lib/deploy: Add support for overlay initrds

[jlebon]

In FCOS and RHCOS, the need to configure software in the initramfs has
come up multiple times. Sometimes, using kernel arguments suffices.
Other times, it really must be a configuration file. Rebuilding the
initramfs on the client-side however is a costly operation. Not only
does it add complexity to the update workflow, it also erodes a lot of
the value obtained from using the baked "blessed" initramfs from the
tree itself.

One elegant way to address this is to allow specifying multiple
initramfses. This is supported by most bootloaders (notably GRUB) and
results in each initrd being overlayed on top of each other.

This patch allows libostree clients to leverage this so that they can
avoid regenerating the initramfs entirely. libostree itself is agnostic
as to what kind and how much data overlay initrds contain. It's up to
the clients to enforce such boundaries.

To implement this, we add a new option to the deploy APIs called
overlay_initrds: this is an array of filepaths to CPIO archives. We
copy these files into /boot and add them to the BLS as another
initrd entry.

[cgwalters]

There's no use case I can think of for a "pristine" ostree shipping multiple initramfses. So what if instead

• We just taught the bootconfig parser to correctly preserve multiple initramfs fields (done in this code)
• Downstream, projects like rpm-ostree could create e.g. /boot/rpm-ostree/custom-initramfs-foo.img and generate a new deployment using it.

IOW we think of this more like kernel arguments (which don't affect the commit checksum).

[jlebon]

OK, updated this now based on feedback and coreos/rpm-ostree#2170 (comment). We no longer look for the additional initramfses in the tree; it's instead passed via the new deploy APIs, checksummed, copied into /boot, and added into the BLS entry. The end result is that this is now an even more lightweight operation for clients!

[jlebon]

Split out the trivial/prep patches into #2172.

[jlebon]

Added an installed tests and marked ready for review!

Requires: #2204

Edit: I also updated coreos/rpm-ostree#2170 to show how the new APIs are used.

[jlebon]

Rebased this now that #2204 is merged!

[cgwalters]

One comment, otherwise I think this is looking good!

[cgwalters]

It'd be nice to allow people to have a "short name" for their overlay initrd to describe its purpose without needing to unpack it to look.

Basically we append the checksum to the name they provide?

[cgwalters]

IOW it's /boot/ostree/initramfs-overlays/kdump-41af286dc0b172ed2f1ca934fd2278de4a1192302ffa07087cea2682e7d372e3.img and not just /boot/ostree/initramfs-overlays/41af286dc0b172ed2f1ca934fd2278de4a1192302ffa07087cea2682e7d372e3.img

[cgwalters]

If you prefer we can do this as a followup too.

[jlebon]

Are you suggesting expanding the overlay initrd staging API as e.g.:

diff --git a/src/libostree/ostree-sysroot.h b/src/libostree/ostree-sysroot.h
index 3a3b6a77..ef5a353c 100644
--- a/src/libostree/ostree-sysroot.h
+++ b/src/libostree/ostree-sysroot.h
@@ -189,6 +189,7 @@ gboolean ostree_sysroot_write_deployments_with_options (OstreeSysroot     *self,
 _OSTREE_PUBLIC
 gboolean ostree_sysroot_stage_overlay_initrd (OstreeSysroot  *self,
                                               int             fd,
+                                              const char      short_id,
                                               char          **out_checksum,
                                               GCancellable   *cancellable,
                                               GError        **error);

?

Hmm, or maybe we could change the semantics of OstreeSysrootDeployTreeOpts.overlay_initrds to have the checksum be optionally prefixed by an ID? (E.g. my-id:<sha256>).

🤔 Honestly, while the code here does support multiple overlays, I think in practice it's not something that will be used often. E.g. in the rpm-ostree use case, there is just a single "initramfs-etc" initrd, and my hope is that it's the one way through which users interact with this feature.

[jlebon]

I think I'd vote for leaving the API simple and we can do the second approach mentioned above if it comes up? (Because the first approach would obviously be an API break.)

[cgwalters]

OK, fine by me!

[cgwalters]

/lgtm

[openshift-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: cgwalters, jlebon

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [cgwalters,jlebon]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment