Add kernel arg tuneable allowlist for FCOS #1925
Conversation
openshift-ci-robot
added
the
needs-rebase
openshift-ci-robot
removed
the
needs-rebase
|
This is a super messy topic. First, I think we should recommend using However...what you really want for this specific case is the ability to remove kernel arguments (I am not sure that one can easily re-enable SMT by appending). We could add such a thing to MachineConfig...or we could add a high level Another path would be for OKD to always remove the |
This is required for Fedora CoreOS installs, which set `mitigations=auto,nosmt` and may enable cgroups v2 in the future so it has to be allowed to disable it explicitly.
|
/retest |
|
@cgwalters what we've been doing so far is this: openshift/installer@5814b13#diff-41963c416a97dfbe789cafbd4a347a78R217 -- is what you're saying that the removal doesn't work? I agree that we should switch to using MC |
That code might work indeed. I'm not opposed to this PR to be clear, but I'd like to consider the |
|
@cgwalters @runcom this PR is keeping the status quo, and adding to master what we do on the |
|
I agree with Colin about deprecating that interface and also ok with this PR as well to allow a safe iteration towards porting the working FCOS branch patches here. As long as we track the deprecation with a card I’m fine, that card will likely drop nosmt for rhcos as well, I’ll leave to Colin to approve if the plan sounds good 👍 |
|
/retest |
|
I don't have full context of how fcos branch of installer and MCO works today. For master branch we have kargs support added for both day1 and day2 . It should be easy to validate for OKD with the doc https://github.com/openshift/machine-config-operator/blob/master/docs/MachineConfiguration.md#KernelArguments. As Colin mentioned, applying a karg through MachineConfigs has advantage of deleting them further as well. While working on PR #1850 which involves lot of changes during pivot, I was thinking of the possibility of cleaning up tunable kargs which we support during pivot. |
|
@sinnykumari OCP and OKD installer currently both use the pivot interface to add the kargs (they don't differ in the way they do it, they just set different ones). |
|
For now |
openshift-ci-robot
added
the
approved
|
/retest |
right. I was saying that same should be then possible to achieve through MachineConfig during cluster install. But yeah, we can discuss this in the card suggested in #1925 (comment) |
|
/lgtm |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: cgwalters, LorbusChris, sinnykumari The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
This is required for Fedora CoreOS installs, which set
mitigations=auto,nosmtand may enable cgroups v2in the future so it has to be allowed to disable it explicitly.
/cc @runcom @vrutkovs