Ignition Kernel Argument Support #503
Labels
lifecycle/frozen
Indicates that an issue or PR should not be auto-closed due to staleness.
Comments
|
Issues go stale after 90d of inactivity. Mark the issue as fresh by commenting If this issue is safe to close now please do so with /lifecycle stale |
openshift-ci
bot
added
the
lifecycle/stale
|
/remove-lifecycle stale |
openshift-ci
bot
added
lifecycle/frozen
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Overview
Ignition is planning to add kernel argument support (coreos/ignition#1168), the base CoreOS distribution implementation design discussion (coreos/fedora-coreos-tracker#752) will handle the general case however there are likely additional integration points with RHCOS & the MCO that would likely make sense.
FIPSRHCOS Side
Ignition expects that the system is being rebooted once kernel arguments have been applied. This stage will likely run in between the
fetch&disksIgnition stages and has some similarities with theFIPSscript. At minimum we'll need to coordinate the two so that there is a maximum of one reboot in the initrd (if any of FIPS or Ignition kernel arguments are set).It is probably worth looking into if there's an easy way to remove the current
FIPScode and perform the same action via a generated Ignition config. If so then we could tie that in with the approach detailed in the MCS section.MCS Side
When the
fipsflag is set inside of aMachineConfigthe MCS could be updated to serve a modified Ignition config containing the desired kernel arguments, files, systemd units, etc. when the requesting caller is using a relevant version of Ignition (e.x. only for Ignition 3.3.0 callers). This would allow us to drop the encapsulated machine config on newer bootimages and just read the Ignition config.The text was updated successfully, but these errors were encountered: