MGMT-20153: Fix ostree race between node-image-pull and installing to rootfs

[carbonin]

ostree container unencapsulate panics if the image passed to it is already present in the repo. Use ostree container image pull instead. Additionally attempting to pull the same os image as the node-image-pull service at the same time also can lead to errors writing to the repo. So make startBootstrap run synchronously with the rest of InstallNode to ensure we are done applying the node image before attempting to pull the image for install.

Resolves https://issues.redhat.com/browse/MGMT-20153

[openshift-ci-robot]

@carbonin: This pull request references MGMT-20153 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.19.0" version, but no target version was set.

In response to this:

ostree container unencapsulate panics if the image passed to it is already present in the repo. Use ostree container image pull instead. Additionally attempting to pull the same os image as the node-image-pull service at the same time also can lead to errors writing to the repo. So make startBootstrap run synchronously with the rest of InstallNode to ensure we are don applying the node image before attempting to pull the image for install.

Resolves https://issues.redhat.com/browse/MGMT-20153

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[openshift-ci]

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

[carbonin]

Related to openshift/installer#9570

[codecov]

Codecov Report

Attention: Patch coverage is 61.11111% with 28 lines in your changes missing coverage. Please review.

Project coverage is 55.59%. Comparing base (1076581) to head (4505593).
Report is 2 commits behind head on master.

Files with missing lines	Patch %	Lines
src/ops/ops.go	59.42%	16 Missing and 12 partials ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #1076      +/-   ##
==========================================
- Coverage   55.67%   55.59%   -0.08%     
==========================================
  Files          15       15              
  Lines        3393     3421      +28     
==========================================
+ Hits         1889     1902      +13     
- Misses       1311     1317       +6     
- Partials      193      202       +9     

Files with missing lines	Coverage Δ
src/installer/installer.go	68.37% <100.00%> (-0.21%)	⬇️
src/ops/ops.go	45.62% <59.42%> (+0.37%)	⬆️

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[carbonin]

/test edge-e2e-ai-operator-ztp

[carbonin]

/retest

[tsorya]

maybe at some point worth thinking about ostree object?

[carbonin]

🤷 I'm not sure what it gains us right now.
Also the not-so-long-term plan I think is to rip all this out and move to bootc so I don't know how much we really need to change.

[carbonin]

I can put this stuff in a separate file if that makes it a bit more organized

[tsorya]

Lets move this part to function

[openshift-ci-robot]

@carbonin: This pull request references MGMT-20153 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.19.0" version, but no target version was set.

In response to this:

ostree container unencapsulate panics if the image passed to it is already present in the repo. Use ostree container image pull instead. Additionally attempting to pull the same os image as the node-image-pull service at the same time also can lead to errors writing to the repo. So make startBootstrap run synchronously with the rest of InstallNode to ensure we are done applying the node image before attempting to pull the image for install.

Resolves https://issues.redhat.com/browse/MGMT-20153

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[cgwalters]

I only skimmed this but FYI a lot of this I would consider internal implementation details subject to change, especically the ostree ref structures.

I'd like to have a good understanding of exactly what this is trying to do because it will need to be supported directly in bootc - and for bootc we have plans to switch to a new composefs-native store and stop doing the ostree-container flow, so directly invoking ostree will break when that happens.

[cgwalters]

We had a live chat on this and I think you can drop a lot of the low-level ostree commands if you switch to using ostree container image deploy instead

[carbonin]

Does this command have something similar to the --karg-append and --karg-delete that I'm using below?

I see --karg, but not the others.

[carbonin]

I don't see something in the --help

[cgwalters]

--karg is the same as --karg-append, now you're right it doesn't have --karg-delete right now; would be easy to add but can you elaborate on why it's needed?

We include almost no default kernel arguments so I am uncertain when one would need to delete any.

[cgwalters]

Filed it as bootc-dev/bootc#1229

In the short term it'd probably work to do the deploy, and then remove any unwanted kargs as a post-install step instead.

[carbonin]

can you elaborate on why it's needed?

Adding and deleting kargs is an API we've exposed through assisted because they were options for coreos-installer. I'm just trying to keep parity here.

[carbonin]

I'm (effectively) running this in my last attempt:

ostree container image deploy --stateroot install --sysroot /sysroot --image <rhcos-content-image-from-release>

Then the next boot fails.

I booted a live ISO and mounted the boot and sysroot partitions and I see the old boot entry in the boot partition's entry, but I see the new one in the sysroot /boot/loader/entries directory ... This doesn't seem right. Should I have maybe specified / for --sysroot in the ostree command?

[jlebon]

rpm-ostree kargs --os=install --append/--delete ... should work to edit the kargs post-deployment. (Aside: opened coreos/rpm-ostree#5345 so you can also type --stateroot for consistency.)

[jlebon]

Yeah, try with --sysroot=/.

[carbonin]

Yeah, try with --sysroot=/

This seems to have helped. Doing some more testing then will update the PR.

rpm-ostree kargs --os=install --append/--delete ... should work to edit the kargs post-deployment

Nice, thanks. I'll try this out too.

[jlebon]

Let's work on getting openshift/installer#9570 tested and merged so we can clean up the ref manipulations here a bit.

[carbonin]

Let's work on getting openshift/installer#9570 tested and merged so we can clean up the ref manipulations here a bit.

I'll take a look at this after I get a reasonable general approach working. Once I have something that works and folks are happy with I'll test pulling out my addition to remove the node image ref in favor of the installer change.

I suspect if we want to test with 4.19 ec releases right after this is merged though I'll need to at least keep the touch in there then remove it after we get a build with your changes (or just after GA to ensure we're not using releases without the change)

[carbonin]

This requires #1076. Without it the cleanup service fails on the installed node.

[carbonin]

/retest

[jlebon]

Looks sane overall. One thing that might be worth mentioning in the first commit message is that with the switch to the layered node image soon, the unencapsulate flow will just not work anyway so it's good that we're switching away from that.

[jlebon]

Feels like we should error out if --append-karg or --delete-karg is last rather than do our best to work with it.

[carbonin]

I think we have a validation around this in assisted (where the user adds these). And if we don't I'd rather it fail there than here.

[jlebon]

Hmm, why do we need this BTW? ostree and rpm-ostree should both know to remount within a mount namespace to do their operations.

[carbonin]

At the very least we still need boot because we're putting networking files and the ignition there. I never considered that I might be able to remove sysroot

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: carbonin, jlebon

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [carbonin]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[carbonin]

/retest

[carbonin]

/hold

until the assisted-service PR is merged.

[openshift-ci]

@carbonin: all tests passed!

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

[carbonin]

/unhold

[openshift-bot]

[ART PR BUILD NOTIFIER]

Distgit: ose-agent-installer-orchestrator
This PR has been included in build ose-agent-installer-orchestrator-container-v4.19.0-202504021544.p0.g0e954b1.assembly.stream.el9.
All builds following this will include this PR.

[openshift-bot]

[ART PR BUILD NOTIFIER]

Distgit: ose-agent-installer-csr-approver
This PR has been included in build ose-agent-installer-csr-approver-container-v4.20.0-202504021544.p0.g0e954b1.assembly.stream.el9.
All builds following this will include this PR.