Date: Fri, 29 Mar 2024 09:25:52 +0000 (UTC) Message-ID: <1518858960.35495.1711704352961@aws-us-west-2-lfedge-confluence-1.web.codeaurora.org> Subject: Exported From Confluence MIME-Version: 1.0 Content-Type: multipart/related; boundary="----=_Part_35494_641903765.1711704352961" ------=_Part_35494_641903765.1711704352961 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Content-Location: file:///C:/exported.html
Over the years we have accumulated quite a bit of R/W state in what, at = least initially, was meant to be a R/O filesystem: /conf. As part of our fu= ture transition to ZFS and an alternative partitioning scheme in EVE we nee= d to make sure we move all the R/W state out of it.
The following files will remain in /conf and be treated as read-only:
The pillar container will keep seeing /config as a R/W location, but unb= eknownst to it the actual location of the backing store for it will change = to /persist/config (we may even start with a symlink /config =E2=86=92 /per= sist/config to being with and gradually update pillar code to directly look= into /persist/config). It will be the job of storage-init container to use= /conf as a seed content for the /persist/confing PROVIDED that /persist/co= nfig doesn't exist.
This scheme will allow us to be able to always get to "factory defaults"= by removing all the content accumulated in /persist/conf, rebooting E= VE and getting /persist/conf back to its pristine state as recorded in a R/= O /conf.
The key improvement, however, is that the format and initial location of= the /conf will be completely hidden away from pillar container and will ef= fectively become an implementation detail of storage-init.
Most of this change should be pretty transparent to the code running in = pillar (once again =E2=80=93 the location of /conf as pillar sees it w= on't even change). The only place where we may see a change will be handlin= g of device identity (as recorded in device.cert.pem and device.k= ey.pem):