Re: Producing rescue images (at least for OpenStack, maybe others?)
On Tue, Jun 09, 2020 at 02:57:14PM +0200, Thomas Goirand wrote:
> In OpenStack, there's the possibility to rescue instances with a special
> image made for it.
You mean this? https://docs.openstack.org/nova/latest/user/rescue.html
According to the documentation, the default behaviour is to use a fresh
copy of the the image already in use by the instance. So using a
special rescue image is kind of a special case.
> The only thing that changes is the cloud-init
> configuration, so that it allows:
> - ssh as root
> - ssh using a password set by cloud-init (which can be seen with
> "openstack server show" once the VM is in rescue mode).
Where do those settings come from? Is this some kind of convention? If
yes, please share them with us.
> it's *not* reasonable to expect that:
> - cloud users would use a normal image for rescue
Using the normal image seems to be the default behaviour.
Example of public documention from cloud providers who propose to just
use the default image:
https://help.switch.ch/engines/documentation/rescue-vm/
Red Hat describes possible problems with that approach:
https://access.redhat.com/documentation/en-us/red_hat_openstack_platform/16.0/html/instances_and_images_guide/ch-manage_instances#section-instance-rescue
> - (which wouldn't be
> adapted for the job)
SWITCH for example describes the rescue mode to be used to fix the
following problems:
| - ssh key is lost → temporarily enable password login
| - broken network configuration
| - broken boot configuration
| - interactive fsck needed
None of those tasks require a special image, as the normal ones have
everything on board to fix those problems.
Please elaborate which problems you see.
> Is there such a need in other clouds? How does it work in Azure/GCE/AWS?
Nope. They don't have the concept of a rescue image or rescue mode.
> Does the team has any idea of what kind of tool (ie: package names) that
> we should install in such image? I thought about at least parted, mbr,
> kpartx, dosfstools, e2fsprogs, qemu-utils, scrub, testdisk, scalpel,
> gpart, gddrescue, foremost, ddrutility.
> Anything else?
Half of that list are recovery tools for hardware errors. Why would a
cloud user care about hardware? Isn't that the providers job.
> Therefore, IMO it'd be nice to also produce such image in our image-set.
It might make sense to build such an image.
But please make it into the form of a swiss army knife, so it can work
of a thumb drive on a hardware machine as well. Kinda like grml. It
would be more or less a hybrid of generic (includes cloud-init) and
nocloud (can run without any infrastructure, but may require some
fixes).
Regards,
Bastian
--
Those who hate and fight must stop themselves -- otherwise it is not stopped.
-- Spock, "Day of the Dove", stardate unknown
Reply to: