* Installation @ 2018-01-09 12:43 Gábor Boskovits 2018-01-17 14:35 ` Installation Ludovic Courtès 0 siblings, 1 reply; 23+ messages in thread From: Gábor Boskovits @ 2018-01-09 12:43 UTC (permalink / raw) To: Guix-devel [-- Attachment #1: Type: text/plain, Size: 1066 bytes --] Hello guix! I've just checked the installer, and I would like to propose something. It seems to me that the current installer effort is primarily frontend oriented. I believe, that we could make a powerful extension to guixsd if we could do an installation from an installation description. I think this installation description should look like the operating-system description we already have. This could make automated installations working, in an uniform way. I've seen some efforts on writing automated install scripts, but this could be a supported, official way to do this. We could even store this description, and bring some more state into the scope of guixsd, for example partitions could later be queried from the installation description. Do you think this can work? Do you think this is a good idea? I believe that using this tool, and hacking a bit on booting, and providing a few services we might be able to create a really good quality bare-metal provisioning framework. This is one of the perspectives, that brought my attention to guix. [-- Attachment #2: Type: text/html, Size: 1387 bytes --] ^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: Installation 2018-01-09 12:43 Installation Gábor Boskovits @ 2018-01-17 14:35 ` Ludovic Courtès 2018-01-17 15:47 ` Installation Ricardo Wurmus 2018-01-18 2:29 ` Installation George myglc2 Clemmer 0 siblings, 2 replies; 23+ messages in thread From: Ludovic Courtès @ 2018-01-17 14:35 UTC (permalink / raw) To: Gábor Boskovits; +Cc: Guix-devel Hi Gábor, Gábor Boskovits <boskovits@gmail.com> skribis: > I believe, that we could make a powerful extension to guixsd if we could do > an installation from an installation description. > > I think this installation description should look like the operating-system description we > already have. In what way would it defer? :-) ‘operating-system’ *is* an “installation description.” Thanks, Ludo’. ^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: Installation 2018-01-17 14:35 ` Installation Ludovic Courtès @ 2018-01-17 15:47 ` Ricardo Wurmus 2018-01-17 19:35 ` Installation Gábor Boskovits 2018-01-18 10:29 ` Installation Ludovic Courtès 2018-01-18 2:29 ` Installation George myglc2 Clemmer 1 sibling, 2 replies; 23+ messages in thread From: Ricardo Wurmus @ 2018-01-17 15:47 UTC (permalink / raw) To: Ludovic Courtès; +Cc: Guix-devel Ludovic Courtès <ludo@gnu.org> writes: > Gábor Boskovits <boskovits@gmail.com> skribis: > >> I believe, that we could make a powerful extension to guixsd if we could do >> an installation from an installation description. >> >> I think this installation description should look like the operating-system description we >> already have. > > In what way would it defer? :-) > > ‘operating-system’ *is* an “installation description.” I guess it would differ from what we have currently in that it would also specify partitioning information, which is not handled by “operating-system”. Does it make sense to extend “operating-system” such that disk partitioning information could be included and (*holds breath*) acted upon automatically? Acting on partitioning info is a little scary because it can easily lead to data loss upon reconfiguration. Small bugs could lead to very big problems, so maybe this should not be default behaviour. -- Ricardo GPG: BCA6 89B6 3655 3801 C3C6 2150 197A 5888 235F ACAC https://elephly.net ^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: Installation 2018-01-17 15:47 ` Installation Ricardo Wurmus @ 2018-01-17 19:35 ` Gábor Boskovits 2018-01-18 10:27 ` Installation Ludovic Courtès 2018-01-18 10:29 ` Installation Ludovic Courtès 1 sibling, 1 reply; 23+ messages in thread From: Gábor Boskovits @ 2018-01-17 19:35 UTC (permalink / raw) To: Ricardo Wurmus; +Cc: Guix-devel [-- Attachment #1: Type: text/plain, Size: 1929 bytes --] 2018-01-17 16:47 GMT+01:00 Ricardo Wurmus <rekado@elephly.net>: > > Ludovic Courtès <ludo@gnu.org> writes: > > > Gábor Boskovits <boskovits@gmail.com> skribis: > > > >> I believe, that we could make a powerful extension to guixsd if we > could do > >> an installation from an installation description. > >> > >> I think this installation description should look like the > operating-system description we > >> already have. > > > > In what way would it defer? :-) > > > > ‘operating-system’ *is* an “installation description.” > > I guess it would differ from what we have currently in that it would > also specify partitioning information, which is not handled by > “operating-system”. > > Does it make sense to extend “operating-system” such that disk > partitioning information could be included and (*holds breath*) acted > upon automatically? > > Acting on partitioning info is a little scary because it can easily lead > to data loss upon reconfiguration. Small bugs could lead to very big > problems, so maybe this should not be default behaviour. > > Yes, partitioning information is one of the primary missing point for me. I don't think that it should be default behaviour either. Another thing that could be useful is secret provisioning in some form. I am thinking of this as a base of a bare-metal provisioning framework. We could get some ideas, what else the other tools are doing. I guess I've also read something about guix deploy. What is the current status of that? One more thing: lvm really seems not to map well onto the current set of storage primitives. I guess that lvm support could be added more cleanly with this kind of mapping: Partition -> PV Mapped device of PVs -> volume group Partition of volume group -> LV -- > Ricardo > > GPG: BCA6 89B6 3655 3801 C3C6 2150 197A 5888 235F ACAC > https://elephly.net > > > [-- Attachment #2: Type: text/html, Size: 2818 bytes --] ^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: Installation 2018-01-17 19:35 ` Installation Gábor Boskovits @ 2018-01-18 10:27 ` Ludovic Courtès 0 siblings, 0 replies; 23+ messages in thread From: Ludovic Courtès @ 2018-01-18 10:27 UTC (permalink / raw) To: Gábor Boskovits; +Cc: Guix-devel Hi, Gábor Boskovits <boskovits@gmail.com> skribis: > Yes, partitioning information is one of the primary missing point for me. > I don't think that it should be default behaviour either. Another thing that > could be useful is secret provisioning in some form. Makes sense. > I am thinking of this as a base of a bare-metal provisioning framework. > We could get some ideas, what else the other tools are doing. Indeed. > I guess I've also read something about guix deploy. What is the current > status of that? Essentially there’s a ‘wip-deploy’ branch with early code and probably mailing list discussions about how this should work. Note however that ‘guix deploy’ is intended primarily to deal with upgrades of existing GuixSD deployments, I think. IOW, it’s like ‘guix system reconfigure’ rather than ‘guix system init’. Ludo’. ^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: Installation 2018-01-17 15:47 ` Installation Ricardo Wurmus 2018-01-17 19:35 ` Installation Gábor Boskovits @ 2018-01-18 10:29 ` Ludovic Courtès 2018-01-18 12:05 ` Installation ng0 2018-01-22 4:38 ` Installation Chris Marusich 1 sibling, 2 replies; 23+ messages in thread From: Ludovic Courtès @ 2018-01-18 10:29 UTC (permalink / raw) To: Ricardo Wurmus; +Cc: Guix-devel Ricardo Wurmus <rekado@elephly.net> skribis: > Ludovic Courtès <ludo@gnu.org> writes: > >> Gábor Boskovits <boskovits@gmail.com> skribis: >> >>> I believe, that we could make a powerful extension to guixsd if we could do >>> an installation from an installation description. >>> >>> I think this installation description should look like the operating-system description we >>> already have. >> >> In what way would it defer? :-) >> >> ‘operating-system’ *is* an “installation description.” > > I guess it would differ from what we have currently in that it would > also specify partitioning information, which is not handled by > “operating-system”. > > Does it make sense to extend “operating-system” such that disk > partitioning information could be included and (*holds breath*) acted > upon automatically? I suppose only ‘guix system init’ could actually use that information. Perhaps we could have a separate partitioning description, and users could optionally run: guix system init --partitioning=part.scm config.scm ? Is it really an improvement over writing a Parted script, which is something people can already do? > Acting on partitioning info is a little scary because it can easily lead > to data loss upon reconfiguration. Small bugs could lead to very big > problems, so maybe this should not be default behaviour. It’s definitely scary. Ludo’. ^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: Installation 2018-01-18 10:29 ` Installation Ludovic Courtès @ 2018-01-18 12:05 ` ng0 2018-01-18 15:11 ` Installation Ricardo Wurmus 2018-01-22 4:38 ` Installation Chris Marusich 1 sibling, 1 reply; 23+ messages in thread From: ng0 @ 2018-01-18 12:05 UTC (permalink / raw) To: Ludovic Courtès; +Cc: Guix-devel [-- Attachment #1: Type: text/plain, Size: 2320 bytes --] Ludovic Courtès transcribed 1.5K bytes: > Ricardo Wurmus <rekado@elephly.net> skribis: > > > Ludovic Courtès <ludo@gnu.org> writes: > > > >> Gábor Boskovits <boskovits@gmail.com> skribis: > >> > >>> I believe, that we could make a powerful extension to guixsd if we could do > >>> an installation from an installation description. > >>> > >>> I think this installation description should look like the operating-system description we > >>> already have. > >> > >> In what way would it defer? :-) > >> > >> ‘operating-system’ *is* an “installation description.” > > > > I guess it would differ from what we have currently in that it would > > also specify partitioning information, which is not handled by > > “operating-system”. > > > > Does it make sense to extend “operating-system” such that disk > > partitioning information could be included and (*holds breath*) acted > > upon automatically? > > I suppose only ‘guix system init’ could actually use that information. > > Perhaps we could have a separate partitioning description, and users > could optionally run: > > guix system init --partitioning=part.scm config.scm > > ? > > Is it really an improvement over writing a Parted script, which is > something people can already do? My approach is different (making a templating system around Guix that translates a number of not yet defined language inputs into a file that can be reused by Guix), but I think we should make use of the guix system abilities and not rely on the fact that people could already do this with an external tool. > > Acting on partitioning info is a little scary because it can easily lead > > to data loss upon reconfiguration. Small bugs could lead to very big > > problems, so maybe this should not be default behaviour. > > It’s definitely scary. Do we have the ability to separate features, like --enable-experimental passed to configure build Guix with certain features that might break your OS? Otoh we already presume that people setting up GuixSD today know enough about systems to recover from failures (which is another undocumented problem/usecase with GuixSD). > Ludo’. > > -- ng0 :: https://ea.n0.is A88C8ADD129828D7EAC02E52E22F9BBFEE348588 :: https://ea.n0.is/keys/ [-- Attachment #2: signature.asc --] [-- Type: application/pgp-signature, Size: 833 bytes --] ^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: Installation 2018-01-18 12:05 ` Installation ng0 @ 2018-01-18 15:11 ` Ricardo Wurmus 2018-01-18 16:41 ` Installation myglc2 0 siblings, 1 reply; 23+ messages in thread From: Ricardo Wurmus @ 2018-01-18 15:11 UTC (permalink / raw) To: ng0; +Cc: Guix-devel ng0 <ng0@n0.is> writes: > Do we have the ability to separate features, like --enable-experimental passed > to configure build Guix with certain features that might break your > OS? That would be too vague to be useful. > Otoh > we already presume that people setting up GuixSD today know enough about systems > to recover from failures (which is another undocumented problem/usecase with GuixSD). I don’t think that we do. There should not be failures that leave the system broken. If there are then these are bugs and should be reported. -- Ricardo GPG: BCA6 89B6 3655 3801 C3C6 2150 197A 5888 235F ACAC https://elephly.net ^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: Installation 2018-01-18 15:11 ` Installation Ricardo Wurmus @ 2018-01-18 16:41 ` myglc2 0 siblings, 0 replies; 23+ messages in thread From: myglc2 @ 2018-01-18 16:41 UTC (permalink / raw) To: Ricardo Wurmus; +Cc: Guix-devel On 01/18/2018 at 16:11 Ricardo Wurmus writes: > ng0 <ng0@n0.is> writes: > >> Do we have the ability to separate features, like --enable-experimental passed >> to configure build Guix with certain features that might break your >> OS? > > That would be too vague to be useful. > >> Otoh >> we already presume that people setting up GuixSD today know enough about systems >> to recover from failures (which is another undocumented problem/usecase with GuixSD). > > I don’t think that we do. There should not be failures that leave the > system broken. If there are then these are bugs and should be reported. I agree with Ricardo's assesment and in my experience (running Guix/Debian and GuixSD on physical intel E3 servers for that last two years) 'guix system reconfigure" has NEVER left my system broken. The only times guixSD has become broken are when I physically moved the boot drive around. Maybe this is fixed. For details see ... http://lists.gnu.org/archive/html/guix-devel/2018-01/msg00245.html ^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: Installation 2018-01-18 10:29 ` Installation Ludovic Courtès 2018-01-18 12:05 ` Installation ng0 @ 2018-01-22 4:38 ` Chris Marusich 2018-01-22 8:29 ` Installation Gábor Boskovits 1 sibling, 1 reply; 23+ messages in thread From: Chris Marusich @ 2018-01-22 4:38 UTC (permalink / raw) To: Ludovic Courtès; +Cc: Guix-devel [-- Attachment #1: Type: text/plain, Size: 4452 bytes --] ludo@gnu.org (Ludovic Courtès) writes: > Ricardo Wurmus <rekado@elephly.net> skribis: > >> Ludovic Courtès <ludo@gnu.org> writes: >> >>> Gábor Boskovits <boskovits@gmail.com> skribis: >>> >>>> I believe, that we could make a powerful extension to guixsd if we could do >>>> an installation from an installation description. >>>> >>>> I think this installation description should look like the operating-system description we >>>> already have. >>> >>> In what way would it defer? :-) >>> >>> ‘operating-system’ *is* an “installation description.” >> >> I guess it would differ from what we have currently in that it would >> also specify partitioning information, which is not handled by >> “operating-system”. >> >> Does it make sense to extend “operating-system” such that disk >> partitioning information could be included and (*holds breath*) acted >> upon automatically? > > I suppose only ‘guix system init’ could actually use that information. > > Perhaps we could have a separate partitioning description, and users > could optionally run: > > guix system init --partitioning=part.scm config.scm > > ? > > Is it really an improvement over writing a Parted script, which is > something people can already do? > >> Acting on partitioning info is a little scary because it can easily lead >> to data loss upon reconfiguration. Small bugs could lead to very big >> problems, so maybe this should not be default behaviour. > > It’s definitely scary. > > Ludo’. Currently, I can only imagine two possible ways this might be used: 1) Somebody wants to frequently change the hard drives, partitions, and/or file systems in their computer(s). 2) Somebody wants to initialize the hard drives, partitions, and/or file systems in their computer(s), but doesn't need to update it later. In the case of (1), who really does this? I know of no developers or users who actually need to change these things frequently. And when changes to these things ARE necessary, it's usually easier to just blast everything away and start fresh (restoring what you need from a backup later), rather than trying to figure out the right way to safely modify things in place. Since changing these kinds of things on a system that's already in use is a rare and dangerous activity, I'm not convinced that Guix needs to provide support for this use case. In the case of (2), anybody who frequently needs to provision systems will probably have a use case for this, so it might make sense to add a feature for first-time initialization only. Maybe a company wants to provision many GuixSD systems for employee laptops. Maybe somebody needs to provision many GuixSD servers in a datacenter. I think that if somebody really needs to do this sort of provisioning frequently, they're probably going to implement their own custom workflow to accomplish the task. Can Guix add a feature to make their life easier? Maybe. For example, maybe we can fields to the <operating-system> declaration which are only acted upon by "guix system init". The intended workflow would be: boot a