From 235b0f28e2d8460c1825fb74f608d2a7b3f506fb Mon Sep 17 00:00:00 2001 From: Jonathan Lebon Date: Mon, 25 Nov 2019 17:20:11 -0500 Subject: [PATCH 1/2] Add coreos-keep-cgroup-v1.service In f31, the default cgroup changed to v2. However, we've decided to stay on v1 for the time being. Thus, we don't want older nodes upgrading to f31 to be forced into v2. Add a tiny service which just scans the BLS configs and injects the `systemd.unified_cgroup_hierarchy` karg as needed. For more information, see: https://github.com/coreos/fedora-coreos-tracker/issues/292 https://github.com/coreos/fedora-coreos-streams/issues/26#issuecomment-558361931 --- .../lib/systemd/system-preset/40-coreos.preset | 1 + .../system/coreos-keep-cgroup-v1.service | 15 +++++++++++++++ .../90cgroups/usr/libexec/coreos-keep-cgroup-v1 | 17 +++++++++++++++++ 3 files changed, 33 insertions(+) create mode 100644 overlay.d/90cgroups/usr/lib/systemd/system/coreos-keep-cgroup-v1.service create mode 100755 overlay.d/90cgroups/usr/libexec/coreos-keep-cgroup-v1 diff --git a/overlay.d/05core/usr/lib/systemd/system-preset/40-coreos.preset b/overlay.d/05core/usr/lib/systemd/system-preset/40-coreos.preset index 89a4bc8d21..e9930f0b7d 100644 --- a/overlay.d/05core/usr/lib/systemd/system-preset/40-coreos.preset +++ b/overlay.d/05core/usr/lib/systemd/system-preset/40-coreos.preset @@ -13,3 +13,4 @@ enable afterburn-firstboot-checkin.service enable afterburn-sshkeys@.service # Update agent enable zincati.service +enable coreos-keep-cgroup-v1.service diff --git a/overlay.d/90cgroups/usr/lib/systemd/system/coreos-keep-cgroup-v1.service b/overlay.d/90cgroups/usr/lib/systemd/system/coreos-keep-cgroup-v1.service new file mode 100644 index 0000000000..0f7ff02c86 --- /dev/null +++ b/overlay.d/90cgroups/usr/lib/systemd/system/coreos-keep-cgroup-v1.service @@ -0,0 +1,15 @@ +[Unit] +Description=CoreOS Keep CGroups v1 +Documentation=https://github.com/coreos/fedora-coreos-tracker/issues/292 +RequiresMountsFor=/boot +# Note we don't conditionalize on ConditionKernelCommandLine= here because the +# kernel arg might've been added manually just for this boot; we still want to +# change the BLS entries in that case. + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=/usr/libexec/coreos-keep-cgroup-v1 + +[Install] +WantedBy=multi-user.target diff --git a/overlay.d/90cgroups/usr/libexec/coreos-keep-cgroup-v1 b/overlay.d/90cgroups/usr/libexec/coreos-keep-cgroup-v1 new file mode 100755 index 0000000000..2a3ba69f2d --- /dev/null +++ b/overlay.d/90cgroups/usr/libexec/coreos-keep-cgroup-v1 @@ -0,0 +1,17 @@ +#!/bin/bash +set -euo pipefail + +for f in /boot/loader/entries/*.conf; do + options=$(grep '^options ' "$f" | cut -f2- -d' ') + + # If it's already specified, don't touch whatever value is there. That way, + # users that purposely opted into v2 early keep it. It also makes this + # script idempotent. + if grep -q "systemd.unified_cgroup_hierarchy" <<< "$options"; then + continue + fi + + # otherwise, make sure we stay on v1 + sed -e "/^options / s/$/ systemd.unified_cgroup_hierarchy=0/" -i "$f" + echo "$(basename "$f"): injected systemd.unified_cgroup_hierarchy=0" +done From 28e95a8fdfbf7be83d9e46626dde92558e80815b Mon Sep 17 00:00:00 2001 From: Jonathan Lebon Date: Tue, 26 Nov 2019 11:35:32 -0500 Subject: [PATCH 2/2] fedora-coreos-base.yaml: pin some NEVRAs to reproduce 30.20191014.0 We need this hack in order to get exactly the same package set that release had. For details, see: https://github.com/coreos/fedora-coreos-config/pull/238#issuecomment-558707064 --- fedora-coreos-base.yaml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/fedora-coreos-base.yaml b/fedora-coreos-base.yaml index 45b54327d0..a24115b210 100644 --- a/fedora-coreos-base.yaml +++ b/fedora-coreos-base.yaml @@ -146,6 +146,13 @@ packages: - whois-nls # Parsing/Interacting with JSON data - jq + # HACK for https://github.com/coreos/fedora-coreos-config/pull/238#issuecomment-558707064 + - brotli-1.0.7-3.fc30.x86_64 + - curl-7.65.3-4.fc30.x86_64 + - libcurl-7.65.3-4.fc30.x86_64 + - libmetalink-0.1.3-8.fc30.x86_64 + - libssh-0.9.0-5.fc30.x86_64 + - libssh-config-0.9.0-5.fc30.noarch # This thing is crying out to be pulled into systemd, but that hasn't happened # yet. Also we may want to add to rpm-ostree something like arch negation;