ephemeral: Add Ignition config injection support#232
ephemeral: Add Ignition config injection support#232gursewak1997 wants to merge 1 commit intomainfrom
Conversation
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request adds support for injecting Ignition configuration files into ephemeral VMs. The implementation correctly handles different injection methods for various architectures (fw_cfg for x86_64/aarch64 and virtio-blk for s390x/ppc64le). The changes include updates to QEMU configuration, command-line options, and logic to detect Ignition support in images.
My review includes a couple of suggestions to improve code clarity, reduce duplication, and enhance performance. Specifically, I've recommended refactoring the virtio-blk device addition methods for better maintainability and optimizing the Ignition support check to be more efficient.
gursewak1997
force-pushed
the
add-ignition-support
branch
2 times, most recently
from
e74f5fd to
7be5f96
Compare
cgwalters
left a comment
cgwalters
left a comment
There was a problem hiding this comment.
Thanks for working on this!
I think we really want an integration test for this. Did you test it with the fcos image? I have a suspicion that it may require an ignition.platform.id=qemu karg to be injected too.
And per discussion...some basic docs would be good, I think an example in the man page for ephemeral run is probably enough with a small concrete example?
Also, while starting with ephemeral is fine...we probably want libvirt support too.
(And yeah right now it definitely stinks to have direct qemu for ephemeral vs libvirt)
crates/kit/src/run_ephemeral.rs
Outdated
| if let Some(osname_value) = labels.get("com.coreos.osname") { | ||
| if !osname_value.is_empty() { |
There was a problem hiding this comment.
If let Some(val) = labels.get().filter(|v| !v.is_empty())
| )); | ||
| } | ||
|
|
||
| cmd.args([ |
There was a problem hiding this comment.
What might be less cumbersome here is to pass it as an environment variable? Then we don't need to juggle paths across the mount, we just read it in here, and the code inside can just check for the env var.
crates/kit/src/run_ephemeral.rs
Outdated
| if !has_ignition { | ||
| return Err(eyre!( | ||
| "Image does not support Ignition.\n\ | ||
| \n\ |
There was a problem hiding this comment.
I'd lean towards us having a brief doc for this support instead of trying to have longer explanatory error messages like this.
| match arch { | ||
| "x86_64" | "aarch64" => { | ||
| debug!("Adding Ignition config via fw_cfg: {}", ignition_path); | ||
| qemu_config.add_fw_cfg(IGNITION_FW_CFG_NAME.to_string(), ignition_path.to_owned()); |
There was a problem hiding this comment.
Although I guess if we accept it as an env-var externally, this case would require re-serializing to a file. Hmm. Dunno.
There was a problem hiding this comment.
Current approach: File mount, direct passthrough to QEMU
Env var approach: Read → env var → write temp file → pass to QEMU
Would you still prefer the env var approach despite needing to re-materialize the file? Or should we keep the current mount approach since QEMU fundamentally needs a file anyway?
gursewak1997
force-pushed
the
add-ignition-support
branch
from
7be5f96 to
86e645a
Compare
Add support for injecting Ignition configuration files into ephemeral VMs via QEMU's fw_cfg mechanism (x86_64/aarch64) and virtio-blk (s390x/ppc64le). This enables first-boot provisioning for bootc-based systems that use Ignition. Implementation: - Architecture-specific config delivery per FCOS docs: * x86_64/aarch64: fw_cfg at opt/com.coreos/config * s390x/ppc64le: virtio-blk with serial 'ignition', readonly - Runtime architecture detection for correct method - Image validation via labels (coreos.ignition or com.coreos.osname) - Added readonly support for virtio-blk devices - Added ignition.platform.id=qemu kernel argument when config specified - Path validation with existence, type, and readability checks - Brief error messages with man page reference Testing: - 5 comprehensive integration tests: * fw_cfg accessibility verification * Invalid path rejection * Directory rejection * Unsupported image detection * Kernel argument presence validation - All tests pass with FCOS image verification Documentation: - Comprehensive man page section with working Ignition v3.3.0 example - SSH key injection and file creation demo - Architecture-specific delivery notes - Links to upstream Ignition and bootc documentation - Important notes about ephemeral boot behavior The config is successfully passed to the guest (verified via /sys/firmware/qemu_fw_cfg/ and /proc/cmdline). Ignition will process it on first boot. For ephemeral testing with pre-built FCOS images, Ignition skips as expected (subsequent boot behavior). Useful for custom bootc images with Ignition (see bootc initramfs docs) and future to-disk workflows. Assisted-by: Claude Code (Sonnet 4.5) Signed-off-by: gursewak1997 <gursmangat@gmail.com>
gursewak1997
force-pushed
the
add-ignition-support
branch
from
86e645a to
1b5eebe
Compare
2 participants
Add support for injecting Ignition configuration files into ephemeral
VMs via QEMU's fw_cfg mechanism (x86_64/aarch64) and virtio-blk
(s390x/ppc64le). This enables first-boot provisioning for bootc-based
systems that use Ignition.
Implementation:
Testing:
Documentation:
The config is successfully passed to the guest (verified via
/sys/firmware/qemu_fw_cfg/ and /proc/cmdline). Ignition will process
it on first boot. For ephemeral testing with pre-built FCOS images,
Ignition skips as expected (subsequent boot behavior).
Useful for custom bootc images with Ignition (see bootc initramfs
docs) and future to-disk workflows.