From owner-freebsd-cloud@freebsd.org Wed Apr 12 04:34:22 2017 Return-Path: Delivered-To: freebsd-cloud@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7EDEFD3A63B for ; Wed, 12 Apr 2017 04:34:22 +0000 (UTC) (envelope-from 0100015b6070c546-05c6cf24-36e1-487f-be5e-b2bb6efd4472-000000@amazonses.com) Received: from a8-13.smtp-out.amazonses.com (a8-13.smtp-out.amazonses.com [54.240.8.13]) (using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 451C5C2D for ; Wed, 12 Apr 2017 04:34:21 +0000 (UTC) (envelope-from 0100015b6070c546-05c6cf24-36e1-487f-be5e-b2bb6efd4472-000000@amazonses.com) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=ae7m2yrxjw65l2cqdpjxuucyrvy564tn; d=tarsnap.com; t=1491971655; h=Subject:To:References:From:Reply-To:Message-ID:Date:MIME-Version:In-Reply-To:Content-Type:Content-Transfer-Encoding; bh=OIbNsX9lOIof4jp7uxrUQFYykbr+wdze1M/lls57iI4=; b=mnnsKRSSKmflYKvQVQ1nO/ebFKIb4dtVZCRdDM5AiVOH2XqBa1GWuk1Qfp04PInt 2nEaPCunldhSMHAEVxBAU90yvTmS+xGQtqFfPMiM1NZRmhV+XF+D8i6ATYVo5TrRa3I Fa1Cj/I936vsXEjI7ern01rE8HYUigHJ6VAIbMRc= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=224i4yxa5dv7c2xz3womw6peuasteono; d=amazonses.com; t=1491971655; h=Subject:To:References:From:Reply-To:Message-ID:Date:MIME-Version:In-Reply-To:Content-Type:Content-Transfer-Encoding:Feedback-ID; bh=OIbNsX9lOIof4jp7uxrUQFYykbr+wdze1M/lls57iI4=; b=G+IZ6FCDUwnqVNbhLmG4qWsTIpGKGbseegVWV/h6Wk/mmpCR4y3xFQop/xZChMcb UyV2ZUhw5RcyBK03BjvrZMmbqF7FLOjNvtLg2WW5M45ictLAT3sgPtjLvUcb0duOq5j CBOm6uI48oDWXpW+EdyFZOya0zUBHrUiFiC+GIJU= Subject: Re: amazon/xen... any way at all to pass a message/signal/semaphoere/morse-code to the boot loader? To: Julian Elischer , FreeBSD Lists , Toomas Soome , freebsd-cloud@freebsd.org References: From: Colin Percival Reply-To: freebsd-cloud@freebsd.org Message-ID: <0100015b6070c546-05c6cf24-36e1-487f-be5e-b2bb6efd4472-000000@email.amazonses.com> Date: Wed, 12 Apr 2017 04:34:15 +0000 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:45.0) Gecko/20100101 Thunderbird/45.5.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-SES-Outgoing: 2017.04.12-54.240.8.13 Feedback-ID: 1.us-east-1.Lv9FVjaNvvR5llaqfLoOVbo2VxOELl7cjN0AOyXnPlk=:AmazonSES X-BeenThere: freebsd-cloud@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "FreeBSD on cloud platforms \(EC2, GCE, Azure, etc.\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Apr 2017 04:34:22 -0000 [CCing freebsd-cloud, which is the right place for discussions of FreeBSD/EC2] On 04/11/17 21:03, Julian Elischer wrote: > In Amazon ec2 they have no console access (though I heard rumors that it was > available I have not seen any sign of it) so I'd like to put a "recovery > partition" into an AMI. > The trick is how to convince it to boot to that instead of the regular action. Can you get what you want via gptboot's support for selecting the partition to boot via "bootonce" and "bootme" flags? > The ideal thing would be if there was way to 'influence' one of the smbios > values in some way, and have the boot code see it, but I'm open to any > suggestions. > I really need only 1 bit of information to get through. > > Possibilties include "changing the VM to have only 2G of ram" (we'd never do > that in a real machine). > or maybe temporarily removing all the disks other than the root drive? Almost > anything I could do to signal the boot code to behave differently. I don't think adding/removing disks will be useful, since the extra disks will be Xen blkfront devices; AFAIK the boot loader doesn't know anything about these. (The boot device is also a blkfront device but gets ATA emulation for the benefit of boot loaders.) Maybe you can repurpose some of the logic used for booting over NFS? I've never heard of people booting over NFS when the initial bootstrap comes from disk rather than PXE, but I assume it's possible...? -- Colin Percival Security Officer Emeritus, FreeBSD | The power to serve Founder, Tarsnap | www.tarsnap.com | Online backups for the truly paranoid From owner-freebsd-cloud@freebsd.org Wed Apr 12 05:30:02 2017 Return-Path: Delivered-To: freebsd-cloud@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E6732D3A205 for ; Wed, 12 Apr 2017 05:30:02 +0000 (UTC) (envelope-from bilbo@hobbiton.org) Received: from mail-qk0-x242.google.com (mail-qk0-x242.google.com [IPv6:2607:f8b0:400d:c09::242]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id A7F93C5 for ; Wed, 12 Apr 2017 05:30:02 +0000 (UTC) (envelope-from bilbo@hobbiton.org) Received: by mail-qk0-x242.google.com with SMTP id p68so2612441qke.1 for ; Tue, 11 Apr 2017 22:30:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hobbiton-org.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=5pvMK+qfhOzxxmmQPnHuAbWBL4BOFhXnZC0GAPB7njU=; b=xN0UYjeZUI7AyJWxjFZL0R7i7Z/ZxqMYAEOpq7c6kIkXrgNpTZpUxDxp+vte3AGuGr iGtTz0+IH2QBTau8RJrynWPdKcW/BjOBwhC6WNzsdpN5Zd9RAJ7DTEQB/zY88QLP5Hji 7n/XluPCQ5eHNqOUVc2gb5uEO7x9HkgrTobB07tTPl7W3jGYKRZk4uf4g2nIU+bukUbH Oa5zPBBbghg2gnHsfWaLjZdrJMs7QQVHD+rbbMRZs6KFQTennVnf2tUcPZsubMXdCXR1 GRGQvu064COXOGAart1STPZxDJiMss/qII2EteSvI4ySPMGdl2D948sMIx/BFgCJkEOs SV/Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=5pvMK+qfhOzxxmmQPnHuAbWBL4BOFhXnZC0GAPB7njU=; b=nkFb4za+xsX7JY2Xd+NVFqhvmJYEWxMEr9bh64yBptOalVM7WwOIWEEguTZw+a4JXH 3EYm6LRMrPU1Y3f6u39x96aRy7i3sSD4GnNjl5V2z6NAniM43TZ90uFLE2ANQg1hVXYZ PQRy0TmnF+kf086uXFsqBq0yqcamMMFYGBafS/6Xnt+L19DXlcUMXN/8fhaokFvpNtqU bTS+ftrfPtWRMim88PSyDuPOQ/oRfZ7959PkVojdchOYUoRGgMAOxN1kVuqdxCbvRXKS 6JJGDo4rQTtfZiriMornuILDF6/bz84UGL48d1mCHuQ9UZYE+SqoXYlXuKTscH3C7PVD n78w== X-Gm-Message-State: AFeK/H3pMVk2u4vSrRLleUb/EjQ1AkSM5bImxUD9BbqwLXIrFQsZhjhPUNBIUJ/h/6h733h0I5pIuzYYFMHg8g== X-Received: by 10.55.189.130 with SMTP id n124mr61993992qkf.235.1491975001677; Tue, 11 Apr 2017 22:30:01 -0700 (PDT) MIME-Version: 1.0 Received: by 10.12.135.246 with HTTP; Tue, 11 Apr 2017 22:30:00 -0700 (PDT) X-Originating-IP: [208.72.151.19] Received: by 10.12.135.246 with HTTP; Tue, 11 Apr 2017 22:30:00 -0700 (PDT) In-Reply-To: <0100015b6070c546-05c6cf24-36e1-487f-be5e-b2bb6efd4472-000000@email.amazonses.com> References: <0100015b6070c546-05c6cf24-36e1-487f-be5e-b2bb6efd4472-000000@email.amazonses.com> From: Leif Pedersen Date: Wed, 12 Apr 2017 00:30:00 -0500 Message-ID: Subject: Re: amazon/xen... any way at all to pass a message/signal/semaphoere/morse-code to the boot loader? To: freebsd-cloud@freebsd.org Cc: Toomas Soome , Julian Elischer , freebsd-xen@freebsd.org Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-cloud@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "FreeBSD on cloud platforms \(EC2, GCE, Azure, etc.\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Apr 2017 05:30:03 -0000 I keep an extra EBS volume handy that has a simple recovery image. If I get stuck into a trouble, I change the normal boot disk to sdb, and attach my recovery volume as sda1. Essentially, the extra volume is my "recovery partition". To make it cheaper, keep only a snapshot of it. Same idea on Google Compute Engine. On Apr 11, 2017 11:34 PM, "Colin Percival" wrote: > [CCing freebsd-cloud, which is the right place for discussions of > FreeBSD/EC2] > > On 04/11/17 21:03, Julian Elischer wrote: > > In Amazon ec2 they have no console access (though I heard rumors that it > was > > available I have not seen any sign of it) so I'd like to put a "recovery > > partition" into an AMI. > > The trick is how to convince it to boot to that instead of the regular > action. > > Can you get what you want via gptboot's support for selecting the partition > to boot via "bootonce" and "bootme" flags? > > > The ideal thing would be if there was way to 'influence' one of the > smbios > > values in some way, and have the boot code see it, but I'm open to any > > suggestions. > > I really need only 1 bit of information to get through. > > > > Possibilties include "changing the VM to have only 2G of ram" (we'd > never do > > that in a real machine). > > or maybe temporarily removing all the disks other than the root drive? > Almost > > anything I could do to signal the boot code to behave differently. > > I don't think adding/removing disks will be useful, since the extra disks > will > be Xen blkfront devices; AFAIK the boot loader doesn't know anything about > these. (The boot device is also a blkfront device but gets ATA emulation > for > the benefit of boot loaders.) > > Maybe you can repurpose some of the logic used for booting over NFS? I've > never heard of people booting over NFS when the initial bootstrap comes > from > disk rather than PXE, but I assume it's possible...? > > -- > Colin Percival > Security Officer Emeritus, FreeBSD | The power to serve > Founder, Tarsnap | www.tarsnap.com | Online backups for the truly paranoid > _______________________________________________ > freebsd-cloud@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-cloud > To unsubscribe, send any mail to "freebsd-cloud-unsubscribe@freebsd.org" > From owner-freebsd-cloud@freebsd.org Wed Apr 12 06:04:55 2017 Return-Path: Delivered-To: freebsd-cloud@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A59CFD3AC46; Wed, 12 Apr 2017 06:04:55 +0000 (UTC) (envelope-from julian@freebsd.org) Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "vps1.elischer.org", Issuer "CA Cert Signing Authority" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 750962B2; Wed, 12 Apr 2017 06:04:55 +0000 (UTC) (envelope-from julian@freebsd.org) Received: from Julian-MBP3.local (106-68-194-141.dyn.iinet.net.au [106.68.194.141]) (authenticated bits=0) by vps1.elischer.org (8.15.2/8.15.2) with ESMTPSA id v3C64neX059826 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Tue, 11 Apr 2017 23:04:52 -0700 (PDT) (envelope-from julian@freebsd.org) Subject: Re: amazon/xen... any way at all to pass a message/signal/semaphoere/morse-code to the boot loader? To: freebsd-cloud@freebsd.org, FreeBSD Lists , Toomas Soome References: <0100015b6070d24d-a23d7d90-11c0-4065-9bd0-0fc71b5874d6-000000@email.amazonses.com> From: Julian Elischer Message-ID: <6f1c694d-1bb7-cdcc-daed-fd2e25dc2a28@freebsd.org> Date: Wed, 12 Apr 2017 14:04:42 +0800 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: <0100015b6070d24d-a23d7d90-11c0-4065-9bd0-0fc71b5874d6-000000@email.amazonses.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-cloud@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "FreeBSD on cloud platforms \(EC2, GCE, Azure, etc.\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Apr 2017 06:04:55 -0000 On 12/4/17 12:34 pm, Colin Percival wrote: > [CCing freebsd-cloud, which is the right place for discussions of FreeBSD/EC2] > > On 04/11/17 21:03, Julian Elischer wrote: >> In Amazon ec2 they have no console access (though I heard rumors that it was >> available I have not seen any sign of it) so I'd like to put a "recovery >> partition" into an AMI. >> The trick is how to convince it to boot to that instead of the regular action. > Can you get what you want via gptboot's support for selecting the partition > to boot via "bootonce" and "bootme" flags? not if you can't get onto to the machine. When I talk about a recovery partition I mean it in the same way that apple means it.. "system won't boot? press the power button and hold down the 'option' key. it will give you the option to boot to a recovery mode" (* actually I can't remember the keys but you get the idea..) in our case we would like to be able to recover a customer's AMI by giving a simple set of instructions over the phone. We can assume they know how to get into the amazon menus, but we would like to not have to assume much more. > >> The ideal thing would be if there was way to 'influence' one of the smbios >> values in some way, and have the boot code see it, but I'm open to any >> suggestions. >> I really need only 1 bit of information to get through. >> >> Possibilties include "changing the VM to have only 2G of ram" (we'd never do >> that in a real machine). >> or maybe temporarily removing all the disks other than the root drive? Almost >> anything I could do to signal the boot code to behave differently. > I don't think adding/removing disks will be useful, since the extra disks will > be Xen blkfront devices; AFAIK the boot loader doesn't know anything about > these. (The boot device is also a blkfront device but gets ATA emulation for > the benefit of boot loaders.) > > Maybe you can repurpose some of the logic used for booting over NFS? I've > never heard of people booting over NFS when the initial bootstrap comes from > disk rather than PXE, but I assume it's possible...? Oh I've done it, in the past but you still have the same issue.. how do you signal the boot code to do this? (does an AMI have a bios capable of doing network operations?) I was thinking about whether we could add a really simple xn driver into the bootcode to allow us to have an console of sorts (accessible from an adjacent machine only??) From owner-freebsd-cloud@freebsd.org Wed Apr 12 06:09:54 2017 Return-Path: Delivered-To: freebsd-cloud@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id DCBFBD3ACF9; Wed, 12 Apr 2017 06:09:54 +0000 (UTC) (envelope-from tsoome@me.com) Received: from st13p35im-asmtp001.me.com (st13p35im-asmtp001.me.com [17.164.199.64]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id AF270380; Wed, 12 Apr 2017 06:09:54 +0000 (UTC) (envelope-from tsoome@me.com) Received: from process-dkim-sign-daemon.st13p35im-asmtp001.me.com by st13p35im-asmtp001.me.com (Oracle Communications Messaging Server 7.0.5.38.0 64bit (built Feb 26 2016)) id <0OOA00A008R0VS00@st13p35im-asmtp001.me.com>; Wed, 12 Apr 2017 06:09:48 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=me.com; s=4d515a; t=1491977388; bh=0p115GMQaBruqRZfKdORHMJd3AuPBaWwao2zEnj4OQU=; h=Content-type:MIME-version:Subject:From:Date:Message-id:To; b=d/Nu4oMh67OhNPYE7Jwclm9UffNVXnHpxop6ZpfHWOgn/YrLtmKV4x9gB+P/qayJg BYFPLWz5QykwjE0IGGfW50Zi9u2eLvXG8aLjtdQQMdO7PyIu6cPD72+VlxPwfuvDN3 AfeB3mW1cOX6GuNu6tS5kwgUU8ZP9yVGbxBG1YiTFoPpKTX9qWtseK9OaXxChXuFOM cYkuz8b2kMSkxmD/G/MUG/QNIf2YMEj+/zO7xxWkNszHYyQ/PJKWvMb/zSluMEKifH 269Y341DIJwvv7PV3UMw3i3O0zCAGWKwAzK53EuDvXsU4n9QYPj5SGumiHYcybK1j3 u3+bVi9qh2Uvg== Received: from icloud.com ([127.0.0.1]) by st13p35im-asmtp001.me.com (Oracle Communications Messaging Server 7.0.5.38.0 64bit (built Feb 26 2016)) with ESMTPSA id <0OOA00BF39496U00@st13p35im-asmtp001.me.com>; Wed, 12 Apr 2017 06:09:48 +0000 (GMT) X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:,, definitions=2017-04-12_05:,, signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 clxscore=1034 suspectscore=2 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1701120000 definitions=main-1704120053 Content-type: text/plain; charset=utf-8 MIME-version: 1.0 (Mac OS X Mail 10.3 \(3273\)) Subject: Re: amazon/xen... any way at all to pass a message/signal/semaphoere/morse-code to the boot loader? From: Toomas Soome In-reply-to: <6f1c694d-1bb7-cdcc-daed-fd2e25dc2a28@freebsd.org> Date: Wed, 12 Apr 2017 09:09:45 +0300 Cc: freebsd-cloud@freebsd.org, FreeBSD Lists Content-transfer-encoding: quoted-printable Message-id: <3A0FDF0B-B3CC-4CB7-AF9F-DC7CB60A6B5A@me.com> References: <0100015b6070d24d-a23d7d90-11c0-4065-9bd0-0fc71b5874d6-000000@email.amazonses.com> <6f1c694d-1bb7-cdcc-daed-fd2e25dc2a28@freebsd.org> To: Julian Elischer X-Mailer: Apple Mail (2.3273) X-BeenThere: freebsd-cloud@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "FreeBSD on cloud platforms \(EC2, GCE, Azure, etc.\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Apr 2017 06:09:55 -0000 > On 12. apr 2017, at 9:04, Julian Elischer wrote: >=20 > On 12/4/17 12:34 pm, Colin Percival wrote: >> [CCing freebsd-cloud, which is the right place for discussions of = FreeBSD/EC2] >>=20 >> On 04/11/17 21:03, Julian Elischer wrote: >>> In Amazon ec2 they have no console access (though I heard rumors = that it was >>> available I have not seen any sign of it) so I'd like to put a = "recovery >>> partition" into an AMI. >>> The trick is how to convince it to boot to that instead of the = regular action. >> Can you get what you want via gptboot's support for selecting the = partition >> to boot via "bootonce" and "bootme" flags? > not if you can't get onto to the machine. > When I talk about a recovery partition I mean it in the same way that = apple means it.. > "system won't boot? press the power button and hold down the 'option' = key. > it will give you the option to boot to a recovery mode" > (* actually I can't remember the keys but you get the idea..) >=20 > in our case we would like to be able to recover a customer's AMI by = giving a simple set of instructions over the phone. > We can assume they know how to get into the amazon menus, but we would = like to not have to assume much more. >=20 >>=20 >>> The ideal thing would be if there was way to 'influence' one of the = smbios >>> values in some way, and have the boot code see it, but I'm open to = any >>> suggestions. >>> I really need only 1 bit of information to get through. >>>=20 >>> Possibilties include "changing the VM to have only 2G of ram" (we'd = never do >>> that in a real machine). >>> or maybe temporarily removing all the disks other than the root = drive? Almost >>> anything I could do to signal the boot code to behave differently. >> I don't think adding/removing disks will be useful, since the extra = disks will >> be Xen blkfront devices; AFAIK the boot loader doesn't know anything = about >> these. (The boot device is also a blkfront device but gets ATA = emulation for >> the benefit of boot loaders.) >>=20 >> Maybe you can repurpose some of the logic used for booting over NFS? = I've >> never heard of people booting over NFS when the initial bootstrap = comes from >> disk rather than PXE, but I assume it's possible...? >=20 > Oh I've done it, in the past but you still have the same issue.. > how do you signal the boot code to do this? >=20 > (does an AMI have a bios capable of doing network operations?) I was = thinking > about whether we could add a really simple xn driver into the bootcode = to allow > us to have an console of sorts (accessible from an adjacent machine = only??) >=20 >=20 >=20 basically you want what zfsbootcfg does but in reverse =E2=80=94 with = fallback to recovery=E2=80=A6 rgds, toomas From owner-freebsd-cloud@freebsd.org Wed Apr 12 06:28:36 2017 Return-Path: Delivered-To: freebsd-cloud@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E849DD3A3C3; Wed, 12 Apr 2017 06:28:36 +0000 (UTC) (envelope-from julian@freebsd.org) Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "vps1.elischer.org", Issuer "CA Cert Signing Authority" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id BA0EEED0; Wed, 12 Apr 2017 06:28:36 +0000 (UTC) (envelope-from julian@freebsd.org) Received: from Julian-MBP3.local (106-68-194-141.dyn.iinet.net.au [106.68.194.141]) (authenticated bits=0) by vps1.elischer.org (8.15.2/8.15.2) with ESMTPSA id v3C6ST0S059921 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Tue, 11 Apr 2017 23:28:33 -0700 (PDT) (envelope-from julian@freebsd.org) Subject: Re: amazon/xen... any way at all to pass a message/signal/semaphoere/morse-code to the boot loader? To: Leif Pedersen , freebsd-cloud@freebsd.org References: <0100015b6070c546-05c6cf24-36e1-487f-be5e-b2bb6efd4472-000000@email.amazonses.com> Cc: Toomas Soome , freebsd-xen@freebsd.org From: Julian Elischer Message-ID: Date: Wed, 12 Apr 2017 14:28:23 +0800 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-cloud@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "FreeBSD on cloud platforms \(EC2, GCE, Azure, etc.\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Apr 2017 06:28:37 -0000 On 12/4/17 1:30 pm, Leif Pedersen wrote: > I keep an extra EBS volume handy that has a simple recovery image. > If I get stuck into a trouble, I change the normal boot disk to sdb, > and attach my recovery volume as sda1. Essentially, the extra volume > is my "recovery partition". To make it cheaper, keep only a snapshot > of it. yes that's a technique I've used in the past. I'd prefer to find something simpler to do, which is why it'd be nice if one could just control some single bit that the bootloader could read. > > Same idea on Google Compute Engine. > > > > > On Apr 11, 2017 11:34 PM, "Colin Percival" > wrote: > > [CCing freebsd-cloud, which is the right place for discussions > of FreeBSD/EC2] > > On 04/11/17 21:03, Julian Elischer wrote: > > In Amazon ec2 they have no console access (though I heard > rumors that it was > > available I have not seen any sign of it) so I'd like to put a > "recovery > > partition" into an AMI. > > The trick is how to convince it to boot to that instead of the > regular action. > > Can you get what you want via gptboot's support for selecting > the partition > to boot via "bootonce" and "bootme" flags? > > > The ideal thing would be if there was way to 'influence' one > of the smbios > > values in some way, and have the boot code see it, but I'm > open to any > > suggestions. > > I really need only 1 bit of information to get through. > > > > Possibilties include "changing the VM to have only 2G of ram" > (we'd never do > > that in a real machine). > > or maybe temporarily removing all the disks other than the > root drive? Almost > > anything I could do to signal the boot code to behave differently. > > I don't think adding/removing disks will be useful, since the > extra disks will > be Xen blkfront devices; AFAIK the boot loader doesn't know > anything about > these. (The boot device is also a blkfront device but gets ATA > emulation for > the benefit of boot loaders.) > > Maybe you can repurpose some of the logic used for booting over > NFS? I've > never heard of people booting over NFS when the initial > bootstrap comes from > disk rather than PXE, but I assume it's possible...? > > -- > Colin Percival > Security Officer Emeritus, FreeBSD | The power to serve > Founder, Tarsnap | www.tarsnap.com | > Online backups for the truly paranoid > _______________________________________________ > freebsd-cloud@freebsd.org > mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-cloud > > To unsubscribe, send any mail to > "freebsd-cloud-unsubscribe@freebsd.org > " > From owner-freebsd-cloud@freebsd.org Wed Apr 12 06:34:35 2017 Return-Path: Delivered-To: freebsd-cloud@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id EA1C9D3A613; Wed, 12 Apr 2017 06:34:35 +0000 (UTC) (envelope-from julian@freebsd.org) Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "vps1.elischer.org", Issuer "CA Cert Signing Authority" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id BC878397; Wed, 12 Apr 2017 06:34:35 +0000 (UTC) (envelope-from julian@freebsd.org) Received: from Julian-MBP3.local (106-68-194-141.dyn.iinet.net.au [106.68.194.141]) (authenticated bits=0) by vps1.elischer.org (8.15.2/8.15.2) with ESMTPSA id v3C6YTLw059955 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Tue, 11 Apr 2017 23:34:33 -0700 (PDT) (envelope-from julian@freebsd.org) Subject: Re: amazon/xen... any way at all to pass a message/signal/semaphoere/morse-code to the boot loader? To: Toomas Soome References: <0100015b6070d24d-a23d7d90-11c0-4065-9bd0-0fc71b5874d6-000000@email.amazonses.com> <6f1c694d-1bb7-cdcc-daed-fd2e25dc2a28@freebsd.org> <3A0FDF0B-B3CC-4CB7-AF9F-DC7CB60A6B5A@me.com> Cc: freebsd-cloud@freebsd.org, FreeBSD Lists From: Julian Elischer Message-ID: <66834e02-3746-1424-6388-1730d06a1b26@freebsd.org> Date: Wed, 12 Apr 2017 14:34:24 +0800 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: <3A0FDF0B-B3CC-4CB7-AF9F-DC7CB60A6B5A@me.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-cloud@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "FreeBSD on cloud platforms \(EC2, GCE, Azure, etc.\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Apr 2017 06:34:36 -0000 On 12/4/17 2:09 pm, Toomas Soome wrote: >> On 12. apr 2017, at 9:04, Julian Elischer wrote: >> >> On 12/4/17 12:34 pm, Colin Percival wrote: >>> [CCing freebsd-cloud, which is the right place for discussions of FreeBSD/EC2] >>> >>> On 04/11/17 21:03, Julian Elischer wrote: >>>> In Amazon ec2 they have no console access (though I heard rumors that it was >>>> available I have not seen any sign of it) so I'd like to put a "recovery >>>> partition" into an AMI. >>>> The trick is how to convince it to boot to that instead of the regular action. >>> Can you get what you want via gptboot's support for selecting the partition >>> to boot via "bootonce" and "bootme" flags? >> not if you can't get onto to the machine. >> When I talk about a recovery partition I mean it in the same way that apple means it.. >> "system won't boot? press the power button and hold down the 'option' key. >> it will give you the option to boot to a recovery mode" >> (* actually I can't remember the keys but you get the idea..) >> >> in our case we would like to be able to recover a customer's AMI by giving a simple set of instructions over the phone. >> We can assume they know how to get into the amazon menus, but we would like to not have to assume much more. >> >>>> The ideal thing would be if there was way to 'influence' one of the smbios >>>> values in some way, and have the boot code see it, but I'm open to any >>>> suggestions. >>>> I really need only 1 bit of information to get through. >>>> >>>> Possibilties include "changing the VM to have only 2G of ram" (we'd never do >>>> that in a real machine). >>>> or maybe temporarily removing all the disks other than the root drive? Almost >>>> anything I could do to signal the boot code to behave differently. >>> I don't think adding/removing disks will be useful, since the extra disks will >>> be Xen blkfront devices; AFAIK the boot loader doesn't know anything about >>> these. (The boot device is also a blkfront device but gets ATA emulation for >>> the benefit of boot loaders.) >>> >>> Maybe you can repurpose some of the logic used for booting over NFS? I've >>> never heard of people booting over NFS when the initial bootstrap comes from >>> disk rather than PXE, but I assume it's possible...? >> Oh I've done it, in the past but you still have the same issue.. >> how do you signal the boot code to do this? >> >> (does an AMI have a bios capable of doing network operations?) I was thinking >> about whether we could add a really simple xn driver into the bootcode to allow >> us to have an console of sorts (accessible from an adjacent machine only??) >> >> >> > > basically you want what zfsbootcfg does but in reverse — with fallback to recovery… yes, that is also a possibility N failed boots in a row.. > > rgds, > toomas > > > From owner-freebsd-cloud@freebsd.org Wed Apr 12 07:13:10 2017 Return-Path: Delivered-To: freebsd-cloud@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 78824D3A1A7 for ; Wed, 12 Apr 2017 07:13:10 +0000 (UTC) (envelope-from 0100015b61023a42-c292f9c6-c73d-4901-85ac-90bcdaaa9ada-000000@amazonses.com) Received: from a8-13.smtp-out.amazonses.com (a8-13.smtp-out.amazonses.com [54.240.8.13]) (using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3EDE688B for ; Wed, 12 Apr 2017 07:13:09 +0000 (UTC) (envelope-from 0100015b61023a42-c292f9c6-c73d-4901-85ac-90bcdaaa9ada-000000@amazonses.com) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=ae7m2yrxjw65l2cqdpjxuucyrvy564tn; d=tarsnap.com; t=1491981187; h=Subject:To:References:From:Message-ID:Date:MIME-Version:In-Reply-To:Content-Type:Content-Transfer-Encoding; bh=fBp0Kw1JHPHB4A9JB27SQIlMUTpcMIA88XEo4RMJuHo=; b=ur8XoQ9egEpGt31Mz0AhXHnJLVHD/46e0vDpIbQ5TLfRVtLQDREfxwzApi3PgZBZ Z8zzGhjrk2wcLKamZvhWLYyq9C2jAt7R5GDyN/xOXeNgCcbg1B+GhvJC5oi9gYFM6G5 U4ypth6A99Vf9VkPYJw1G7UOV7dBqyHqYIq7Zklc= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=224i4yxa5dv7c2xz3womw6peuasteono; d=amazonses.com; t=1491981187; h=Subject:To:References:From:Message-ID:Date:MIME-Version:In-Reply-To:Content-Type:Content-Transfer-Encoding:Feedback-ID; bh=fBp0Kw1JHPHB4A9JB27SQIlMUTpcMIA88XEo4RMJuHo=; b=hFKIQE6R4TSrsOZDTZyjvFYat8w0XcC3rCsbvl2iGByDWQoWKcKwzKk8jpk0TQ2s ZLIvYvANFAy6TzU7YpcWMSRH3I9q307Lf9a/fAaVShFs76oWgUKx3bmrOu/XiKCNPNw /FEXtX8tRd8r7VPewkbIpGD4nwUJYPuce4OTPcN4= Subject: Re: amazon/xen... any way at all to pass a message/signal/semaphoere/morse-code to the boot loader? To: Julian Elischer , freebsd-cloud@freebsd.org References: <0100015b6070d24d-a23d7d90-11c0-4065-9bd0-0fc71b5874d6-000000@email.amazonses.com> <6f1c694d-1bb7-cdcc-daed-fd2e25dc2a28@freebsd.org> From: Colin Percival Message-ID: <0100015b61023a42-c292f9c6-c73d-4901-85ac-90bcdaaa9ada-000000@email.amazonses.com> Date: Wed, 12 Apr 2017 07:13:07 +0000 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:45.0) Gecko/20100101 Thunderbird/45.5.1 MIME-Version: 1.0 In-Reply-To: <6f1c694d-1bb7-cdcc-daed-fd2e25dc2a28@freebsd.org> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit X-SES-Outgoing: 2017.04.12-54.240.8.13 Feedback-ID: 1.us-east-1.Lv9FVjaNvvR5llaqfLoOVbo2VxOELl7cjN0AOyXnPlk=:AmazonSES X-BeenThere: freebsd-cloud@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "FreeBSD on cloud platforms \(EC2, GCE, Azure, etc.\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Apr 2017 07:13:10 -0000 On 04/11/17 23:04, Julian Elischer wrote: > On 12/4/17 12:34 pm, Colin Percival wrote: >> [CCing freebsd-cloud, which is the right place for discussions of FreeBSD/EC2] >> >> On 04/11/17 21:03, Julian Elischer wrote: >>> In Amazon ec2 they have no console access (though I heard rumors that it was >>> available I have not seen any sign of it) so I'd like to put a "recovery >>> partition" into an AMI. >>> The trick is how to convince it to boot to that instead of the regular action. >> Can you get what you want via gptboot's support for selecting the partition >> to boot via "bootonce" and "bootme" flags? > not if you can't get onto to the machine. Well, I meant that you'd set this up in advance, so that if it can't boot the normal partition it would automatically fall back to the recovery partition. >> Maybe you can repurpose some of the logic used for booting over NFS? I've >> never heard of people booting over NFS when the initial bootstrap comes from >> disk rather than PXE, but I assume it's possible...? > > Oh I've done it, in the past but you still have the same issue.. > how do you signal the boot code to do this? > > (does an AMI have a bios capable of doing network operations?) I was thinking > about whether we could add a really simple xn driver into the bootcode to allow > us to have an console of sorts (accessible from an adjacent machine only??) Oh, good point. No, the boot loader doesn't know anything about PV drivers, and there's no emulation, so you can't do anything networky from the boot loader. -- Colin Percival Security Officer Emeritus, FreeBSD | The power to serve Founder, Tarsnap | www.tarsnap.com | Online backups for the truly paranoid From owner-freebsd-cloud@freebsd.org Wed Apr 12 16:57:09 2017 Return-Path: Delivered-To: freebsd-cloud@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 52AD6D3BB74 for ; Wed, 12 Apr 2017 16:57:09 +0000 (UTC) (envelope-from julian@freebsd.org) Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "vps1.elischer.org", Issuer "CA Cert Signing Authority" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 1235E3DD for ; Wed, 12 Apr 2017 16:57:08 +0000 (UTC) (envelope-from julian@freebsd.org) Received: from Julian-MBP3.local (106-68-194-141.dyn.iinet.net.au [106.68.194.141]) (authenticated bits=0) by vps1.elischer.org (8.15.2/8.15.2) with ESMTPSA id v3CGv2UI062489 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Wed, 12 Apr 2017 09:57:05 -0700 (PDT) (envelope-from julian@freebsd.org) Subject: Re: amazon/xen... any way at all to pass a message/signal/semaphoere/morse-code to the boot loader? To: Colin Percival , freebsd-cloud@freebsd.org References: <0100015b6070d24d-a23d7d90-11c0-4065-9bd0-0fc71b5874d6-000000@email.amazonses.com> <6f1c694d-1bb7-cdcc-daed-fd2e25dc2a28@freebsd.org> <0100015b61023e1a-decb3a7d-8856-40b0-a2ff-9e8057092254-000000@email.amazonses.com> From: Julian Elischer Message-ID: Date: Thu, 13 Apr 2017 00:56:56 +0800 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: <0100015b61023e1a-decb3a7d-8856-40b0-a2ff-9e8057092254-000000@email.amazonses.com> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-cloud@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "FreeBSD on cloud platforms \(EC2, GCE, Azure, etc.\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Apr 2017 16:57:09 -0000 On 12/4/17 3:13 pm, Colin Percival wrote: > On 04/11/17 23:04, Julian Elischer wrote: >> On 12/4/17 12:34 pm, Colin Percival wrote: >>> [CCing freebsd-cloud, which is the right place for discussions of FreeBSD/EC2] >>> >>> On 04/11/17 21:03, Julian Elischer wrote: >>>> In Amazon ec2 they have no console access (though I heard rumors that it was >>>> available I have not seen any sign of it) so I'd like to put a "recovery >>>> partition" into an AMI. >>>> The trick is how to convince it to boot to that instead of the regular action. >>> Can you get what you want via gptboot's support for selecting the partition >>> to boot via "bootonce" and "bootme" flags? >> not if you can't get onto to the machine. > Well, I meant that you'd set this up in advance, so that if it can't boot the > normal partition it would automatically fall back to the recovery partition. > >>> Maybe you can repurpose some of the logic used for booting over NFS? I've >>> never heard of people booting over NFS when the initial bootstrap comes from >>> disk rather than PXE, but I assume it's possible...? >> Oh I've done it, in the past but you still have the same issue.. >> how do you signal the boot code to do this? >> >> (does an AMI have a bios capable of doing network operations?) I was thinking >> about whether we could add a really simple xn driver into the bootcode to allow >> us to have an console of sorts (accessible from an adjacent machine only??) > Oh, good point. No, the boot loader doesn't know anything about PV drivers, > and there's no emulation, so you can't do anything networky from the boot > loader. > I was thinking of a specialist AMI bootcode that could handle just an xn0 interface. I don't know enough about the xen drivers to know if that would even be possible. From owner-freebsd-cloud@freebsd.org Wed Apr 12 18:07:09 2017 Return-Path: Delivered-To: freebsd-cloud@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 533F1D3B709 for ; Wed, 12 Apr 2017 18:07:09 +0000 (UTC) (envelope-from jlott@averesystems.com) Received: from mail-oi0-x231.google.com (mail-oi0-x231.google.com [IPv6:2607:f8b0:4003:c06::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 2B15F1D2 for ; Wed, 12 Apr 2017 18:07:09 +0000 (UTC) (envelope-from jlott@averesystems.com) Received: by mail-oi0-x231.google.com with SMTP id b187so41189924oif.0 for ; Wed, 12 Apr 2017 11:07:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=averesystems.com; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=nJ0KGsJT2tJw/oqhsQGl/R9DkO0JfStaSP6HKc+2MWE=; b=gPEIy1f5Z5qDl0D6Kx+KqdLfNzhP+S/AqcdWOcWEvY32IFw/gdvIhXfuILTsJf0Vj/ tCHZctY+q16ukgCMmWYAGBdNxbySeqAuyZXAGw4DrB2qV9wSGV9DvDjoyjRWTXsZPbj/ ZFyGatZlQJ5pTLWsgJJ/MybJnuzGMSpESwnhI= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=nJ0KGsJT2tJw/oqhsQGl/R9DkO0JfStaSP6HKc+2MWE=; b=dIjCo3t1se4KJXTVEdnRKtqqjCFDHPeznd8kM/tLmdOkqHRUkjr2XfH5QyHeBHiyqm OKcKUNh7JR3HsO4zxiwGWtcegkdkXQaPfCFrCFVEPtdW4f8dsrmGSJgspNl2Ig77aeth 280GmohgT2RjnbMbGafInARXzD/GZjjPUNgZLH7XdtW/9wlDJpczTEM631L+g6KrOCo+ JSO/GL70x+tzeDwmpzYm6lx7TFoOboFC8eq1Jz9dlZeecU6Enq/Jn3jMyYjbsHeIPPZk NjcrvKTk65xArw5HzR5xZ4Ewz0+/m27MxpE7BxuX43L5k9WNySEtt9DOtuT9Z7E8rD1U pjoQ== X-Gm-Message-State: AN3rC/7e5UYM+hFa/YcXqKzWMOk2tbXPGdRYxSsyI183pLaIsjJSdaPJwvhFm9bqX7BZE6CVOUAVHIDIDoroaIpx X-Received: by 10.157.14.248 with SMTP id 111mr7117582otj.143.1492020428092; Wed, 12 Apr 2017 11:07:08 -0700 (PDT) MIME-Version: 1.0 Received: by 10.157.17.168 with HTTP; Wed, 12 Apr 2017 11:07:07 -0700 (PDT) In-Reply-To: References: <0100015b6070c546-05c6cf24-36e1-487f-be5e-b2bb6efd4472-000000@email.amazonses.com> From: Jeremiah Lott Date: Wed, 12 Apr 2017 14:07:07 -0400 Message-ID: Subject: Re: amazon/xen... any way at all to pass a message/signal/semaphoere/morse-code to the boot loader? To: freebsd-cloud@freebsd.org, freebsd-xen@freebsd.org Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-cloud@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "FreeBSD on cloud platforms \(EC2, GCE, Azure, etc.\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Apr 2017 18:07:09 -0000 On Wed, Apr 12, 2017 at 1:30 AM, Leif Pedersen wrote: > I keep an extra EBS volume handy that has a simple recovery image. If I get > stuck into a trouble, I change the normal boot disk to sdb, and attach my > recovery volume as sda1. Essentially, the extra volume is my "recovery > partition". To make it cheaper, keep only a snapshot of it. > I tried for a while to get some sort of bootloader-based recovery plan in place for our cloud-based systems, like what was originally asked for. We already have a primary and a backup partition in our boot disk, but there was no way I found in EC2 to easily switch the partition to boot from. In the end, I gave up on passing information to the bootloader and used something like the above with multiple images. I actually wrote a script at one point using the aws CLI that you could run from any FreeBSD VM in the same availability zone. It detached the original boot volume from the "broken" instance; attached it as a secondary disk to the recovery image, changed the boot partition, detached it from the recovery image, then re-attached it to the original image. It took a while to run, but required little user input. We kind of kept that as "good enough" for the rare case that a instance became un-bootable and we cared to recover it rather than replace it. I'm not sure we actually ever used it on a customer system. It was used more during development when you are more likely to break stuff (and want to recover coredumps, etc. so you can fix the broken code). If you go down the route of implementing EC2 network driver(s) in the bootloader, then you could read the instance metadata via http and use a tag to control the boot behavior. However, a bootloader driver, even a very simplistic one, for xn0 (and potentially for both ixv and ena, if you support EC2 Enhanced Networking) was more work that we wanted to undertake for this. Jeremiah Lott Avere Systems