GuixSD installation image, then run "guix system init" per the manual (perhaps via a script, or even a "guix-provisioning-service" started by Shepherd...!), and Guix will do everything it does today to initialize the system, but first it will also destructively initialize the hard drives, partitions, and file systems according to what is contained in the specified <operating-system> declaration. THIS could be nice! Of course, someone who is provisioning systems like this already has the option of creating custom scripts and tools to initialize the system's drives, partitions, and file systems, but wouldn't it be nice if Guix could do this on their behalf, also? If these details were all defined in the <operating-system> declaration, then (1) the user wouldn't have to implement those kinds of tools themselves, and (2) it would reduce the possibility of writing an <operating-system> declaration that contains incorrect information about disks, partitions, or file systems because all that information would be contained in a single file. I think the key here is that if Guix provides a way to manipulate disks, partitions, or file systems, it should only be allowed when initializing a new system - not reconfiguring an existing one. -- Chris [-- Attachment #2: signature.asc --] [-- Type: application/pgp-signature, Size: 832 bytes --] ^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: Installation 2018-01-22 4:38 ` Installation Chris Marusich @ 2018-01-22 8:29 ` Gábor Boskovits 0 siblings, 0 replies; 23+ messages in thread From: Gábor Boskovits @ 2018-01-22 8:29 UTC (permalink / raw) To: Chris Marusich; +Cc: Guix-devel [-- Attachment #1: Type: text/plain, Size: 5238 bytes --] 2018-01-22 5:38 GMT+01:00 Chris Marusich <cmmarusich@gmail.com>: > ludo@gnu.org (Ludovic Courtès) writes: > > > Ricardo Wurmus <rekado@elephly.net> skribis: > > > >> Ludovic Courtès <ludo@gnu.org> writes: > >> > >>> Gábor Boskovits <boskovits@gmail.com> skribis: > >>> > >>>> I believe, that we could make a powerful extension to guixsd if we > could do > >>>> an installation from an installation description. > >>>> > >>>> I think this installation description should look like the > operating-system description we > >>>> already have. > >>> > >>> In what way would it defer? :-) > >>> > >>> ‘operating-system’ *is* an “installation description.” > >> > >> I guess it would differ from what we have currently in that it would > >> also specify partitioning information, which is not handled by > >> “operating-system”. > >> > >> Does it make sense to extend “operating-system” such that disk > >> partitioning information could be included and (*holds breath*) acted > >> upon automatically? > > > > I suppose only ‘guix system init’ could actually use that information. > > > > Perhaps we could have a separate partitioning description, and users > > could optionally run: > > > > guix system init --partitioning=part.scm config.scm > > > > ? > > > > Is it really an improvement over writing a Parted script, which is > > something people can already do? > > > >> Acting on partitioning info is a little scary because it can easily lead > >> to data loss upon reconfiguration. Small bugs could lead to very big > >> problems, so maybe this should not be default behaviour. > > > > It’s definitely scary. > > > > Ludo’. > > Currently, I can only imagine two possible ways this might be used: > > 1) Somebody wants to frequently change the hard drives, partitions, > and/or file systems in their computer(s). > > 2) Somebody wants to initialize the hard drives, partitions, and/or file > systems in their computer(s), but doesn't need to update it later. > > In the case of (1), who really does this? I know of no developers or > users who actually need to change these things frequently. And when > changes to these things ARE necessary, it's usually easier to just blast > everything away and start fresh (restoring what you need from a backup > later), rather than trying to figure out the right way to safely modify > things in place. Since changing these kinds of things on a system > that's already in use is a rare and dangerous activity, I'm not > convinced that Guix needs to provide support for this use case. > > In the case of (2), anybody who frequently needs to provision systems > will probably have a use case for this, so it might make sense to add a > feature for first-time initialization only. Maybe a company wants to > provision many GuixSD systems for employee laptops. Maybe somebody > needs to provision many GuixSD servers in a datacenter. I think that if > somebody really needs to do this sort of provisioning frequently, > they're probably going to implement their own custom workflow to > accomplish the task. > > Can Guix add a feature to make their life easier? Maybe. For example, > maybe we can fields to the <operating-system> declaration which are only > acted upon by "guix system init". The intended workflow would be: boot > a GuixSD installation image, then run "guix system init" per the manual > (perhaps via a script, or even a "guix-provisioning-service" started by > Shepherd...!), and Guix will do everything it does today to initialize > the system, but first it will also destructively initialize the hard > drives, partitions, and file systems according to what is contained in > the specified <operating-system> declaration. THIS could be nice! > > Of course, someone who is provisioning systems like this already has the > option of creating custom scripts and tools to initialize the system's > drives, partitions, and file systems, but wouldn't it be nice if Guix > could do this on their behalf, also? If these details were all defined > in the <operating-system> declaration, then (1) the user wouldn't have > to implement those