mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-10-01 18:42:22 +02:00
Code Issues Packages Projects Releases Wiki Activity

coreos-base/afterburn: apply flatcar changes

Browse Source 
* partially revert cl-legacy feature (without update-ssh-keys dependency)
  to bring back `vagrant_virtualbox` provider and ec2, gce
  cmdline support
* backport kernel parameters patch
* backport systemd-networkd-wait-online patch
* add Alias= to services
* sed AFTERBURN -> COREOS, AWS -> EC2, GCP -> GCE
* use update-ssh-keys to generate .ssh/authorized_keys

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
This commit is contained in:
Mathieu Tortuyaux 2022-03-29 17:11:34 +02:00
parent 60441ac4ea
commit fc0098caf4
6 changed files with 677 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
sdk_container/src/third_party/coreos-overlay/coreos-base/afterburn/afterburn-9999.ebuild vendored
View File

@ -220,6 +220,12 @@ RDEPEND="
!coreos-base/coreos-metadata
"
PATCHES=(
"${FILESDIR}"/0001-Revert-remove-cl-legacy-feature.patch
"${FILESDIR}"/0002-util-cmdline-Handle-the-cmdline-flags-as-list-of-sup.patch
"${FILESDIR}"/0003-encode-information-for-systemd-networkd-wait-online.patch
)
src_unpack() {
cros-workon_src_unpack "$@"
coreos-cargo_src_unpack "$@"

188
sdk_container/src/third_party/coreos-overlay/coreos-base/afterburn/files/0001-Revert-remove-cl-legacy-feature.patch vendored Normal file
View File

@ -0,0 +1,188 @@
From cb9d27d40fe7b34bdabe846764c0290fd9d36b8c Mon Sep 17 00:00:00 2001
From: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
Date: Wed, 30 Mar 2022 09:17:45 +0200
Subject: [PATCH 1/3] Revert "*: remove cl-legacy feature"
This reverts commit 3e4b623b390ab756a6be963eec7198b3e7f44e20.
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
---
Cargo.toml | 3 +
src/metadata.rs | 8 +++
src/providers/mod.rs | 2 +
src/providers/vagrant_virtualbox/mod.rs | 79 +++++++++++++++++++++++++
src/util/cmdline.rs | 4 ++
5 files changed, 96 insertions(+)
create mode 100644 src/providers/vagrant_virtualbox/mod.rs
diff --git a/Cargo.toml b/Cargo.toml
index e5b3dc3..f9b3e46 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -26,6 +26,9 @@ lto = true
# We assume we're being delivered via e.g. RPM which supports split debuginfo
debug = true
+[features]
+cl-legacy = []
+
[dependencies]
anyhow = "1.0"
base64 = "0.13"
diff --git a/src/metadata.rs b/src/metadata.rs
index 758bb1e..8544de9 100644
--- a/src/metadata.rs
+++ b/src/metadata.rs
@@ -30,6 +30,8 @@ use crate::providers::openstack;
use crate::providers::openstack::network::OpenstackProviderNetwork;
use crate::providers::packet::PacketProvider;
use crate::providers::powervs::PowerVSProvider;
+#[cfg(feature = "cl-legacy")]
+use crate::providers::vagrant_virtualbox::VagrantVirtualboxProvider;
use crate::providers::vmware::VmwareProvider;
use crate::providers::vultr::VultrProvider;
@@ -48,6 +50,8 @@ pub fn fetch_metadata(provider: &str) -> Result<Box<dyn providers::MetadataProvi
match provider {
"aliyun" => box_result!(AliyunProvider::try_new()?),
"aws" => box_result!(AwsProvider::try_new()?),
+ #[cfg(feature = "cl-legacy")]
+ "ec2" => box_result!(AwsProvider::try_new()?),
"azure" => box_result!(Azure::try_new()?),
"azurestack" => box_result!(AzureStack::try_new()?),
"cloudstack-metadata" => box_result!(CloudstackNetwork::try_new()?),
@@ -55,6 +59,8 @@ pub fn fetch_metadata(provider: &str) -> Result<Box<dyn providers::MetadataProvi
"digitalocean" => box_result!(DigitalOceanProvider::try_new()?),
"exoscale" => box_result!(ExoscaleProvider::try_new()?),
"gcp" => box_result!(GcpProvider::try_new()?),
+ #[cfg(feature = "cl-legacy")]
+ "gce" => box_result!(GcpProvider::try_new()?),
// IBM Cloud - VPC Generation 2.
"ibmcloud" => box_result!(IBMGen2Provider::try_new()?),
// IBM Cloud - Classic infrastructure.
@@ -63,6 +69,8 @@ pub fn fetch_metadata(provider: &str) -> Result<Box<dyn providers::MetadataProvi
"openstack-metadata" => box_result!(OpenstackProviderNetwork::try_new()?),
"packet" => box_result!(PacketProvider::try_new()?),
"powervs" => box_result!(PowerVSProvider::try_new()?),
+ #[cfg(feature = "cl-legacy")]
+ "vagrant-virtualbox" => box_result!(VagrantVirtualboxProvider::new()),
"vmware" => box_result!(VmwareProvider::try_new()?),
"vultr" => box_result!(VultrProvider::try_new()?),
_ => bail!("unknown provider '{}'", provider),
diff --git a/src/providers/mod.rs b/src/providers/mod.rs
index f684d22..a67546c 100644
--- a/src/providers/mod.rs
+++ b/src/providers/mod.rs
@@ -35,6 +35,8 @@ pub mod microsoft;
pub mod openstack;
pub mod packet;
pub mod powervs;
+#[cfg(feature = "cl-legacy")]
+pub mod vagrant_virtualbox;
pub mod vmware;
pub mod vultr;
diff --git a/src/providers/vagrant_virtualbox/mod.rs b/src/providers/vagrant_virtualbox/mod.rs
new file mode 100644
index 0000000..d7a9e0e
--- /dev/null
+++ b/src/providers/vagrant_virtualbox/mod.rs
@@ -0,0 +1,79 @@
+// Copyright 2017 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+//! vagrant/virtualbox metadata fetcher
+
+use std::collections::HashMap;
+use std::net::IpAddr;
+use std::thread;
+use std::time::Duration;
+
+use anyhow::{anyhow,Context,Result};
+use slog_scope::info;
+
+use crate::providers::MetadataProvider;
+
+#[derive(Clone, Copy, Debug)]
+pub struct VagrantVirtualboxProvider;
+
+impl VagrantVirtualboxProvider {
+ pub fn new() -> Self {
+ Self
+ }
+
+ fn get_ip() -> Result<String> {
+ let max_attempts = 30;
+ for _ in 0..max_attempts {
+ if let Some(iface) = Self::find_eth1() {
+ for a in iface.ips {
+ if let IpAddr::V4(a) = a.ip() {
+ return Ok(format!("{}", a));
+ }
+ }
+ }
+ info!("eth1 not found or is lacking an ipv4 address; waiting 2 seconds");
+ thread::sleep(Duration::from_secs(2));
+ }
+ Err(anyhow!("eth1 was not found!"))
+ }
+
+ fn find_eth1() -> Option<pnet_datalink::NetworkInterface> {
+ pnet_datalink::interfaces()
+ .into_iter()
+ .find(|i| i.name == "eth1")
+ }
+
+ /// Get the hostname from local system settings.
+ fn system_hostname() -> Result<String> {
+ let hostname = hostname::get()
+ .context("unable to get hostname")?
+ .to_string_lossy()
+ .into_owned();
+ Ok(hostname)
+ }
+}
+
+impl MetadataProvider for VagrantVirtualboxProvider {
+ fn attributes(&self) -> Result<HashMap<String, String>> {
+ let hostname = Self::system_hostname()?;
+ let ip = Self::get_ip()?;
+
+ let attributes = maplit::hashmap! {
+ "VAGRANT_VIRTUALBOX_HOSTNAME".to_string() => hostname,
+ "VAGRANT_VIRTUALBOX_PRIVATE_IPV4".to_string() => ip,
+ };
+
+ Ok(attributes)
+ }
+}
diff --git a/src/util/cmdline.rs b/src/util/cmdline.rs
index 8821265..e7b5550 100644
--- a/src/util/cmdline.rs
+++ b/src/util/cmdline.rs
@@ -23,7 +23,11 @@ use anyhow::{bail, Context, Result};
use slog_scope::trace;
/// Platform key.
+#[cfg(not(feature = "cl-legacy"))]
const CMDLINE_PLATFORM_FLAG: &str = "ignition.platform.id";
+/// Platform key (CL and RHCOS legacy name: "OEM").
+#[cfg(feature = "cl-legacy")]
+const CMDLINE_PLATFORM_FLAG: &str = "coreos.oem.id";
/// Get platform/OEM value from cmdline file.
pub fn get_platform(fpath: &str) -> Result<String> {
--
2.34.1

111
sdk_container/src/third_party/coreos-overlay/coreos-base/afterburn/files/0002-util-cmdline-Handle-the-cmdline-flags-as-list-of-sup.patch vendored Normal file
View File

@ -0,0 +1,111 @@
From 4ba9549019683e4ece7bd1ddb27da67f8b260ea7 Mon Sep 17 00:00:00 2001
From: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
Date: Tue, 29 Mar 2022 16:01:19 +0200
Subject: [PATCH 2/3] util/cmdline: Handle the cmdline flags as list of
supported names
Flatcar Container Linux uses flatcar.oem.id as kernel parameter and has
support for coreos.oem.id. Afterburn's ignition.oem.id is not supported
and even if, it would not be the sole option.
Handle both flatcar.oem.id and coreos.oem.id. The first name in the
list takes precedence, any other present names are ignored.
---
src/util/cmdline.rs | 64 +++++++++++++++++++++++++--------------------
1 file changed, 36 insertions(+), 28 deletions(-)
diff --git a/src/util/cmdline.rs b/src/util/cmdline.rs
index e7b5550..5c1cfda 100644
--- a/src/util/cmdline.rs
+++ b/src/util/cmdline.rs
@@ -24,29 +24,36 @@ use slog_scope::trace;
/// Platform key.
#[cfg(not(feature = "cl-legacy"))]
-const CMDLINE_PLATFORM_FLAG: &str = "ignition.platform.id";
-/// Platform key (CL and RHCOS legacy name: "OEM").
+const CMDLINE_PLATFORM_FLAGS: [&'static str; 1] = ["ignition.platform.id"];
+/// Backwards-compatible platform keys, the first name takes precedence.
#[cfg(feature = "cl-legacy")]
-const CMDLINE_PLATFORM_FLAG: &str = "coreos.oem.id";
+const CMDLINE_PLATFORM_FLAGS: [&'static str; 2] = ["flatcar.oem.id", "coreos.oem.id"];
/// Get platform/OEM value from cmdline file.
pub fn get_platform(fpath: &str) -> Result<String> {
let content = std::fs::read_to_string(fpath)
.with_context(|| format!("Failed to read cmdline file ({})", fpath))?;
- match find_flag_value(CMDLINE_PLATFORM_FLAG, &content) {
- Some(platform) => {
- trace!("found '{}' flag: {}", CMDLINE_PLATFORM_FLAG, platform);
- Ok(platform)
+ for flagname in &CMDLINE_PLATFORM_FLAGS {
+ match find_flag_value(flagname, &content) {
+ Some(platform) => {
+ trace!("found '{}' flag: {}", flagname, platform);
+ return Ok(platform);
+ }
+ None => {
+ continue;
+ }
}
- None => bail!(
- "Couldn't find flag '{}' in cmdline file ({})",
- CMDLINE_PLATFORM_FLAG,
- fpath
- ),
}
+
+ bail!(
+ "Couldn't find one of the flags '{:?}' in cmdline file ({})",
+ CMDLINE_PLATFORM_FLAGS,
+ fpath
+ )
}
+
/// Check whether kernel cmdline file contains flags for network configuration.
#[allow(unused)]
pub fn has_network_kargs(fpath: &str) -> Result<bool> {
@@ -99,22 +106,23 @@ mod tests {
#[test]
fn test_find_flag() {
- let flagname = "coreos.oem.id";
- let tests = vec![
- ("", None),
- ("foo=bar", None),
- ("coreos.oem.id", None),
- ("coreos.oem.id=", None),
- ("coreos.oem.id=\t", None),
- ("coreos.oem.id=ec2", Some("ec2".to_string())),
- ("coreos.oem.id=\tec2", Some("ec2".to_string())),
- ("coreos.oem.id=ec2\n", Some("ec2".to_string())),
- ("foo=bar coreos.oem.id=ec2", Some("ec2".to_string())),
- ("coreos.oem.id=ec2 foo=bar", Some("ec2".to_string())),
- ];
- for (tcase, tres) in tests {
- let res = find_flag_value(flagname, tcase);
- assert_eq!(res, tres, "failed testcase: '{}'", tcase);
+ for flagname in &CMDLINE_PLATFORM_FLAGS {
+ let tests = vec![
+ ("".to_string(), None),
+ ("foo=bar".to_string(), None),
+ (format!("{}", flagname), None),
+ (format!("{}=", flagname), None),
+ (format!("{}=\t", flagname), None),
+ (format!("{}=ec2", flagname), Some("ec2".to_string())),
+ (format!("{}=\tec2", flagname), Some("ec2".to_string())),
+ (format!("{}=ec2\n", flagname), Some("ec2".to_string())),
+ (format!("foo=bar {}=ec2", flagname), Some("ec2".to_string())),
+ (format!("{}=ec2 foo=bar", flagname), Some("ec2".to_string())),
+ ];
+ for (tcase, tres) in tests {
+ let res = find_flag_value(flagname, &tcase);
+ assert_eq!(res, tres, "failed testcase: '{}'", &tcase);
+ }
}
}
--
2.34.1

368
sdk_container/src/third_party/coreos-overlay/coreos-base/afterburn/files/0003-encode-information-for-systemd-networkd-wait-online.patch vendored Normal file
View File

@ -0,0 +1,368 @@
From f88600293ee1c3e7d08ee724b18944dd1c40deff Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kai=20L=C3=BCke?= <kai@kinvolk.io>
Date: Thu, 15 Oct 2020 15:49:02 +0900
Subject: [PATCH 3/3] network: Encode information for
systemd-networkd-wait-online
The network-online.target can use systemd-networkd-wait-online.service
to wait for all interfaces to come up. It will fail if the interfaces
didn't came up but sometimes it is actually ok for some interfaces to
be down because they are unused or they are just one of two parts of a
bond. We should encode when interfaces will never come up and when it
is acceptable to have interfaces in a degraded state and which.
Extend the network logic to handle this additional configuration. For
Packet we expect the metadata to specify all interfaces, and any other
physical NICs can be set to "unmanaged" so that we don't wait for them.
Introduce "Path" matching in the networkd unit file for that.
We also allow bonds to operate with only one working link, and we don't
wait for all bonded interfaces to be configured.
This is a port of https://github.com/flatcar-linux/afterburn/pull/10
to afterburn's main branch.
---
src/network.rs | 99 +++++++++++++++++++++++++--
src/providers/digitalocean/mod.rs | 2 +
src/providers/ibmcloud_classic/mod.rs | 2 +
src/providers/packet/mod.rs | 30 ++++++++
4 files changed, 128 insertions(+), 5 deletions(-)
diff --git a/src/network.rs b/src/network.rs
index abf36f2..40f18a8 100644
--- a/src/network.rs
+++ b/src/network.rs
@@ -72,6 +72,8 @@ pub struct Interface {
pub name: Option<String>,
/// Interface MAC address.
pub mac_address: Option<MacAddr>,
+ /// Path as identifier
+ pub path: Option<String>,
/// Relative priority for interface configuration.
pub priority: u8,
pub nameservers: Vec<IpAddr>,
@@ -79,6 +81,8 @@ pub struct Interface {
pub routes: Vec<NetworkRoute>,
pub bond: Option<String>,
pub unmanaged: bool,
+ /// Optional requirement setting instead of the default
+ pub required_for_online: Option<String>,
}
/// A virtual network interface.
@@ -126,10 +130,11 @@ impl NetDevKind {
impl Interface {
/// Return a deterministic `systemd.network` unit name for this device.
pub fn sd_network_unit_name(&self) -> Result<String> {
- let iface_name = match (&self.name, &self.mac_address) {
- (Some(ref name), _) => name.clone(),
- (None, Some(ref addr)) => addr.to_string(),
- (None, None) => bail!("network interface without name nor MAC address"),
+ let iface_name = match (&self.name, &self.mac_address, &self.path) {
+ (Some(ref name), _, _) => name.clone(),
+ (None, Some(ref addr), _) => addr.to_string(),
+ (None, None, Some(ref path)) => path.to_string(),
+ (None, None, None) => bail!("network interface without name nor MAC address"),
};
let unit_name = format!("{:02}-{}.network", self.priority, iface_name);
Ok(unit_name)
@@ -146,6 +151,9 @@ impl Interface {
if let Some(mac) = self.mac_address {
config.push_str(&format!("MACAddress={}\n", mac));
}
+ if let Some(path) = &self.path {
+ config.push_str(&format!("Path={}\n", path));
+ }
// [Network] section
config.push_str("\n[Network]\n");
@@ -157,8 +165,14 @@ impl Interface {
}
// [Link] section
+ if self.unmanaged || self.required_for_online.is_some() {
+ config.push_str("\n[Link]\n");
+ }
if self.unmanaged {
- config.push_str("\n[Link]\nUnmanaged=yes\n");
+ config.push_str("Unmanaged=yes\n");
+ }
+ if let Some(operational_state) = &self.required_for_online {
+ config.push_str(&format!("RequiredForOnline={}\n", operational_state));
}
// [Address] sections
@@ -225,12 +239,14 @@ mod tests {
Interface {
name: Some(String::from("lo")),
mac_address: Some(MacAddr(0, 0, 0, 0, 0, 0)),
+ path: None,
priority: 20,
nameservers: vec![],
ip_addresses: vec![],
routes: vec![],
bond: None,
unmanaged: false,
+ required_for_online: None,
},
"20-lo.network",
),
@@ -238,12 +254,14 @@ mod tests {
Interface {
name: Some(String::from("lo")),
mac_address: Some(MacAddr(0, 0, 0, 0, 0, 0)),
+ path: None,
priority: 10,
nameservers: vec![],
ip_addresses: vec![],
routes: vec![],
bond: None,
unmanaged: false,
+ required_for_online: None,
},
"10-lo.network",
),
@@ -251,12 +269,14 @@ mod tests {
Interface {
name: None,
mac_address: Some(MacAddr(0, 0, 0, 0, 0, 0)),
+ path: None,
priority: 20,
nameservers: vec![],
ip_addresses: vec![],
routes: vec![],
bond: None,
unmanaged: false,
+ required_for_online: None,
},
"20-00:00:00:00:00:00.network",
),
@@ -264,15 +284,32 @@ mod tests {
Interface {
name: Some(String::from("lo")),
mac_address: None,
+ path: None,
priority: 20,
nameservers: vec![],
ip_addresses: vec![],
routes: vec![],
bond: None,
unmanaged: false,
+ required_for_online: None,
},
"20-lo.network",
),
+ (
+ Interface {
+ name: None,
+ mac_address: None,
+ path: Some("pci-*".to_owned()),
+ priority: 20,
+ nameservers: vec![],
+ ip_addresses: vec![],
+ routes: vec![],
+ bond: None,
+ unmanaged: false,
+ required_for_online: None,
+ },
+ "20-pci-*.network",
+ ),
];
for (iface, expected) in cases {
@@ -286,12 +323,14 @@ mod tests {
let i = Interface {
name: None,
mac_address: None,
+ path: None,
priority: 20,
nameservers: vec![],
ip_addresses: vec![],
routes: vec![],
bond: None,
unmanaged: false,
+ required_for_online: None,
};
i.sd_network_unit_name().unwrap_err();
}
@@ -333,6 +372,7 @@ mod tests {
Interface {
name: Some(String::from("lo")),
mac_address: Some(MacAddr(0, 0, 0, 0, 0, 0)),
+ path: None,
priority: 20,
nameservers: vec![
IpAddr::V4(Ipv4Addr::new(127, 0, 0, 1)),
@@ -352,6 +392,7 @@ mod tests {
}],
bond: Some(String::from("james")),
unmanaged: false,
+ required_for_online: None,
},
"[Match]
Name=lo
@@ -380,16 +421,64 @@ Gateway=127.0.0.1
Interface {
name: None,
mac_address: None,
+ path: None,
priority: 10,
nameservers: vec![],
ip_addresses: vec![],
routes: vec![],
bond: None,
unmanaged: false,
+ required_for_online: None,
},
"[Match]
[Network]
+",
+ ),
+ // test the path and required_for_online settings
+ (
+ Interface {
+ name: None,
+ mac_address: None,
+ path: Some("pci-*".to_owned()),
+ priority: 10,
+ nameservers: vec![],
+ ip_addresses: vec![],
+ routes: vec![],
+ bond: None,
+ unmanaged: false,
+ required_for_online: Some("no".to_owned()),
+ },
+ "[Match]
+Path=pci-*
+
+[Network]
+
+[Link]
+RequiredForOnline=no
+",
+ ),
+ // test the unmanaged setting
+ (
+ Interface {
+ name: Some("*".to_owned()),
+ mac_address: None,
+ path: None,
+ priority: 10,
+ nameservers: vec![],
+ ip_addresses: vec![],
+ routes: vec![],
+ bond: None,
+ unmanaged: true,
+ required_for_online: None,
+ },
+ "[Match]
+Name=*
+
+[Network]
+
+[Link]
+Unmanaged=yes
",
),
];
diff --git a/src/providers/digitalocean/mod.rs b/src/providers/digitalocean/mod.rs
index 3d74d29..381b90b 100644
--- a/src/providers/digitalocean/mod.rs
+++ b/src/providers/digitalocean/mod.rs
@@ -159,8 +159,10 @@ impl DigitalOceanProvider {
routes,
bond: None,
name: None,
+ path: None,
priority: 10,
unmanaged: false,
+ required_for_online: None,
},
);
}
diff --git a/src/providers/ibmcloud_classic/mod.rs b/src/providers/ibmcloud_classic/mod.rs
index 25e83b5..d8f0086 100644
--- a/src/providers/ibmcloud_classic/mod.rs
+++ b/src/providers/ibmcloud_classic/mod.rs
@@ -243,12 +243,14 @@ impl IBMClassicProvider {
let iface = network::Interface {
name: Some(name),
mac_address: Some(mac_addr),
+ path: None,
priority: 10,
nameservers: nameservers.clone(),
ip_addresses: vec![ip_net],
routes,
bond: None,
unmanaged: false,
+ required_for_online: None,
};
output.push(iface);
}
diff --git a/src/providers/packet/mod.rs b/src/providers/packet/mod.rs
index 7a643e8..e789773 100644
--- a/src/providers/packet/mod.rs
+++ b/src/providers/packet/mod.rs
@@ -219,6 +219,7 @@ impl PacketProvider {
mac_address: Some(mac),
bond: i.bond.clone(),
name: None,
+ path: None,
priority: 10,
nameservers: Vec::new(),
ip_addresses: Vec::new(),
@@ -226,6 +227,15 @@ impl PacketProvider {
// the interface should be unmanaged if it doesn't have a bond
// section
unmanaged: i.bond.is_none(),
+ required_for_online: if i.bond.is_none() {
+ // use the default requirement
+ None
+ } else {
+ // We care about the state of the bond interface and accept if any of the bonded
+ // interfaces are down. Actually the desired minimal state is "no-carrier" but
+ // systemd-networkd-wait-online does not work well with it currently, thus "no".
+ Some("no".to_owned())
+ },
});
// if there is a bond key, make sure we have a bond device for it
@@ -235,10 +245,12 @@ impl PacketProvider {
priority: 5,
nameservers: dns_servers.clone(),
mac_address: None,
+ path: None,
bond: None,
ip_addresses: Vec::new(),
routes: Vec::new(),
unmanaged: false,
+ required_for_online: Some("degraded-carrier".to_owned()),
};
if !bonds
.iter()
@@ -319,6 +331,24 @@ impl PacketProvider {
interfaces.push(bond)
}
+ // Create a fallback rule for all physical NICs that haven't been configured
+ // because otherwise systemd-networkd-wait-online will wait for them and even if told
+ // to only wait for bond0 this won't work with systemd 246 because the bond0 interface
+ // never leaves the "configuring" phase when the other NICs are also still configuring.
+ let fallback = Interface {
+ path: Some("pci-*".to_owned()),
+ unmanaged: true,
+ priority: 80,
+ name: None,
+ mac_address: None,
+ bond: None,
+ nameservers: Vec::new(),
+ ip_addresses: Vec::new(),
+ routes: Vec::new(),
+ required_for_online: None,
+ };
+ interfaces.push(fallback);
+
Ok((interfaces, network_devices))
}
}
--
2.34.1

