bootstrap-containers: migrate to using configuration file #3724
Conversation
sources/api/migration/migrations/v1.18.1/bootstrap-containers-config-file-v0-1-0/src/main.rs
Outdated
Show resolved
Hide resolved
|
Let's merge this first #3768 then rebase your PR to align on 1.19.2 |
jmt-lab
force-pushed
the
jmt/bootstrap-containers/config
branch
2 times, most recently
from
77e9407
to
60c3928
Compare
|
rebase on latest |
jmt-lab
force-pushed
the
jmt/bootstrap-containers/config
branch
from
60c3928
to
65bc4fc
Compare
|
Finished changes and testing run |
jmt-lab
force-pushed
the
jmt/bootstrap-containers/config
branch
from
65bc4fc
to
e5bf382
Compare
|
Addressed comments |
| bootstrap-containers = "v1" | ||
| +++ | ||
| {{#if settings.bootstrap-containers}} | ||
| {{#each settings.bootstrap-containers}} |
There was a problem hiding this comment.
Wouldn't it be more readable (and probably more maintainable in the long run) to have this rendered by a handlebars helper? e.g.
Then you can just use Rust and strong typing to generate the toml tables. . I want us to avoid another "generate on-the-flight complex structures" and use the Rust to guarantee the correctness of the serialized format. (@bcressey what do you think?)
There was a problem hiding this comment.
I like this approach, this could just be a generic settings-to-toml helper which we could use for all of these PRs where we substitute reading from the API for reading from a config file
There was a problem hiding this comment.
Wouldn't it be more readable (and probably more maintainable in the long run) to have this rendered by a handlebars helper?
It doesn't really help in the long run where the goal is to decouple templates and settings extensions so they can be maintained independently.
I like this approach, this could just be a generic settings-to-toml helper which we could use for all of these PRs where we substitute reading from the API for reading from a config file
I wasn't too keen on settings-to-json when that put in an appearance recently.
I am a little more positively inclined on something like settings-to-toml if the helper is producing a 1:1 match with a subset of the external system settings API, if only because that API is covered by a strong covenant with the end user that it won't change.
However I'm still not very enthusiastic. I'd like most of these agents to be able to be configured in ways that aren't 100% reflected in the external API - like kubelet and ecs-agent are not - since some behaviors may make sense to hard-code in certain variants.
Ultimately an agent whose config is nothing but the external API is in a precarious position: it makes more sense to me to have use a combination of Bottlerocket features and systemd functionality to dispense with that agent entirely (as with ecs-settings-applier in the linked PR) where we can, than to add helpers which special-case just that agent rather than answering a more general need.
jmt-lab
force-pushed
the
jmt/bootstrap-containers/config
branch
from
e5bf382
to
ad83e08
Compare
Still need to remove tokio |
jmt-lab
force-pushed
the
jmt/bootstrap-containers/config
branch
from
ad83e08
to
f7f12a5
Compare
|
removed tokio |
jmt-lab
force-pushed
the
jmt/bootstrap-containers/config
branch
3 times, most recently
from
4a467fa
to
b40aebb
Compare
|
Rebased off latest and moved migrations to 1.20.0 will rerun the tests to be safe |
This migrates the bootstrap-containers tool to fetch its settings via a generated toml file. log: * add migrations and package changes * migrate bootstrap-containers to load from config file * add mount with secret_t
jmt-lab
force-pushed
the
jmt/bootstrap-containers/config
branch
from
b40aebb
to
bcfb715
Compare
|
Release.toml was wrong resulting in migrations not occuring, fixed this |
| apiclient::set::set(socket_path, &settings) | ||
| .await | ||
| .context(error::SetSnafu)?; | ||
| command("apiclient", ["set", formatted.as_str()])?; |
There was a problem hiding this comment.
Can you verify that this actually works as expected? I.e. a bootstrap container that is set to "once" mode only runs once on first boot and not multiple times - either on the same boot (which can happen when the systemd target changes) or on subsequent boots.
I'd suggest a bootstrap container that runs something like:
#!/bin/bash
TS="$(date +%s)"
apiclient get settings.bootstrap-containers >
/.bottlerocket/rootfs/local/${TS}.txt
And confirm that only one file is created and it shows the expected value.
There was a problem hiding this comment.
Tested and it only returned one file, logs also show correct behavior
Issue number: #3626
Closes #3626
Description of changes:
This migrates the bootstrap-containers tool to fetch its settings via a generated toml file.
log:
Testing done:
cargo +nightly udepsto ensure all unused dependencies have been removedTest Report
Initial_Build_ID.Output
{ "os": { "arch": "aarch64", "build_id": "bcfb7156", "pretty_name": "Bottlerocket OS 1.20.0 (aws-ecs-2)", "variant_id": "aws-ecs-2", "version_id": "1.20.0" } }Initial_Config.Output
configuration-files.bootstrap-containers-toml
{ "configuration-files": { "bootstrap-containers-toml": { "path": "/etc/bootstrap-containers/bootstrap-containers.toml", "template-path": "/usr/share/templates/bootstrap-containers-toml" } } }services.bootstrap-containers
{ "services": { "bootstrap-containers": { "configuration-files": [ "host-ctr-toml", "bootstrap-containers-toml" ], "restart-commands": [ "/usr/bin/bootstrap-containers create-containers" ] } } }Downgrade.Output
{ "active_partition": { "image": { "arch": "aarch64", "variant": "aws-ecs-2", "version": "1.19.3" }, "next_to_boot": true }, "available_updates": [ "1.19.3", "1.19.2" ], "chosen_update": { "arch": "aarch64", "variant": "aws-ecs-2", "version": "1.19.2" }, "most_recent_command": { "cmd_status": "Success", "cmd_type": "refresh", "exit_status": 0, "stderr": "", "timestamp": "2024-03-18T20:24:18.772874378Z" }, "staging_partition": null, "update_state": "Available" }Downgrade_Build_ID.Output
{ "os": { "arch": "aarch64", "build_id": "f097c617", "pretty_name": "Bottlerocket OS 1.19.3 (aws-ecs-2)", "variant_id": "aws-ecs-2", "version_id": "1.19.3" } }Downgrade_Config.Output
configuration-files.bootstrap-containers-toml
services.bootstrap-containers
{ "services": { "bootstrap-containers": { "configuration-files": [ "host-ctr-toml" ], "restart-commands": [ "/usr/bin/bootstrap-containers create-containers" ] } } }Upgrade.Output
{ "active_partition": { "image": { "arch": "aarch64", "variant": "aws-ecs-2", "version": "1.19.3" }, "next_to_boot": true }, "available_updates": [ "1.20.0", "1.19.3" ], "chosen_update": { "arch": "aarch64", "variant": "aws-ecs-2", "version": "1.20.0" }, "most_recent_command": { "cmd_status": "Success", "cmd_type": "refresh", "exit_status": 0, "stderr": "", "timestamp": "2024-03-28T20:08:53.656541162Z" }, "staging_partition": null, "update_state": "Available" }Upgrade_Build_ID.Output
{ "os": { "arch": "aarch64", "build_id": "bcfb7156", "pretty_name": "Bottlerocket OS 1.20.0 (aws-ecs-2)", "variant_id": "aws-ecs-2", "version_id": "1.20.0" } }Upgrade_Config.Output
configuration-files.bootstrap-containers-toml
{ "configuration-files": { "bootstrap-containers-toml": { "path": "/etc/bootstrap-containers/bootstrap-containers.toml", "template-path": "/usr/share/templates/bootstrap-containers-toml" } } }services.bootstrap-containers
{ "services": { "bootstrap-containers": { "configuration-files": [ "host-ctr-toml", "bootstrap-containers-toml" ], "restart-commands": [ "/usr/bin/bootstrap-containers create-containers" ] } } }Change_Settings.Output
Terms of contribution:
By submitting this pull request, I agree that this contribution is dual-licensed under the terms of both the Apache License, version 2.0, and the MIT license.