-
Notifications
You must be signed in to change notification settings - Fork 159
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
05core: add coreos-ignition-delete-config.service
for upgrade boots
#1738
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice work!
Some optional nits; LGTM as is.
overlay.d/05core/usr/lib/systemd/system/coreos-ignition-delete-config.service
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A few comments/questions.
overlay.d/05core/usr/lib/systemd/system/ignition-delete-config.service.d/10-flag-file.conf
Show resolved
Hide resolved
Added requested comments. |
Ignition 2.14.0 adds ignition-delete-config.service, which deletes Ignition configs from VMware and VirtualBox on first boot. Add coreos-ignition-delete-config.service to do the same thing on existing machines on upgrade, using a stamp file in /var/lib to avoid multiple runs. Add a drop-in for ignition-delete-config.service that creates a stamp file in /run, and then chain from that stamp to the long-term stamp in /var/lib, ensuring that we don't delete configs twice on newly- provisioned machines. The upstream service can't create the stamp directly in /var/lib because it runs before /var is mounted. Prevent coreos-ignition-delete-config.service from running if ignition-delete-config.service is masked, ensuring that the mask operation documented upstream prevents the config from ever being deleted, as intended. We can remove this after the next barrier release in FCOS and barrier equivalent in RHCOS.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Ignition 2.14.0 adds
ignition-delete-config.service
, which deletes Ignition configs from VMware and VirtualBox on first boot. Addcoreos-ignition-delete-config.service
to do the same thing on existing machines on upgrade, using a stamp file in/var/lib
to avoid multiple runs.Add a drop-in for
ignition-delete-config.service
that creates a stamp file in/run
, and then chain from that stamp to the long-term stamp in/var/lib
, ensuring that we don't delete configs twice on newly-provisioned machines. The upstream service can't create the stamp directly in/var/lib
because it runs before/var
is mounted.Prevent
coreos-ignition-delete-config.service
from running ifignition-delete-config.service
is masked, ensuring that the mask operation documented upstream prevents the config from ever being deleted, as intended.We can remove this after the next barrier release in FCOS and barrier equivalent in RHCOS.
The plan is to do a coreos-status post documenting
systemctl mask ignition-delete-config.service
before shipping this.