initrd-setup-root: Add selective OS reset handling #55
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
pothos
added a commit
to flatcar-archive/coreos-overlay
that referenced
this pull request
Feb 24, 2023
This pulls in flatcar/bootengine#55 and flatcar/init#91 for a `flatcar-reset` tool and boot logic for selective OS resets, cleaning the rootfs of old state while keeping wanted paths, e.g., when reconfiguring the system with Ignition.
2 tasks
pothos
force-pushed
the
kai/etc-overlay-cleanup
branch
3 times, most recently
from
8da7f57
to
85ec998
Compare
krnowak
reviewed
Feb 27, 2023
pothos
force-pushed
the
kai/etc-overlay-cleanup
branch
3 times, most recently
from
b451800
to
2bd7fc0
Compare
pothos
added a commit
to flatcar-archive/coreos-overlay
that referenced
this pull request
Feb 27, 2023
This pulls in flatcar/bootengine#55 and flatcar/init#91 for a `flatcar-reset` tool and boot logic for selective OS resets, cleaning the rootfs of old state while keeping wanted paths, e.g., when reconfiguring the system with Ignition.
pothos
force-pushed
the
kai/etc-overlay-cleanup
branch
2 times, most recently
from
7c1c3af
to
01855b1
Compare
pothos
added a commit
to flatcar-archive/coreos-overlay
that referenced
this pull request
Feb 28, 2023
This pulls in flatcar/bootengine#55 and flatcar/init#91 for a `flatcar-reset` tool and boot logic for selective OS resets, cleaning the rootfs of old state while keeping wanted paths, e.g., when reconfiguring the system with Ignition.
pothos
added a commit
to flatcar-archive/coreos-overlay
that referenced
this pull request
Feb 28, 2023
This pulls in flatcar/bootengine#55 and flatcar/init#91 for a `flatcar-reset` tool and boot logic for selective OS resets, cleaning the rootfs of old state while keeping wanted paths, e.g., when reconfiguring the system with Ignition.
krnowak
approved these changes
Feb 28, 2023
A reconfiguration of a system will lead to config drift is the local state isn't discarded. However, while this is possible with Ignition reformatting the rootfs, this big hammer is too disruptive. Introduce a way to perform a selective OS reset where a special file contains a regex for paths to preserve. This regex should be prepared by a helper tool like flatcar-reset --keep-paths "/etc/ssh/" "/var/docker.*" that would assemble the regex to be (/etc/ssh|/etc/ssh/.*|/var/docker.*) where the omitted slash at the end of the /etc/ssh/ is needed due to how "find" prints the paths, and the additional entry ssh/.* for the contents of /etc/ssh/ which would otherwise be deleted - but we should allow the user to use a final slash anyway instead of forcing the user to add /.* everywhere, thus the helper tool should take care of it. If the user wants to remove all contents but keep the empty dir, ^/etc/ssh or /etc/ssh$ or (/etc/ssh) or /etc/(ssh) would work to directly specify the wanted regex without the helper tool expanding it.
pothos
added a commit
to flatcar-archive/coreos-overlay
that referenced
this pull request
Feb 28, 2023
This pulls in flatcar/bootengine#55 and flatcar/init#91 for a `flatcar-reset` tool and boot logic for selective OS resets, cleaning the rootfs of old state while keeping wanted paths, e.g., when reconfiguring the system with Ignition.
t-lo
pushed a commit
to flatcar/scripts
that referenced
this pull request
Apr 17, 2023
This pulls in flatcar/bootengine#55 and flatcar/init#91 for a `flatcar-reset` tool and boot logic for selective OS resets, cleaning the rootfs of old state while keeping wanted paths, e.g., when reconfiguring the system with Ignition.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
A reconfiguration of a system will lead to config drift is the local state isn't discarded. However, while this is possible with Ignition reformatting the rootfs, this big hammer is too disruptive. Introduce a way to perform a selective OS reset where a special file contains a regex for paths to preserve. This regex should be prepared by a helper tool like
flatcar-reset --keep-paths "/etc/ssh/" "/var/docker.*"that would assemble the regex to be
(/etc/ssh|/etc/ssh/.*|/var/docker.*)where the omitted slash at the end of the /etc/ssh/ is needed due to how "find" prints the paths, and the additional entry
ssh/.*for the contents of /etc/ssh/ which would otherwise be deleted - but we should allow the user to use a final slash anyway instead of forcing the user to add/.*everywhere, thus the helper tool should take care of it. If the user wants to remove all contents but keep the empty dir,^/etc/sshor/etc/ssh$or(/etc/ssh)or/etc/(ssh)would work to directly specify the wanted regex without the helper tool expanding it (see linked PR).How to use
Based on #54 - Rebase before merging
The helper tool is introduced in flatcar/init#91
Testing done
With the new
flatcar-resettool I checked thatsudo flatcar-reset --keep-machine-id --ignition-file my.ign --keep-paths '/etc/ssh/ssh_host_.*' /var/logand a reboot will discard all state except the ssh host keys and the system logs, and will set up thegrub.cfgcmdline for the machine ID and use the given Ignition file.CI