Early versions of Xen, including those used in the early days of EC2,
had a bug in their UART emulation whereby the TX FIFO wouldn't send the
expected interrupt when emptying; as a result, FreeBSD would write 16
characters to the serial console and then stop because we thought the
FIFO was forever full.
In 2013 (1c60b24baa) I added a loader tunable "hw.broken_txfifo"
which spinwaits for the FIFO TX rather than relying on the interrupt,
and enabled this in loader.conf in EC2 images.
A decade later, this workaround is almost certainly no longer needed in
EC2 -- most instances don't run Xen, and the bug was long since fixed
in Xen anyway -- but we've been holding on to the workaround "just in
case". Unfortunately, the spinwait behaviour is causing latency spikes
and triggering warnings from the ena(4) driver.
This commit removes the hw.broken_txfifo setting from loader.conf in
EC2 images, but leaves the loader tunable and associated code, since it
has been necessary in some other environments. (It seems that the TX
FIFO missing-interrupts bug has been independently written at least
three times!)
Approved by: re (cperciva)
MFC after: 1 minute
Sponsored by: Amazon
(cherry picked from commit 9a685c09f06a55b18589d75f9307563d84a17fa9)
(cherry picked from commit eadda156a50d3487ec1e6fc78f6cfe2df42448fa)
The runtime name is taken from the main pkg-base package that this
image is built off.
Sponsored by: SkunkWerks, GmbH
MFC after: 3 days
Reviewed by: dfr, emaste
Differential Revision: https://reviews.freebsd.org/D50043
(cherry picked from commit a0165254bfeb5e310f92d4e0c88fcb5c6ea802bf)
Having this enabled on Graviton systems prior to Graviton 4 results in
a resource leak and a kernel panic after repeated hotplug/unplug.
MFC after: 3 days
Sponsored by: Amazon
(cherry picked from commit ce9a34b1614e37dc3f8763586448063408c7bf16)
Starting in 2015 I have published "AMI Builder AMIs" for FreeBSD/EC2:
These boot into a memory disk, extract a "clean" copy of FreeBSD onto
the root disk, mount it at /mnt, and allow the user to SSH in to make
customizations before creating a new AMI from the "running" instance
(in fact, from the FreeBSD installation which is not running but is
mounted on /mnt).
This provides a much cleaner mechanism for building customized FreeBSD
AMIs than the traditional Linux approach of "launch an EC2 instance,
SSH in and configure it, then try to wipe logs and credentials before
creating an AMI"; and it's easier than building a customized AMI ab
initio by modifying the FreeBSD release-building code.
This commit brings that functionality into the FreeBSD src tree and
into the collection of images built by the release engineering team:
The EC2 "BUILDER" flavour AMI is essentially a "SMALL" flavour AMI with
a compressed "BASE" flavour disk image, plus an init script which
juggles disks around (rerooting into a memory disk and extracting the
"BASE" image onto disk).
Polished by: bz, emaste
MFC after: 1 week
Sponsored by: Amazon
Differential Revision: https://reviews.freebsd.org/D49930
(cherry picked from commit 58426589030308cd632477d328b9536b1634c54d)
Since PCIe device detaching is done via API, there is no opportunity
to "press the attention button a second time" and thus the 5 second
timeout mandated by PCIe serves no purpose.
MFC after: 2 weeks
Sponsored by: Amazon
(cherry picked from commit 80febaa1714e897d67a8217edc305a0e81498a6f)
On some EC2 instances, there is a race between removing a device from
the system and making the PCI bus stop reporting the presence of the
device. As a result, a PCI BUS_RESCAN performed immediately after
the _EJ0 method returns "sees" the device which is being ejected, which
then causes problems later (e.g. we won't recognize a new device being
plugged into that slot because we never knew it was vacant).
On other operating systems the bus is synchronously marked as needing
to be rescanned but the rescan does not occur until O(1) seconds later.
Create a new ACPI_Q_DELAY_BEFORE_EJECT_RESCAN quirk and set it in EC2
AMIs, and add a 10 ms DELAY between _EJ0 and BUS_RESCAN when tht quirk
is set.
Reviewed by: jhb
MFC after: 1 month
Sponsored by: Amazon
Differential Revision: https://reviews.freebsd.org/D49252
(cherry picked from commit 55c3348ed78fb1d0891e8bb51a8948f95da3560b)
In order to signal to Graviton [123] systems that a device is ready
to be "ejected" (after a detach request is made via the EC2 API) we
need to set PCIM_PSTAT_PME to 1 and PCIM_PSTAT_PMEENABLE to 0. We are
not aware of any rationale for this requirement beyond "another OS
kernel happens to do this", i.e. this is effectively bug-for-bug
compatibility.
Arguably this should be done by the ACPI _EJ0 method on these systems,
but it is not.
Create a new ACPI_Q_CLEAR_PME_ON_DETACH quirk and set it in EC2 AMIs,
and add the PCI register write to acpi_pci_device_notify_handler when
that quirk is set.
Reviewed by: jhb
MFC after: 1 month
Sponsored by: Amazon
Differential Revision: https://reviews.freebsd.org/D49146
(cherry picked from commit d70bac252d30adec4feba0c866dabe2c16a756d9)
This avoids the need for buildah and skopeo for building releases.
Reviewed by: cpersiva
MFC after: 1 day
Differential Revision: https://reviews.freebsd.org/D48574
(cherry picked from commit e8a5b9fd73f4f437a03c85e7644daa55652e224b)
pkg used to store copies of upstream repository databases in
/var/db/pkg/repo-*.sqlite. About a year ago this was moved to
/var/db/pkg/repos/*/, resulting in FreeBSD cloud images no longer
having those (unhelpful since they'll be long out of date before
the cloud images are launched) databases removed.
Remove the correct location, and hope that future pkg updates don't
break the base system again.
Sponsored by: Amazon
(cherry picked from commit 078e8b34b13d6d0663661542eeac9007806fccdc)
While we're here, send the etcupdate log from generating base.txz
to stdout instead of /dev/null (see e972e408d19a) as well.
Reviewed by: emaste, gordon, jrtc27
MFC after: 1 week
Sponsored by: Amazon
Differential Revision: https://reviews.freebsd.org/D48719
(cherry picked from commit ace4637ee0c666c6f5a1c664f8956f7302234edd)
All of the BE datasets need to be set canmount=noauto so that creating
a new BE and switching to it can actually work. With the current setup,
the zfs rc script will mount the `default` BE over whichever new BE is
activated once it runs.
Reported by: andrew
Reviewed by: andrew, re (cperciva), imp, markj
(cherry picked from commit 636d377264f51e3dd33bd7f33ebf03e2e148d40d)
This adds three OCI archive format files to the release containing
FreeBSD base images suitable for static linked, dynamic linked and shell
workloads. The shell image also contains pkg-bootstrap and can be easily
extended by installing packages (including pkgbase packages).
Reviewed by: dch, cpersiva, jlduran, zlei
Differential Revision: https://reviews.freebsd.org/D46759
MFC after: 2 days
(cherry picked from commit d03c82c28da86e0812b98b051d24ae5980804ad7)
AWS Graviton [1234] systems have a bug in their ACPI where they mark
the PL061's GPIO pins as needing to be configured in PullUp mode (in
fact the PL061 has no pullup/pulldown resistors); this flag needs to
be removed in order for _AEI objects to be handled on these systems.
Reviewed by: Ali Saidi
MFC after: 1 week
Sponsored by: Amazon
Differential Revision: https://reviews.freebsd.org/D47239
(cherry picked from commit 2f3f867ac6dd7ff3769366b828b79c44b38828e1)
While OK for 14.x, both 13.x and 15.0 are failing in snapshot
builds.
Reported by: cperciva
Sponsored by: SkunkWerks, GmbH
Reviewed by: emaste
Approved by: cperciva
Differential Revision: https://reviews.freebsd.org/D47285
(cherry picked from commit 89311e6f987ebb1a968eee6fe594b11bfb91977a)
This allows future releng tooling to use OCI for the industry
standard Open Container Initiative tooling, reducing potential
for confusion.
Approved by: cperciva
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D46975
MFC after: 3 days
Sponsored by: SkunkWerks, GmbH
(cherry picked from commit 1be84d745bcc11b766ac1fa03afd2c8ea8771737)
- Add the firstboot-freebsd-update package, as long as we do not have
pkgbase, this is needed
- Support SLAAC by default to complement DHCPv4 (use SYNCDHP instead)
Signed-off-by: Jose Luis Duran <jlduran@gmail.com>
(cherry picked from commit 120740221fd4a4577e63e6c279f9873cabe449d0)
These are the same as the standard "base" images except:
* They don't have kernel or world debug symbols,
* They don't have FreeBSD tests,
* They don't have 32-bit libraries,
* They don't have LLDB,
* They don't have the Amazon SSM Agent pre-installed,
* They don't default to installing the awscli at first boot.
