diff --git a/Twoliter.lock b/Twoliter.lock index 84fa7bf707e..84f8cb753ed 100644 --- a/Twoliter.lock +++ b/Twoliter.lock @@ -3,21 +3,21 @@ project-vendor = "Bottlerocket" [sdk] name = "bottlerocket-sdk" -version = "0.64.0" +version = "0.62.0" vendor = "bottlerocket" -source = "public.ecr.aws/bottlerocket/bottlerocket-sdk:v0.64.0" -digest = "kRW2MsSo3jA+rAEO/Mp5gW8Q4/pd62bbB/lT4d5Jzak=" +source = "public.ecr.aws/bottlerocket/bottlerocket-sdk:v0.62.0" +digest = "xlGP2vIM7M1kj36BuRc/lgK8mz8ZpHw6XROwMQ9hUOM=" [[kit]] name = "bottlerocket-kernel-kit" -version = "4.3.0" +version = "3.1.2" vendor = "bottlerocket" -source = "public.ecr.aws/bottlerocket/bottlerocket-kernel-kit:v4.3.0" -digest = "Cm809ru8wOfjrFukpSQiUSwUtQw0+LVkAZqp0Cs8NqM=" +source = "public.ecr.aws/bottlerocket/bottlerocket-kernel-kit:v3.1.2" +digest = "A9iBhfLZDBhnzpkGq8Whv8ySJYy9fUapvRPV7t67vGk=" [[kit]] name = "bottlerocket-core-kit" -version = "10.4.0" +version = "9.1.0" vendor = "bottlerocket" -source = "public.ecr.aws/bottlerocket/bottlerocket-core-kit:v10.4.0" -digest = "Bs/uDNJyv6nHAOBiLzi8ECvvAKEfQgUOU3NTpeUO38Y=" +source = "public.ecr.aws/bottlerocket/bottlerocket-core-kit:v9.1.0" +digest = "UwnhpVRg3YUeMItVr0bGAOb4GPawGizYlONA587NJnE=" diff --git a/Twoliter.toml b/Twoliter.toml index 3baa61aeec2..7f792eed76d 100644 --- a/Twoliter.toml +++ b/Twoliter.toml @@ -7,15 +7,15 @@ registry = "public.ecr.aws/bottlerocket" [sdk] name = "bottlerocket-sdk" -version = "0.64.0" +version = "0.62.0" vendor = "bottlerocket" [[kit]] name = "bottlerocket-kernel-kit" -version = "4.3.0" +version = "3.1.2" vendor = "bottlerocket" [[kit]] name = "bottlerocket-core-kit" -version = "10.4.0" +version = "9.1.0" vendor = "bottlerocket" diff --git a/packages/settings-defaults/create-data-partition-links.service b/packages/settings-defaults/create-data-partition-links.service new file mode 100644 index 00000000000..c94ec569cb0 --- /dev/null +++ b/packages/settings-defaults/create-data-partition-links.service @@ -0,0 +1,74 @@ +[Unit] +Description=Create Data Partition Links + +# This unit is meant to run automatically and restarting it isn't useful. +RefuseManualStart=true +RefuseManualStop=true + +# The links created by this service might be required to mount the data +# partition, so it can't have the default dependencies that ensure that +# all local filesystems are mounted. +DefaultDependencies=no + +# Try to let udevd finish processing any events. +After=systemd-udev-settle.service +Wants=systemd-udev-settle.service + +# Don't run if the marker file indicates we've already run. +ConditionPathExists=!/etc/.device-links-created + +[Service] +Type=oneshot + +# This assumes a Nitro instance launch and a Bottlerocket image using the +# "unified" partition layout. Or else QEMU. +Environment=DATA_PART_DEV=/dev/nvme0n1p8 +Environment=DATA_PART_DEV_ALT=/dev/vda8 + +# This is the "preferred" UUID expected by repart-data-preferred.service. +Environment=DATA_PART_UUID=5b94e8df-28b8-485c-9d19-362263b5944c + +# This is the partition label expected by local.mount. +Environment=DATA_PART_LABEL=BOTTLEROCKET-DATA + +# Create a marker file so this unit doesn't run again. +ExecCondition=/usr/bin/touch /etc/.device-links-created + +# Only run if we have one of the expected device nodes. +ExecCondition=/usr/bin/test \ + -b ${DATA_PART_DEV} -o \ + -b ${DATA_PART_DEV_ALT} + +# Only run if we are missing one of the expected symlinks. +ExecCondition=/usr/bin/test \ + ! -L /dev/disk/by-partuuid/${DATA_PART_UUID} -o \ + ! -L /dev/disk/by-partlabel/${DATA_PART_LABEL} + +ExecStart=-/usr/bin/echo "Inspecting state" +ExecStart=-/usr/bin/ls -latr /dev/disk/by-partuuid/ +ExecStart=-/usr/bin/ls -latr /dev/disk/by-partlabel/ +ExecStart=-/usr/bin/dmesg --level=warn+ +ExecStart=-/usr/bin/systemctl list-units --type=device --no-block + +# Log what we're doing, in case the device is locked for a long time. +ExecStart=-/usr/bin/echo "Triggering change event for ${DATA_PART_DEV}" + +# Lock the device via udev, then open and close it for writing. +# This should trigger a udev change event. +ExecStart=-/usr/bin/udevadm lock -d ${DATA_PART_DEV} /usr/bin/touch ${DATA_PART_DEV} +ExecStart=-/usr/bin/udevadm lock -d ${DATA_PART_DEV_ALT} /usr/bin/touch ${DATA_PART_DEV_ALT} + +# Log that we're done. +ExecStart=-/usr/bin/echo "Triggered change event for ${DATA_PART_DEV} or ${DATA_PART_DEV_ALT}" + +# Create a marker file so that the debug console starts. +ExecStart=-/usr/bin/touch /etc/.debug-console-needed + +RemainAfterExit=true + +# Log to console. +StandardOutput=tty +StandardError=inherit + +[Install] +WantedBy=local-fs.target diff --git a/packages/settings-defaults/debug-console.service b/packages/settings-defaults/debug-console.service new file mode 100644 index 00000000000..c609b0886bf --- /dev/null +++ b/packages/settings-defaults/debug-console.service @@ -0,0 +1,22 @@ +[Unit] +Description=Debug Console +DefaultDependencies=no +After=create-data-partition-links.service +Wants=create-data-partition-links.service + +[Service] +ExecCondition=/usr/bin/test -e /etc/.debug-console-needed +ExecStart=-/sbin/agetty -o '-p -- \\u' --keep-baud 115200,57600,38400,9600 - $TERM +Type=simple +Restart=always +StandardInput=tty +StandardOutput=tty +StandardError=inherit +TTYPath=/dev/ttyS0 +TTYReset=yes +TTYVHangup=yes +IgnoreSIGPIPE=no +SendSIGHUP=yes + +[Install] +WantedBy=preconfigured.target diff --git a/packages/settings-defaults/force-reboot.service b/packages/settings-defaults/force-reboot.service new file mode 100644 index 00000000000..9c6b4735dc0 --- /dev/null +++ b/packages/settings-defaults/force-reboot.service @@ -0,0 +1,16 @@ +[Unit] +Description=Force Reboot + +[Service] +Type=oneshot + +ExecStart=systemctl reboot + +RemainAfterExit=true + +# Log to console. +StandardOutput=tty +StandardError=inherit + +[Install] +WantedBy=preconfigured.target diff --git a/packages/settings-defaults/settings-defaults.spec b/packages/settings-defaults/settings-defaults.spec index e0bf0a62a8c..88839107c82 100644 --- a/packages/settings-defaults/settings-defaults.spec +++ b/packages/settings-defaults/settings-defaults.spec @@ -13,6 +13,10 @@ License: Apache-2.0 OR MIT URL: https://github.com/bottlerocket-os/bottlerocket BuildRequires: %{_cross_os}glibc-devel Requires: %{_cross_os}settings-defaults(any) +Source100: create-data-partition-links.service +Source101: force-reboot.service +Source102: debug-console.service +Source103: systemd-udev-trigger-debug.conf %description %{summary}. @@ -321,8 +325,18 @@ do "%{buildroot}%{_cross_tmpfilesdir}/storewolf-defaults-${defaults}.conf" done +mkdir -p %{buildroot}%{_cross_unitdir} +install -p -m 0644 %{S:100} %{S:101} %{S:102} %{buildroot}%{_cross_unitdir} + +mkdir -p %{buildroot}%{_cross_unitdir}/systemd-udev-trigger.service.d +install -p -m 0644 %{S:103} %{buildroot}%{_cross_unitdir}/systemd-udev-trigger.service.d/000-debug.conf + %files %dir %{_cross_defaultsdir} +%{_cross_unitdir}/create-data-partition-links.service +%{_cross_unitdir}/force-reboot.service +%{_cross_unitdir}/debug-console.service +%{_cross_unitdir}/systemd-udev-trigger.service.d/000-debug.conf %files aws-dev %{_cross_defaultsdir}/aws-dev.toml diff --git a/packages/settings-defaults/systemd-udev-trigger-debug.conf b/packages/settings-defaults/systemd-udev-trigger-debug.conf new file mode 100644 index 00000000000..b424d90e921 --- /dev/null +++ b/packages/settings-defaults/systemd-udev-trigger-debug.conf @@ -0,0 +1,10 @@ +[Service] +Type=oneshot +RemainAfterExit=yes + +ExecStart= +ExecStart=-udevadm --debug trigger --type=all --action=add --prioritized-subsystem=module,block,tpmrm,net,tty,input + +# Log to console. +StandardOutput=tty +StandardError=inherit diff --git a/variants/aws-dev/Cargo.toml b/variants/aws-dev/Cargo.toml index ff89eaec53c..3d25550b47b 100644 --- a/variants/aws-dev/Cargo.toml +++ b/variants/aws-dev/Cargo.toml @@ -7,30 +7,39 @@ build = "../build.rs" # Don't rebuild crate just because of changes to README. exclude = ["README.md"] +[package.metadata.build-variant.image-layout] +os-image-size-gib = 5 +data-image-size-gib = 3 +publish-image-size-hint-gib = 8 +partition-plan = "unified" + [package.metadata.build-variant.image-features] grub-set-private-var = true -xfs-data-partition = true uefi-secure-boot = true +xfs-data-partition = false systemd-networkd = true +in-place-updates = false +host-containers = false +erofs-root-partition = true [package.metadata.build-variant] kernel-parameters = [ "console=tty0", "console=ttyS0,115200n8", - # Only reserve if there are at least 2GB - "crashkernel=2G-:256M", "net.ifnames=0", "netdog.default-interface=eth0:dhcp4,dhcp6?", - "quiet", + "systemd.unified_cgroup_hierarchy=0", ] included-packages = [ -# core - "release", + # core + "early-boot-config-aws", + "chrony-tools", "kernel-6.1", -# docker - "docker-cli", - "docker-engine", + "release", + "containerd-2.0", + # tools "docker-init", + "bash", # tools "login", "iputils",