Document package layering via systemd #294
Conversation
As discussed in [the forum thread here](https://discussion.fedoraproject.org/t/layering-packages-via-rpm-ostree-as-part-of-provisioning/29862?u=rugk). Thanks a lot to the community for the help!
|
Took a quick look and this looks good! Thanks! |
|
Tested practically and it worked except that a network error occurred, but I guess this is related to a known CoreOS problem. (linked it) |
| RemainAfterExit=yes | ||
| ExecStart=/usr/bin/rpm-ostree install --allow-inactive nano | ||
| ExecStart=/bin/touch /var/lib/rpm-ostree-install-nano.stamp | ||
| ExecStart=/bin/systemctl --no-block reboot |
There was a problem hiding this comment.
We had a long thread on this somewhere; the problem with rebooting like this is it doesn't compose - what if e.g. two units want to reboot? They'll race, but you only want to reboot once.
What I think would be cleanest is having something like a coreos-firstboot-reboot.service that is off by default and is ordered After=first-boot-complete.target - that way multiple units can request a reboot via Wants=coreos-firstboot-reboot.service.
There was a problem hiding this comment.
We had a long thread on this somewhere
Likely when you’ve discussed the cgroups example, because I’ve literally taken it from there and it’s also still there – so if we’d change that, we would possibly need to adjust it there, don’t we?
What I think would be cleanest is having something like a coreos-firstboot-reboot.service that is off by default
Okay, so is this something an admin should configure?
Or is this a service that should be included in Fedora CoreOS, so that an admin should only do Wants=coreos-firstboot-reboot.service as you say?
Again, we can hardly explain that on two totally separate pages… so I’d tend to having that included in FCOS.
There was a problem hiding this comment.
For package layering in specific, I think the end goal for coreos/fedora-coreos-tracker#681 is that the packages are available from first boot so that you wouldn't have to reboot at all.
|
To be clear, I'm mostly OK with merging this as is if you prefer after fixing the We can pursue better reboot handling with patches to either fedora-coreos-config or upstream systemd, then circle back and improve this. |
|
Yet another alternative though is to put this logic in https://github.com/coreos/butane |
As per @cgwalters comment. Thanks.
|
Oh only read your further comments now. Okay, so should I document these potential problems?
Well… concerning layering the issues are already linked (in the doc too), but given cgroups also uses this reboot switch, I guess there are a lot of other use cases to reboot during the provisioning. So having something “built-in” would indeed be nice for this. |
| RemainAfterExit=yes | ||
| ExecStart=/usr/bin/rpm-ostree install --allow-inactive nano | ||
| ExecStart=/bin/touch /var/lib/rpm-ostree-install-nano.stamp | ||
| ExecStart=/bin/systemctl --no-block reboot |
There was a problem hiding this comment.
For package layering in specific, I think the end goal for coreos/fedora-coreos-tracker#681 is that the packages are available from first boot so that you wouldn't have to reboot at all.
Co-authored-by: Jonathan Lebon <jonathan@jlebon.com>
Co-authored-by: Jonathan Lebon <jonathan@jlebon.com>
|
I don’t mind, but you can also do so when merging. I guess it makes no difference, so just do so, if you want. 😉 |
|
Thanks a lot for writing this up! I suggested a few tweaks to this in #296. |
As discussed in the forum thread here.
Heavily inspired by the cargs v2 example.
Thanks a lot to the community for the help!