This reduces the amount of disk space in use when the EC2 instance
finishes booting from ~5 GB to ~1 GB.
Sponsored by: Amazon
Differential Revision: https://reviews.freebsd.org/D46509
(cherry picked from commit 647299caa06e38622dc05a4358f9407b62a9bdda)
Move it from VM_EXTRA_PACKAGES in ec2.conf to VM_EXTRA_PACKAGES in
ec2-{base,cloud-init}.conf
Sponsored by: Amazon
Differential Revision: https://reviews.freebsd.org/D46508
(cherry picked from commit 40ff0753abb9c00b5f1e5df9ea00c9fdded55ac4)
Having the "base" FreeBSD network configuration (aka. what is used
when not using cloud-init) in ec2.conf will allow us to reuse it in
other AMIs.
Sponsored by: Amazon
Differential Revision: https://reviews.freebsd.org/D46507
(cherry picked from commit f961ddb28d6909d4c67e3e0b6b60498bbcbf64cb)
This makes it possible for a VM build configuration file to pass
options to make installworld/installkernel/distribution, e.g.
WITHOUT_DEBUG_FILES=YES in order to produce smaller images.
Note that these options are only applied at install time, not at
build time (since the same build is installed into many different
VM images), so not all src.conf options are usable here.
Sponsored by: Amazon
Differential Revision: https://reviews.freebsd.org/D46506
(cherry picked from commit 81d3df02bcf5ed6e41a91fd9fbc3b81cfe809ff3)
8 GB root disk images make FreeBSD/EC2 boot much faster than 6 GB
root disk images.
MFC after: 2 days
Sponsored by: Amazon
(cherry picked from commit 2dac89aee3304dd6eda9b267a0ad1cc6621a7094)
The DHCP server in EC2 knows exactly which system should be using
which IP address (and in fact EC2 has source IP filtering on by
default) so there's no point ARPing an address before using it.
The preceding commits (changing the ARP wait time from 2 s to 250 ms)
and this one (eliminating the wait entirely in EC2) reduce the time
required for a newly launched FreeBSD/EC2 instance to launch by 2
seconds.
Discussed with: icattard
MFC after: 10 days
Sponsored by: Amazon
(cherry picked from commit 54a543d5ea3a58aee2f001498376127efea24bd2)
The vm_extra_pre_umount function in vmimage.subr served two purposes:
It removed /etc/resolv.conf and /qemu (if cross-building), and it
provided a function for cloudware to override in order to make cloud
specific changes to the filesystem before constructing a disk image.
This resulted in a number of bugs:
1. When cross-building, the emulator binary was left as /qemu in the
Azure, GCE, Openstack and Vagrant images.
2. The build host's resolv.conf was left as /etc/resolv.conf in the
basic-ci and basic-cloudinit images.
3. When building GCE images, a Google-specific resolv.conf file was
constructed, and then deleted before the disk image was created.
Move the bits needed for running code inside a VM staging directory
from vm_install_base into a new vm_emulation_setup routine, and move
the corresponding cleanup bits from vm_extra_pre_umount to a new
vm_emulation_cleanup routine.
Remove the /qemu and /etc/resolv.conf cleanups from the cloudware
configuration files (where they exist) since we will now be running
vm_emulation_cleanup to remove those even when vm_extra_pre_umount
has been overridden.
Override vm_emulation_cleanup in gce.conf since in that one case (and
*only* that one case) we don't want to clean up resolv.conf (since it
was constructed for the VM image rather than copied from the host).
releng/14.1 candidate.
MFC after: 1 week
Sponsored by: https://www.patreon.com/cperciva
(cherry picked from commit 0b1c5628c74a37e2aa2aa3769c606d3e826302f8)
Provide both zfs and ufs images which a 1MB partition reserved for the
config drive wearing a GPT Label "config-drive" to allow consumer to
know where they should push the config drive on the provided image.
This has been tested on OVHCloud baremetal via "bring your own image"
Also tested on openstack
Reviewed by: emaste
Sponsored by: OVHCloud
Differential Revision: https://reviews.freebsd.org/D44369
(cherry picked from commit 78b6117dac99c80fe618979fef4ef322b97415fa)
(cherry picked from commit a977444652a59332c53b652b912c38a1d1802b58)
These days, the entries are the identical for GPT and MBR.
