VM recovery via cloud console: Difference between revisions

Jump to navigation Jump to search
no edit summary
No edit summary
No edit summary
Line 17: Line 17:


<!--T:8-->
<!--T:8-->
That will boot the kernel, initializes initrd and executes <code>/bin/bash</code> as the init process, now we basically landed in memory and are mounted r/o, since the userspace init process is supposed to take care of the root filesystem, the kernel just needs to know where to find it before it hands over the control. To do a useful recovery, the next steps will be remounting the initrd filesystem r/w, mount the OS image disk, chroot into it, set a root password and restart the VM. After a successfull restart, we can login as root. Take note that bash has no <code>reboot</code> or any powercontrol mechanism, so we have to unmount everything cleanly and stop the VM.
That will boot the kernel, initialize <code>initrd</code> and execute <code>/bin/bash</code> as the <code>init</code> process. Now, we basically landed in memory and are mounted r/o, since the userspace <code>init</code> process is supposed to take care of the root filesystem; the kernel just needs to know where to find it before it hands over the control. To do a useful recovery, the next steps will be to
* remount the initrd filesystem r/w,
* mount the OS image disk,
* chroot into it,
* set a root password and
* restart the VM.
After a successful restart, we can login as root. Take note that bash has no <code>reboot</code> or any power control mechanism, so we have to unmount everything cleanly and stop the VM.


<!--T:9-->
<!--T:9-->
Line 32: Line 38:


<!--T:13-->
<!--T:13-->
We have now the image root filesystem r/w mounted at /mnt, to use tools like <code>passwd</code> via chroot in there, we need to mount <code>/dev</code> to gain tty access and <code>/proc</code> and <code>/sys</code>, since we can then also access the network.
We now have now the image root filesystem r/w mounted at <code>/mnt</code>, to use tools like <code>passwd</code> via chroot in there, we need to mount <code>/dev</code> to gain tty access and <code>/proc</code> and <code>/sys</code>, since we can then also access the network.


<!--T:14-->
<!--T:14-->
Line 41: Line 47:


<!--T:16-->
<!--T:16-->
After the VM has started, you can now login as user root with the password you have chose. Once completed, remove the root password again, or disable direct root logins via ssh.
After the VM has started, you can now login as user root with the password you have chosen. Once completed, remove the root password again, or disable direct root logins via ssh.


== CentOS7 recovery == <!--T:17-->
== CentOS7 recovery == <!--T:17-->


<!--T:18-->
<!--T:18-->
Open the console via Horizon and reboot the VM, in the upper right corner the <code>CtrlAltDel</code> button can be used for that, unless you need to recover a kernel persistent kernel panic. At one point the boot manager shows up, which is currently for all cloud images GRUB or GRUB2. Other would work as well, they will only have a different key sequence to gain access to the append parameters for the kernel. Once the GRUB menu is visible, hit <code>e</code> on your keyboard to get into edit mode, you will see something like below.
Open the console via Horizon and reboot the VM; the <code>CtrlAltDel</code> button in the upper right corner can be used for that, unless you need to recover a kernel persistent kernel panic. At one point the boot manager shows up, which is currently for all cloud images GRUB or GRUB2. Other would work as well, they will only have a different key sequence to gain access to the append parameters for the kernel. Once the GRUB menu is visible, hit <code>e</code> on your keyboard to get into edit mode, you will see something like this:


<!--T:19-->
<!--T:19-->
Line 59: Line 65:
         initrd16 /boot/initramfs-3.10.0-1127.19.1.el7.x86_64.img
         initrd16 /boot/initramfs-3.10.0-1127.19.1.el7.x86_64.img
</pre>
</pre>
Now navigate to the line which starts with <code>linux16</code>, here all <code>console</code> parameters need to be removed, since qemu uses the serial console (ttySX), we would have to go onto the compute node directly and attach it there to a terminal. The easier option is just to leave <code>console=tty0</code> in there. If we want to have the filesystem from the image mounted r/w we would have to change the paramter <code>ro</code> to <code>rw</code>, but that can be done later as well if something needs to investigated r/o is a very good option to leave timestamps intact on inodes. Centos has a parameter to interrupt the boot process in an early stage, which is <code>rd.break</code>. The linux16 line should then look like the below (the order of the parameters do not matter):
Now, navigate to the line which starts with <code>linux16</code>. Here, all console parameters need to be removed. Since qemu uses the serial console (ttySX), we would have to go onto the compute node directly and attach it there to a terminal. The easier option is just to leave <code>console=tty0</code> in there. If we want to have the filesystem from the image mounted r/w we would have to change the parameter <code>ro</code> to <code>rw</code>, but that can be done later as well; if something needs to investigated, r/o is a very good option to leave timestamps intact on inodes. Centos has a parameter to interrupt the boot process in an early stage, which is <code>rd.break</code>. The linux16 line should then look like this (the order of the parameters do not matter):


<!--T:20-->
<!--T:20-->
Line 65: Line 71:


<!--T:21-->
<!--T:21-->
To boot the kernel with the changes hit <code>Crtl+x</code>. Under <code>/sysroot</code> you will find the ro mounted filesystem from the image, you can chroot into it or modify it directly. To make it rw, it needs to be remounted: <code>mount -o remount,rw /sysroot</code>.
To boot the kernel with the changes, hit <code>Crtl+x</code>. Under <code>/sysroot</code>, you will find the ro mounted filesystem from the image, you can chroot into it or modify it directly. To make it rw, it needs to be remounted: <code>mount -o remount,rw /sysroot</code>.


== CentOS8 recovery == <!--T:22-->
== CentOS8 recovery == <!--T:22-->


<!--T:23-->
<!--T:23-->
The steps are very similar compared to the CentOS7 recovery procedure, the option <code>console</code> needs to initialize a tty instead of a serial console and <code>rd.break</code> will launch the recovery environment.
The steps are very similar compared to the CentOS7 recovery procedure: the option <code>console</code> needs to initialize a tty instead of a serial console and <code>rd.break</code> will launch the recovery environment.


<!--T:24-->
<!--T:24-->
rsnt_translations
56,420

edits

Navigation menu