Getting Started 入门指南
Ignition is a low-level system configuration utility. The Ignition executable is part of the temporary initial root filesystem, the initramfs. When Ignition runs on the first boot, it finds configuration data in a named location for a given environment, such as a file or URL, and applies it to the machine before switch_root
is called to pivot to the machine’s root filesystem.
点火是一个低级系统配置实用程序。点火可执行文件是临时初始根文件系统 initramfs 的一部分。当点火在第一次启动时运行时,它会在给定环境的命名位置找到配置数据,例如文件或 URL,并在调用 switch_root
以将机器切换到机器的根文件系统之前将其应用于机器。
Ignition uses a JSON configuration file to represent the set of changes to be made. The format of this config is detailed in the specification and the MIME type is registered with IANA. One of the most important parts of this config is the version number. This must match the version number accepted by Ignition. If the config version isn’t accepted by Ignition, Ignition will fail to run and the machine will not boot. This can be seen by inspecting the console output of the failed machine. For more information, check out the troubleshooting section.
点火使用 JSON 配置文件表示要进行的更改集。此配置的格式在规范中详细说明,并且 MIME 类型已在 IANA 中注册。此配置中最重要的部分之一是版本号。这必须与 Ignition 接受的版本号匹配。如果 Ignition 不接受配置版本,则 Ignition 将无法运行,机器将无法启动。可以通过检查失败机器的控制台输出来看到这一点。有关更多信息,请查看故障排除部分。
Providing a Config 提供配置
Ignition will choose where to look for configuration based on the underlying platform. A list of supported platforms and metadata sources is provided for reference.
点火将根据底层平台选择配置查找位置。提供支持的平台列表和元数据源以供参考。
The configuration must be passed to Ignition through the designated data source. Please refer to Ignition config examples to learn about writing config files.
配置必须通过指定的数据源传递给 Ignition。请参考 Ignition 配置示例,了解如何编写配置文件。
This data source can be overridden by specifying a configuration URL via the kernel command-line options.
可以通过在内核命令行选项中指定配置 URL 来覆盖此数据源。
The Linux distro may provide a base config which specifies default configuration, such as a default user. This data source is merged with this base config before it is applied. See the operator notes for more information on config merging.
Linux 发行版可能提供一个基本配置,其中指定了默认配置,比如默认用户。在应用之前,此数据源将与此基本配置合并。有关配置合并的更多信息,请参阅操作员说明。
Config Validation 配置验证
To validate a config for Ignition there are binaries for a cli tool called ignition-validate
available on the releases page. There is also an ignition-validate container: quay.io/coreos/ignition-validate
.
要验证 Ignition 的配置,可以在发布页面上找到一个名为 ignition-validate
的 cli 工具的二进制文件。还有一个名为 ignition-validate 的容器: quay.io/coreos/ignition-validate
。
Example: 例子:
# This example uses podman, but docker can be used too
podman run --pull=always --rm -i quay.io/coreos/ignition-validate:release - < myconfig.ign
Troubleshooting 故障排除
Gathering Logs 收集日志
The single most useful piece of information needed when troubleshooting is the log from Ignition. Ignition runs in multiple stages so it’s easiest to filter by the syslog identifier: ignition
. When using systemd, this can be accomplished with the following command:
在故障排除时最有用的信息是来自 Ignition 的日志。Ignition 在多个阶段运行,因此最容易通过 syslog 标识符进行过滤: ignition
。在使用 systemd 时,可以使用以下命令来实现:
journalctl --identifier=ignition --all
In the event that this doesn’t yield any results, running as root may help. There are circumstances where the journal isn’t owned by the systemd-journal group or the current user is not a part of that group.
如果这没有产生任何结果,以 root 用户身份运行可能会有所帮助。有些情况下,日志文件可能不属于 systemd-journal 组,或者当前用户不是该组的成员。
Increasing Verbosity 增加冗余度
In cases where the machine fails to boot, it’s sometimes helpful to ask journald to log more information to the console. This makes it easy to access the Ignition logs in environments where no interactive console is available. The following kernel parameter will increase the console’s log output, making all of Ignition’s logs visible:
在机器无法启动的情况下,有时向 journald 请求将更多信息记录到控制台可能会有所帮助。这样可以在没有交互式控制台的环境中轻松访问 Ignition 日志。以下内核参数将增加控制台的日志输出,使所有 Ignition 的日志可见:
systemd.journald.max_level_console=debug
Validating the Configuration
验证配置
One common cause for Ignition failures is a malformed configuration (e.g. a misspelled section or incorrect hierarchy). Ignition will log errors, warnings, and other notes about the configuration that it parsed, so this can be used to debug issues with the configuration provided. See also the Config Validation section.
点火失败的一个常见原因是配置文件格式不正确(例如,拼写错误的部分或不正确的层次结构)。 点火将记录有关其解析的配置的错误、警告和其他说明,因此可以用来调试提供的配置的问题。 另请参见配置验证部分。
Enabling systemd Services
启用 systemd 服务
When Ignition enables systemd services, it doesn’t directly create the symlinks necessary for systemd; it leverages systemd presets. Presets are only evaluated on first boot, which can result in confusion if Ignition is forced to run more than once. Any systemd services which have been enabled in the configuration after the first boot won’t actually be enabled after the next invocation of Ignition. systemctl preset-all
will need to be manually invoked to create the necessary symlinks, enabling the services.
当 Ignition 启用 systemd 服务时,它不会直接创建 systemd 所需的符号链接;它利用 systemd 预设。 预设仅在第一次引导时进行评估,如果强制多次运行 Ignition,则可能会导致混淆。 在第一次引导后在配置中启用的任何 systemd 服务在下一次调用 Ignition 后实际上不会被启用。 需要手动调用 systemctl preset-all
来创建必要的符号链接,从而启用服务。
Ignition is not typically run more than once during a machine’s lifetime in a given role, so this situation requiring manual systemd intervention does not commonly arise.
在给定角色中,点火通常在机器的整个生命周期内不会运行多次,因此不常出现需要手动进行 systemd 干预的情况。