-
Notifications
You must be signed in to change notification settings - Fork 158
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
WIP: Add coreos-inject-rootmap.service, unlock root-on-RAID
This implements the rootmap code that figures out all the dependencies required to find `/sysroot`, and injects them into the BLS config. For more information, see: coreos/fedora-coreos-tracker#94 (comment) This supports RAID and LUKS devices, though the latter needs outstanding work in Ignition to actually be fully supported. This also implements the `root=UUID=$uuid` inject patch proposed in coreos/fedora-coreos-tracker#465. With this, it's now possible to configure FCOS with root on a RAID device! Closes: #465
- Loading branch information
Showing
3 changed files
with
93 additions
and
0 deletions.
There are no files selected for viewing
75 changes: 75 additions & 0 deletions
75
overlay.d/05core/usr/lib/dracut/modules.d/40ignition-ostree/coreos-inject-rootmap
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,75 @@ | ||
#!/bin/bash | ||
set -euo pipefail | ||
|
||
BOOT_DEV="/dev/disk/by-label/boot" | ||
ROOT_MOUNT="/sysroot" | ||
|
||
main() { | ||
local root_dev rootfs_uuid rootmap_kargs | ||
root_dev=$(get_mount_dev "${ROOT_MOUNT}") | ||
rootfs_uuid=$(get_rootfs_uuid "${root_dev}") | ||
rootmap_kargs=$(get_rootmap_kargs "${root_dev}") | ||
inject_bls_kargs "${rootmap_kargs}" "root=UUID=${rootfs_uuid}" rw | ||
} | ||
|
||
get_mount_dev() { | ||
findmnt -nvr -o SOURCE "$1" | tail -n1 | ||
} | ||
|
||
get_rootfs_uuid() { | ||
local root_dev=$1; shift | ||
# shellcheck disable=SC2153 | ||
(eval "$(blkid -o export "${root_dev}")" && echo "${UUID}") | ||
} | ||
|
||
get_rootmap_kargs() { | ||
local root_dev=$1; shift | ||
lsblk --pairs -o NAME,TYPE --inverse "${root_dev}" | while IFS= read -r line; do | ||
# note this is a pipeline, so we're in a subprocess | ||
eval "${line}" | ||
# shellcheck disable=SC2153 | ||
case "${TYPE}" in | ||
raid*) get_raid_karg "${NAME}";; | ||
crypt) get_luks_karg "${NAME}";; | ||
part|disk) ;; | ||
*) fatal "unknown block device type ${TYPE}";; | ||
esac | ||
done | ||
} | ||
|
||
get_raid_karg() { | ||
local name=$1; shift | ||
local uuid | ||
uuid=$(eval "$(mdadm --detail --export "/dev/${name}")" && echo "${MD_UUID}") | ||
[ -n "${uuid}" ] || fatal "couldn't find UUID for RAID device ${name}" | ||
echo -n " rd.md.uuid=${uuid}" | ||
} | ||
|
||
get_luks_karg() { | ||
local name=$1; shift | ||
echo -n " rd.luks.uuid=${name}" | ||
} | ||
|
||
inject_bls_kargs() { | ||
local tmpf | ||
|
||
# Note we mount /boot but don't unmount since we run with MountFlags=slave | ||
mkdir -p /boot | ||
mount -o rw ${BOOT_DEV} /boot | ||
for f in /boot/loader/entries/*.conf; do | ||
tmpf=$(mktemp -p /boot) | ||
sed -e "/^options / s|$| $*|" < "${f}" > "${tmpf}" | ||
mv "${tmpf}" "${f}" | ||
done | ||
} | ||
|
||
err() { | ||
echo "$@" >&2 | ||
} | ||
|
||
fatal() { | ||
err "$@" | ||
exit 1 | ||
} | ||
|
||
main "$@" |
15 changes: 15 additions & 0 deletions
15
overlay.d/05core/usr/lib/dracut/modules.d/40ignition-ostree/coreos-inject-rootmap.service
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
[Unit] | ||
Description=CoreOS Inject Rootmap | ||
DefaultDependencies=false | ||
# If root is specified, assume rootmap is already configured | ||
ConditionKernelCommandLine=!root | ||
OnFailure=emergency.target | ||
OnFailureJobMode=isolate | ||
|
||
After=initrd-root-fs.target | ||
|
||
[Service] | ||
Type=oneshot | ||
ExecStart=/usr/libexec/coreos-inject-rootmap | ||
RemainAfterExit=yes | ||
MountFlags=slave |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters