Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

UKI: kairos-agent reset #2051

Closed
Tracked by #1791 ...
mudler opened this issue Dec 5, 2023 · 9 comments · Fixed by kairos-io/kairos-agent#232
Closed
Tracked by #1791 ...

UKI: kairos-agent reset #2051

mudler opened this issue Dec 5, 2023 · 9 comments · Fixed by kairos-io/kairos-agent#232
Assignees
Labels
enhancement New feature or request uki

Comments

@mudler
Copy link
Member

mudler commented Dec 5, 2023

Follow-up of #1151 #872

Depends on: #2226

There should be a kairos-agent CLI command that allows to set the next boot selection entry in order to replace instructions using GRUB https://kairos.io/docs/reference/reset/#remotely-via-command-line.

the reset shim has also to take into account of things like setting up the next boot entry hybrid with GRUB/systemd-boot

Acceptance Criteria

  • There is a kairos-agent command that replaces this process both for UKI and non-UKI systems.
  • We have a separate binary that does implement the shim so it can be used for backward compatibility during upgrades cc @vipsharm
@jimmykarily
Copy link
Contributor

We have "reset" but it doesn't work exactly like the "reset" in non-UKI installations. We need to discuss whether the current implementation is enough or if we need to do more work. We will plan a call for this one.

@jimmykarily jimmykarily moved this from Todo 🖊 to In Progress 🏃 in 🧙Issue tracking board Feb 6, 2024
@jimmykarily jimmykarily moved this from In Progress 🏃 to Todo 🖊 in 🧙Issue tracking board Feb 6, 2024
@jimmykarily
Copy link
Contributor

jimmykarily commented Feb 8, 2024

Currently the non-UKI reset does:

  • formats the persistent partition by default
    this is all the user data in the bound persistent directories (e.g. containers, databases, whatever)
  • formats the oem partition if specified by the user (default: false)
    this is where user configuration lives (even the original installation config is gone if true)
  • makes the "recovery" image be the new "active"
  • creates extra directories in the rootfs if specified in the kairos config (which will be deleted if the above option is true)
  • installs grub again using the files from the recovery image

Currently the UKI reset does:

  • formats the persistent partition be default (like non-UKI does)
  • formats the oem partition if requested by the user (like non-UKI does)

What is missing:

  • change the default uefi entry to the "recovery" one, which is not well defined in uki mode. User can select whichever version they want from the menu.

TODO:

  • See if we can identify which EFI/config file we are booted in. If that's possible, by prefixing the efi/config file with "recovery-" and "active-" and "passive-" we can decide which image is which, without needing the cmdline to define that.

If the above works, we can then:

  • On first installation there is only one version (+additional cmdlines) which will be copied 3 times (active, passive, recovery)
  • As we keep upgrading, we rotate the active and passive (+additional cmdlines)
  • The recovery one is always the original one (unless the user upgrades with --recovery)
  • Keep only up to 3 versions around (+ all their cmdlines) when upgrading (like it happens in non-uki)

Finally, on reset we replace "active" with "recovery".

NOTE:

  • The extra dirs thing, is not possible in UKI because we can't change the image (it's signed).
  • systemd-boot resets whatsoever (as in grub re-installation).

@jimmykarily
Copy link
Contributor

Also relevant information on how upgrade works in "legacy": #1286 (comment)

@jimmykarily
Copy link
Contributor

Keeping open until it's bumped in kairos

@jimmykarily jimmykarily reopened this Feb 21, 2024
@github-project-automation github-project-automation bot moved this from Done ✅ to Under review 🔍 in 🧙Issue tracking board Feb 21, 2024
@Itxaka
Copy link
Member

Itxaka commented Feb 21, 2024

this + shim is part of agent v2.7.13

@Itxaka
Copy link
Member

Itxaka commented Feb 21, 2024

v2.7.13 merged into packages, should shortly be available under framework

@Itxaka
Copy link
Member

Itxaka commented Feb 21, 2024

#2278

@Itxaka
Copy link
Member

Itxaka commented Feb 22, 2024

Now in master

@Itxaka Itxaka closed this as completed Feb 22, 2024
@github-project-automation github-project-automation bot moved this from Under review 🔍 to Done ✅ in 🧙Issue tracking board Feb 22, 2024
@jimmykarily
Copy link
Contributor

I did a test from master and it works. All good.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request uki
Projects
Archived in project
Development

Successfully merging a pull request may close this issue.

3 participants