forked from coreos/fedora-coreos-config
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Populate an lvmdevices(8) file to limit LVM from autoactivating all devices it sees in a system. By default systems will get a "blank" configuration file with a comment in it explaining what it is used for. There is also a one-time "populate" service that will run and add any devices it sees into the devices file. This will serve to import existing devices on upgrading systems or new systems with pre-existing LVM devices attached. See the tracker issue [1] for more information. [1] coreos/fedora-coreos-tracker#1517
- Loading branch information
Showing
8 changed files
with
162 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
# LVM uses devices listed in this file. | ||
# | ||
# This is an empty lvmdevices(8) file placed here by the CoreOS overlays. | ||
# The existence of the file prevents LVM from auto-activating any LVM devices | ||
# that aren't explicitly allowlisted by being added to this file. Any newly | ||
# added PV/VG devices that get created via pvcreate/vgreate will have an entry | ||
# added here automatically by the tools. For more information on this see | ||
# https://github.com/coreos/fedora-coreos-tracker/issues/1517 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
# Config file for overriding permission bits on overlay files/dirs | ||
# Format: =<file mode in decimal> <absolute path to a file or directory> |
1 change: 1 addition & 0 deletions
1
overlay.d/30lvmdevices/usr/lib/systemd/system-preset/45-coreos-populate-lvmdevices.preset
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
enable coreos-populate-lvmdevices.service |
26 changes: 26 additions & 0 deletions
26
overlay.d/30lvmdevices/usr/lib/systemd/system/coreos-populate-lvmdevices.service
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
[Unit] | ||
Description=CoreOS Populate LVM Devices File | ||
Documentation=https://github.com/coreos/fedora-coreos-tracker/issues/1517 | ||
# Only run this import once. | ||
ConditionPathExists=!/var/lib/coreos-populate-lvmdevices.stamp | ||
# Don't add default dependencies so we can run early enough to populate | ||
# the devices file before any LVM devices are used. | ||
DefaultDependencies=false | ||
# Since our ConditionPathExists file lives under /var/lib/ let's make | ||
# sure they are set up if those filesystems/mountpoints exist separately. | ||
After=var.mount var-lib.mount | ||
# On OpenShift/Kubernetes we want to ensure we run before kubernetes | ||
# comes up where storage drivers may be initiated and present more LVM | ||
# devices to the system that we don't want to be considered. | ||
Before=kubelet.service | ||
|
||
[Service] | ||
Type=oneshot | ||
RemainAfterExit=yes | ||
StandardOutput=journal+console | ||
StandardError=inherit | ||
ExecStart=/usr/libexec/coreos-populate-lvmdevices | ||
ExecStartPost=touch /var/lib/coreos-populate-lvmdevices.stamp | ||
|
||
[Install] | ||
WantedBy=default.target |
46 changes: 46 additions & 0 deletions
46
overlay.d/30lvmdevices/usr/libexec/coreos-populate-lvmdevices
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
#!/bin/bash | ||
set -euo pipefail | ||
|
||
# This script will detect any LVM devices and add them to the lvmdevices | ||
# file, which will force this host to only consider those devices in | ||
# the future. This script should be run once to do the population and | ||
# should not need to be run again. See | ||
# https://github.com/coreos/fedora-coreos-tracker/issues/1517 | ||
|
||
LVMDEVICESFILENAME="system.devices" | ||
LVMDEVICESFILE="/etc/lvm/devices/${LVMDEVICESFILENAME}" | ||
|
||
# If the devices file doesn't exist that is a bit odd because we | ||
# shipped it in the same update this migration script runs but let's | ||
# just bail out. Someone could have deleted the lvmdevices file and | ||
# then later accidentally run the migration script again. | ||
if [ ! -f $LVMDEVICESFILE ]; then | ||
echo "$LVMDEVICESFILE does not exist. Exiting." | ||
exit 0 | ||
fi | ||
|
||
# If the file exists and the file is different than what was shipped | ||
# then we exit early. In this case the system likely already had an | ||
# lvmdevices file defined already. | ||
if ! diff -u "/usr/${LVMDEVICESFILE}" "${LVMDEVICESFILE}"; then | ||
echo "Detected modified $LVMDEVICESFILE file. Exiting." | ||
exit 0 | ||
fi | ||
|
||
# Detect all existing PVs using `pvs` with a blank devicesfile | ||
# setting, which will un-limit the search. | ||
PVS=$(pvs --devicesfile="" --noheadings -o pv_name) | ||
|
||
if [ -z "$PVS" ]; then | ||
echo "No LVM devices detected. Exiting." | ||
exit 0 | ||
fi | ||
|
||
echo "Populating lvmdevices file with detected devices." | ||
for pv in $(pvs --devicesfile="" --noheadings -o pv_name); do | ||
echo "Adding ${pv} to lvmdevices file $LVMDEVICESFILE" | ||
lvmdevices --journal output --adddev "$pv" --devicesfile "$LVMDEVICESFILENAME" | ||
done | ||
|
||
echo "Activating lvmdevices after devices file population" | ||
pvscan --cache --activate ay |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,64 @@ | ||
#!/bin/bash | ||
## kola: | ||
## description: Verify LVM devices file handling works as expected | ||
## # additionalDisks is only supported on qemu. | ||
## platforms: qemu | ||
## # A few extra disks to set up LVM on. | ||
## additionalDisks: ["1G", "2G"] | ||
|
||
set -xeuo pipefail | ||
|
||
. $KOLA_EXT_DATA/commonlib.sh | ||
|
||
LVMDEVICESFILENAME="system.devices" | ||
LVMDEVICESFILE="/etc/lvm/devices/${LVMDEVICESFILENAME}" | ||
|
||
# Check that coreos-populate-lvmdevices did run | ||
if [ ! -e /var/lib/coreos-populate-lvmdevices.stamp ]; then | ||
fatal "coreos-populate-lvmdevices didn't run" | ||
fi | ||
|
||
case "${AUTOPKGTEST_REBOOT_MARK:-}" in | ||
"") | ||
# Verify the lvmdevices file by default matches what was shipped. | ||
if ! diff -u "/usr/${LVMDEVICESFILE}" "${LVMDEVICESFILE}"; then | ||
fatal "Detected modified $LVMDEVICESFILE file." | ||
fi | ||
|
||
# Set up LVM on the two disks and set up a vg/lv/fs/mount on one | ||
# of them. Specify a blank devicesfile so the *create commands | ||
# won't touch our devices file. | ||
pvcreate --devicesfile="" /dev/vda /dev/vdb | ||
vgcreate --devicesfile="" vg1 /dev/vda | ||
lvcreate --devicesfile="" vg1 --name=lv1 -l 100%FREE | ||
mkfs.ext4 /dev/vg1/lv1 | ||
echo "/dev/vg1/lv1 /srv/ ext4 defaults 0 2" >> /etc/fstab | ||
|
||
# Remove the stamp file to force the "migration" to happen on | ||
# next boot. | ||
rm -f /var/lib/coreos-populate-lvmdevices.stamp | ||
|
||
# reboot to simulate running migration for first time on a | ||
# system with pre-existing LVM devices | ||
/tmp/autopkgtest-reboot rebooted | ||
;; | ||
|
||
rebooted) | ||
# Check that the devices are in the devices file. | ||
grep -q 'DEVNAME=/dev/vda' "$LVMDEVICESFILE" || fatal "Missing vda in devices file" | ||
grep -q 'DEVNAME=/dev/vdb' "$LVMDEVICESFILE" || fatal "Missing vdb in devices file" | ||
|
||
# Check that we can see the PVs | ||
if [ "$(pvs --noheadings | wc -l)" != '2' ]; then | ||
fatal "Incorrect number of LVM PVs detected" | ||
fi | ||
|
||
# Check that /srv/ is a mountpoint | ||
if ! mountpoint /srv; then | ||
fatal "/srv/ is not mounted, but it should be" | ||
fi | ||
|
||
ok "LVM Devices file populated correctly" | ||
;; | ||
*) fatal "unexpected mark: ${AUTOPKGTEST_REBOOT_MARK}";; | ||
esac |