overlay: add 15copy-installer-network dracut module

This dracut module delivers a coreos-copy-installer-network systemd service and script that will detect when files have been placed into /boot/ by `coreos-installer install --copy-network` and appropriately copy them in place to be used by the initramfs networking. If files are detected within /boot/coreos-installer-network/ then they will be considered to be the only source of networking for that ignition boot (i.e. no networking kargs will be applied).
coreos · Apr 15, 2020 · 6016e33 · 6016e33
1 parent bf4bf15
commit 6016e33
Show file tree

Hide file tree

Showing 3 changed files with 89 additions and 0 deletions.
diff --git a/...e/usr/lib/dracut/modules.d/15copy-installer-network/coreos-copy-installer-network.service b/...e/usr/lib/dracut/modules.d/15copy-installer-network/coreos-copy-installer-network.service
@@ -0,0 +1,45 @@
+# This unit will run early in boot and detect if the user copied
+# in installer networking config files into the installed system
+# by using `coreos-installer install --copy-network`. Since this
+# unit is modifying network configuration there are some
+# dependencies that we have:
+#
+# - Need to look for networking configuration on the /boot partition
+#     - i.e. after /dev/disk/by-label/boot is available
+# - Need to run before networking is brought up.
+#     - This is done in nm-run.sh [1] that runs as part of dracut-initqueue [2]
+#     - i.e. Before=dracut-initqueue.service
+# - Need to make sure karg networking configuration isn't applied
+#     - There are two ways to do this.
+#         - One is to run *before* the nm-config.sh [3] that runs as part of
+#           dracut-cmdline [4] and `ln -sf /bin/true /usr/libexec/nm-initrd-generator`.
+#             - i.e. Before=dracut-cmdline.service
+#         - Another is to run *after* nm-config.sh [3] in dracut-cmdline [4]
+#           and just delete all the files created by nm-initrd-generator.
+#             - i.e. After=dracut-cmdline.service, but Before=dracut-initqueue.service
+#     - We'll go with the second option here because the need for the /boot
+#       device (mentioned above) means we can't start before dracut-cmdline.service
+#
+# [1] https://github.com/dracutdevs/dracut/blob/master/modules.d/35network-manager/nm-run.sh
+# [2] https://github.com/dracutdevs/dracut/blob/master/modules.d/35network-manager/module-setup.sh#L37
+# [3] https://github.com/dracutdevs/dracut/blob/master/modules.d/35network-manager/nm-config.sh
+# [4] https://github.com/dracutdevs/dracut/blob/master/modules.d/35network-manager/module-setup.sh#L36
+#
+[Unit]
+Description=Copy Live ISO Installer Networking Config
+ConditionPathExists=/usr/lib/initrd-release
+DefaultDependencies=false
+Before=ignition-diskful.target
+Before=dracut-initqueue.service
+After=dracut-cmdline.service
+# Since we are mounting /boot/, require the device first
+Requires=dev-disk-by\x2dlabel-boot.device
+After=dev-disk-by\x2dlabel-boot.device   
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+# The MountFlags=slave is so the umount of /boot is guaranteed to happen
+# /boot will only be mounted for the lifetime of the unit.
+MountFlags=slave
+ExecStart=/usr/sbin/coreos-copy-installer-network
diff --git a/...05core/usr/lib/dracut/modules.d/15copy-installer-network/coreos-copy-installer-network.sh b/...05core/usr/lib/dracut/modules.d/15copy-installer-network/coreos-copy-installer-network.sh
@@ -0,0 +1,28 @@
+#!/bin/bash
+set -euo pipefail
+
+# For a description of how this is used see coreos-copy-installer-network.service
+
+bootmnt=/mnt/boot_partition
+installer_network_dir="${bootmnt}/coreos-installer-network/"
+initramfs_network_dir="/run/NetworkManager/system-connections/"
+
+# Mount /boot. Note that we mount /boot but we don't unmount boot because we
+# are run in a systemd unit with MountFlags=slave so it is unmounted for us.
+mkdir -p $bootmnt
+# mount as read-only since we don't strictly need write access and we may be
+# running alongside other code that also has it mounted ro
+mount -o ro /dev/disk/by-label/boot $bootmnt
+
+if [ -n "$(ls -A ${installer_network_dir} 2>/dev/null)" ]; then
+    # Clear out any files that may have already been generated from
+    # kargs by nm-initrd-generator
+    rm -f ${initramfs_network_dir}/*
+    # Copy files that were placed by the installer to the appropriate 
+    # location for NetworkManager to use the configuration.
+    echo "info: copying files from ${installer_network_dir} to ${initramfs_network_dir}"
+    mkdir -p $initramfs_network_dir
+    cp -v ${installer_network_dir}/* ${initramfs_network_dir}/
+else
+    echo "info: no files to copy from ${installer_network_dir}. skipping"
+fi
diff --git a/overlay.d/05core/usr/lib/dracut/modules.d/15copy-installer-network/module-setup.sh b/overlay.d/05core/usr/lib/dracut/modules.d/15copy-installer-network/module-setup.sh
@@ -0,0 +1,16 @@
+install_and_enable_unit() {
+    unit="$1"; shift
+    target="$1"; shift
+    inst_simple "$moddir/$unit" "$systemdsystemunitdir/$unit"
+    mkdir -p "$initdir/$systemdsystemunitdir/$target.requires"
+    ln_r "../$unit" "$systemdsystemunitdir/$target.requires/$unit"
+}
+
+install() {
+    inst_simple "$moddir/coreos-copy-installer-network.sh" \
+        "/usr/sbin/coreos-copy-installer-network"
+    # Only run this when ignition runs and only when the system
+    # has disks. ignition-diskful.target should suffice.
+    install_and_enable_unit "coreos-copy-installer-network.service" \
+        "ignition-diskful.target"
+}