Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

openstack: use config-drive by default and metadata API as fallback #462

Merged
merged 1 commit into from
Aug 3, 2020

Conversation

zonggen
Copy link
Member

@zonggen zonggen commented Jul 22, 2020

This changes afterburn to use config-drive as default for scraping metadata and then try metadata API if config-drive is not available. Also changes the name of the platform from openstack-metadata to openstack.

Closes: coreos/fedora-coreos-tracker#422
Signed-off-by: Allen Bai [email protected]

@zonggen zonggen requested a review from lucab July 22, 2020 20:38
src/metadata.rs Outdated Show resolved Hide resolved
@zonggen zonggen force-pushed the openstack-config-drive branch from 4f52a9e to f97eaa1 Compare July 22, 2020 20:59
@zonggen
Copy link
Member Author

zonggen commented Jul 22, 2020

Some potential points of interest:

  • Now Afterburn requires super user permission since it might need to mount/umount the config-drive to read the metadata
  • Not entirely sure if the public key API is always available. Tried to boot up an FCOS instance on OpenStack but there's no public key data in either metadata API or config-drive files.

Except the public keys, other metadata can be successfully fetched:

core@ip_addr $ AFTERBURN_OPT_PROVIDER=--cmdline sudo ./afterburn ${AFTERBURN_OPT_PROVIDER} --attributes=./metadata

AFTERBURN_OPENSTACK_INSTANCE_TYPE=m1.small
AFTERBURN_OPENSTACK_IPV4_LOCAL=ip_addr
AFTERBURN_OPENSTACK_INSTANCE_ID=i-022da7a2
AFTERBURN_OPENSTACK_IPV4_PUBLIC=
AFTERBURN_OPENSTACK_HOSTNAME=abai-fcos-afterburn-test

Copy link
Member

@cgwalters cgwalters left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm...don't we basically want to try them in parallel?

src/metadata.rs Outdated Show resolved Hide resolved
src/providers/openstack/configdrive.rs Outdated Show resolved Hide resolved
@zonggen
Copy link
Member Author

zonggen commented Jul 23, 2020

don't we basically want to try them in parallel?

@cgwalters By parallel do you mean literally running both config-drive and metadata API at the same time, or running the metadata API as a fallback if any of the method in config-drive version fails?

I was wondering too, since right now it won't check the metadata API unless something at the initialization step went wrong (like a missing config-drive device). For example, if the config-drive is mounted correctly, Afterburn won't check metadata API for ssh public keys even if public keys is missing in the meta_data.json filr in config-drive.

@jlebon
Copy link
Member

jlebon commented Jul 23, 2020

There's some more details in the chat logs from the community meeting where this was discussed, but the TL;DR IIUC was: we keep openstack-metadata for backwards compatibility, and we add a new openstack provider which does config-drive first, then falls back to metadata service.

The reason we do config drive first is to try to be consistent with Ignition's auto-discovery behaviour (which is not great, but we have to live with for now). If it used config-drive, then Afterburn should use config-drive too. Because we run so much later Ignition, we don't need to wait for the device to show up like Ignition does. We can just check for it and if it doesn't exist, fallback to the metadata server.

src/providers/openstack/configdrive.rs Show resolved Hide resolved
src/metadata.rs Outdated Show resolved Hide resolved
src/providers/openstack/configdrive.rs Outdated Show resolved Hide resolved
src/providers/openstack/configdrive.rs Outdated Show resolved Hide resolved
src/providers/openstack/configdrive.rs Show resolved Hide resolved
src/metadata.rs Outdated Show resolved Hide resolved
src/providers/openstack/configdrive.rs Outdated Show resolved Hide resolved
src/providers/openstack/configdrive.rs Outdated Show resolved Hide resolved
@zonggen zonggen changed the title openstack: use config-drive by default and metadata API as fallback [WIP] openstack: use config-drive by default and metadata API as fallback Jul 27, 2020
@zonggen zonggen force-pushed the openstack-config-drive branch from f97eaa1 to 8b7276e Compare July 29, 2020 19:01
@zonggen zonggen changed the title [WIP] openstack: use config-drive by default and metadata API as fallback openstack: use config-drive by default and metadata API as fallback Jul 29, 2020
@zonggen
Copy link
Member Author

zonggen commented Jul 29, 2020

Updated with followings:

  • support both openstack-metadata and openstack platform id
  • add unit tests for attributes and ssh_keys
  • create explicit structs for the JSON files
  • add fixtures for the ec2/meta_data.json and openstack/meta_data.json
  • update docs in README.md and attributes.md
  • minor adjustments according to comments / reviews

Also ran on OpenStack to make sure it worked as intended.. and it worked as expected

@zonggen
Copy link
Member Author

zonggen commented Jul 29, 2020

Ready for another round of review!

@zonggen zonggen force-pushed the openstack-config-drive branch 2 times, most recently from 4cd92a5 to d0ea1c4 Compare July 30, 2020 20:00
src/metadata.rs Outdated Show resolved Hide resolved
src/providers/openstack/mod.rs Outdated Show resolved Hide resolved
src/providers/openstack/mod.rs Show resolved Hide resolved
src/providers/openstack/configdrive.rs Outdated Show resolved Hide resolved
This changes afterburn to use config-drive as default for scraping
metadata and then try metadata API if config-drive is not available.
Previously supported platform id 'openstack-metadata' will continue
to be supported.

Closes: coreos/fedora-coreos-tracker#422
Signed-off-by: Allen Bai <[email protected]>
@zonggen zonggen force-pushed the openstack-config-drive branch from d0ea1c4 to bb31a61 Compare July 31, 2020 15:43
@zonggen
Copy link
Member Author

zonggen commented Jul 31, 2020

@lucab Thanks for the review! Updated regarding the reviews.

@lucab
Copy link
Contributor

lucab commented Aug 3, 2020

LGTM, thanks for implementing this!

pierreprinetti added a commit to shiftstack/afterburn that referenced this pull request Jun 6, 2023
As detailed in coreos#462, Afterburn
has two separate OpenStack endpoints, each with a different metadata
gathering policy. This patch adds the relevant information to the docs.
alejandro-ripoll added a commit to alejandro-ripoll/bootengine that referenced this pull request May 27, 2024
openstack: use config-drive by default and metadata API as fallback
Related: coreos/afterburn#462
alejandro-ripoll pushed a commit to alejandro-ripoll/scripts that referenced this pull request May 28, 2024
…tries with the config drive then fallback on the metadata service.

Change `flatcar-openstack-hostname.service` to use afterburn `openstack` provider implemented on coreos/afterburn#462  instead of `openstack-metadata`.
BootEngine PR: flatcar/bootengine#96
alejandro-ripoll pushed a commit to alejandro-ripoll/scripts that referenced this pull request Jun 3, 2024
Change `flatcar-openstack-hostname.service` to use afterburn `openstack` provider implemented on coreos/afterburn#462  instead of `openstack-metadata`.
BootEngine PR: flatcar/bootengine#96
tormath1 pushed a commit to flatcar/scripts that referenced this pull request Jun 7, 2024
Change `flatcar-openstack-hostname.service` to use afterburn `openstack` provider implemented on coreos/afterburn#462  instead of `openstack-metadata`.
BootEngine PR: flatcar/bootengine#96
pierreprinetti added a commit to shiftstack/afterburn that referenced this pull request Jul 15, 2024
As detailed in coreos#462, Afterburn
has two separate OpenStack endpoints, each with a different metadata
gathering policy. This patch adds the relevant information to the docs.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Modify Afterburn openstack defaults to try config-drive, then metadata service
4 participants