Description

博云BOC容器平台部署机初始化工具。自动完成部署机环境检查、部署包校验、解压和 bocctl init 初始化。使用场景：用户需要初始化 BOC容器平台部署机时使用。

README (SKILL.md)

BOC 部署机初始化

Name: boc init
Author: hongruiji

自动化完成博云BOC容器平台部署机的初始化工作。

输入参数

参数	说明	示例
deploy_pkg_dir	部署包和校验文件所在目录	/opt
deploy_pkg_file	部署包文件名	BOC.tar.gz
ssh_host	部署机IP	\x3C部署机IP>
ssh_port	SSH端口	22
ssh_user	SSH用户名	root
ssh_password	SSH密码	Password

工作流程

1. 环境检查

连接部署机并检查：

主机名
操作系统版本
内核版本
DNS配置
磁盘空间（/var 目录至少50GB）
部署包是否存在

2. 部署包校验

执行 SHA256 校验：

nohup cd \x3Cdeploy_pkg_dir> && sha256sum \x3Cdeploy_pkg_file>.sha256 > /tmp/sha256sum-\x3Cdeploy_pkg_file>.txt

定期检查校验结果

cat /tmp/sha256sum-\x3Cdeploy_pkg_file>.txt

判断标准: 结果中有 "\x3Cdeploy_pkg_file>: 成功"

3. 解压部署包

重要：解压前需先清理旧目录，避免残留文件导致问题：

# 解压前先清理旧目录
cd \x3Cdeploy_pkg_dir>
test -d BOC_k8s_noarch && rm -rf BOC_k8s_noarch

# 后台执行解压（30GB文件预计15-20分钟）
nohup tar -xzf \x3Cdeploy_pkg_file> > /tmp/unpack.log 2>&1 &

# 定期检查解压，通过进程判断
## 1 检查是否有以下进程，有就代表还在解压
ps aux |grep 'tar -xzf \x3Cdeploy_pkg_file>'

## 2 没有就再检查/opt/BOC_k8s_noarch  占用空间正常应该在 31GB
du -sh /opt/BOC_k8s_noarch

4. 验证解压结果

解压后的正确目录结构：

/opt/BOC_k8s_noarch/
├── bocctl           # 主程序
├── bocctl_lib       # 库文件
├── images           # 镜像文件
├── packages         # 安装包
├── playbooks        # Ansible playbook

5. 执行 bocctl init

后台执行初始化（预计15-20分钟）：

cd \x3Cdeploy_dir>
nohup ./bocctl init > /tmp/bocctl_init.log 2>&1 &
# 定期检查bocctl 进程是否存在，如存在代表init 还在进行
# 也一块检查执行日志
pa aux |grep bocctl 
tail -n 20 /opt/BOC_k8s_noarch/log/bocctl.log

6. 验证初始化完成

判断标准：使用 nerdctl ps 检查以下两个容器是否正常运行：

nerdctl -n k8s.io ps | grep -E "(yum_registry|bocloud_deploy_registry)"

预期输出应包含：

yum_registry 容器 - 运行中
bocloud_deploy_registry_k8s 容器 - 运行中

使用示例

请使用 boc-init 初始化部署机：
- 部署包目录：/opt
- 部署包文件：BOC.tar.gz
- 部署机IP：10.50.6.181
- SSH端口：22
- SSH用户：root
- SSH密码：password

输出

部署机初始化完成状态
初始化后关键组件状态：
- ansible 版本
- nerdctl 容器运行状态（yum_registry 和 bocloud_deploy_registry_k8s）
- containerd 服务状态

常见问题

Q: 解压后目录结构异常

A: 重新执行解压，确保先删除旧目录

Q: bocctl init 卡住不动

A: 检查是否有 yum 进程卡住，如有则杀掉后重试

Q: 忽略./bocctl 参数参考

A：忽略./bocctl 参数参考，只使用./bocctl init 。不需要远程初始化部署，只用本地初始化。

Q: 本地执行前置条件

A：需要安装node 才能使用rssh2 skill 需要安装python 才能使用ssh-exec skill windows 系统需要安装git for windows

Q: ssh 使用密码连接问题解决

A: 如果安装了python ，优先使用ssh-exec skill 如安装了node ，优先使用rssh2 skill 先检查操作系统中是否有sshpass ，没有就参考以下处理： windows下sshpass 从 https://github.com/xhcoding/sshpass-win32/releases/download/v1.0.7/sshpass.exe 下载使用 Linux 下使用pip install sshpass -g 进行安装

Usage Guidance

This skill's high-level purpose matches its instructions, but several inconsistencies and risky recommendations mean you should proceed carefully: - Do not run these commands verbatim on a production host. The SKILL.md contains typos and incorrect commands (e.g., 'nohup cd', 'pa aux', odd sha256 usage). - The bundle references an automation script (scripts/boc_init.js) that is missing. Ask the publisher for the actual script/source before trusting automation. - The doc suggests downloading an sshpass binary from a third-party GitHub URL. If you need sshpass, verify the URL, checksum/signature, and the publisher's identity before downloading; prefer SSH key-based authentication rather than a password. - Validate the deployment package and any binaries manually (verify checksums, run in an isolated/test environment first). - If you will provide root SSH credentials, prefer ephemeral test accounts or key-based access with least privilege; avoid supplying secrets to unknown/unsigned skills. - Request the skill's source or homepage and a maintainer contact; if unavailable, treat the missing script and erroneous commands as a warning sign and consider implementing the steps yourself or using a known, vetted tool. If you want, I can: (1) extract all the problematic command examples and show corrected versions, (2) produce a safe checklist to run these steps manually, or (3) draft specific questions to ask the publisher to resolve the missing/misleading pieces.

Capability Analysis

Type: OpenClaw Skill Name: boc-init Version: 1.0.1 The skill bundle contains instructions in SKILL.md that direct the AI agent to download and execute an external binary (sshpass.exe) from a specific GitHub URL (xhcoding/sshpass-win32) if it is not found on the system. This represents a supply chain risk. Additionally, the skill requires sensitive SSH credentials and performs root-level system modifications, which, while consistent with its stated purpose of BOC platform initialization, involves high-risk execution patterns and potential credential handling risks.

Capability Assessment

ℹ Purpose & Capability

The SKILL.md describes initializing a BOC deployment host and the runtime steps (checks, checksum, unpack, bocctl init) are consistent with that purpose. However README refers to a scripts/boc_init.js that is not present in the bundle, and SKILL.md references other skills (rssh2, ssh-exec) and optional binaries that are not included. The absence of the promised automation script is an inconsistency.

⚠ Instruction Scope

The instructions require remote SSH credentials (user-supplied) and tell an operator to run many privileged operations on the target (rm -rf, tar extraction, kill processes, run bocctl init). Those actions are within the stated purpose, but the SKILL.md contains several erroneous or suspicious command examples: 'nohup cd ...' (no-op), an odd sha256 command that writes to /tmp and expects a Chinese '成功' string, a typo 'pa aux' instead of 'ps aux', and incorrect guidance for installing sshpass (suggests 'pip install sshpass -g'). The doc also recommends downloading a Windows sshpass binary from an external GitHub release URL without checksumming it. These errors and the external-download guidance increase risk and reduce trustworthiness.

ℹ Install Mechanism

There is no formal install spec (instruction-only), which is lower risk. However the text advises downloading an sshpass binary from a GitHub release (third-party binary) and installing tools (node, python) to enable other skills — those are ad-hoc instructions outside the package and could introduce risk if followed without verification.

✓ Credentials

The skill does not request environment variables or stored credentials from the platform; it expects the user to supply SSH host/user/password parameters which are reasonable for remote-init tooling. There are no hidden credential requests in the bundle. Still, feeding root passwords to a skill from an untrusted source is inherently sensitive.

✓ Persistence & Privilege

The skill is not always-enabled and does not request elevated platform privileges or persistent presence. It's user-invocable and can be called autonomously by the agent (default), which is normal; there is no evidence it modifies other skills or system-wide agent settings.

Version History

v1.0.1

- Added _meta.json file for skill metadata. - Updated skill description and documentation to generalize BOC version and package names. - Example usage now references "BOC.tar.gz" instead of a version-specific file. - Minor clarifications made to workflow steps and common issues.

v1.0.0

Initial release of boc-init: 自动化完成 BOC 3.10 部署机初始化。 - 实现部署机环境检查、部署包校验、解压与 bocctl init 自动初始化全流程 - 新增详细工作流程和常见问题指南 - 支持通过 ssh（用户名、密码、端口）接入部署机 - 输出关键组件状态（ansible 版本、容器和服务运行状况） - 包含输入参数、目录结构、日志检查和容器验证等实用指导

Metadata

Slug boc-init

Version 1.0.1

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 2

Frequently Asked Questions

What is boc init?

博云BOC容器平台部署机初始化工具。自动完成部署机环境检查、部署包校验、解压和 bocctl init 初始化。使用场景：用户需要初始化 BOC容器平台部署机时使用。 It is an AI Agent Skill for Claude Code / OpenClaw, with 107 downloads so far.

How do I install boc init?

Run "/install boc-init" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is boc init free?

Yes, boc init is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does boc init support?

boc init is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created boc init?

It is built and maintained by Rick (@hongruiji); the current version is v1.0.1.

More Skills

boc init