Systemd-confext bring a nice way to do out of band configuration management.
In it's simplest form, it's a directory under var/lib/confexts/<confext-name>. All content under that is overlayed on top of /etc.
One of the quirks is that it makes /etc read-only, but this is not a concern for ignition, since systemd-confext isn't active yet in the initramfs.
I think it would be nice to support fetching confexts fron a few sources, like HTTP and GIT, e.g. :
confext:
name: quadlets
source: https://github.com/user/repo
enabled: true
This provide a nice way to update nodes day 2, but in a more declarative way. Because re-spin a whole FCOS node to add a new quadlet file through ignition can feel a bit overkill, especially on bare-metal.
see coreos/fedora-coreos-tracker#2108
And https://www.man7.org/linux/man-pages/man8/systemd-confext.8.html
Systemd-confext bring a nice way to do out of band configuration management.
In it's simplest form, it's a directory under
var/lib/confexts/<confext-name>. All content under that is overlayed on top of/etc.One of the quirks is that it makes
/etcread-only, but this is not a concern for ignition, since systemd-confext isn't active yet in the initramfs.I think it would be nice to support fetching confexts fron a few sources, like HTTP and GIT, e.g. :
This provide a nice way to update nodes day 2, but in a more declarative way. Because re-spin a whole FCOS node to add a new quadlet file through ignition can feel a bit overkill, especially on bare-metal.
see coreos/fedora-coreos-tracker#2108
And https://www.man7.org/linux/man-pages/man8/systemd-confext.8.html