-
Notifications
You must be signed in to change notification settings - Fork 879
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
cc_grub_dpkg updates grub-pc or grub-efi debconf keys, but both can become incorrect on BIOS-booted Azure Ubuntu #4091
Comments
Launchpad user Adrien Siebert(r-asiebert) wrote on 2023-03-31T01:54:10.104995+00:00 (Additional notes) Disclaimer: I've discovered these cloud-init details while troubleshooting this issue involving Azure, Ubuntu, GRUB, EFI, and Packer. My knowledge of cloud-init and grub EFI support is fresh and very limited. This seems like a cloud-init issue given that cc_grub_dpkg.py exists in the first place to patch the Apologies I don't have the full cloud-init logs, I may need to setup a test environment to collect them. This issue may have existed for months. We only detected it after OS disks on new Azure VMs started to receive new serial IDs, a change I was unable to trace. Other factors triggered this for us recently. |
Launchpad user Brett Holman(holmanb) wrote on 2023-03-31T21:33:31.033023+00:00 Thanks for reporting this bug Adrien. I'm still working to understand what is happening here - in the meantime, I'm curious if, as a workaround, disabling this module might resolve your issue. The following provided to your instance on first boot would disable this module: #cloud-config |
Launchpad user Chad Smith(chad.smith) wrote on 2023-04-05T21:46:43.139595+00:00 Thanks for the bug links to both related bug discussions and prior cloud-init commits in this space. I've marked incomplete as bug status in hopes of feedback from Adrien on either:
Please do set this bug back to 'New' status above once you are able to provide feedback on either of those options to bump this back on our radar for triage review and debugging further |
Launchpad user Adrien Siebert(r-asiebert) wrote on 2023-04-10T18:05:12.737746+00:00 @brett, grub_dpkg is behaving properly so I wouldn't disable it. I've got some time today and may try to get a clean VM with the issue to collect logs |
Launchpad user Adrien Siebert(r-asiebert) wrote on 2023-04-10T19:32:23.138478+00:00 I've reproduced this on Azure with an updated image, Ubuntu Jammy / 22.04 with cloud-init 23.1.1-0ubuntu0~22.04.1 This should be a much easier example to follow along -- the cloud-init log TARs are included for the two VMs involved.
Notes about the TAR archives:
Accompanying notes and logs:The first VM was created from image "Ubuntu Server 22.04 LTS - Gen1" (publisher/offer/sku: canonical / 0001-com-ubuntu-server-jammy / 22_04-lts) with default settings ("Premium SSD" OS disk) except for restricted networking.(2023-04-10 18:19, adrien-test-cloud-init-imaging)
Nominal: grub-efi debconf not present yet, grub-pc from cloud-init. Simulated our Packer installing a shim-signed upgrade (headless
|
If tracking has moved to GitHub, here's my user as bug reporter. The last comment was hard to parse without formatting; updating for GitHub:
|
This bug was originally filed in Launchpad as LP: #2013419
Launchpad details
Launchpad user Adrien Siebert(r-asiebert) wrote on 2023-03-31T01:52:18.234876+00:00
Platform: Azure (generation 1 VMs)
Image used: Ubuntu Server, SKU 20_04-lts (gen 1)
(cloudinit 22.4.2-0ubuntu0~20.04.2 - no cloudinit customization)
Azure generation 1 VMs boot in BIOS mode. Ubuntu comes with both BIOS and UEFI support installed, and cloudinit updates some debconf keys presumably to avoid mismatches when boot packages get updated on new machines:
https://github.com/canonical/cloud-init/blob/ubuntu/22.4.2-0ubuntu0_20.04.2/cloudinit/config/cc_grub_dpkg.py#L148-L149
Even when booted in BIOS mode, updating EFI packages (e.g. grub-efi-amd64-signed or shim-signed) will cause the debconf
grub-efi/install_devices
keys to be updated.If a discrepancy occurs on the disk ID where GRUB is installed (one scenario below), cloudinit only updates the
grub-pc
debconf keys (link above). The mismatchedgrub-efi
key can cause further EFI package upgrades to fail, requiring a user with a shell to validate a prompt for dpkg configuration.[scenario]
Sample scenario where we encountered this issue, using Packer to build a custom VM image:
grub-pc
key:grub-efi/install_devices
keys to be set, pointing at the Packer VM disk....
(GRUB partition = scsi-14d53465420202020da118904a05ed740b387a530ae506ac2-part15)
grub-pc
key:apt upgrade
breaks:[/scenario]
In this situation, when running
apt upgrade
updating an EFI package (ordpkg --configure -a
once broken) in a shell, a user can manually validate this prompt:Accepting this prompt appears to update/fix the
grub-efi
debconf key.In my testing,
DEBIAN_FRONTEND=noninteractive
disables the prompt but it instead blows up with the aforementionedmount: /var/lib/grub/esp...
error, which may be related to https://bugs.launchpad.net/ubuntu/+source/shim-signed/+bug/1940723 --- a bug suspiciously related to Azure VMs.Reminder: this is all on BIOS-booted VMs, as far as I know UEFI boot is never involved here.
This bug is a follow-up to a quick discussion on 2fd24cc
Support for EFI-booted machines to update grub debconf was introduced in that recent change, although based on the boot mode: if EFI-booted, update debconf
grub-efi
, otherwise updategrub-pc
.This unfortunately doesn't solve the case above, where BIOS machines have EFI configured and an intermediate/customized image is used.
My uneducated guess is that we may want cloudinit to update either/both debconf keys if BIOS and/or EFI support is installed, instead of checking the current boot mode (= presence of
/sys/firmware/efi
).I do not know how to detect this. Presence of a grub-efi* package? Presence of /boot/efi?
The text was updated successfully, but these errors were encountered: