From Fedora Project Wiki

Automatic Cloud Reboot On Updates

This is a proposed Change for Fedora Linux.
This document represents a proposed Change. As part of the Changes process, proposals are publicly announced in order to receive community feedback. This proposal will only be implemented if approved by the Fedora Engineering Steering Committee.

Summary

Cloud users can provide cloud-init metadata when creating a Fedora cloud instance and that metadata can contain instructions to update all packages on the system and reboot the system if any of those updated packages need a reboot to go into effect. Fedora cloud instances should write the /var/run/reboot-required file if a reboot is needed after a dnf update so that cloud-init can reboot the instance.

Owner

Current status

  • Targeted release: Fedora Linux 39
  • Last updated: 2023-05-18
  • [<will be assigned by the Wrangler> devel thread]
  • FESCo issue: <will be assigned by the Wrangler>
  • Tracker bug: <will be assigned by the Wrangler>
  • Release notes tracker: <will be assigned by the Wrangler>

Detailed Description

Fedora cloud instances use cloud-init to do the initial configuration of the instance. This includes setting up networking, assigning a hostname, adding users/groups, and arbitrary scripts. There are also two options that you can pass to cloud-init that are important for this change:

  • package_update: If set to true, all installed packages are immediately updated on first boot
  • package_reboot_if_required: If set to true, and the package_update step wrote to /var/run/reboot-required, reboot the system immediately after updating packages

📚 For more details, see cloud-init's module reference for package_update.

Where does this /var/run/reboot-required file come from? On Debian and Ubuntu systems, apt automatically writes to /var/run/reboot-required if a reboot is needed after a package update. From there, cloud-init looks for the file (relevant cloud-init code) and if present, reboots the system immediately.

How do we write this file on Fedora? Fedora systems have a package called tracer and a corresponding dnf plugin, python3-dnf-plugin-tracer, that analyzes dnf updates and provides recommendations on reboots or user logouts to bring updates into effect on the system. A recent pull request added support for writing the /var/run/reboot-required file when a system reboot is recommended. The cloud-init tool can read this file after a package update and reboot if needed.

What does tracer's output look like? 

   [root@tracer-testing ~]# tracer 
   You should restart:
   * Some applications using:
       sudo systemctl restart NetworkManager
       sudo systemctl restart auditd
       sudo systemctl restart chronyd
       sudo systemctl restart dbus-broker
       sudo systemctl restart qemu-guest-agent
       sudo systemctl restart sshd
       sudo systemctl restart systemd-journald
       sudo systemctl restart systemd-logind
       sudo systemctl restart systemd-oomd
       sudo systemctl restart systemd-resolved
       sudo systemctl restart systemd-udevd
       sudo systemctl restart systemd-userdbd
   
   * These applications manually:
       (sd-pam)
   
   Additionally, there are:
   - 3 processes requiring restart of your session (i.e. Logging out & Logging in again)
   - 1 processes requiring reboot
   [root@tracer-testing ~]# cat /var/run/reboot-required 
   Tracer says reboot is required

What do we need to do? Add the python3-dnf-plugin-tracer plugin to Fedora cloud images. No additional configuration is necessary. This action pulls in five packages that are about 2.1MB after installation: 

   =======================================================================================
   Package                               Arch       Version             Repository  Size
   =======================================================================================
   Installing:
   python3-dnf-plugin-tracer             noarch     4.1.0-1.fc38        fedora      14 k
   Installing dependencies:
   python3-dnf-plugins-extras-common     noarch     4.1.0-1.fc38        fedora      69 k
   python3-psutil                        x86_64     5.9.2-2.fc38        fedora     271 k
   python3-tracer                        noarch     0.7.8-5.fc38        fedora     172 k
   tracer-common                         noarch     0.7.8-5.fc38        fedora      22 k
   
   Transaction Summary
   =======================================================================================
   Install  5 Packages
   
   Total download size: 547 k
   Installed size: 2.1 M

Feedback

One of the other ideas was to patch cloud-init to run tracer directly and avoid the /var/run/reboot-required file altogether. That would require a lot of work upstream in cloud-init to enable the functionality and we would still need the same set of packages installed in Fedora anyway.

Benefit to Fedora

Scope

  • Proposal owners:
  • Other developers:
  • Policies and guidelines: N/A (not needed for this Change)
  • Trademark approval: N/A (not needed for this Change)
  • Alignment with Community Initiatives:

Upgrade/compatibility impact

How To Test

User Experience

Dependencies

Contingency Plan

  • Contingency mechanism: (What to do? Who will do it?) N/A (not a System Wide Change)
  • Contingency deadline: N/A (not a System Wide Change)
  • Blocks release? N/A (not a System Wide Change), Yes/No


Documentation

N/A (not a System Wide Change)

Release Notes

Retrieved from "https://fedoraproject.org/w/index.php?title=Changes/Automatic_Cloud_Reboot_On_Updates&oldid=677730"