dev/vfio/vfio
path: /dev/vfio
- name: snd
hostPath:
path: /dev/snd

22
helm/values.yaml
View File

@ -11,7 +11,7 @@ image:
# Please note, this must be a directory name within `/system_image` mounted at the bottom in extraVolumeMounts
serverName: server
# SMBIOS settings (please be sure to update these as to use something unique for iServices)
# SMBIOS settings
configPlist:
SystemProductName: iMacPro1,1
MLB: D25338500GUF8YLJA
@ -19,8 +19,24 @@ configPlist:
SystemUUID: 139C94D6-A533-47D2-874F-D365BFD8B047
# This defines QEMU and virtlo parameters
#
# Note:
# *) Increase downloadDelay if the pod gets killed for readiness/liveliness check. The first time the pod is started,
# it will download the BaseSystem image and create a data partition to install the OS. If this value is really long,
# the pod will take very long to allow VNC connections if it is rebooted/killed.
# *) Big Sur (11.X) is currently broken, as it seems to need the BaseSystem extracted from the InstallAssistant.pkg file it downloads
# *) GPU support is considered broken still, but WIP
#
qemu:
cpu: Penryn,vendor=GenuineIntel,+hypervisor,+invtsc,kvm=on,+fma,+avx,+avx2,+aes,+ssse3,+sse4_2,+popcnt,+sse4a,+bmi1,+bmi2
softwareGpu: vmware
gpu:
# if disabled, will rely on softwareGpu instead
enabled: false
hardwareId: '03:00'
systemInstaller:
version: 10.15.7
downloadDelay: 300
diskSize: 128G
audio:
enabled: true
@ -55,7 +71,7 @@ ingress:
# hosts:
# - chart-example.local
# Note: seems that host needs around x5 the cpu and x8 memory limits allocated to MacOS
# Note: seems that host needs around x5 the cpu and x9 memory limits allocated to MacOS
# when under load. This may be due to my personal hardware or inefficencies such as
# software GPU rendering. Otherwise the pod will be killed due to OOMing.
#
@ -64,7 +80,7 @@ ingress:
resources:
limits:
cpu: 10
memory: 33554Mi
memory: 36864Mi
requests:
cpu: 2
memory: 4096Mi