Reviewed by: manu, karels, imp
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D43847
(cherry picked from commit 94b86c12f14e69ace1bffe23c15c77a7def23216)
Most 64-bit Raspberry Pi models have a variable processor clock
speed that defaults to a slow speed (e.g. 600 MHz for a nominal
1.5 GHz clock). This results in everything running slowly unless
or until powerd is started, and FreeBSD is then thought to be slow.
Enable powerd by default in /etc/rc.conf on the arm64-aarch64-RPI
images. Tested on Raspberry Pi 3B+ and 4B so far.
PR: 256836
Reviewed by: rgrimes
Differential Revision: https://reviews.freebsd.org/D43296
(cherry picked from commit 4347ef60501f2a55ad31f7532ad903b81f3af18f)
This matches the layout from bsdinstall.
MFC after: 1 week
Fixes: 89585511cc ("release: Add support for creating ZFS-based VM images")
Pull Request: https://github.com/freebsd/freebsd-src/pull/981
(cherry picked from commit adc215de9cabadb89eb4a1c99e047906eacaa58a)
Known issues:
1. The ec2-user user is created with a homedir of /usr/home/ec2-user
instead of /home/ec2-user; this appears to be a bug in cloud-init's
FreeBSD support.
2. Cloud-init configures IPv4 networking but not IPv6 networking.
releng/14.0 candidate.
Discussed with: gjb
Reviewed by: imp
MFC after: 5 days
Relnotes: yes
Sponsored by: https://www.patreon.com/cperciva
Differential Revision: https://reviews.freebsd.org/D41793
(cherry picked from commit 1f4ce7a39f0f4b0621ff55d228014ccddb366d37)
Split ec2-base.conf into ec2-base.conf and a reusable ec2.conf,
similar to how Vagrant flavours share a common vagrant.conf.
releng/14.0 candidate.
Discussed with: gjb
MFC after: 5 days
Sponsored by: https://www.patreon.com/cperciva
Differential Revision: https://reviews.freebsd.org/D41792
(cherry picked from commit fada6e2389fb62ff621a98fab7319e426da58b0b)
Using the recently-added "cloudware flavours" mechanism, turn the
existing EC2 AMIs into a new "base" flavour. The only user-visible
change is that AMI names now include the word "base".
releng/14.0 candidate.
Discussed with: gjb
Reviewed by: imp
MFC after: 5 days
Sponsored by: https://www.patreon.com/cperciva
Differential Revision: https://reviews.freebsd.org/D41791
(cherry picked from commit 7494fb6b7d809257d4eb9eff06ce226143f27add)
We no longer install a default portsnap.conf, so the sed invocation just
generates an error.
Reviewed by: cperciva
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D42003
(cherry picked from commit 63aa2e91342ead0495eada5667f413f0cf8eb56a)
Other cloud images do not do this, and it can produce confusing results.
Reviewed by: Jose Luis Duran, delphij
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D41751
(cherry picked from commit b7528b16c6039a9f0af28f8f3ccdd6ea4eb7e604)
vm.subr's default vm_extra_pre_umount removes /qemu and
/etc/resolv.conf. When vm_extra_pre_umount is overridden these steps
need to be performed in the cloud-specific conf file.
PR: 271602
Reviewed by: dch, lwhsu
Event: Kitchener-Waterloo Hackathon 202305
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D40257
Change the vmimage script for zfs to create /home as a dataset
rather than /usr/home, ala change to bsdinstall's zfs script.
Reviewed by: markj
Differential Revision: <https://reviews.freebsd.org/D40111
For someone new to the release bits it's not always clear what files are
being created. Report the disk image name explicitly.
Reviewed by: gjb
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39953
When building ARM release images, enable IPv6 SLAAC by default in
addition to IPv4 DHCP.
Unlike amd64 (and other desktop/server) releases, ARM releases on SoC
setups are usually deployed by just using the installation image, so
there is no interactive network configuration. Not having IPv6
included by default is kind of an anachronism these days, given that
FreeBSD with the KAME project once pioneered IPv6 technology.
MFC after: 2 weeks
Provides an OCI (Oracle Cloud Infrastructure) release target for
Oracle's KVM-based VM implementation. Tested using 13.1-RELEASE,
primarily on Ampere CPU on A1.Flex VM shapes, but also works on
amd64 shapes.
- supports cloud-init and custom scripts
- provides a freebsd@ sudo-enabled user
- root user disabled over ssh & console
Approved by: gjb
Reviewed by: emaste
MFS after: 1 week
Sponsored by: The FreeBSD Foundation
Sponsored by: SkunkWerks, GmbH
Technical assistance from: Oracle
Differential Revision: https://reviews.freebsd.org/D34746
