Using NetworkManager in the initramfs #394
Comments
|
There is an existing WIP PR for this (coreos/fedora-coreos-config#259), but it's blocked on another issue. |
dustymabe
changed the title
|
After some experimentation with using NetworkManager in the initramfs it's clear that we want to do a few things to keep our life sane. Here are a few points that are interesting:
Considering this information there are several scenarios that we want to support:
However, we need to think about the different scenarios here and what the use case is for each. Below I'll indicate which ways networking configuration was delivered via Ignition: (yes/no) and dracut: (yes/no).
More simply put: |
|
Another side effect of the networking split configuration delivery is that we want the networking in the real root itself to be exactly what is going to be brought up on every subsequent reboot of the machine so we'd like to teardown any networking brought up in the initramfs and have the real root properly bring it all the way up again. Since we are using NetworkManager being able to do something like |
|
There are platform-specific issues too. DigitalOcean and Packet need to bring up just enough networking (link-local for the former, DHCP for the latter) to fetch the rest of their network config from a metadata service. Historically Afterburn has handled this, though we've discussed moving the functionality into an NM plugin. |
|
Might be pretty easy to run the whole initramfs under the equivalent of |
|
@bgilbert I updated #394 (comment) to mention DigitalOcean and Packet. |
interesting |
In a discussion with Thomas Haller it was encouraged that we investigate running NM via systemd in the initrd and he asked me to open an RFE so it can be fleshed out: https://bugzilla.redhat.com/show_bug.cgi?id=1814038 In the short term I'll explore the teardown via script approach. |
This is a forward port of coreos-teardown-initramfs-network.service from the spec2x branch [1] (used for RHEL CoreOS). When moving to NM in the initrd [2] we decided that we also needed a mechanism to take down the networking between the initramfs and the real root. While we would like to use NetworkManager's logic to do this operation in the future it's currently not easily achieved because NetworkManager is not running persistently in the initramfs [3]. [1] coreos#78 [2] coreos/fedora-coreos-tracker#394 [3] https://bugzilla.redhat.com/show_bug.cgi?id=1814038
…g if desired
The policy here is:
- If a networking configuration was provided before this point
(most likely via Ignition) and exists in the real root then
we do nothing and don't propagate any initramfs networking.
- If a user did not provide any networking configuration
then we'll propagate the initramfs networking configuration
into the real root.
See coreos/fedora-coreos-tracker#394 (comment)
This is a forward port of coreos-teardown-initramfs-network.service from the spec2x branch [1] (used for RHEL CoreOS). When moving to NM in the initrd [2] we decided that we also needed a mechanism to take down the networking between the initramfs and the real root. While we would like to use NetworkManager's logic to do this operation in the future it's currently not easily achieved because NetworkManager is not running persistently in the initramfs [3]. [1] coreos#78 [2] coreos/fedora-coreos-tracker#394 [3] https://bugzilla.redhat.com/show_bug.cgi?id=1814038
…g if desired
The policy here is:
- If a networking configuration was provided before this point
(most likely via Ignition) and exists in the real root then
we do nothing and don't propagate any initramfs networking.
- If a user did not provide any networking configuration
then we'll propagate the initramfs networking configuration
into the real root.
See coreos/fedora-coreos-tracker#394 (comment)
Moving to NetworkManager in the initrd should help us solve some problems we've been having with Networking. For what we want to do in Fedora CoreOS doing this right requires the network to be torn down in the initrd and also possibly propagated forward. Requires: coreos/ignition-dracut#159 Fixes: coreos/fedora-coreos-tracker#394
|
Existing PRs that should bring NM into the initrd:
Placing a reminder here to review |
Moving to NetworkManager in the initrd should help us solve some problems we've been having with Networking. For what we want to do in Fedora CoreOS doing this right requires the network to be torn down in the initrd and also possibly propagated forward. Requires: coreos/ignition-dracut#159 Fixes: coreos/fedora-coreos-tracker#394
This is a forward port of coreos-teardown-initramfs-network.service from the spec2x branch [1] (used for RHEL CoreOS). When moving to NM in the initrd [2] we decided that we also needed a mechanism to take down the networking between the initramfs and the real root. While we would like to use NetworkManager's logic to do this operation in the future it's currently not easily achieved because NetworkManager is not running persistently in the initramfs [3]. [1] coreos#78 [2] coreos/fedora-coreos-tracker#394 [3] https://bugzilla.redhat.com/show_bug.cgi?id=1814038
…g if desired
The policy here is:
- If a networking configuration was provided before this point
(most likely via Ignition) and exists in the real root then
we do nothing and don't propagate any initramfs networking.
