systemd: add scripts and systemd units for running at boot #119
Conversation
|
|
||
| # Create precondition for coreos-installer-reboot.service if requested | ||
| if ! karg_bool coreos.inst.skip_reboot; then | ||
| touch /run/coreos-installer-reboot |
There was a problem hiding this comment.
Hmm, I'm confused why we need the reboot to happen in a separate service entirely. Can't we just do it from the installer directly after a successful install? E.g. we add a --reboot flag and have coreos-installer-service just pass that in if the karg is specified.
There was a problem hiding this comment.
I think @bgilbert was trying to keep the utility separate from the service, but I'm not opposed to adding a --reboot flag to the utility. Though maybe we can open a separate issue and do that in a followup so we don't block?
| @@ -2,7 +2,7 @@ | |||
| Description=Reboot after CoreOS Installer | |||
| After=coreos-installer.service | |||
| OnFailure=emergency.target | |||
| OnFailureJobMode=isolate | |||
| OnFailureJobMode=replace-irreversibly | |||
There was a problem hiding this comment.
Huh weird, replace-irreversibly didn't work for me in the past (hence why the ignition-dracut services use isolate: https://github.com/coreos/ignition-dracut/blob/c4790bc283c8cc5318019ef8d5ad3929c8259d0c/dracut/30ignition/ignition-complete.target#L12). Though maybe it's time to retest this again and clean things up if it works again.
There was a problem hiding this comment.
Let me know what you find
| StandardOutput=inherit | ||
| StandardError=inherit | ||
| ExecStartPre=/usr/bin/echo -e "\nCoreOS install complete. Starting login shell\n" | ||
| ExecStart=/usr/sbin/sulogin --force |
There was a problem hiding this comment.
Ahh, interesting. I think this overlaps with my previous question re. the reboot service.
So I guess the question is: do we want this boot to be special or just like any other boot (but with code that runs the installer in the background). IOW, if users want to use a shell after installation, they could just provision the system as usual via Ignition and login, right?
I guess, I'm trying to wrap my head around whether we want to do this, when IIUC part of the idea was to move towards coreos-installer just be a regular binary you can run from a normal FCOS/RHCOS boot (or script to run via Ignition), and leave the kargs approach as a "legacy" thing.
There was a problem hiding this comment.
and leave the kargs approach as a "legacy" thing.
Though I notice Benjamin's patch adds more kargs to the list for e.g. FCOS streams, so maybe I'm mistaken here.
And OK yeah, I totally missed that we're still overriding default.target here. So this WFM! (I thought we were just running this in the background of an otherwise normal boot.)
There was a problem hiding this comment.
OK, I've split out some thoughts on this in #124. But anyway, it doesn't have to block on this, though... can we not add new kargs for the time being?
There was a problem hiding this comment.
can we not add new kargs for the time being?
it looks like the ones he added were coreos.inst.insecure coreos.inst.stream coreos.inst.stream_base_url. Those were mostly convenience based on the new functionality within the rust installer. I'd prefer not to rip them out, but also want to get this merged ASAP, so I'll go either way.
There was a problem hiding this comment.
Note that the tool defaults to the stable stream. If we don't provide any way to change the stream then anyone trying the installer today (when no stable stream exists) and not providing their own disk image url will experience a failure.
There was a problem hiding this comment.
and I think we need coreos.inst.insecure too because otherwise you can't even locally test the kargs approach right now without it.
There was a problem hiding this comment.
Hmm, at least coreos.inst.stream_base_url, it seems like we can drop, right? If you're targeting your own image, you can just use coreos.inst.image_url for now.
After that, yeah let me finish testing and then get this in!
There was a problem hiding this comment.
yes, that one option seems to be more useful for us testing out the other parts of the metadata we publish. If you'd like I can try to drop that option.
| @@ -8,3 +8,5 @@ ConditionPathExists=/run/coreos-installer-reboot | |||
| [Service] | |||
| Type=simple | |||
| ExecStart=/usr/bin/systemctl --no-block reboot | |||
| StandardOutput=kmsg+console | |||
| StandardError=kmsg+console | |||
There was a problem hiding this comment.
Is this just to be consistent, or did you actually encounter an issue with the service?
There was a problem hiding this comment.
I think there was a case where something wasn't working and I had to add this to find out why
There was a problem hiding this comment.
ahh yes. I think it was fab2fcc
They were for the old shell script installer, running in the initramfs.
Should be compatible with the legacy kargs syntax, with the following adjustments: - Drop coreos.inst=yes, since it's redundant. coreos.inst.install_dev is mandatory, so run only if that karg is specified. - Expect full device paths in coreos.inst.install_dev. For compatibility, prepend "/dev/" if a bare device name is specified. - Make coreos.inst.ignition_url optional. For compatibility, ignore the karg if "skip" is specified as the value. - Add kargs for Fedora CoreOS stream, stream base URL, and to enable insecure mode.
It looks like getarg() and cmdline_arg() were ditched in favor of karg().
This was renamed in the service so let's rename it in the generator for consistency.
Needed if we're going to be downloading images over the network.
It's at /usr/bin/systemctl.
We can't wait until the service runs to create the flag file (`/run/coreos-installer-reboot`) because systemd unit conditions are evaluated way before the coreos-installer.service runs. Let's do it in the generator instead.
We make the reboot service as After=coreos-installer.service and we mark coreos-installer.serivce as `oneshot` that will make systemd not start any other units until the service has completed.
Add stderr to the installer and stdout/stderr to the reboot service.
isolate wasn't working for me so I checked other units on the system that have OnFailure=emergency.target and noticed almost all of them use OnFailureJobMode=replace-irreversibly. It works for me so let's go with it.
Let's drop to a shell if the user doesn't want to reboot for whatever reason. Otherwise we just idle in the coreos-installer.target but you can't do anything because you have no shell.
On error of the installer we invoke emergency.target. The executable that gets called in emergency.service will won't give us a shell if the root account is locked. We'll get a message like this: ``` Cannot open access to console, the root account is locked. See sulogin(8) man page for more details. ``` We can force to login by setting SYSTEMD_SULOGIN_FORCE=1.
|
OK, tested this locally both in the interactive mode and via kargs. ✔️ (I fell right in #118 too. Will address that one as a follow-up.) Anyway, mind addressing #119 (comment) before we merge this? I really don't want to add more kargs than necessary until we sort out #124. |
|
Rebased on top of latest master. Will merge shortly |
Pending the discussion in coreos#124 let's minimize the number of kargs for now. coreos.inst.stream_base_url was identified as one that wasn't absolutely necessary. This is a followup to coreos#119 to address this discussion: coreos#119 (comment)
this was addressed in #125 |
|
From cb6dc61:
They're evaluated at the moment a service is about to be started. Did the original code not work for you in testing? |
|
This looks great. Thanks for getting it to the finish line! |
Nope. It didn't work for me but now that I look at the commits I suspect that the very next commit (87c8c31) is related to why it wasn't working for me.
|
|
@bgilbert Care to post a follow-up to fix that? |
This builds on #100. It fixes up the units with changes from testing and adds a
coreos-installer-noreboot.servicethat is used when the user requests no reboot.