kinds of tools themselves, and (2) it would reduce the > possibility of writing an <operating-system> declaration that contains > incorrect information about disks, partitions, or file systems because > all that information would be contained in a single file. > > I think the key here is that if Guix provides a way to manipulate disks, > partitions, or file systems, it should only be allowed when initializing > a new system - not reconfiguring an existing one. > > I agree with this. And the use case I have in mind is datacenter infrastructure provisioning. Usually there is no expilcit need to do this after initialization. If manipulation of partitions should be done later, then it can be solved by the tools we already have. One exception that comes to my mind is lvm and zfs/btrfs subvolume creation for vms, but that is on the vm provisioning layer. I would really like to see guixsd on the infrastructure layer, because the current situation is quite problematic. > -- > Chris > [-- Attachment #2: Type: text/html, Size: 6590 bytes --] ^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: Installation 2018-01-17 14:35 ` Installation Ludovic Courtès 2018-01-17 15:47 ` Installation Ricardo Wurmus @ 2018-01-18 2:29 ` George myglc2 Clemmer 2018-01-18 9:29 ` Drive identifiers Danny Milosavljevic 1 sibling, 1 reply; 23+ messages in thread From: George myglc2 Clemmer @ 2018-01-18 2:29 UTC (permalink / raw) To: Ludovic Courtès; +Cc: Guix-devel On 01/17/2018 at 15:35 Ludovic Courtès writes: > Hi Gábor, > > Gábor Boskovits <boskovits@gmail.com> skribis: > >> I believe, that we could make a powerful extension to guixsd if we could do >> an installation from an installation description. >> >> I think this installation description should look like the operating-system description we >> already have. > > In what way would it defer? :-) > > ‘operating-system’ *is* an “installation description.” War story, FWIW: In the past I have upgraded systems from Guix/Debian and and from GuixSD to new system disks by simply doing 'guix system init config.scm'. I found this a lot easier than using an install disk. The only problem I hit was that removing the original system disk caused the boot to hang but putting it back into the original slot and pointing the the BIOS at the new disk booted just fine from the new disk. The behavior I observed at the time is described in bug#23072: https://lists.gnu.org/archive/html/bug-guix/2016-03/msg00182.html IIRC the details are: when running on a system disk (say: /dev/sda) and installing to new disk (say: /dev/sdb) you must set the bootloader target to /dev/sdb so the boot loader will be copied to the new system disk. But, at least on my servers, when I remove the original system disk, the new disk system becomes /dev/sda, and the bootloader fails. Presumably this happens when, at boot time, the previously specified target no longer matches the current deviceID of the actual boot device. I am actively interested in perfecting my understanging of this topic because I am about to overhall my server configs, and plan to use the approach again. So Ludo’, if you see faulty logic above I would love to hear about it. TIA - George ^ permalink raw reply [flat|nested] 23+ messages in thread
* Drive identifiers 2018-01-18 2:29 ` Installation George myglc2 Clemmer @ 2018-01-18 9:29 ` Danny Milosavljevic 2018-01-18 9:39 ` Danny Milosavljevic ` (2 more replies) 0 siblings, 3 replies; 23+ messages in thread From: Danny Milosavljevic @ 2018-01-18 9:29 UTC (permalink / raw) To: George myglc2 Clemmer; +Cc: Guix-devel > IIRC the details are: when running on a system disk (say: /dev/sda) and > installing to new disk (say: /dev/sdb) you must set the bootloader > target to /dev/sdb so the boot loader will be copied to the new system ^ | +--- we could change that to enable specifying a model and serial number > disk. > But, at least on my servers, when I remove the original system > disk, the new disk system becomes /dev/sda, and the bootloader fails. It does? What error message does it fail with? Does the grub shell still start? I thought grub's "search" facility existed to prevent this exact scenario (since it searches for the actual file / uuid on all drives it should be immune to drive swapping - within reason). It would be possible for us to find out the drive's serial number (which should be somewhat unique and persistent): $ udevadm info --query=all --name=/dev/sda | grep ID_SERIAL # SSD E: ID_SERIAL=Samsung_SSD_850_EVO_1TB_S21DNXAGB15171J E: ID_SERIAL_SHORT=S21DNXAGB15171J $ udevadm info --query=all --name=/dev/sdb | grep ID_SERIAL # SD card in X200 E: ID_SERIAL=RICOH_R5U880FlashMedia_R5U880-00003-0:0 E: ID_SERIAL_SHORT=R5U880-00003 Maybe we could make the user specify the serial number in the operating-system bootloader-configuration. Installing the bootloader to the wrong drive would be very bad otherwise. Also, it's not exactly declarative if the labels sda, sdb etc can move around - and reconfiguring / booting ends up like a game of musical chairs. Although if a drive fails and an administrator replaces it by a new drive, one would have to change the operating-system configuration and reconfigure (which could potentially download gigabytes of data and take hours). Not ideal. Maybe store the original serial number into a file on disk and make Guix fall back to checking those in a second pass (with a warning). (Guix could still call the bootloader's installer with the name of the device file it found out - so it wouldn't be an involved change) We would still have to check what happens with the hard drive emulators of CD-ROMs - do these have a unique persistent serial number? ^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: Drive identifiers 2018-01-18 9:29 ` Drive identifiers Danny Milosavljevic @ 2018-01-18 9:39 ` Danny Milosavljevic 2018-01-18 10:32 ` Ludovic Courtès 2018-01-18 20:10 ` myglc2 2018-01-19 0:43 ` myglc2 2 siblings, 1 reply; 23+ messages in thread From: Danny Milosavljevic @ 2018-01-18 9:39 UTC (permalink / raw) To: Guix-devel Modification would be: guix/scripts/system.scm install-bootloader should resolve target, like if target doesn't startwith "/dev/" compare target with ID_SERIAL using udevinfo, return device name else as before gnu/system/vm.scm qemu-image should resolve target likewise before calling initialize-hard-disk. I wonder how qemu drive serial numbers work. https://serverfault.com/questions/318755/qemu-can-i-set-the-serial-number-on-a-virtual-scsi-device ^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: Drive identifiers 2018-01-18 9:39 ` Danny Milosavljevic @ 2018-01-18 10:32 ` Ludovic Courtès 2018-01-18 11:01 ` Danny Milosavljevic 2018-01-19 14:35 ` Danny Milosavljevic 0 siblings, 2 replies; 23+ messages in thread From: Ludovic Courtès @ 2018-01-18 10:32 UTC (permalink / raw) To: Danny Milosavljevic; +Cc: Guix-devel Danny Milosavljevic <dannym@scratchpost.org> skribis: > guix/scripts/system.scm install-bootloader should resolve target, like > > if target doesn't startwith "/dev/" > compare target with ID_SERIAL using udevinfo, return device name > else > as before Do GRUB, U-Boot, and co. provide a way to refer to drivers by serial number? If they do, perhaps we can just pass them the ‘target’ string and let them do the right thing. Ludo’. ^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: Drive identifiers 2018-01-18 10:32 ` Ludovic Courtès @ 2018-01-18 11:01 ` Danny Milosavljevic 2018-01-19 14:35 ` Danny Milosavljevic 1 sibling, 0 replies; 23+ messages in thread From: Danny Milosavljevic @ 2018-01-18 11:01 UTC (permalink / raw) To: Ludovic Courtès; +Cc: Guix-devel Hi Ludo, On Thu, 18 Jan 2018 11:32:11 +0100 ludo@gnu.org (Ludovic Courtès) wrote: > Do GRUB, U-Boot, and co. provide a way to refer to drivers by serial > number? Not that I know of. udev (and ID_SERIAL) is a relatively (10 years) recent invention. I don't think there was a generic way to easily (without having a dozen different tools depending on the hardware type) get serial numbers before it. I also don't think a bootloader would have all the necessary drivers to find that out either. It would be nice, sure. But once the bootloader is loaded (by the BIOS or ROM loader), it really doesn't need the whole-drive any more, just the partitions. And those have UUIDs right inside the partition on disk. But if bootloaders do after all support drive serial numbers I'd like to hear it :) ^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: Drive identifiers 2018-01-18 10:32 ` Ludovic Courtès 2018-01-18 11:01 ` Danny Milosavljevic @ 2018-01-19 14:35 ` Danny Milosavljevic 1 sibling, 0 replies; 23+ messages in thread From: Danny Milosavljevic @ 2018-01-19 14:35 UTC (permalink / raw) To: Ludovic Courtès; +Cc: Guix-devel Even better: Using /dev/disk/by-id , I think this already works now with no user-space changes! (bootloader (grub-configuration (device "/dev/disk/by-id/ata-Samsung_SSD_850_EVO_1TB_S21DNXAGB15171J"))) Reconfiguring as we speak... Yep. Works. ^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: Drive identifiers 2018-01-18 9:29 ` Drive identifiers Danny Milosavljevic 2018-01-18 9:39 ` Danny Milosavljevic @ 2018-01-18 20:10 ` myglc2 2018-01-19 8:27 ` Danny Milosavljevic 2018-01-19 0:43 ` myglc2 2 siblings, 1 reply; 23+ messages in thread From: myglc2 @ 2018-01-18 20:10 UTC (permalink / raw) To: Danny Milosavljevic; +Cc: Guix-devel On 01/18/2018 at 10:29 Danny Milosavljevic writes: >> IIRC the details are: when running on a system disk (say: /dev/sda) and >> installing to new disk (say: /dev/sdb) you must set the bootloader >> target to /dev/sdb so the boot loader will be copied to the new system > ^ > | > +--- we could change that to enable specifying a model and > serial number > >> disk. > >> But, at least on my servers, when I remove the original system >> disk, the new disk system becomes /dev/sda, and the bootloader fails. > > It does? What error message does it fail with? Does the grub shell > still start? I am recounting what I experienced almost 2 years ago, see bug#23072. The bug is sill open. [...] > Maybe we could make the user specify the serial number in the operating-system > bootloader-configuration. Installing the bootloader to the wrong > drive would be very bad otherwise. Also, it's not exactly declarative if the > labels sda, sdb etc can move around - and reconfiguring / booting ends up like > a game of musical chairs. [...] I would not recommend doing this because forcing the specification of serial number would further complicate the system config process for all users but provide insurance that, at best, would protect only the small subset of users with multiple drives. IOW, it would force everybody to buy insurance that single drive guixSD users will never need, and savvy sysadmins won't want. WRT multi-drive systems, the most pressing issue involves raided system drives. (e.g, see my config below). This works great but has a HUGE vulnerability: When the raid member holding the bootloader fails (e.g. "/dev/nvme0n1" below) the system is unbootable. On my Debian systems I easily fix this by duplicating the boot loader to all the raid members. But this doesn't work on GuixSD because the bootloader is constantly changing. So the most pressing need, IMO, is to provide a way to maintain the bootloader on multiple targets (e.g., all the mapped devices in "/dev/md3" below). ;; RAID1 root using 1 NVMe SSD + 2 HDs (bootloader (grub-configuration (target "/dev/nvme0n1") (terminal-outputs '(console)) (terminal-inputs '(serial console)) (serial-speed 115200) )) (initrd (lambda (file-systems . rest) (apply base-initrd file-systems #:extra-modules '("raid1") rest))) (mapped-devices (list (mapped-device (source '("/dev/nvme0n1p1" "/dev/sda1" "/dev/sdb1")) (target "/dev/md3") (type raid-device-mapping)))) (file-systems (cons (file-system (title 'device) (device "/dev/md3") (mount-point "/") (type "ext4") (dependencies mapped-devices)) %base-file-systems)) (swap-devices '("/dev/nvme0n1p2" )) HTH - George ^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: Drive identifiers 2018-01-18 20:10 ` myglc2 @ 2018-01-19 8:27 ` Danny Milosavljevic 0 siblings, 0 replies; 23+ messages in thread From: Danny Milosavljevic @ 2018-01-19 8:27 UTC (permalink / raw) To: myglc2; +Cc: Guix-devel > bug#23072. The bug is sill open. From the bug report: >>> "clocksource: Switched to clocksource tsc" That's a Linux kernel message - so grub is innocent. It loaded the Linux kernel. I recommend mounting the root by UUID, then it will be found. > I would not recommend doing this because forcing the specification of > serial number would further complicate the system config process for all > users but provide insurance that, at best, would protect only the small > subset of users with multiple drives. IOW, it would force everybody to > buy insurance that single drive guixSD users will never need, and savvy > sysadmins won't want. It would just be an option. The user could also specify the device by name. Having a declarative specification with non-persistent names in it is dangerous. > WRT multi-drive systems, the most pressing issue involves raided system > drives. (e.g, see my config below). This works great but has a HUGE > vulnerability: When the raid member holding the bootloader fails > So the most pressing need, IMO, is to provide a way > to maintain the bootloader on multiple targets (e.g., all the mapped > devices in "/dev/md3" below). Makes sense. Please file a bug report about it... I think installing the bootloader on multiple devices is the easy part. Does it also require grub.conf on multiple devices or is that part already RAID-aware then? ^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: Drive identifiers 2018-01-18 9:29 ` Drive identifiers Danny Milosavljevic 2018-01-18 9:39 ` Danny Milosavljevic 2018-01-18 20:10 ` myglc2 @ 2018-01-19 0:43 ` myglc2 2018-01-19 7:22 ` Danny Milosavljevic 2018-01-19 16:42 ` Ricardo Wurmus 2 siblings, 2 replies; 23+ messages in thread From: myglc2 @ 2018-01-19 0:43 UTC (permalink / raw) To: Danny Milosavljevic; +Cc: Guix-devel On 01/18/2018 at 10:29 Danny Milosavljevic writes: [...] > Maybe we could make the user specify the serial number in the operating-system > bootloader-configuration. Installing the bootloader to the wrong > drive would be very bad otherwise. Also, it's not exactly declarative if the > labels sda, sdb etc can move around - and reconfiguring / booting ends up like > a game of musical chairs. > > Although if a drive fails and an administrator replaces it by a new drive, > one would have to change the operating-system configuration and reconfigure > (which could potentially download gigabytes of data and take hours). > > Not ideal. > > Maybe store the original serial number into a file on disk and make Guix > fall back to checking those in a second pass (with a warning). > > (Guix could still call the bootloader's installer with the name of the > device file it found out - so it wouldn't be an involved change) > > We would still have to check what happens with the hard drive emulators of > CD-ROMs - do these have a unique persistent serial number? Hi Danny, I commented in a separate post on requiring our users to provide the drive SN in the config file. Here I comment on consequences of having the SN of a HD in a file held by that HD. IMO this is like having the directory name in a file held by the directory. Both raise the same issue: the file is no longer relocatable. In our case, as you point out, this creates a new error case. Unfortunately we can't possibly know the best way to handle it. E.G.: If the user has created an image backup of a mission-critical GuixSD server and if they start it on a second server as a warm-backup and if they have forgotten to change critical identify files (say hostname) and if this can cause both servers to become corrupted, halting on this error might be helpful. But first we should consider how many "ifs" I used to construct this hypothetical downside. Maybe we are protecting against very unlikely downsides. Second: if we halt the user may well say, "Yep, it's an image BU", override the error, and end up in the same fix ;-) OTOH, if our user is feverishly trying to start the image because the primary server failed, halting hurts the user. I expect that, in practice, the latter case will be much more likely than the former. HTH - George ^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: Drive identifiers 2018-01-19 0:43 ` myglc2 @ 2018-01-19 7:22 ` Danny Milosavljevic 2018-01-19 16:42 ` Ricardo Wurmus 1 sibling, 0 replies; 23+ messages in thread From: Danny Milosavljevic @ 2018-01-19 7:22 UTC (permalink / raw) To: myglc2; +Cc: Guix-devel Hi, On Thu, 18 Jan 2018 19:43:54 -0500 myglc2@gmail.com wrote: > Here I comment on consequences of having > the SN of a HD in a file held by that HD. IMO this is like having the > directory name in a file held by the directory. Both raise the same > issue: the file is no longer relocatable. > > In our case, as you point out, this creates a new error > case. Unfortunately we can't possibly know the best way to handle > it. Yeah, I thought about it some more and I think the best way to handle it is to NOT store the SN in a file on disk and to not have a second pass. If we implement it in a way that "guix system init" and "guix system reconfigure" only resolve the SN to a device name and then install to the device by device name it means that even when doing a drive replacement, grub will still boot from the new drive (because it just boots from whatever fixed device it was installed to and doesn't care about the SN). Once the user reconfigures guix the next time (for something unrelated maybe) they'll get an error message because a drive with that SN is not found. What was I thinking with the extra file? It's better without :) ^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: Drive identifiers 2018-01-19 0:43 ` myglc2 2018-01-19 7:22 ` Danny Milosavljevic @ 2018-01-19 16:42 ` Ricardo Wurmus 2018-01-24 14:12 ` Ludovic Courtès 1 sibling, 1 reply; 23+ messages in thread From: Ricardo Wurmus @ 2018-01-19 16:42 UTC (permalink / raw) To: myglc2; +Cc: Guix-devel myglc2@gmail.com writes: > On 01/18/2018 at 10:29 Danny Milosavljevic writes: > > [...] > >> Maybe we could make the user specify the serial number in the operating-system >> bootloader-configuration. Installing the bootloader to the wrong >> drive would be very bad otherwise. Also, it's not exactly declarative if the >> labels sda, sdb etc can move around - and reconfiguring / booting ends up like >> a game of musical chairs. >> >> Although if a drive fails and an administrator replaces it by a new drive, >> one would have to change the operating-system configuration and reconfigure >> (which could potentially download gigabytes of data and take hours). >> >> Not ideal. >> >> Maybe store the original serial number into a file on disk and make Guix >> fall back to checking those in a second pass (with a warning). >> >> (Guix could still call the bootloader's installer with the name of the >> device file it found out - so it wouldn't be an involved change) >> >> We would still have to check what happens with the hard drive emulators of >> CD-ROMs - do these have a unique persistent serial number? > > Hi Danny, > > I commented in a separate post on requiring our users to provide the > drive SN in the config file. Here I comment on consequences of having > the SN of a HD in a file held by that HD. IMO this is like having the > directory name in a file held by the directory. Both raise the same > issue: the file is no longer relocatable. > > In our case, as you point out, this creates a new error > case. Unfortunately we can't possibly know the best way to handle > it. E.G.: If the user has created an image backup of a mission-critical > GuixSD server and if they start it on a second server as a warm-backup > and if they have forgotten to change critical identify files (say > hostname) and if this can cause both servers to become corrupted, > halting on this error might be helpful. The configuration is written in Guile, so you could run code before returning the operating-system configuration value. I do this in my config, because I’ve been reinstalling my system onto a newly formatted disk: --8<---------------cut here---------------start------------->8--- ;; Get the UUID of the encrypted disk (define %uuid (let* ((port (open-input-pipe "blkid -s UUID -o value /dev/sda1")) (str (read-line port))) (close-pipe port) str)) … (operating-system … (mapped-devices (list (mapped-device (source (uuid %uuid)) (target "root") (type luks-device-mapping)))) --8<---------------cut here---------------end--------------->8--- People who are worried about changing device identifiers when restoring from backup could use a similar mechanism to obtain the identifier on the target at runtime. -- Ricardo GPG: BCA6 89B6 3655 3801 C3C6 2150 197A 5888 235F ACAC https://elephly.net ^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: Drive identifiers 2018-01-19 16:42 ` Ricardo Wurmus @ 2018-01-24 14:12 ` Ludovic Courtès 0 siblings, 0 replies; 23+ messages in thread From: Ludovic Courtès @ 2018-01-24 14:12 UTC (permalink / raw) To: Ricardo Wurmus; +Cc: Guix-devel, myglc2 Ricardo Wurmus <rekado@elephly.net> skribis: > ;; Get the UUID of the encrypted disk > (define %uuid > (let* ((port (open-input-pipe "blkid -s UUID -o value /dev/sda1")) > (str (read-line port))) > (close-pipe port) > str)) > … > (operating-system … > (mapped-devices (list (mapped-device > (source (uuid %uuid)) > (target "root") > (type luks-device-mapping)))) It’s a weird example because the idea of UUIDs is precisely to *not* record the partition’s /dev name. :-) Ludo’. ^ permalink raw reply [flat|nested] 23+ messages in thread
end of thread, other threads:[~2018-01-24 14:12 UTC | newest] Thread overview: 23+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2018-01-09 12:43 Installation Gábor Boskovits 2018-01-17 14:35 ` Installation Ludovic Courtès 2018-01-17 15:47 ` Installation Ricardo Wurmus 2018-01-17 19:35 ` Installation Gábor Boskovits 2018-01-18 10:27 ` Installation Ludovic Courtès 2018-01-18 10:29 ` Installation Ludovic Courtès 2018-01-18 12:05 ` Installation ng0 2018-01-18 15:11 ` Installation Ricardo Wurmus 2018-01-18 16:41 ` Installation myglc2 2018-01-22 4:38 ` Installation Chris Marusich 2018-01-22 8:29 ` Installation Gábor Boskovits 2018-01-18 2:29 ` Installation George myglc2 Clemmer 2018-01-18 9:29 ` Drive identifiers Danny Milosavljevic 2018-01-18 9:39 ` Danny Milosavljevic 2018-01-18 10:32 ` Ludovic Courtès 2018-01-18 11:01 ` Danny Milosavljevic 2018-01-19 14:35 ` Danny Milosavljevic 2018-01-18 20:10 ` myglc2 2018-01-19 8:27 ` Danny Milosavljevic 2018-01-19 0:43 ` myglc2 2018-01-19 7:22 ` Danny Milosavljevic 2018-01-19 16:42 ` Ricardo Wurmus 2018-01-24 14:12 ` Ludovic Courtès
Code repositories for project(s) associated with this external index https://git.savannah.gnu.org/cgit/guix.git This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.