Flatcar icon indicating copy to clipboard operation
Flatcar copied to clipboard
verified publisher icon flatcar

[RFE] Hetzner support

Open tormath1 opened this issue 1 year ago • 4 comments

Current situation

There is no Flatcar images for Hetzner.

Impact

Folks can't simply use Flatcar on Hetzner.

Ideal future situation

Folks can deploy Flatcar on Hetzner without additional steps.

Implementation options

  • [x] Ignition support (>3913.0.0)
  • [x] Afterburn support
  • [x] OEM support on Flatcar (i.e build images with Hetzner OEM ID + additional configurations like starting afterburn service for example): https://github.com/flatcar/scripts/pull/1880
  • [x] Documentation: https://github.com/flatcar/flatcar-website/pull/336
  • [ ] Mantle support (test suite): https://github.com/flatcar/mantle/pull/533
  • [ ] Test automation on Flatcar: //TODO

Additional information

  • Build and deploy a snapshot with Packer: https://github.com/apricote/flatcar-packer-hcloud/
  • Deploy with Terraform: https://www.flatcar.org/docs/latest/installing/cloud/hetzner/
  • Hetzner injects root password

tormath1 avatar Apr 03 '24 09:04 tormath1

Just for reference, there's also https://github.com/Thor77/hetzner-flatcar

LenzGr avatar Apr 03 '24 13:04 LenzGr

These PRs add basic support for Hetzner (3rd checkbox in the list above):

  • https://github.com/flatcar/bootengine/pull/94
  • https://github.com/flatcar/init/pull/118
  • https://github.com/flatcar/scripts/pull/1880

(Disclaimer: This was done because of personal interest, not in my capacity as a Hetzner employee)

apricote avatar Apr 11 '24 17:04 apricote

With the above PRs merged, to quote @tormath1 in chat:

According to the release planning, we should get Hetzner images for the Alpha and Beta in the next release. 🥳

What Works

These change already support:

  • Setting the hostname properly
  • Reading the SSH Key from the Hetzner Cloud metadata service and setting it for the core user
  • Reading metadata variables through Afterburn and making them available to other units

Whats still missing

As far as I can tell we are still missing the following functionality for feature parity with the official images.

All of these feature are very much oriented at the beginner users, who are probably not running Flatcar. I do not think we require them, and adding a note about this in the docs should be fine.

hc-utils

units for configuring networks

This seems to work out-of-the-box on flatcar

Units for volume automounts

This is just a udev rules file, should be easy to get in the oem sysext. One issue I encountered was, that the hc-utils file modified /etc/fstab which is not an option on Flatcar. Not sure how to dynamically generate and persist systemd .mount files here

Root Passwords

Initial Root Password

On Hetzner Cloud its possible to start a server without SSH Key. We generate a root password and show it to the user once. This is then configured on the server through cloud-init chpasswd for the root user.

Root Password Reset

Its possible to reset the root password through the API. This is being handled by qemu-guest-agent on the official images.

I found that qemu-guest-agent on Flatcar was only installed on the amd64 board, not on arm64.

Another issue is, that the message received is for the root user. Not sure if we can just intercept this and always modify the core user instead, or if we want to accept that this does not work.

apricote avatar Apr 17 '24 15:04 apricote

Hetzner are images are now available on Alpha and Beta :partying_face: Next steps are:

  • Documentation https://github.com/flatcar/flatcar-website/pull/336
  • Mantle support (test suite) for "official support"
  • Test automation on Flatcar for "official support"

tormath1 avatar May 30 '24 09:05 tormath1