Bug 1686919 - Issues with cloud/iot images due to not being able to specify msdos partitions when underlying host is booted with UEFI
Summary: Issues with cloud/iot images due to not being able to specify msdos partition...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: python-blivet
Version: 30
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Blivet Maintenance Team
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard: AcceptedBlocker
Depends On:
Blocks: F30BetaBlocker
TreeView+ depends on / blocked
 
Reported: 2019-03-08 16:33 UTC by Peter Robinson
Modified: 2019-03-21 14:40 UTC (History)
10 users (show)

Fixed In Version: python-blivet-3.1.3-2.fc30
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-03-12 20:00:52 UTC


Attachments (Terms of Use)

Description Peter Robinson 2019-03-08 16:33:39 UTC
Causing issues with AWS images now the infra can compose images to support secure boot.

Upstream PR with fix: https://github.com/storaged-project/blivet/pull/764

releng ticket: https://pagure.io/releng/issue/8197

Will need a ks tweak once this lands. As it's not changing the defaults this is low impact as it needs to be explicitly selected.

Needed for F-29+

Comment 1 Fedora Blocker Bugs Application 2019-03-08 16:34:48 UTC
Proposed as a Blocker for 30-beta by Fedora user pbrobinson using the blocker tracking app because:

 Issues with both IoT and cloud images (and likely FCoS).

Comment 2 Adam Williamson 2019-03-08 16:37:31 UTC
Define 'issue' - what's the practical upshot of this exactly? Thanks!

Comment 3 Peter Robinson 2019-03-08 16:42:46 UTC
(In reply to Adam Williamson from comment #2)
> Define 'issue' - what's the practical upshot of this exactly? Thanks!

Sorry, should have been more explicit. The AWS images don't boot due to the default change from msdos to GPT when booting as UEFI. AWS doesn't support GPT partition for Linux.

Comment 4 Adam Williamson 2019-03-08 17:09:48 UTC
Thanks. I am somewhat concerned about the implication of this change in other scenarios - see https://github.com/storaged-project/blivet/pull/764#issuecomment-471003146 .

Comment 5 Fedora Update System 2019-03-11 14:24:18 UTC
python-blivet-3.1.3-2.fc30 has been submitted as an update to Fedora 30. https://bodhi.fedoraproject.org/updates/FEDORA-2019-2fee6bf706

Comment 6 Fedora Update System 2019-03-11 14:39:30 UTC
python-blivet-3.1.2-3.fc29 has been submitted as an update to Fedora 29. https://bodhi.fedoraproject.org/updates/FEDORA-2019-9dc9d64b2f

Comment 7 Fedora Update System 2019-03-11 14:42:11 UTC
python-blivet-3.1.3-2.fc30 has been pushed to the Fedora 30 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2019-2fee6bf706

Comment 8 Adam Williamson 2019-03-11 16:51:17 UTC
Sorry, a bit late, but what do you mean by:

"The AWS images don't boot due to the default change from msdos to GPT when booting as UEFI"

? There was no "change". anaconda has always defaulted to GPT for UEFI images. Is there actually some scenario here where something worked in Fedora 29 but does not in Fedora 30, or is this some new situation we now want to support?

Comment 9 Peter Robinson 2019-03-11 16:53:47 UTC
(In reply to Adam Williamson from comment #8)
> Sorry, a bit late, but what do you mean by:
> 
> "The AWS images don't boot due to the default change from msdos to GPT when
> booting as UEFI"
> 
> ? There was no "change". anaconda has always defaulted to GPT for UEFI
> images. Is there actually some scenario here where something worked in
> Fedora 29 but does not in Fedora 30, or is this some new situation we now
> want to support?

Details in the referenced rel-eng ticket: https://pagure.io/releng/issue/8197

Comment 10 Adam Williamson 2019-03-11 17:02:01 UTC
OK, never mind, I figured it out from the releng ticket.

For the record, it appears we have always built our images intended for the cloud (that is, not just our Cloud images, but any image we build intended to boot in cloud environments) as BIOS-native until recently, when a change landed in oz:

https://github.com/clalancette/oz/pull/269

which builds them as UEFI-native instead (apparently in order to allow the use of Secure Boot for improved security). However, EC2 does not support UEFI-on-GPT for anything but Windows (even though this is how just about every real UEFI system ever is configured), requiring UEFI-on-MBR (a setup that otherwise just about nobody uses).

So the result is we are now building UEFI-native cloud images, but they don't boot on EC2 because they are GPT-labelled and Amazon doesn't support that.

There are obviously at least two possible resolutions to this:

1) Try and set things up so we can build UEFI-on-MBR images that work, and hopefully not break anything else in the process
2) Just go back to building BIOS-on-MBR images like before

releng was initially leaning towards 2), but pbrobinson asked for 1), and that's what this bug is trying to achieve.

Comment 11 Geoffrey Marr 2019-03-11 20:26:11 UTC
Discussed during the 2019-03-11 blocker review meeting: [1]

The decision to classify this bug as an "AcceptedBlocker" was made as it violates the following criteria:

"...Release-blocking cloud images must boot in the Fedora OpenStack Cloud and in Amazon EC2."

To be clear, we block on the images not booting: if UEFI-on-MBR cannot be made to work, reverting to BIOS-on-MBR would also resolve the blocker.

[1] https://meetbot.fedoraproject.org/fedora-blocker-review/2019-03-11/f30-blocker-review.2019-03-11-16.04.txt

Comment 12 Fedora Update System 2019-03-11 20:49:01 UTC
python-blivet-3.1.2-3.fc29 has been pushed to the Fedora 29 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2019-9dc9d64b2f

Comment 13 Fedora Update System 2019-03-12 20:00:52 UTC
python-blivet-3.1.3-2.fc30 has been pushed to the Fedora 30 stable repository. If problems still persist, please make note of it in this bug report.

Comment 14 Fedora Update System 2019-03-20 22:12:51 UTC
python-blivet-3.1.2-3.fc29 has been pushed to the Fedora 29 stable repository. If problems still persist, please make note of it in this bug report.

Comment 15 Fedora Update System 2019-03-21 14:40:30 UTC
python-blivet-3.1.2-3.fc29 has been pushed to the Fedora 29 stable repository. If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.