Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

pkg/daemon: allow reboots from external componenents #576

Closed
wants to merge 1 commit into from

Conversation

runcom
Copy link
Member

@runcom runcom commented Mar 25, 2019

This is a temporary stopgap to allow other componenents ask for a reboot
since the MCD is the one in charge of draining a node and rebooting it.

The logic is simple with this:

  • if an update is already coming, we just go through the update and if
    successful, the machine is gonna reboot just fine
  • if we're not updating through MachineConfigs, then we check for a file
    and drain+reboot
  • the "reboot file" is the removed on MCD boot

Signed-off-by: Antonio Murdaca [email protected]

@openshift-ci-robot openshift-ci-robot added the size/M Denotes a PR that changes 30-99 lines, ignoring generated files. label Mar 25, 2019
@openshift-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: runcom

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci-robot openshift-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Mar 25, 2019
@runcom
Copy link
Member Author

runcom commented Mar 25, 2019

/hold

cc @ashcrow @crawford

@openshift-ci-robot openshift-ci-robot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Mar 25, 2019
@@ -319,9 +319,15 @@ func (dn *Daemon) bootstrapNode() error {
return err
}
dn.node = node
if _, err := os.Stat("/etc/defaults/rhcos/reboot-needed"); err == nil {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IMO, /etc/defaults is a legacy of SySV init; no reason to put anything new there.

The right place for this is more likely /run/machine-config-operator/reboot-needed or so. (We also have /etc/machine-config-daemon used for /etc/machine-config-daemon/state.json but I think /run makes more sense since it goes away automatically if the machine is rebooted)

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@@ -400,6 +406,15 @@ func (dn *Daemon) syncNode(key string) error {
return err
}
}
// FIXME: this is a temporary workaround, remove once an MCD signaling system is in place
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@@ -400,6 +406,15 @@ func (dn *Daemon) syncNode(key string) error {
return err
}
}
// FIXME: this is a temporary workaround, remove once an MCD signaling system is in place
if _, err := os.Stat("/etc/defaults/rhcos/reboot-needed"); err == nil {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@cgwalters
Copy link
Member

What other components are going to be asking for a reboot?

This is a temporary stopgap to allow other componenents ask for a reboot
since the MCD is the one in charge of draining a node and rebooting it.

The logic is simple with this:

- if an update is already coming, we just go through the update and if
successful, the machine is gonna reboot just fine
- if we're not updating through MachineConfigs, then we check for a file
and drain+reboot
- the "reboot file" is the removed on MCD boot

Signed-off-by: Antonio Murdaca <[email protected]>
@runcom
Copy link
Member Author

runcom commented Mar 25, 2019

What other components are going to be asking for a reboot?

hopefully just the one @ashcrow needs for 4.1

@ashcrow
Copy link
Member

ashcrow commented Mar 25, 2019

Yeah, it's just RHCOS and Installer team for 4.1 (same use case and underlying tool)

Context: https://url.corp.redhat.com/bc7c76c

@cgwalters
Copy link
Member

I don't understand why that work isn't driven by the MCD. We already have other needs to adjust kernel arguments (per #388 ) - and further it's going to be problematic to have some other service running rpm-ostree kargs which will adjust deployments at possibly the same time as the MCD is possibly executing pivot.

As is today AFAICS it will race; there's no ordering relationship between that service and pivot.service which runs to do the early pivot.

Further it overlaps heavily with ostreedev/ostree#479 which Robert is working on to aid in dropping Anaconda and removing the dependency on grub2 with ostree in general which will solve various other issues.

@cgwalters
Copy link
Member

Short term hack, we can make this new service Before=pivot.service to address the race.

@ashcrow
Copy link
Member

ashcrow commented Mar 25, 2019

@cgwalters I'll update the host level service with

Before=pivot.service

@cgwalters
Copy link
Member

Remember that the "early pivot" happens before the node has joined the cluster. So the MCD isn't involved here - no need to drain anything.

Can we de-scope this from "arbitrary kernel arguments are supported changing at any time" to "If /etc/openshift-nosmt is present during ConditionFirstBoot, then nosmt is added to kernel arguments` at "early pivot" time?

Today, we can assume that pivot.service will itself cause a reboot, so kernel args handling doesn't need to additionally do so.

Maybe the simplest is actually to add this to pivot.service itself as /etc/pivot/kernel-args. It's already in a place to do all of this transactionally anyways.

(Though that leaves the "BYO host" scenario, but will they really be expecting us to inject kernel args and reboot traditional hosts? This seems like more in the territory of "you brought it, you manage it"?)

@cgwalters
Copy link
Member

To elaborate on this a bit...it looks like the current prototype service runs every boot. That greatly increases the scope; if we only have to care about it during early pivot, thereafter the nosmt kernel argument will be correctly carried forwards across upgrades etc. We don't have a concern about the "source of truth" for kernel arguments. (The source of truth is the BLS config files as is the original ostree design - while BLS didn't take over the world it's at least a somewhat agreed upon place for kernel arguments implemented by multiple bootloaders. Invoking rpm-ostree kargs is unfortunately still necessary though to regenerate the bootloader config)

@ashcrow
Copy link
Member

ashcrow commented Mar 25, 2019

I'm OK with the above proposal for the near term. I'm going to bounce it off other folks who were part of the design before we commit to change.

The POC today runs whenever the /etc/default/rhcos/kargs file changes on an RHCOS or RHEL machine. This can be right after boot, or whenever the restricted file is written to.

@ashcrow
Copy link
Member

ashcrow commented Mar 25, 2019

/cc @abhinavdahiya

@abhinavdahiya
Copy link
Contributor

abhinavdahiya commented Mar 25, 2019

/cc @abhinavdahiya

I'm fine if we support nosmt thorugh a special file.. but I would like decide the file location as that would unblock openshift/installer#1392 .

@ashcrow
Copy link
Member

ashcrow commented Mar 25, 2019

Can we de-scope this from "arbitrary kernel arguments are supported changing at any time" to "If /etc/openshift-nosmt is present during ConditionFirstBoot, then nosmt is added to kernel arguments` at "early pivot" time?

I spoke with others and they are cool with this for 4.1. How about /etc/pivot/kernel-args. Whatever is put in there will be applied via rpm-ostree kargs? The file change will come from one of the following locations at a time:

  • openshift-installer
  • MCD (via an MC)

If this sounds good I'll shelve my system service API for now and throw something together starting in the morning.

@runcom
Copy link
Member Author

runcom commented Mar 26, 2019

I spoke with others and they are cool with this for 4.1. How about /etc/pivot/kernel-args. Whatever is put in there will be applied via rpm-ostree kargs? The file change will come from one of the following locations at a time:

  • openshift-installer
  • MCD (via an MC)

isn't this allowing "arbitrary kernel arguments"? for 4.1, we just want nosmt to take effect at early pivot.

For the future, then yeah, I agree with what you wrote, that can be a path towards allowing general and arbitrary kargs.

@ashcrow
Copy link
Member

ashcrow commented Mar 26, 2019

Isn't this allowing "arbitrary kernel arguments"?

It can be expanded to be arbitrary. For now it will only be the subset for tuning.

for 4.1, we just want nosmt to take effect at early pivot.

Almost. It needs to be in early pivot or toggled later.

@ashcrow
Copy link
Member

ashcrow commented Mar 26, 2019

@runcom thank you for putting this PR together, but I think it can be closed. I'll hopefully have something up today or tomorrow in it's place.

@runcom
Copy link
Member Author

runcom commented Mar 26, 2019

Thanks!!!

@runcom runcom closed this Mar 26, 2019
@cgwalters
Copy link
Member

It needs to be in early pivot or toggled later.

If we really need to support toggling it later I don't see how we avoid implementing #388 right?

@ashcrow
Copy link
Member

ashcrow commented Mar 26, 2019

If we really need to support toggling it later I don't see how we avoid implementing #388 right?

For a later version, yes. But if we scope this to the few tuning parameters that are needed we the current MCO/MC and update to pivot should work. The installer can lay down a file at install time as needed and, if the cluster admin wants to modify the supported tuning options, they can lay down an updated /etc/pivot/kernel-args (which will only white list the options we're allowing for now).

@runcom runcom deleted the queue-reboots branch March 26, 2019 13:59
@ashcrow
Copy link
Member

ashcrow commented Mar 26, 2019

Actually, I see what you mean now @cgwalters. Since pivot ONLY runs when MCD gets a new machine-os-content.

ashcrow added a commit to ashcrow/pivot that referenced this pull request Mar 26, 2019
Checks /etc/pivot/kernel-args for argument changes. This early
version only supports bare arguments that are in the whitelist.

See conversation at openshift/machine-config-operator#576

Signed-off-by: Steve Milner <[email protected]>
ashcrow added a commit to ashcrow/pivot that referenced this pull request Mar 26, 2019
Checks /etc/pivot/kernel-args for argument changes. This early
version only supports bare arguments that are in the whitelist.

See conversation at openshift/machine-config-operator#576

Signed-off-by: Steve Milner <[email protected]>
ashcrow added a commit to ashcrow/pivot that referenced this pull request Mar 26, 2019
Checks /etc/pivot/kernel-args for argument changes. This early
version only supports bare arguments that are in the whitelist.

See conversation at openshift/machine-config-operator#576

Signed-off-by: Steve Milner <[email protected]>
ashcrow added a commit to ashcrow/pivot that referenced this pull request Mar 26, 2019
Checks /etc/pivot/kernel-args for argument changes. This early
version only supports bare arguments that are in the whitelist.

See conversation at openshift/machine-config-operator#576

Signed-off-by: Steve Milner <[email protected]>
ashcrow added a commit to ashcrow/pivot that referenced this pull request Mar 27, 2019
Checks /etc/pivot/kernel-args for argument changes. This early
version only supports bare arguments that are in the whitelist.

See conversation at openshift/machine-config-operator#576

Signed-off-by: Steve Milner <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. size/M Denotes a PR that changes 30-99 lines, ignoring generated files.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants