From a6fa2b455ebebba0108389f5294848695847c76b Mon Sep 17 00:00:00 2001 From: Jonathan Lebon Date: Mon, 25 May 2020 11:57:11 -0400 Subject: [PATCH] Move to conditional networking We have all the piece in place now to move to conditional networking. So let's drop the firstboot kargs, as well as coreos-liveiso-network-kargs.service, which is no longer needed (i.e. the live ISO will now enable initrd networking as required given the embedded Ignition config). Fixes: https://github.com/coreos/fedora-coreos-tracker/issues/443 --- image.yaml | 6 +-- .../coreos-copy-firstboot-network.service | 4 ++ .../coreos-liveiso-network-kargs.service | 45 ------------------- .../20live/coreos-liveiso-network-kargs.sh | 24 ---------- .../dracut/modules.d/20live/live-generator | 1 - .../dracut/modules.d/20live/module-setup.sh | 6 --- .../system/coreos-liveiso-success.service | 3 +- tests/kola/misc-ro | 22 +++++++++ 8 files changed, 30 insertions(+), 81 deletions(-) delete mode 100644 overlay.d/05core/usr/lib/dracut/modules.d/20live/coreos-liveiso-network-kargs.service delete mode 100755 overlay.d/05core/usr/lib/dracut/modules.d/20live/coreos-liveiso-network-kargs.sh diff --git a/image.yaml b/image.yaml index 653342ddd2..a91ab32025 100644 --- a/image.yaml +++ b/image.yaml @@ -9,9 +9,9 @@ extra-kargs: # https://fedoraproject.org/wiki/Changes/CGroupsV2 - systemd.unified_cgroup_hierarchy=0 -# Kernel arguments to be used on first-boot. -ignition-network-kcmdline: - - 'rd.neednet=1' +# Disable networking by default on firstboot. We can drop this once cosa stops +# defaulting to `ip=dhcp,dhcp6 rd.neednet=1` when it doesn't see this key. +ignition-network-kcmdline: [] # Optional remote by which to prefix the deployed OSTree ref ostree-remote: fedora diff --git a/overlay.d/05core/usr/lib/dracut/modules.d/15coreos-firstboot-network/coreos-copy-firstboot-network.service b/overlay.d/05core/usr/lib/dracut/modules.d/15coreos-firstboot-network/coreos-copy-firstboot-network.service index 2762042128..2fd6151b01 100644 --- a/overlay.d/05core/usr/lib/dracut/modules.d/15coreos-firstboot-network/coreos-copy-firstboot-network.service +++ b/overlay.d/05core/usr/lib/dracut/modules.d/15coreos-firstboot-network/coreos-copy-firstboot-network.service @@ -43,6 +43,10 @@ After=coreos-gpt-setup@dev-disk-by\x2dlabel-root.service # Since we are mounting /boot/, require the device first Requires=dev-disk-by\x2dlabel-boot.device After=dev-disk-by\x2dlabel-boot.device +# Need to run after fetch-offline stage since it may re-run the NM cmdline +# hook which will generate NM configs from the network kargs, but we want to +# have precedence. +After=ignition-fetch-offline.service [Service] Type=oneshot diff --git a/overlay.d/05core/usr/lib/dracut/modules.d/20live/coreos-liveiso-network-kargs.service b/overlay.d/05core/usr/lib/dracut/modules.d/20live/coreos-liveiso-network-kargs.service deleted file mode 100644 index 72ac3c3cf5..0000000000 --- a/overlay.d/05core/usr/lib/dracut/modules.d/20live/coreos-liveiso-network-kargs.service +++ /dev/null @@ -1,45 +0,0 @@ -# This unit will run very early before the dracut-cmdline -# service and detect if we want to request dracut bring up -# networking or not. We do want to request networking if: -# -# - the user is booting the live ISO -# - the user didn't already request networking via rd.neednet -# - the user provided a ignition.config.url karg, implying -# the need for networking -# -# As of recently we skip networking if a config is injected via -# `coreos-installer iso embed` in order to allow automating -# installs on networks without DHCP. -# -# If we do determine we need network and there are no other -# `ip=` kargs then we'll use `ip=dhcp,dhcp6` by default. -# -# The requesting of network will be done by writing relevant -# dracut networking args into /etc/cmdline.d/coreos-live-network-kargs.conf -# so that it gets picked up by the dracut networking scripts later -# on in boot. -# -# This is all done because we want to support a mode where -# the user can boot the live ISO and get to an interactive -# prompt without requiring networking on boot. The user can -# then configure the networking interactively. -# -[Unit] -Description=Request live ISO networking -DefaultDependencies=no -Before=dracut-cmdline.service - -# Make sure we are in the initramfs. We are booted to the live -# ISO and rd.neednet wasn't already passed somewhere else -ConditionPathExists=/usr/lib/initrd-release -ConditionKernelCommandLine=!rd.neednet -ConditionKernelCommandLine=coreos.liveiso -ConditionPathExists=/run/ostree-live - -# We'll assume we need network in the following case (see description from above) -ConditionKernelCommandLine=|ignition.config.url - -[Service] -Type=oneshot -RemainAfterExit=yes -ExecStart=/usr/sbin/coreos-liveiso-network-kargs diff --git a/overlay.d/05core/usr/lib/dracut/modules.d/20live/coreos-liveiso-network-kargs.sh b/overlay.d/05core/usr/lib/dracut/modules.d/20live/coreos-liveiso-network-kargs.sh deleted file mode 100755 index 9049686ad4..0000000000 --- a/overlay.d/05core/usr/lib/dracut/modules.d/20live/coreos-liveiso-network-kargs.sh +++ /dev/null @@ -1,24 +0,0 @@ -#!