Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-45717

feat: Allow initrd configuration to be skipped

    • rhel-system-roles-1.82.0-0.1.el9
    • None
    • ZStream
    • 2
    • rhel-sst-system-roles
    • 1
    • QE ack, Dev ack
    • False
    • Hide

      None

      Show
      None
    • Yes
    • Red Hat Enterprise Linux
    • System Roles Sprint 3, System Roles Sprint 4
    • Approved Blocker
    • Enhancement
    • Hide
      .The `nbde_client` RHEL system role now enables you to skip running certain configurations

      With the `nbde_client` RHEL system role you can now disable the following mechanisms:

      * Initial ramdisk
      * NetworkManager flush module
      * Dracut flush module

      The `clevis-luks-askpass` utility unlocks some storage volumes late in the boot process after the NetworkManager service puts the OS on the network. Therefore, no configuration changes to the mentioned mechanisms are necessary.

      As a result, you can disable the mentioned configurations from being run to support advanced networking setups, or volume decryption to occur late in the boot process.
      Show
      .The `nbde_client` RHEL system role now enables you to skip running certain configurations With the `nbde_client` RHEL system role you can now disable the following mechanisms: * Initial ramdisk * NetworkManager flush module * Dracut flush module The `clevis-luks-askpass` utility unlocks some storage volumes late in the boot process after the NetworkManager service puts the OS on the network. Therefore, no configuration changes to the mentioned mechanisms are necessary. As a result, you can disable the mentioned configurations from being run to support advanced networking setups, or volume decryption to occur late in the boot process.
    • Done
    • None

      Enhancement:
      Allow the initrd and network manager/dracut flush module mechanisms to be disabled.

      Reason:
      We have volumes that are unlocked by `clevis-luks-askpass` late in the boot process after NetworkManager has put the system on the network, so no changes to the initrd are needed.

      The affected systems we have this arrangment on have complicated network setups (bonds, macsec, static addressing, IPv6), so the role actually breaks the boot process for them, as it does not account for anything except single NIC + DHCP + IPv4.

      Result:
      User can disable initrd configuration if required, supporting advanced network configuration to be used or decryption to occur late in the boot process.

      Issue Tracker Tickets (Jira or BZ if any):

              rmeggins@redhat.com Richard Megginson
              rmeggins@redhat.com Richard Megginson
              Richard Megginson Richard Megginson
              David Jez David Jez
              Jaroslav Klech Jaroslav Klech
              Votes:
              0 Vote for this issue
              Watchers:
              10 Start watching this issue

                Created:
                Updated:
                Resolved: