-
Notifications
You must be signed in to change notification settings - Fork 2
Configuration
# Required: false
# Default Value: "healthcheck"
---
defaults:
mode: <mode>
devices:
/dev/xvdf:
mode: <mode>
sudo ebs-bootstrap -mode <mode>
In the healthcheck mode, ebs-bootstrap is configured to reject any proposed modifications to a block device, ensuring a more secure environment. This hardened mode is particularly valuable for block devices containing sensitive data related to stateful workloads, as it prevents unintended alterations. If you're cautious about allowing ebs-bootstrap to autonomously manage your block devices, this mode provides a safer alternative by inhibiting automatic changes.
In prompt mode, ebs-bootstrap requires user approval for each change to optimise the block device configuration. This mode ensures a balance between automated suggestions and manual control. Following this, healthcheck mode can act as a safeguard, preventing any modifications to protect the block device's integrity, especially useful for sensitive data. This approach combines proactive updates with a protective layer to maintain device stability.
[~] sudo /usr/local/sbin/ebs-bootstrap -mode=prompt
π Formatting larger disks can take several seconds β
π£ Would you like to format /dev/nvme1n1 to ext4? (y/n): y
β Successfully formatted /dev/nvme1n1 to ext4
π Certain file systems require that devices be unmounted prior to labeling
π£ Would you like to label device /dev/nvme1n1 to 'stateful'? (y/n): n
π΄ Refused to label /dev/nvme1n1 to 'stateful'
In force mode, ebs-bootstrap operates with full autonomy to make changes to a block device, aiming for the best possible outcome. It proactively works towards the desired state of the device, which may include executing configuration changes that could be unexpected by the operator. For instance, to relabel an xfs file system, ebs-bootstrap might unmount the block device as part of its process. By selecting force mode, you authorise ebs-bootstrap to act independently, within reasonable bounds. It will not perform extreme actions like erasing or replacing a block device's existing file system. This mode is designed for scenarios where automated, decisive action is preferred over manual oversight.
# Required: true
---
devices:
/dev/xvdf:
fs: <filesystem>
This attribute defines the target file system for a block device. ebs-bootstrap will format a block device only if it is unformatted. It is designed to refuse any attempts to alter an existing file system on a block device, ensuring data integrity and system stability.
Supported File Systems:
ext4xfs
# Required: false
---
devices:
/dev/xvdf:
label: <string>
This attribute determines the label to be applied to a block device's file system. It's important to consider file system-specific constraints, such as label length limitations. For instance, the xfs file system restricts labels to a maximum of 12 characters. ebs-bootstrap will reject any label that exceeds these limits.
[~] cat config.yml
devices:
/dev/xvdf:
label: length-exceeds-16-characters
[~] sudo ./ebs-bootstrap -mode force -config config.yml
π΄ /dev/xvdf: Label 'length-exceeds-16-characters' exceeds the maximum 12 character length for the xfs file system
# Required: false
# Default Value: false
---
defaults:
resizeFs: <bool>
devices:
/dev/xvdf:
resizeFs: <bool>
sudo ebs-bootstrap -resize <bool>
This attribute indicates the desire to resize a file system when there is a significant portion of unallocated space on a block device. If a user were to increase the size of an EBS volume, the file system also needs to be extended. When the file system is provisioned through lvm the underlying physical volume and logical volume group will also be expanded.
# Required: false
---
devices:
/dev/xvdf:
mountPoint: <string>
This attribute designates the mount point for a block device. Should the specified directory not exist, ebs-bootstrap will attempt to create it recursively. Since ebs-bootstrap usually runs as the root user, any child directories it creates will be owned by the root user and group, and will have their file permissions set to 0755. These permissions allow users and groups associated with your applications to navigate the directory hierarchy to access the mount point.
# Required: false
# Default Value: "defaults"
---
defaults:
mountOptions: <string>
devices:
/dev/xvdf:
mountOptions: <string>
sudo ebs-bootstrap -mount-options <string>
This attribute defines the mount options to be used with any mount command executed by ebs-bootstrap. It is important to understand that modifying this attribute does not automatically trigger a remount of the block device. Therefore, users should be aware that changes to mount options will only take effect during the subsequent mounting processes and not immediately upon alteration of this attribute.
# Required: false
# Default Value: false
---
defaults:
remount: <bool>
devices:
/dev/xvdf:
remount: <bool>
sudo ebs-bootstrap -remount <bool>
This attribute determines if a block device should be consistently remounted to ensure alignment with the current configuration. When enabled, it guarantees that the specified mount options in the configuration are always reflected in the active mount of the block device.
# Required: false
---
devices:
/dev/xvdf:
user: <string | int>
group: <string | int>
This section specifies the ownership of the mount point, allowing users to define both the user and group that will own it. These attributes accept either the name or the ID of the user/group. This functionality is particularly important for workloads that necessitate the mount point being owned by a specific service account. ebs-bootstrap includes a validation mechanism to verify the existence of the specified user or group, ensuring that the ownership settings are applied to valid entities.
# Required: false
---
devices:
/dev/xvdf:
permissions: <octal>
This configuration sets the access permissions for the mount point using an octal value. It ensures that the mounted block device maintains the desired security and access levels, essential in controlled environments. Additionally, permissions can be specified in either octal (0755) or more generally as a decimal format (755), providing flexibility to suit various operational needs.
sudo ebs-bootstrap -config <string>
By default, ebs-bootstrap reads its configuration from /etc/ebs-bootstrap/config.yml. To use a different configuration file, override this default by specifying a file path with the -config parameter.