- If a user did not provide any networking configuration
then we'll propagate the initramfs networking configuration
into the real root.
See coreos/fedora-coreos-tracker#394 (comment)
Moving to NetworkManager in the initrd should help us solve some problems we've been having with Networking. For what we want to do in Fedora CoreOS doing this right requires the network to be torn down in the initrd and also possibly propagated forward. Requires: coreos/ignition-dracut#159 Fixes: coreos/fedora-coreos-tracker#394
Moving to NetworkManager in the initrd should help us solve some problems we've been having with Networking. For what we want to do in Fedora CoreOS doing this right requires the network to be torn down in the initrd and also possibly propagated forward. We effectively move *to* NetworkManager in the initrd (the default in Fedora 31+) by putting back in the nm-initrd-generator, which we were previously removing. Requires: coreos/ignition-dracut#159 Fixes: coreos/fedora-coreos-tracker#394
This is a forward port of coreos-teardown-initramfs-network.service from the spec2x branch [1] (used for RHEL CoreOS). When moving to NM in the initrd [2] we decided that we also needed a mechanism to take down the networking between the initramfs and the real root. While we would like to use NetworkManager's logic to do this operation in the future it's currently not easily achieved because NetworkManager is not running persistently in the initramfs [3]. [1] coreos#78 [2] coreos/fedora-coreos-tracker#394 [3] https://bugzilla.redhat.com/show_bug.cgi?id=1814038
…g if desired
The policy here is:
- If a networking configuration was provided before this point
(most likely via Ignition) and exists in the real root then
we do nothing and don't propagate any initramfs networking.
- If a user did not provide any networking configuration
then we'll propagate the initramfs networking configuration
into the real root.
See coreos/fedora-coreos-tracker#394 (comment)
Moving to NetworkManager in the initrd should help us solve some problems we've been having with Networking. For what we want to do in Fedora CoreOS doing this right requires the network to be torn down in the initrd and also possibly propagated forward. We effectively move *to* NetworkManager in the initrd (the default in Fedora 31+) by putting back in the nm-initrd-generator, which we were previously removing. Requires: coreos/ignition-dracut#159 Fixes: coreos/fedora-coreos-tracker#394
Moving to NetworkManager in the initrd should help us solve some problems we've been having with Networking. For what we want to do in Fedora CoreOS doing this right requires the network to be torn down in the initrd and also possibly propagated forward. We effectively move *to* NetworkManager in the initrd (the default in Fedora 31+) by putting back in the nm-initrd-generator, which we were previously removing. Requires: coreos/ignition-dracut#159 Fixes: coreos/fedora-coreos-tracker#394
What I describe(d) above is exactly the problem detailed in #233 |
|
NetworkManager networking in the initramfs is now available in the latest testing release (31.20200323.2.0), which you can find on the download page. This was implemented by the following two pull requests:
We believe this change will fix the following outstanding issues:
And also possibly: Please let us know if you encounter any issues because of this change or if this change did in fact resolve any other issues you were seeing. |
We had been planning to move to using Networkmanager in the initrd for a while. We now have a host of issues that have cropped up that we think would be solved by making this move.
This is a separate ticket (related to #24) that specifically can track moving to networkmanager in the initrd.
The text was updated successfully, but these errors were encountered: