providers/proxmoxve: Add Proxmox VE provider #1790
Conversation
|
Related issues: coreos/fedora-coreos-tracker#736 and coreos/fedora-coreos-tracker#1652 |
This uses coreos/afterburn#1023 and coreos/ignition#1790 to provide Proxmox images. This pulls in flatcar/bootengine#91 and flatcar/init#115 to run afterburn for hostname, network, SSH key, and metadata attribute setup. The afterburn support for the SSH key and hostname parses the user-data when it's cloud-init. The coreos-cloudinit support is not there but can be added in addition: We need to add a new provider that varies from the existing config drive support because the file is called user-data and not user_data, and it needs to look for a filesystem label cidata and not config-2.
This uses coreos/afterburn#1023 and coreos/ignition#1790 to provide Proxmox images. This pulls in flatcar/bootengine#91 and flatcar/init#115 to run afterburn for hostname, network, SSH key, and metadata attribute setup. The afterburn support for the SSH key and hostname parses the user-data when it's cloud-init. The coreos-cloudinit support is not there but can be added in addition: We need to add a new provider that varies from the existing config drive support because the file is called user-data and not user_data, and it needs to look for a filesystem label cidata and not config-2.
This uses coreos/afterburn#1023 and coreos/ignition#1790 to provide Proxmox images. This pulls in flatcar/bootengine#91 and flatcar/init#115 to run afterburn for hostname, network, SSH key, and metadata attribute setup. The afterburn support for the SSH key and hostname parses the user-data when it's cloud-init. The coreos-cloudinit support is not there but can be added in addition: We need to add a new provider that varies from the existing config drive support because the file is called user-data and not user_data, and it needs to look for a filesystem label cidata and not config-2.
|
After trying this PR, it turns out that the ignition/internal/register/providers.go Line 15 in 32221a9 I cannot push to this PR, can someone please add the missing import and build again? Thanks |
This uses coreos/afterburn#1023 and coreos/ignition#1790 to provide Proxmox images. This pulls in flatcar/bootengine#91 and flatcar/init#115 to run afterburn for hostname, network, SSH key, and metadata attribute setup. The afterburn support for the SSH key and hostname parses the user-data when it's cloud-init. The coreos-cloudinit support is not there but can be added in addition: We need to add a new provider that varies from the existing config drive support because the file is called user-data and not user_data, and it needs to look for a filesystem label cidata and not config-2.
This uses coreos/afterburn#1023 and coreos/ignition#1790 to provide Proxmox images. This pulls in flatcar/bootengine#91 and flatcar/init#115 to run afterburn for hostname, network, SSH key, and metadata attribute setup. The afterburn support for the SSH key and hostname parses the user-data when it's cloud-init. The coreos-cloudinit support is not there but can be added in addition: We need to add a new provider that varies from the existing config drive support because the file is called user-data and not user_data, and it needs to look for a filesystem label cidata and not config-2.
|
Thanks, I pushed this one line fix. |
This uses coreos/afterburn#1023 and coreos/ignition#1790 to provide Proxmox images. This pulls in flatcar/bootengine#91 and flatcar/init#115 to run afterburn for hostname, network, SSH key, and metadata attribute setup. The afterburn support for the SSH key and hostname parses the user-data when it's cloud-init. The coreos-cloudinit support is not there but can be added in addition: We need to add a new provider that varies from the existing config drive support because the file is called user-data and not user_data, and it needs to look for a filesystem label cidata and not config-2.
|
@travier I have successfully tested this, I think it can be merged |
There was a problem hiding this comment.
LGTM and it has been tested on Flatcar. Any chance to add a changelog entry:
ignition/docs/release-notes.md
Line 11 in b2ea352
| // The OpenStack provider fetches configurations from the userdata available in | ||
| // both the config-drive as well as the network metadata service. Whichever | ||
| // responds first is the config that is used. | ||
| // NOTE: This provider is still EXPERIMENTAL. |
There was a problem hiding this comment.
I'm not sure this is accurate. It might come from copy-paste?
There was a problem hiding this comment.
I was the one who copy-pasted this, and my rationale for not updating the comment was that the same vestigial OpenStack comment lives on inside internal/providers/ibmcloud/ibmcloud.go
I probably should have updated it. I'm pretty sure this Proxmox provider doesn't attempt to look for a network server.
There was a problem hiding this comment.
Ah, @b- legal stuff is always a bit spooky, from my reading I believe that keeping the original licensing note to be accurate.
|
Looks like all we need is to add a release note entry and it will be gtg! Thank you everyone for your hardwork! |
|
Can we give a hand on this to accelerate ? |
| dispatch := func(name string, fn func() ([]byte, error)) { | ||
| raw, err := fn() | ||
| if err != nil { | ||
| switch err { | ||
| case context.Canceled: | ||
| case context.DeadlineExceeded: | ||
| f.Logger.Err("timed out while fetching config from %s", name) | ||
| default: | ||
| f.Logger.Err("failed to fetch config from %s: %v", name, err) | ||
| } | ||
| return | ||
| } | ||
|
|
||
| data = raw | ||
| cancel() | ||
| } | ||
|
|
||
| go dispatch( | ||
| "config drive (cidata)", func() ([]byte, error) { | ||
| return fetchConfigFromDevice(f.Logger, ctx, filepath.Join(distro.DiskByLabelDir(), deviceLabel)) | ||
| }, | ||
| ) | ||
|
|
||
| <-ctx.Done() | ||
| if ctx.Err() == context.DeadlineExceeded { | ||
| f.Logger.Info("cidata drive was not available in time. Continuing without a config...") | ||
| } |
There was a problem hiding this comment.
This construction is not desirable if we can avoid it. It's currently only used on platforms where it's possible for the drive to not exist and so we have to time out. The core problem is that it's inherently racy to wait around for a drive to show up. So if we know that there will always be a drive, then we should just indefinitely wait for it.
fetchConfigFromDevice() is already looping waiting for the device to show up so we can call it directly from here without using a context (and get rid of the context and select there). See e.g. the powervs, nutanix, or kubevirt provider code for examples of this pattern.
Or: is it the case that on Proxmox VE, no config drive may be attached? (Doesn't seem like it from my understanding.)
There was a problem hiding this comment.
I confirm that it is possible not to attach a drive. It actually is the default behavior.
There was a problem hiding this comment.
Hmm, I don't follow. If Proxmox uses the drive the pass its own metadata, doesn't it need to provide it even if the user didn't provide any user-data? Or are you saying if users use the lower-level APIs it's possible?
But anyway, that's enough to require a timeout in that case.
There was a problem hiding this comment.
Let me clarify, you can face :
- no drive at all attached to the guest VM
- a drive containing cloud-config as user data
- a drive containing ignition json as user data
| return nil, nil | ||
| } | ||
|
|
||
| return os.ReadFile(filepath.Join(mnt, cidataPath)) |
There was a problem hiding this comment.
Don't we need to implement the "if the user-data is a cloud-config, then ignore it" here?
There was a problem hiding this comment.
@arcln would have a better memory than mine, but I think we did implement this in another PR and that it was considered useless as ignition does verify if the content is a valid ignition configuration.
There was a problem hiding this comment.
I don't understand how this can work. ParseConfig will error out because it's not a valid Ignition config and Ignition will exit nonzero, which will break boot.
In the other PR, it looks like we tried to workaround this by just ignoring errors completely, but that doesn't seem right either. We should explicitly check if the first line is #cloud-config, if yes, gracefully ignore, if no, then try to parse as an Ignition config and fail if it's not.
There was a problem hiding this comment.
Again, I am not sure about this, let's wait for @arcln feedback
There was a problem hiding this comment.
According to @pothos, this check is performed by Flatcar itself. Ignition will not be invoked if the user data file starts with #cloud-config. I don't know where precisely this check is performed, but I tried to boot the test Flatcar image with a cloud-config and it booted successfully.
I don't know if the same is true for FCOS. Can someone confirm ?
There was a problem hiding this comment.
There's nothing in FCOS that would check if the user-data is a cloud-config and skip Ignition if so.
There was a problem hiding this comment.
ok @jlebon so what do you think we should do ?
Implement a configuration check in ignition ?
If so, should it generically check a valid json or a discrete cloud config file type or header ?
Should this be implemented in this PR and in the ProxmoxVE part of the code or something reusable ?
There was a problem hiding this comment.
ok @jlebon so what do you think we should do ? Implement a configuration check in ignition ? If so, should it generically check a valid json or a discrete cloud config file type or header ? Should this be implemented in this PR and in the ProxmoxVE part of the code or something reusable ?
I think to start we should be as strict as possible, i.e. only ignore quietly if the document starts with #cloud-config\n. If it doesn't, just assume it's JSON and try to parse it. I would keep it constrained to the Proxmox VE provider code.
|
Closing in favour of #1910. |
This is just ripped from providers/ibmcloud with strings changed, and I honestly didn't try building yet (as I wanted to just upload something before I forget to get the ball rolling...) but it should work, at least in a basic sense, because the ibmcloud image works on Proxmox VE as-is!
...with a few fun caveat: ignition must be supplied as cloud-init (
nocloud) data. This means that to do it "the Proxmox way" you need to:/var/lib/vz/snippets/example.ignif you simply enable Snippets on the stocklocalfilesystem storage provider)qmcli command, or the Proxmox VE API, to set custom cloud-init data to the uploaded ignition file (for example,ssh [email protected] qm set 30001 -cicustom user=local:snippets/butane.ignOR
cidataand a file/user-datawith the contents of your ignition data. (This is manually creating the cloud-init ISO, and may work on other hypervisors with a proxmoxve image)The above manual way can be automated in Go by consuming the go-proxmox module and calling the
VirtualMachine.CloudInit()method, as done in my experimental gomox cli utility