From 368a13ed1349c3dca1ca67ff1ed76449ce4ceee0 Mon Sep 17 00:00:00 2001 From: Sven Dowideit Date: Sat, 11 Mar 2017 15:41:11 +1000 Subject: [PATCH] Docs for the elide parts of the kernel cmdline Signed-off-by: Sven Dowideit --- docs/os/running-rancheros/server/pxe/index.md | 14 +++++++++++++- docs/os/upgrading/index.md | 2 +- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/docs/os/running-rancheros/server/pxe/index.md b/docs/os/running-rancheros/server/pxe/index.md index c773968d..2331cd17 100644 --- a/docs/os/running-rancheros/server/pxe/index.md +++ b/docs/os/running-rancheros/server/pxe/index.md @@ -18,7 +18,19 @@ initrd ${base-url}/initrd boot ``` -### Datasources +### Hiding sensitive kernel commandline parameters + +From RancherOS v0.9.0, secrets can be put on the `kernel` parameters line afer a `--` double dash, and they will be not be shown in any `/proc/cmdline`. These parameters +will be passed to the RancherOS init process and stored in the `root` accessible `/var/lib/rancher/conf/cloud-init.d/init.yml` file, and are available to the root user from the `ros config` commands. + +For example, the `kernel` line above could be written as: + +``` +kernel ${base-url}/vmlinuz rancher.state.dev=LABEL=RANCHER_STATE rancher.state.autoformat=[/dev/sda] -- rancher.cloud_init.datasources=[url:http://example.com/cloud-config] +``` + + +### cloud-init Datasources Valid [datasources](https://github.com/rancher/os/blob/3338c4ac63597940bcde7e6005f1cc09287062a2/cmd/cloudinit/cloudinit.go#L378) for RancherOS. diff --git a/docs/os/upgrading/index.md b/docs/os/upgrading/index.md index ca43b9b3..892c7665 100644 --- a/docs/os/upgrading/index.md +++ b/docs/os/upgrading/index.md @@ -9,7 +9,7 @@ layout: os-default If RancherOS has released a new version and you want to learn how to upgrade your OS, we make it easy using the `ros os` command. -Since RancherOS is a kernel and initrd, the upgrade process is downloading a new kernel and initrd, and updating the boot loader to point to it. The old kernel and initrd are not removed. If there is a problem with your upgrade, you can select the old kernel from the bootloader, which is grub2 by default. +Since RancherOS is a kernel and initrd, the upgrade process is downloading a new kernel and initrd, and updating the boot loader to point to it. The old kernel and initrd are not removed. If there is a problem with your upgrade, you can select the old kernel from the Syslinux bootloader. To see all of our releases, please visit our [releases page](https://github.com/rancher/os/releases) in GitHub.