Loading...

XML

Word

Printable

Type: Story
Resolution: Done-Errata
Priority: Undefined
Fix Version/s: rhel-9.5
Affects Version/s: None
Component/s: rhel-system-roles
Labels:

Fixed in Build:
rhel-system-roles-1.82.0-0.1.el9
Keywords:

ZStream
sprint_count:
2

Pool Team:

rhel-sst-system-roles

Story Points:
1
ACKs Check:

QE ack, Dev ack
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Product Documentation Required:
Yes
Products:

Red Hat Enterprise Linux
Sprint:
System Roles Sprint 3, System Roles Sprint 4
Release Blocker:
Approved Blocker
Target Backport Versions:

rhel-8.10.z, rhel-9.4.z

Preliminary Testing:
Pass
Errata Link:
https://errata.engineering.redhat.com/advisory/130467
Test Coverage:

RegressionOnly

Release Note Type:
Enhancement
Release Note Text:

Hide
.The `nbde_client` RHEL system role now enables you to skip running certain configurations

With the `nbde_client` RHEL system role you can now disable the following mechanisms:

* Initial ramdisk
* NetworkManager flush module
* Dracut flush module

The `clevis-luks-askpass` utility unlocks some storage volumes late in the boot process after the NetworkManager service puts the OS on the network. Therefore, no configuration changes to the mentioned mechanisms are necessary.

As a result, you can disable the mentioned configurations from being run to support advanced networking setups, or volume decryption to occur late in the boot process.

Show
.The `nbde_client` RHEL system role now enables you to skip running certain configurations With the `nbde_client` RHEL system role you can now disable the following mechanisms: * Initial ramdisk * NetworkManager flush module * Dracut flush module The `clevis-luks-askpass` utility unlocks some storage volumes late in the boot process after the NetworkManager service puts the OS on the network. Therefore, no configuration changes to the mentioned mechanisms are necessary. As a result, you can disable the mentioned configurations from being run to support advanced networking setups, or volume decryption to occur late in the boot process.
Release Note Status:
Done

Experience:

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Planning:
None

Enhancement:
Allow the initrd and network manager/dracut flush module mechanisms to be disabled.

Reason:
We have volumes that are unlocked by `clevis-luks-askpass` late in the boot process after NetworkManager has put the system on the network, so no changes to the initrd are needed.

The affected systems we have this arrangment on have complicated network setups (bonds, macsec, static addressing, IPv6), so the role actually breaks the boot process for them, as it does not account for anything except single NIC + DHCP + IPv4.

Result:
User can disable initrd configuration if required, supporting advanced network configuration to be used or decryption to occur late in the boot process.

Issue Tracker Tickets (Jira or BZ if any):

links to

link to github pull

RHEA-2024:130467 rhel-system-roles bug fix and enhancement update

Assignee:: Richard Megginson

Reporter:: Richard Megginson

Developer:: Richard Megginson

QA Contact:: David Jez

Doc Contact:: Jaroslav Klech

Votes:: 0 Vote for this issue

Watchers:: 10 Start watching this issue

Created:: 2024/07/01 3:46 PM

Updated:: 2024/11/12 8:51 AM

Resolved:: 2024/11/12 8:51 AM

Release Date:: 2024/11/12

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates