dustymabe reported a new issue against the project: `atomic-wg` that you are following:
``
CoreOS has a project called [ignition](https://github.com/coreos/ignition) that hooks into early boot processes in the initramfs (i.e. before and after the root filesystem is mounted) and allows for configuration of the system. This is an alternative to cloud-init, that is focused on specific tasks. Let's investigate this for Fedora and Atomic Host.
``
To reply, visit the link below or just reply to this email
https://pagure.io/atomic-wg/issue/450
jdoss reported a new issue against the project: `atomic-wg` that you are following:
``
There seems at least one thread [1] on the mailing list that talks about getting kernel modules built on Atomic, but nothing that I could find has been created here to figure out the best path forward on supporting kernel modules.
The use case that I am personally trying to fix is getting WireGuard working on Atomic. I maintain the RHEL/CentOS/Fedora Copr for WireGuard [2] and DKMS works pretty well for providing the WireGuard kernel module on non-atomic based installs. I have had some WireGuard users try and use the Copr RPMs on Atomic Host which resulted in failure. One of them was manually copying the .ko file over to get things working [3] and this isn't a really good solution long term. I now find myself in the same situation where I would like to use Wireguard on Atomic, so I am trying to figure out how to come up with a short term solution to this issue as the WireGuard devs work on getting WG pushed upstream into the mainline kernel. Even if that does happen somewhat soon, this problem will still impact others that need third party kernel modules working such as Nvidia drivers or third party monitoring services such as Sysdig [4]
I started looking at creating a system container / systemd unit file that builds a new container on boot if a new kernel is detected. The current idea is it would do the following:
1) Check to see if a new kernel module is needed
2) Bind mount the `kernel-devel` source from the Atomic Host into the container
3) Check out the current WireGuard source and build the module (manually or via DKMS)
4) Enable's the newly built kernel module via system container [5]
Some issues with this idea come to light quickly as the current Fedora Atomic Host snapshot has mismatching `kernel` and `kernel-devel` packages so building the module this way might not always work. I haven't fully figured out if this is the right path forward on getting kernel modules built. It seems that some folks have done somewhat similar things for CoreOS to get kernel module support for Nvidia based GPUs. [6] [7]
I turned to IRC to get some pointers on my above idea to solve this problem and @walters recommended that I start an issue.
[1] https://lists.projectatomic.io/projectatomic-archives/atomic-devel/2017-Nov…
[2] https://copr.fedorainfracloud.org/coprs/jdoss/wireguard/
[3] https://lists.zx2c4.com/pipermail/wireguard/2017-August/001656.html
[4] https://sysdig.com/blog/dig-into-atomic-host/
[5] https://github.com/giuseppe/hellomod
[6] https://github.com/ryanolson/CoreOS-GPU
[6] https://github.com/src-d/coreos-nvidi7
``
To reply, visit the link below or just reply to this email
https://pagure.io/atomic-wg/issue/493
dustymabe opened a new pull-request against the project: `fedora-atomic` that you are following:
``
add a few modules to initramfs to enable vmw/hyperv
``
To reply, visit the link below or just reply to this email
https://pagure.io/fedora-atomic/pull-request/114
lorbus added a new comment to an issue you are following:
``
@cverna is this done now?
``
To reply, visit the link below or just reply to this email
https://pagure.io/atomic-wg/issue/249
davdunc reported a new issue against the project: `atomic-wg` that you are following:
``
I have made arrangements with Mattdm to host Marketplace AMIs of F27 in the AWS Marketplace. These will be hosted by me as a member of the Fedora community. This allows us to get around certain legal issues that have heretofore prevented the images hosting.
* Need Fedora Marketing to assist with writeup for the listing.
* TODO F27 submission prior to release date (there is a security audit)
Account number for Marketplace deployment is 662243699625. This is legally separate from the FAS managed account.
``
To reply, visit the link below or just reply to this email
https://pagure.io/atomic-wg/issue/339
sinnykumari opened a new pull-request against the project: `atomic-wg` that you are following:
``
Update Two Week release steps with latest information
``
To reply, visit the link below or just reply to this email
https://pagure.io/atomic-wg/pull-request/515
dustymabe reported a new issue against the project: `atomic-wg` that you are following:
``
We've investigated the systemd `Delegate=true` API issue before [1](https://pagure.io/atomic-wg/issue/452) [2](https://pagure.io/atomic-wg/issue/510). runc was [fixed upstream](https://github.com/opencontainers/runc/pull/1776) but this fix only made it into openshift origin 3.11 (kube 1.11); keep in mind runc is vendored in openshift/kube so the version of the runc rpm on the system doesn't matter.
The API was [brought back](https://pagure.io/atomic-wg/issue/452#comment-506779) in F28 for us while we waited on upstreams. Now that we are moving to Fedora 29 anyone on openshift origin < 3.11 who want to upgrade/rebase to F29 will fail.
We must recommend users:
- on f28AH upgrade to origin 3.11 or greater before rebasing to f29AH
- deploying to f29AH have to use origin 3.11 or greater
- stay on f28AH (no official releases!!) if they need 3.10 or older
Note that attempting to use cgroups v1 exclusively by setting `systemd.unified_cgroup_hierarchy=0` and `systemd.legacy_systemd_cgroup_controller=1` ([man page](https://www.freedesktop.org/software/systemd/man/systemd.html#) has no effect on this because it's an [API that was withdrawn](https://pagure.io/atomic-wg/issue/452#comment-506384).
Thanks @sjenning for all the help and for providing relevant information.
``
To reply, visit the link below or just reply to this email
https://pagure.io/atomic-wg/issue/512