From 17a9684c539f1b58072ef654a6ffeb3183450190 Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Tue, 17 Sep 2019 20:21:10 +0000 Subject: [PATCH] wip 31ignition-ostree For redeploying the rootfs --- dracut/30ignition/ignition-files.service | 1 + .../ignition-dracut-rootfs-manual.sh | 41 +++++++++++++++++ .../ignition-dracut-rootfs.sh | 45 +++++++++++++++++++ .../ignition-rootfs-restore.service | 15 +++++++ .../ignition-rootfs-save.service | 26 +++++++++++ dracut/31ignition-ostree/module-setup.sh | 26 +++++++++++ 6 files changed, 154 insertions(+) create mode 100755 dracut/31ignition-ostree/ignition-dracut-rootfs-manual.sh create mode 100755 dracut/31ignition-ostree/ignition-dracut-rootfs.sh create mode 100644 dracut/31ignition-ostree/ignition-rootfs-restore.service create mode 100644 dracut/31ignition-ostree/ignition-rootfs-save.service create mode 100755 dracut/31ignition-ostree/module-setup.sh diff --git a/dracut/30ignition/ignition-files.service b/dracut/30ignition/ignition-files.service index f082642..476605d 100644 --- a/dracut/30ignition/ignition-files.service +++ b/dracut/30ignition/ignition-files.service @@ -12,5 +12,6 @@ Before=initrd-parse-etc.service [Service] Type=oneshot +RemainAfterExit=yes EnvironmentFile=/run/ignition.env ExecStart=/usr/bin/ignition --root=/sysroot --platform=${PLATFORM_ID} --stage=files --log-to-stdout diff --git a/dracut/31ignition-ostree/ignition-dracut-rootfs-manual.sh b/dracut/31ignition-ostree/ignition-dracut-rootfs-manual.sh new file mode 100755 index 0000000..144549d --- /dev/null +++ b/dracut/31ignition-ostree/ignition-dracut-rootfs-manual.sh @@ -0,0 +1,41 @@ +#!/bin/bash +set -euo pipefail + +rootmnt=/mnt/rootfs +mkdir -p $rootmnt +mount /dev/disk/by-label/root $rootmnt +igntmp=/run/ignition-rootfs + +case "${1:-}" in + save) + for toplevel in boot ostree; do + mkdir -p ${igntmp}/${toplevel} + chcon -h --reference=${rootmnt}/${toplevel} ${igntmp}/${toplevel} + done + # We copy the repo, /var and the .origin file; if we tried to copy + # everything with e.g. `cp` we'd end up breaking hardlinks. + repo=${igntmp}/ostree/repo + ostree --repo=${repo} init --mode=bare + cp ${rootmnt}/ostree/repo/config ${repo}/config + ostree --repo=${repo} pull-local ${rootmnt}/ostree/repo + stateroot=$(ls ${rootmnt}/ostree/deploy) + statepath=ostree/deploy/${stateroot} + mkdir -p ${igntmp}/${statepath} + cp -a ${rootmnt}/${statepath}/var ${igntmp}/${statepath}/var + mkdir -p ${igntmp}/${statepath}/deploy + cp -a ${rootmnt}/${statepath}/deploy/*.origin ${igntmp}/${statepath}/deploy/ + commit=$(cd ${stateroot} && ls *.0 | cut -f 1 -d '.') + echo "${commit}" > ${igntmp}/ostree-commit + ;; + restore) + echo "Restoring ostree repo..." + mv -T ${igntmp}/ostree ${rootmnt}/ostree + echo "...done" + commit=$(cat ${igntmp}/ostree-commit) + echo "Redeploying OSTree commit ${commit} ..." + ostree admin --sysroot=${rootmnt} deploy ${commit} + ;; + *) + echo "Unsupported operation: ${1:-}" + ;; +esac diff --git a/dracut/31ignition-ostree/ignition-dracut-rootfs.sh b/dracut/31ignition-ostree/ignition-dracut-rootfs.sh new file mode 100755 index 0000000..0ad8703 --- /dev/null +++ b/dracut/31ignition-ostree/ignition-dracut-rootfs.sh @@ -0,0 +1,45 @@ +#!/bin/bash +set -euo pipefail + +rootmnt=/mnt/rootfs +mkdir -p $rootmnt +mount /dev/disk/by-label/root $rootmnt +tmproot=/run/ignition-rootfs + +case "${1:-}" in + save) + echo "HACK: Setting SELinux permissive" + echo "https://github.com/coreos/ignition-dracut/pull/79#issuecomment-488446949" + setenforce 0 + echo "Moving rootfs to RAM..." + mkdir ${tmproot} + # OSTree added the immutable bit on the deployment root, and + # cosa's create_disk added it to the rootfs + chattr -i ${rootmnt} ${rootmnt}/ostree/deploy/*/deploy/*.0 + for x in boot ostree; do + # TODO; copy instead of mv to avoid writes, since we're just + # about to blow away the whole FS anyways? + ls -al ${rootmnt}/${x} + mv -Tn ${rootmnt}/${x} ${tmproot}/${x} + done + umount ${rootmnt} + # Just directly re-init here so we can test things as if + # ignition-disks blew away the root fs. + mkfs.xfs -f /dev/disk/by-label/root -L root -m reflink=1 + echo "done!" + ;; + restore) + echo "Restoring rootfs from RAM..." + ls -al ${tmproot} + for x in boot ostree; do + ls -al ${tmproot}/${x} + mv -Tn ${tmproot}/${x} ${rootmnt}/${x} + done + # And restore the immutable bits + chattr +i ${rootmnt}/ostree/deploy/*/deploy/*.0 ${rootmnt} + echo "...done" + ;; + *) + echo "Unsupported operation: ${1:-}" + ;; +esac diff --git a/dracut/31ignition-ostree/ignition-rootfs-restore.service b/dracut/31ignition-ostree/ignition-rootfs-restore.service new file mode 100644 index 0000000..8c1efe6 --- /dev/null +++ b/dracut/31ignition-ostree/ignition-rootfs-restore.service @@ -0,0 +1,15 @@ +[Unit] +Description=Ignition OSTree: restore rootfs +DefaultDependencies=false +After=ignition-disks.service +Before=initrd-root-fs.target +Before=sysroot.mount +ConditionKernelCommandLine=ostree + +[Service] +Type=oneshot +RemainAfterExit=yes +EnvironmentFile=/run/ignition.env +# So we can transiently mount sysroot +MountFlags=slave +ExecStart=/usr/libexec/ignition-dracut-rootfs restore \ No newline at end of file diff --git a/dracut/31ignition-ostree/ignition-rootfs-save.service b/dracut/31ignition-ostree/ignition-rootfs-save.service new file mode 100644 index 0000000..369481f --- /dev/null +++ b/dracut/31ignition-ostree/ignition-rootfs-save.service @@ -0,0 +1,26 @@ +[Unit] +Description=Ignition OSTree: save rootfs +DefaultDependencies=false +After=basic.target +Before=ignition-disks.service +ConditionKernelCommandLine=ostree + +# Run after ignition-setup has run because ignition-setup +# may copy in new/different ignition configs for us to consume. +After=ignition-setup-base.service +After=ignition-setup-user.service + +# Network may be used to fetch userdata content. +After=network.target + +# This stage requires udevd to detect disk partitioning changes. +Requires=systemd-udevd.service +After=systemd-udevd.service + +[Service] +Type=oneshot +RemainAfterExit=yes +EnvironmentFile=/run/ignition.env +# So we can transiently mount sysroot +MountFlags=slave +ExecStart=/usr/libexec/ignition-dracut-rootfs save \ No newline at end of file diff --git a/dracut/31ignition-ostree/module-setup.sh b/dracut/31ignition-ostree/module-setup.sh new file mode 100755 index 0000000..a696aa2 --- /dev/null +++ b/dracut/31ignition-ostree/module-setup.sh @@ -0,0 +1,26 @@ +#!/bin/bash +# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*- +# ex: ts=8 sw=4 sts=4 et filetype=sh + +depends() { + echo ignition ostree +} + +install_ignition_unit() { + local unit="$1"; shift + local target="${1:-ignition-complete.target}"; shift + local instantiated="${1:-$unit}"; shift + inst_simple "$moddir/$unit" "$systemdsystemunitdir/$unit" + mkdir -p "$initdir/$systemdsystemunitdir/$target.requires" + ln_r "../$unit" "$systemdsystemunitdir/$target.requires/$instantiated" +} + +install() { + inst_multiple ostree tar chattr setenforce + + inst_script "$moddir/ignition-dracut-rootfs.sh" \ + "/usr/libexec/ignition-dracut-rootfs" + + install_ignition_unit ignition-rootfs-save.service + install_ignition_unit ignition-rootfs-restore.service +}