From owner-freebsd-xen@freebsd.org Wed Apr 12 04:03:49 2017 Return-Path: Delivered-To: freebsd-xen@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E2624D37E3F for ; Wed, 12 Apr 2017 04:03:49 +0000 (UTC) (envelope-from julian@freebsd.org) Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "vps1.elischer.org", Issuer "CA Cert Signing Authority" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 28F64F28; Wed, 12 Apr 2017 04:03:49 +0000 (UTC) (envelope-from julian@freebsd.org) Received: from Julian-MBP3.local (106-68-194-141.dyn.iinet.net.au [106.68.194.141]) (authenticated bits=0) by vps1.elischer.org (8.15.2/8.15.2) with ESMTPSA id v3C43a9W059430 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Tue, 11 Apr 2017 21:03:40 -0700 (PDT) (envelope-from julian@freebsd.org) To: Colin Percival , FreeBSD Lists , Toomas Soome From: Julian Elischer Subject: amazon/xen... any way at all to pass a message/signal/semaphoere/morse-code to the boot loader? Message-ID: Date: Wed, 12 Apr 2017 12:03:30 +0800 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-xen@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Discussion of the freebsd port to xen - implementation and usage List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Apr 2017 04:03:50 -0000 In Amazon ec2 they have no console access (though I heard rumors that it was available I have not seen any sign of it) so I'd like to put a "recovery partition" into an AMI. The trick is how to convince it to boot to that instead of the regular action. The ideal thing would be if there was way to 'influence' one of the smbios values in some way, and have the boot code see it, but I'm open to any suggestions. I really need only 1 bit of information to get through. Possibilties include "changing the VM to have only 2G of ram" (we'd never do that in a real machine). or maybe temporarily removing all the disks other than the root drive? Almost anything I could do to signal the boot code to behave differently. From owner-freebsd-xen@freebsd.org Wed Apr 12 04:34:25 2017 Return-Path: Delivered-To: freebsd-xen@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 642C1D3A644 for ; Wed, 12 Apr 2017 04:34:25 +0000 (UTC) (envelope-from 0100015b6070ce13-1ed22322-147b-4596-b049-bfb58e7b591e-000000@amazonses.com) Received: from a8-52.smtp-out.amazonses.com (a8-52.smtp-out.amazonses.com [54.240.8.52]) (using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2A3FEC2F for ; Wed, 12 Apr 2017 04:34:25 +0000 (UTC) (envelope-from 0100015b6070ce13-1ed22322-147b-4596-b049-bfb58e7b591e-000000@amazonses.com) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=ae7m2yrxjw65l2cqdpjxuucyrvy564tn; d=tarsnap.com; t=1491971657; h=Subject:To:References:From:Reply-To:Message-ID:Date:MIME-Version:In-Reply-To:Content-Type:Content-Transfer-Encoding; bh=OIbNsX9lOIof4jp7uxrUQFYykbr+wdze1M/lls57iI4=; b=qYwTyesHbFCiamZChrN576r8KUYSjt/5L5JyyqukBk3Me1lpD1Ka9vOb+ofRmnj6 sjSjCOOYnfyAQXdhIHdWkwqLyBO0gS4le8Ot6Kw+I23y+ypG3Z2UElN7bdGCLxyowBF GHOWXehJeiEtXqbUK2onvlH0BA74VH+eT17Wohp8= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=224i4yxa5dv7c2xz3womw6peuasteono; d=amazonses.com; t=1491971657; h=Subject:To:References:From:Reply-To:Message-ID:Date:MIME-Version:In-Reply-To:Content-Type:Content-Transfer-Encoding:Feedback-ID; bh=OIbNsX9lOIof4jp7uxrUQFYykbr+wdze1M/lls57iI4=; b=QOLngKdBAruHzKHvgHDFcMXtR/eWzB+uJXeczB1SlvtjChtHYXEyQ46ncmVWhkYq CLaJoJzZcMwoP6JEfH0KkYslOWA9ws7NnPQ/q+6Psa0mGq1wbiGqWdGYnOhrSYcLZYS P7jyD6RiarhvSxrQuexD4D0IvcJeJixd8KSiZ3fU= Subject: Re: amazon/xen... any way at all to pass a message/signal/semaphoere/morse-code to the boot loader? To: Julian Elischer , FreeBSD Lists , Toomas Soome , freebsd-cloud@freebsd.org References: From: Colin Percival Reply-To: freebsd-cloud@freebsd.org Message-ID: <0100015b6070ce13-1ed22322-147b-4596-b049-bfb58e7b591e-000000@email.amazonses.com> Date: Wed, 12 Apr 2017 04:34:17 +0000 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:45.0) Gecko/20100101 Thunderbird/45.5.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-SES-Outgoing: 2017.04.12-54.240.8.52 Feedback-ID: 1.us-east-1.Lv9FVjaNvvR5llaqfLoOVbo2VxOELl7cjN0AOyXnPlk=:AmazonSES X-BeenThere: freebsd-xen@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Discussion of the freebsd port to xen - implementation and usage List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Apr 2017 04:34:25 -0000 [CCing freebsd-cloud, which is the right place for discussions of FreeBSD/EC2] On 04/11/17 21:03, Julian Elischer wrote: > In Amazon ec2 they have no console access (though I heard rumors that it was > available I have not seen any sign of it) so I'd like to put a "recovery > partition" into an AMI. > The trick is how to convince it to boot to that instead of the regular action. Can you get what you want via gptboot's support for selecting the partition to boot via "bootonce" and "bootme" flags? > The ideal thing would be if there was way to 'influence' one of the smbios > values in some way, and have the boot code see it, but I'm open to any > suggestions. > I really need only 1 bit of information to get through. > > Possibilties include "changing the VM to have only 2G of ram" (we'd never do > that in a real machine). > or maybe temporarily removing all the disks other than the root drive? Almost > anything I could do to signal the boot code to behave differently. I don't think adding/removing disks will be useful, since the extra disks will be Xen blkfront devices; AFAIK the boot loader doesn't know anything about these. (The boot device is also a blkfront device but gets ATA emulation for the benefit of boot loaders.) Maybe you can repurpose some of the logic used for booting over NFS? I've never heard of people booting over NFS when the initial bootstrap comes from disk rather than PXE, but I assume it's possible...? -- Colin Percival Security Officer Emeritus, FreeBSD | The power to serve Founder, Tarsnap | www.tarsnap.com | Online backups for the truly paranoid From owner-freebsd-xen@freebsd.org Wed Apr 12 05:30:02 2017 Return-Path: Delivered-To: freebsd-xen@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E5F27D3A204 for ; Wed, 12 Apr 2017 05:30:02 +0000 (UTC) (envelope-from bilbo@hobbiton.org) Received: from mail-qk0-x244.google.com (mail-qk0-x244.google.com [IPv6:2607:f8b0:400d:c09::244]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id A7F20C3 for ; Wed, 12 Apr 2017 05:30:02 +0000 (UTC) (envelope-from bilbo@hobbiton.org) Received: by mail-qk0-x244.google.com with SMTP id d131so2622472qkc.0 for ; Tue, 11 Apr 2017 22:30:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hobbiton-org.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=5pvMK+qfhOzxxmmQPnHuAbWBL4BOFhXnZC0GAPB7njU=; b=xN0UYjeZUI7AyJWxjFZL0R7i7Z/ZxqMYAEOpq7c6kIkXrgNpTZpUxDxp+vte3AGuGr iGtTz0+IH2QBTau8RJrynWPdKcW/BjOBwhC6WNzsdpN5Zd9RAJ7DTEQB/zY88QLP5Hji 7n/XluPCQ5eHNqOUVc2gb5uEO7x9HkgrTobB07tTPl7W3jGYKRZk4uf4g2nIU+bukUbH Oa5zPBBbghg2gnHsfWaLjZdrJMs7QQVHD+rbbMRZs6KFQTennVnf2tUcPZsubMXdCXR1 GRGQvu064COXOGAart1STPZxDJiMss/qII2EteSvI4ySPMGdl2D948sMIx/BFgCJkEOs SV/Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=5pvMK+qfhOzxxmmQPnHuAbWBL4BOFhXnZC0GAPB7njU=; b=UHCzUXF5c4AwoDfVTpisiMkxnXNiEBowBIgoQB1o6I88edgH/OIpqRbT/A6lrHLZsi YKHvDMl7NcwoKvx54F4h6ygBz4VQbV/tWcsFpQn7aJzqJoA2IbMDVucjWg7ncmx7dEiH HPx2CigH71d5I1i6xSxYScGZUOOYN0FoB30k89g6hruUZOYFNWn8v7qBgEo+zLtHRbpN O72pgTYPTGkFPQnXGhifslvOPiBTpEmoZtNGf51IQhzxVU7+C4AYoEeBjotZXboHd24/ xaosh5e1n0Y8UegEBPfZCobz5dEIcyt2LadZ0PjG5CGHkpARsFekCwAHppqOIALlhYlD cQHQ== X-Gm-Message-State: AFeK/H2f9Q4Id9PxzCKmRHgFmucHF+o5lPYnPWE/7MCDCwZJK9W4WP2uqmpPOL7nD+aBgUiNdBsNFa58QhVIIQ== X-Received: by 10.55.189.130 with SMTP id n124mr61993992qkf.235.1491975001677; Tue, 11 Apr 2017 22:30:01 -0700 (PDT) MIME-Version: 1.0 Received: by 10.12.135.246 with HTTP; Tue, 11 Apr 2017 22:30:00 -0700 (PDT) X-Originating-IP: [208.72.151.19] Received: by 10.12.135.246 with HTTP; Tue, 11 Apr 2017 22:30:00 -0700 (PDT) In-Reply-To: <0100015b6070c546-05c6cf24-36e1-487f-be5e-b2bb6efd4472-000000@email.amazonses.com> References: <0100015b6070c546-05c6cf24-36e1-487f-be5e-b2bb6efd4472-000000@email.amazonses.com> From: Leif Pedersen Date: Wed, 12 Apr 2017 00:30:00 -0500 Message-ID: Subject: Re: amazon/xen... any way at all to pass a message/signal/semaphoere/morse-code to the boot loader? To: freebsd-cloud@freebsd.org Cc: Toomas Soome , Julian Elischer , freebsd-xen@freebsd.org Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-xen@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Discussion of the freebsd port to xen - implementation and usage List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Apr 2017 05:30:03 -0000 I keep an extra EBS volume handy that has a simple recovery image. If I get stuck into a trouble, I change the normal boot disk to sdb, and attach my recovery volume as sda1. Essentially, the extra volume is my "recovery partition". To make it cheaper, keep only a snapshot of it. Same idea on Google Compute Engine. On Apr 11, 2017 11:34 PM, "Colin Percival" wrote: > [CCing freebsd-cloud, which is the right place for discussions of > FreeBSD/EC2] > > On 04/11/17 21:03, Julian Elischer wrote: > > In Amazon ec2 they have no console access (though I heard rumors that it > was > > available I have not seen any sign of it) so I'd like to put a "recovery > > partition" into an AMI. > > The trick is how to convince it to boot to that instead of the regular > action. > > Can you get what you want via gptboot's support for selecting the partition > to boot via "bootonce" and "bootme" flags? > > > The ideal thing would be if there was way to 'influence' one of the > smbios > > values in some way, and have the boot code see it, but I'm open to any > > suggestions. > > I really need only 1 bit of information to get through. > > > > Possibilties include "changing the VM to have only 2G of ram" (we'd > never do > > that in a real machine). > > or maybe temporarily removing all the disks other than the root drive? > Almost > > anything I could do to signal the boot code to behave differently. > > I don't think adding/removing disks will be useful, since the extra disks > will > be Xen blkfront devices; AFAIK the boot loader doesn't know anything about > these. (The boot device is also a blkfront device but gets ATA emulation > for > the benefit of boot loaders.) > > Maybe you can repurpose some of the logic used for booting over NFS? I've > never heard of people booting over NFS when the initial bootstrap comes > from > disk rather than PXE, but I assume it's possible...? > > -- > Colin Percival > Security Officer Emeritus, FreeBSD | The power to serve > Founder, Tarsnap | www.tarsnap.com | Online backups for the truly paranoid > _______________________________________________ > freebsd-cloud@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-cloud > To unsubscribe, send any mail to "freebsd-cloud-unsubscribe@freebsd.org" > From owner-freebsd-xen@freebsd.org Wed Apr 12 06:04:55 2017 Return-Path: Delivered-To: freebsd-xen@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A59CFD3AC46; Wed, 12 Apr 2017 06:04:55 +0000 (UTC) (envelope-from julian@freebsd.org) Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "vps1.elischer.org", Issuer "CA Cert Signing Authority" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 750962B2; Wed, 12 Apr 2017 06:04:55 +0000 (UTC) (envelope-from julian@freebsd.org) Received: from Julian-MBP3.local (106-68-194-141.dyn.iinet.net.au [106.68.194.141]) (authenticated bits=0) by vps1.elischer.org (8.15.2/8.15.2) with ESMTPSA id v3C64neX059826 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Tue, 11 Apr 2017 23:04:52 -0700 (PDT) (envelope-from julian@freebsd.org) Subject: Re: amazon/xen... any way at all to pass a message/signal/semaphoere/morse-code to the boot loader? To: freebsd-cloud@freebsd.org, FreeBSD Lists , Toomas Soome References: <0100015b6070d24d-a23d7d90-11c0-4065-9bd0-0fc71b5874d6-000000@email.amazonses.com> From: Julian Elischer Message-ID: <6f1c694d-1bb7-cdcc-daed-fd2e25dc2a28@freebsd.org> Date: Wed, 12 Apr 2017 14:04:42 +0800 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: <0100015b6070d24d-a23d7d90-11c0-4065-9bd0-0fc71b5874d6-000000@email.amazonses.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-xen@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Discussion of the freebsd port to xen - implementation and usage List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Apr 2017 06:04:55 -0000 On 12/4/17 12:34 pm, Colin Percival wrote: > [CCing freebsd-cloud, which is the right place for discussions of FreeBSD/EC2] > > On 04/11/17 21:03, Julian Elischer wrote: >> In Amazon ec2 they have no console access (though I heard rumors that it was >> available I have not seen any sign of it) so I'd like to put a "recovery >> partition" into an AMI. >> The trick is how to convince it to boot to that instead of the regular action. > Can you get what you want via gptboot's support for selecting the partition > to boot via "bootonce" and "bootme" flags? not if you can't get onto to the machine. When I talk about a recovery partition I mean it in the same way that apple means it.. "system won't boot? press the power button and hold down the 'option' key. it will give you the option to boot to a recovery mode" (* actually I can't remember the keys but you get the idea..) in our case we would like to be able to recover a customer's AMI by giving a simple set of instructions over the phone. We can assume they know how to get into the amazon menus, but we would like to not have to assume much more. > >> The ideal thing would be if there was way to 'influence' one of the smbios >> values in some way, and have the boot code see it, but I'm open to any >> suggestions. >> I really need only 1 bit of information to get through. >> >> Possibilties include "changing the VM to have only 2G of ram" (we'd never do >> that in a real machine). >> or maybe temporarily removing all the disks other than the root drive? Almost >> anything I could do to signal the boot code to behave differently. > I don't think adding/removing disks will be useful, since the extra disks will > be Xen blkfront devices; AFAIK the boot loader doesn't know anything about > these. (The boot device is also a blkfront device but gets ATA emulation for > the benefit of boot loaders.) > > Maybe you can repurpose some of the logic used for booting over NFS? I've > never heard of people booting over NFS when the initial bootstrap comes from > disk rather than PXE, but I assume it's possible...? Oh I've done it, in the past but you still have the same issue.. how do you signal the boot code to do this? (does an AMI have a bios capable of doing network operations?) I was thinking about whether we could add a really simple xn driver into the bootcode to allow us to have an console of sorts (accessible from an adjacent machine only??) From owner-freebsd-xen@freebsd.org Wed Apr 12 06:09:54 2017 Return-Path: Delivered-To: freebsd-xen@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id DCBFBD3ACF9; Wed, 12 Apr 2017 06:09:54 +0000 (UTC) (envelope-from tsoome@me.com) Received: from st13p35im-asmtp001.me.com (st13p35im-asmtp001.me.com [17.164.199.64]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id AF270380; Wed, 12 Apr 2017 06:09:54 +0000 (UTC) (envelope-from tsoome@me.com) Received: from process-dkim-sign-daemon.st13p35im-asmtp001.me.com by st13p35im-asmtp001.me.com (Oracle Communications Messaging Server 7.0.5.38.0 64bit (built Feb 26 2016)) id <0OOA00A008R0VS00@st13p35im-asmtp001.me.com>; Wed, 12 Apr 2017 06:09:48 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=me.com; s=4d515a; t=1491977388; bh=0p115GMQaBruqRZfKdORHMJd3AuPBaWwao2zEnj4OQU=; h=Content-type:MIME-version:Subject:From:Date:Message-id:To; b=d/Nu4oMh67OhNPYE7Jwclm9UffNVXnHpxop6ZpfHWOgn/YrLtmKV4x9gB+P/qayJg BYFPLWz5QykwjE0IGGfW50Zi9u2eLvXG8aLjtdQQMdO7PyIu6cPD72+VlxPwfuvDN3 AfeB3mW1cOX6GuNu6tS5kwgUU8ZP9yVGbxBG1YiTFoPpKTX9qWtseK9OaXxChXuFOM cYkuz8b2kMSkxmD/G/MUG/QNIf2YMEj+/zO7xxWkNszHYyQ/PJKWvMb/zSluMEKifH 269Y341DIJwvv7PV3UMw3i3O0zCAGWKwAzK53EuDvXsU4n9QYPj5SGumiHYcybK1j3 u3+bVi9qh2Uvg== Received: from icloud.com ([127.0.0.1]) by st13p35im-asmtp001.me.com (Oracle Communications Messaging Server 7.0.5.38.0 64bit (built Feb 26 2016)) with ESMTPSA id <0OOA00BF39496U00@st13p35im-asmtp001.me.com>; Wed, 12 Apr 2017 06:09:48 +0000 (GMT) X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:,, definitions=2017-04-12_05:,, signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 clxscore=1034 suspectscore=2 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1701120000 definitions=main-1704120053 Content-type: text/plain; charset=utf-8 MIME-version: 1.0 (Mac OS X Mail 10.3 \(3273\)) Subject: Re: amazon/xen... any way at all to pass a message/signal/semaphoere/morse-code to the boot loader? From: Toomas Soome In-reply-to: <6f1c694d-1bb7-cdcc-daed-fd2e25dc2a28@freebsd.org> Date: Wed, 12 Apr 2017 09:09:45 +0300 Cc: freebsd-cloud@freebsd.org, FreeBSD Lists Content-transfer-encoding: quoted-printable Message-id: <3A0FDF0B-B3CC-4CB7-AF9F-DC7CB60A6B5A@me.com> References: <0100015b6070d24d-a23d7d90-11c0-4065-9bd0-0fc71b5874d6-000000@email.amazonses.com> <6f1c694d-1bb7-cdcc-daed-fd2e25dc2a28@freebsd.org> To: Julian Elischer X-Mailer: Apple Mail (2.3273) X-BeenThere: freebsd-xen@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Discussion of the freebsd port to xen - implementation and usage List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Apr 2017 06:09:55 -0000 > On 12. apr 2017, at 9:04, Julian Elischer wrote: >=20 > On 12/4/17 12:34 pm, Colin Percival wrote: >> [CCing freebsd-cloud, which is the right place for discussions of = FreeBSD/EC2] >>=20 >> On 04/11/17 21:03, Julian Elischer wrote: >>> In Amazon ec2 they have no console access (though I heard rumors = that it was >>> available I have not seen any sign of it) so I'd like to put a = "recovery >>> partition" into an AMI. >>> The trick is how to convince it to boot to that instead of the = regular action. >> Can you get what you want via gptboot's support for selecting the = partition >> to boot via "bootonce" and "bootme" flags? > not if you can't get onto to the machine. > When I talk about a recovery partition I mean it in the same way that = apple means it.. > "system won't boot? press the power button and hold down the 'option' = key. > it will give you the option to boot to a recovery mode" > (* actually I can't remember the keys but you get the idea..) >=20 > in our case we would like to be able to recover a customer's AMI by = giving a simple set of instructions over the phone. > We can assume they know how to get into the amazon menus, but we would = like to not have to assume much more. >=20 >>=20 >>> The ideal thing would be if there was way to 'influence' one of the = smbios >>> values in some way, and have the boot code see it, but I'm open to = any >>> suggestions. >>> I really need only 1 bit of information to get through. >>>=20 >>> Possibilties include "changing the VM to have only 2G of ram" (we'd = never do >>> that in a real machine). >>> or maybe temporarily removing all the disks other than the root = drive? Almost >>> anything I could do to signal the boot code to behave differently. >> I don't think adding/removing disks will be useful, since the extra = disks will >> be Xen blkfront devices; AFAIK the boot loader doesn't know anything = about >> these. (The boot device is also a blkfront device but gets ATA = emulation for >> the benefit of boot loaders.) >>=20 >> Maybe you can repurpose some of the logic used for booting over NFS? = I've >> never heard of people booting over NFS when the initial bootstrap = comes from >> disk rather than PXE, but I assume it's possible...? >=20 > Oh I've done it, in the past but you still have the same issue.. > how do you signal the boot code to do this? >=20 > (does an AMI have a bios capable of doing network operations?) I was = thinking > about whether we could add a really simple xn driver into the bootcode = to allow > us to have an console of sorts (accessible from an adjacent machine = only??) >=20 >=20 >=20 basically you want what zfsbootcfg does but in reverse =E2=80=94 with = fallback to recovery=E2=80=A6 rgds, toomas From owner-freebsd-xen@freebsd.org Wed Apr 12 06:28:36 2017 Return-Path: Delivered-To: freebsd-xen@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E849DD3A3C3; Wed, 12 Apr 2017 06:28:36 +0000 (UTC) (envelope-from julian@freebsd.org) Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "vps1.elischer.org", Issuer "CA Cert Signing Authority" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id BA0EEED0; Wed, 12 Apr 2017 06:28:36 +0000 (UTC) (envelope-from julian@freebsd.org) Received: from Julian-MBP3.local (106-68-194-141.dyn.iinet.net.au [106.68.194.141]) (authenticated bits=0) by vps1.elischer.org (8.15.2/8.15.2) with ESMTPSA id v3C6ST0S059921 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Tue, 11 Apr 2017 23:28:33 -0700 (PDT) (envelope-from julian@freebsd.org) Subject: Re: amazon/xen... any way at all to pass a message/signal/semaphoere/morse-code to the boot loader? To: Leif Pedersen , freebsd-cloud@freebsd.org References: <0100015b6070c546-05c6cf24-36e1-487f-be5e-b2bb6efd4472-000000@email.amazonses.com> Cc: Toomas Soome , freebsd-xen@freebsd.org From: Julian Elischer Message-ID: Date: Wed, 12 Apr 2017 14:28:23 +0800 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-xen@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Discussion of the freebsd port to xen - implementation and usage List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Apr 2017 06:28:37 -0000 On 12/4/17 1:30 pm, Leif Pedersen wrote: > I keep an extra EBS volume handy that has a simple recovery image. > If I get stuck into a trouble, I change the normal boot disk to sdb, > and attach my recovery volume as sda1. Essentially, the extra volume > is my "recovery partition". To make it cheaper, keep only a snapshot > of it. yes that's a technique I've used in the past. I'd prefer to find something simpler to do, which is why it'd be nice if one could just control some single bit that the bootloader could read. > > Same idea on Google Compute Engine. > > > > > On Apr 11, 2017 11:34 PM, "Colin Percival" > wrote: > > [CCing freebsd-cloud, which is the right place for discussions > of FreeBSD/EC2] > > On 04/11/17 21:03, Julian Elischer wrote: > > In Amazon ec2 they have no console access (though I heard > rumors that it was > > available I have not seen any sign of it) so I'd like to put a > "recovery > > partition" into an AMI. > > The trick is how to convince it to boot to that instead of the > regular action. > > Can you get what you want via gptboot's support for selecting > the partition > to boot via "bootonce" and "bootme" flags? > > > The ideal thing would be if there was way to 'influence' one > of the smbios > > values in some way, and have the boot code see it, but I'm > open to any > > suggestions. > > I really need only 1 bit of information to get through. > > > > Possibilties include "changing the VM to have only 2G of ram" > (we'd never do > > that in a real machine). > > or maybe temporarily removing all the disks other than the > root drive? Almost > > anything I could do to signal the boot code to behave differently. > > I don't think adding/removing disks will be useful, since the > extra disks will > be Xen blkfront devices; AFAIK the boot loader doesn't know > anything about > these. (The boot device is also a blkfront device but gets ATA > emulation for > the benefit of boot loaders.) > > Maybe you can repurpose some of the logic used for booting over > NFS? I've > never heard of people booting over NFS when the initial > bootstrap comes from > disk rather than PXE, but I assume it's possible...? > > -- > Colin Percival > Security Officer Emeritus, FreeBSD | The power to serve > Founder, Tarsnap | www.tarsnap.com | > Online backups for the truly paranoid > _______________________________________________ > freebsd-cloud@freebsd.org > mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-cloud > > To unsubscribe, send any mail to > "freebsd-cloud-unsubscribe@freebsd.org > " > From owner-freebsd-xen@freebsd.org Wed Apr 12 06:34:35 2017 Return-Path: Delivered-To: freebsd-xen@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id EA1C9D3A613; Wed, 12 Apr 2017 06:34:35 +0000 (UTC) (envelope-from julian@freebsd.org) Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "vps1.elischer.org", Issuer "CA Cert Signing Authority" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id BC878397; Wed, 12 Apr 2017 06:34:35 +0000 (UTC) (envelope-from julian@freebsd.org) Received: from Julian-MBP3.local (106-68-194-141.dyn.iinet.net.au [106.68.194.141]) (authenticated bits=0) by vps1.elischer.org (8.15.2/8.15.2) with ESMTPSA id v3C6YTLw059955 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Tue, 11 Apr 2017 23:34:33 -0700 (PDT) (envelope-from julian@freebsd.org) Subject: Re: amazon/xen... any way at all to pass a message/signal/semaphoere/morse-code to the boot loader? To: Toomas Soome References: <0100015b6070d24d-a23d7d90-11c0-4065-9bd0-0fc71b5874d6-000000@email.amazonses.com> <6f1c694d-1bb7-cdcc-daed-fd2e25dc2a28@freebsd.org> <3A0FDF0B-B3CC-4CB7-AF9F-DC7CB60A6B5A@me.com> Cc: freebsd-cloud@freebsd.org, FreeBSD Lists From: Julian Elischer Message-ID: <66834e02-3746-1424-6388-1730d06a1b26@freebsd.org> Date: Wed, 12 Apr 2017 14:34:24 +0800 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: <3A0FDF0B-B3CC-4CB7-AF9F-DC7CB60A6B5A@me.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-xen@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Discussion of the freebsd port to xen - implementation and usage List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Apr 2017 06:34:36 -0000 On 12/4/17 2:09 pm, Toomas Soome wrote: >> On 12. apr 2017, at 9:04, Julian Elischer wrote: >> >> On 12/4/17 12:34 pm, Colin Percival wrote: >>> [CCing freebsd-cloud, which is the right place for discussions of FreeBSD/EC2] >>> >>> On 04/11/17 21:03, Julian Elischer wrote: >>>> In Amazon ec2 they have no console access (though I heard rumors that it was >>>> available I have not seen any sign of it) so I'd like to put a "recovery >>>> partition" into an AMI. >>>> The trick is how to convince it to boot to that instead of the regular action. >>> Can you get what you want via gptboot's support for selecting the partition >>> to boot via "bootonce" and "bootme" flags? >> not if you can't get onto to the machine. >> When I talk about a recovery partition I mean it in the same way that apple means it.. >> "system won't boot? press the power button and hold down the 'option' key. >> it will give you the option to boot to a recovery mode" >> (* actually I can't remember the keys but you get the idea..) >> >> in our case we would like to be able to recover a customer's AMI by giving a simple set of instructions over the phone. >> We can assume they know how to get into the amazon menus, but we would like to not have to assume much more. >> >>>> The ideal thing would be if there was way to 'influence' one of the smbios >>>> values in some way, and have the boot code see it, but I'm open to any >>>> suggestions. >>>> I really need only 1 bit of information to get through. >>>> >>>> Possibilties include "changing the VM to have only 2G of ram" (we'd never do >>>> that in a real machine). >>>> or maybe temporarily removing all the disks other than the root drive? Almost >>>> anything I could do to signal the boot code to behave differently. >>> I don't think adding/removing disks will be useful, since the extra disks will >>> be Xen blkfront devices; AFAIK the boot loader doesn't know anything about >>> these. (The boot device is also a blkfront device but gets ATA emulation for >>> the benefit of boot loaders.) >>> >>> Maybe you can repurpose some of the logic used for booting over NFS? I've >>> never heard of people booting over NFS when the initial bootstrap comes from >>> disk rather than PXE, but I assume it's possible...? >> Oh I've done it, in the past but you still have the same issue.. >> how do you signal the boot code to do this? >> >> (does an AMI have a bios capable of doing network operations?) I was thinking >> about whether we could add a really simple xn driver into the bootcode to allow >> us to have an console of sorts (accessible from an adjacent machine only??) >> >> >> > > basically you want what zfsbootcfg does but in reverse — with fallback to recovery… yes, that is also a possibility N failed boots in a row.. > > rgds, > toomas > > > From owner-freebsd-xen@freebsd.org Wed Apr 12 18:07:10 2017 Return-Path: Delivered-To: freebsd-xen@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 26BA8D3B70D for ; Wed, 12 Apr 2017 18:07:10 +0000 (UTC) (envelope-from jlott@averesystems.com) Received: from mail-oi0-x232.google.com (mail-oi0-x232.google.com [IPv6:2607:f8b0:4003:c06::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id E017D1D4 for ; Wed, 12 Apr 2017 18:07:09 +0000 (UTC) (envelope-from jlott@averesystems.com) Received: by mail-oi0-x232.google.com with SMTP id b187so41189820oif.0 for ; Wed, 12 Apr 2017 11:07:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=averesystems.com; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=nJ0KGsJT2tJw/oqhsQGl/R9DkO0JfStaSP6HKc+2MWE=; b=gPEIy1f5Z5qDl0D6Kx+KqdLfNzhP+S/AqcdWOcWEvY32IFw/gdvIhXfuILTsJf0Vj/ tCHZctY+q16ukgCMmWYAGBdNxbySeqAuyZXAGw4DrB2qV9wSGV9DvDjoyjRWTXsZPbj/ ZFyGatZlQJ5pTLWsgJJ/MybJnuzGMSpESwnhI= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=nJ0KGsJT2tJw/oqhsQGl/R9DkO0JfStaSP6HKc+2MWE=; b=ecQC2Lo1OTePBVjYngwtarF2N0mdDUyQjMlE1AWujjZFDhn3DSCmxlrXGNn/H9ZK3z p04B3P8mIZQ9A4hQbhckKsou6K9i6deupRKYbHMZ+l9a/XQHGyBeMd6wNvty5ik0LLeO pfT3/pHlCCM9Tl5IJE9vo33umk7Sk4kxb2/0aHyJHHxDB7b2Lcu2Sk+aAB6xduE3iDFX DC9Uo5v1Shvq5/oKvTgoq8zHi7SysHjn7YpZMFJR1b0kRKiUvrRDMYz5j4GCgM4iqUJo bdR+9zqBbdipn5udSPpjtrSZELdH4pKt0oz/SYxoeo/0qz2n74UoxHYDEPksuFQmH2Fw +u5A== X-Gm-Message-State: AN3rC/6BNc9tDLQ4RNScXbG4SP9gp9Dq5cPIhcZYhJI2ScI8pBA8PYPSxbJKOQ4v/tKgKg2vVQr2RDQ2+QZZ1j7p X-Received: by 10.157.14.248 with SMTP id 111mr7117582otj.143.1492020428092; Wed, 12 Apr 2017 11:07:08 -0700 (PDT) MIME-Version: 1.0 Received: by 10.157.17.168 with HTTP; Wed, 12 Apr 2017 11:07:07 -0700 (PDT) In-Reply-To: References: <0100015b6070c546-05c6cf24-36e1-487f-be5e-b2bb6efd4472-000000@email.amazonses.com> From: Jeremiah Lott Date: Wed, 12 Apr 2017 14:07:07 -0400 Message-ID: Subject: Re: amazon/xen... any way at all to pass a message/signal/semaphoere/morse-code to the boot loader? To: freebsd-cloud@freebsd.org, freebsd-xen@freebsd.org Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-xen@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Discussion of the freebsd port to xen - implementation and usage List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Apr 2017 18:07:10 -0000 On Wed, Apr 12, 2017 at 1:30 AM, Leif Pedersen wrote: > I keep an extra EBS volume handy that has a simple recovery image. If I get > stuck into a trouble, I change the normal boot disk to sdb, and attach my > recovery volume as sda1. Essentially, the extra volume is my "recovery > partition". To make it cheaper, keep only a snapshot of it. > I tried for a while to get some sort of bootloader-based recovery plan in place for our cloud-based systems, like what was originally asked for. We already have a primary and a backup partition in our boot disk, but there was no way I found in EC2 to easily switch the partition to boot from. In the end, I gave up on passing information to the bootloader and used something like the above with multiple images. I actually wrote a script at one point using the aws CLI that you could run from any FreeBSD VM in the same availability zone. It detached the original boot volume from the "broken" instance; attached it as a secondary disk to the recovery image, changed the boot partition, detached it from the recovery image, then re-attached it to the original image. It took a while to run, but required little user input. We kind of kept that as "good enough" for the rare case that a instance became un-bootable and we cared to recover it rather than replace it. I'm not sure we actually ever used it on a customer system. It was used more during development when you are more likely to break stuff (and want to recover coredumps, etc. so you can fix the broken code). If you go down the route of implementing EC2 network driver(s) in the bootloader, then you could read the instance metadata via http and use a tag to control the boot behavior. However, a bootloader driver, even a very simplistic one, for xn0 (and potentially for both ixv and ena, if you support EC2 Enhanced Networking) was more work that we wanted to undertake for this. Jeremiah Lott Avere Systems