/usr/bin/bash - -# For a description of how this is used see coreos-liveiso-network-kargs.service - -# Load the dracut library for getarg -source /usr/lib/dracut-lib.sh - -main() { - - # If we're running this script we already know we need networking - # (determined by conditionals in the systemd unit). - echo 'info: Requesting networking in the initramfs' - echo 'rd.neednet=1' > /etc/cmdline.d/10-coreos-liveiso-network-kargs.conf - - # If there is not already a ip= CLI arg use ip=dhcp,dhcp6 as default. - if ! getarg 'ip' &>/dev/null; then - echo 'info: using ip=dhcp,dhcp6 default networking configuration' - echo 'ip=dhcp,dhcp6' >> /etc/cmdline.d/10-coreos-liveiso-network-kargs.conf - else - echo 'info: using already set karg ip= information' - fi -} - -main diff --git a/overlay.d/05core/usr/lib/dracut/modules.d/20live/live-generator b/overlay.d/05core/usr/lib/dracut/modules.d/20live/live-generator index 2a9c91e62c..2713a27869 100755 --- a/overlay.d/05core/usr/lib/dracut/modules.d/20live/live-generator +++ b/overlay.d/05core/usr/lib/dracut/modules.d/20live/live-generator @@ -31,7 +31,6 @@ add_requires sysroot.mount initrd-root-fs.target add_requires sysroot-etc.mount initrd-root-fs.target add_requires sysroot-var.mount initrd-root-fs.target -add_requires coreos-liveiso-network-kargs.service initrd.target add_requires coreos-liveiso-reconfigure-nm-wait-online.service initrd.target mkdir -p "${UNIT_DIR}/ostree-prepare-root.service.d" diff --git a/overlay.d/05core/usr/lib/dracut/modules.d/20live/module-setup.sh b/overlay.d/05core/usr/lib/dracut/modules.d/20live/module-setup.sh index 47c38a7c1c..18ce85c0d1 100644 --- a/overlay.d/05core/usr/lib/dracut/modules.d/20live/module-setup.sh +++ b/overlay.d/05core/usr/lib/dracut/modules.d/20live/module-setup.sh @@ -30,12 +30,6 @@ install() { install_and_enable_unit "coreos-live-persist-osmet.service" \ "default.target" - inst_simple "$moddir/coreos-liveiso-network-kargs.sh" \ - "/usr/sbin/coreos-liveiso-network-kargs" - - inst_simple "$moddir/coreos-liveiso-network-kargs.service" \ - "$systemdsystemunitdir/coreos-liveiso-network-kargs.service" - inst_simple "$moddir/coreos-liveiso-reconfigure-nm-wait-online.service" \ "$systemdsystemunitdir/coreos-liveiso-reconfigure-nm-wait-online.service" } diff --git a/overlay.d/05core/usr/lib/systemd/system/coreos-liveiso-success.service b/overlay.d/05core/usr/lib/systemd/system/coreos-liveiso-success.service index befc41e790..a3db8673a6 100644 --- a/overlay.d/05core/usr/lib/systemd/system/coreos-liveiso-success.service +++ b/overlay.d/05core/usr/lib/systemd/system/coreos-liveiso-success.service @@ -4,8 +4,7 @@ [Unit] Description=CoreOS Live ISO virtio success Documentation=https://github.com/coreos/fedora-coreos-config -# Only run on the Live ISO, and only if there's no Ignition config; -# the second bits here invert the conditionals in coreos-liveiso-network-kargs.service. +# Only run on the Live ISO, and only if there's no Ignition config ConditionKernelCommandLine=coreos.liveiso ConditionPathExists=!/config.ign ConditionVirtualization=|kvm diff --git a/tests/kola/misc-ro b/tests/kola/misc-ro index fab7731db2..4a6be91c85 100755 --- a/tests/kola/misc-ro +++ b/tests/kola/misc-ro @@ -11,6 +11,15 @@ fatal() { exit 1 } +on_platform() { + grep -q " ignition.platform.id=$1 " /proc/cmdline +} + +get_journal_msg_timestamp() { + journalctl -o json -b 0 --grep "$1" \ + | jq -r --slurp '.[0]["__MONOTONIC_TIMESTAMP"]' +} + systemctl is-enabled logrotate.service ok logrotate @@ -19,3 +28,16 @@ if ip link | grep -o -e " eth[0-9]:"; then fatal "detected eth* NIC naming on node" fi ok nic naming + +switchroot_ts=$(get_journal_msg_timestamp 'Switching root.') +nm_ts=$(get_journal_msg_timestamp 'NetworkManager .* starting') +# by default, kola on QEMU shouldn't need to bring up networking +# https://github.com/coreos/fedora-coreos-config/pull/426 +if [[ $nm_ts -lt $switchroot_ts ]] && on_platform qemu; then + fatal "NetworkManager started in initramfs!" +# and as a sanity-check that this test works, verify that on AWS +# we did bring up networking in the initrd +elif [[ $nm_ts -gt $switchroot_ts ]] && on_platform aws; then + fatal "NetworkManager not started in initramfs!" +fi +ok early networking