2
sdk_container/src/third_party/coreos-overlay/coreos-base/afterburn/files/coreos-metadata-sshkeys@.service vendored
View File

@ -8,7 +8,9 @@ Restart=on-failure
RestartSec=10
Environment=COREOS_METADATA_OPT_PROVIDER=--cmdline
ExecStart=/usr/bin/coreos-metadata ${COREOS_METADATA_OPT_PROVIDER} --ssh-keys=%i
ExecStartPost=/usr/bin/update-ssh-keys -u %i
[Install]
DefaultInstance=core
RequiredBy=multi-user.target
Alias=afterburn-sshkeys@.service

2
sdk_container/src/third_party/coreos-overlay/coreos-base/afterburn/files/coreos-metadata.service vendored
View File

@ -8,7 +8,9 @@ Restart=on-failure
RestartSec=10
Environment=COREOS_METADATA_OPT_PROVIDER=--cmdline
ExecStart=/usr/bin/coreos-metadata ${COREOS_METADATA_OPT_PROVIDER} --attributes=/run/metadata/flatcar
ExecStartPost=/usr/bin/sed --in-place "s/AFTERBURN/COREOS/g ; s/AWS/EC2/g ; s/GCP/GCE/g" /run/metadata/flatcar
ExecStartPost=/usr/bin/ln -fs /run/metadata/flatcar /run/metadata/coreos
[Install]
RequiredBy=metadata.target
Alias=afterburn.service