Side quest
This week: I made a video, then I went on a tangent.
The things I said last week that I was going to do this week were fixing a bug in the backup server, and adding NTP - but all the devices I need to do them to are deployed to “in the field” and I would rather not have to unplug them again and reattach the serial console wires to update them.
How can we make this better? After a bit of thought I have a new approach, which works in principle but needs a bit of polish and more testing. We use a combination of kexec and the watchdog timer to allow a new configuration that runs entirely in RAM to be booted from a running system. If the new configuration is doesn’t work right, the watchdog will reboot the device - and because the new system hasn’t been written to flash, then it’ll boot to the previous configuration instead of bootlooping the new one.
The new configuration is built using outputs.kexecboot
, which
generates a vmlinux
, a dtb
and a squashfs
that can be
transferred to the device e.g. via ssh:
$ nix-build --show-trace -I liminix-config=./examples/arhcive.nix \
--arg device "import ./devices/gl-ar750" -A outputs.kexecboot \
&& (tar chf - result | ssh root@192.168.8.185 tar -C /run -xvf -)
and then on the device we do
# kexec --map-file squashfs@104857600 --dtb dtb \
--command-line "mtdparts=phram0:9945088(rootfs) phram.phram=phram0,104857600,9945088 memmap=9945088$104857600" \
kernel
(the magic numbers in this command will be generated appropriately by tooling) to map the new root filesystem into a “phram” fake MTD device and then boot the new kernel.
This involved
-
a patch to kexec-tools to add the
--map-file
option, which I hope to be able to upstream after cleaning it up. My use case (create an MTD for the new system) is probably quite niche, but the affordance in kexec-tools (map any file anywhere you like!) is pretty generic so perhaps there are other uses it could be put to as well. -
a small change to the kernel so that kexec provides the DTB address to the kernel being exec’ed instead of just copying it into a place where it might find it if
MIPS_RAW_APPENDED_DTB
is set.
Other fixes this week:
- add kernel config to make USB host work on gl-ar750
- make ssh key authentication work for root
- extract repeated code for applying openwrt kernel patches into a derivation
Next week … the things we were originally going to do this week? I’d like also to set up a mailing list for the project, but am trying to find something more usable/searchable for the archives than Pipermail.