One of the most popular infrastructure as a service (IaaS) cloud hosting providers - the DigitalOcean - offers attractive prices for their services. For example, the smallest cloud server instance with 1 Core and 512 MB RAM costs only 5 USD per month. The price is nice you say, so where are the drawbacks?
Sometimes there is a need to compile a custom kernel, which is totally understood. However, in DigitalOcean's environment, after it's build you might encounter an odd problem - you are unable to boot it because your new bootmanager's configuration is not being honored. Also, if you look in droplet's preferences you will spot the generic kernel list, related to your installed OS and this is the place, where you can choose, which kernel will be booted with your cloud server. Weird, huh?
Btw: this is also a security risk, because that list seems to be updated with a noticeable delay.
What DigitalOcean is doing here is that they are using QEMU's feature, which allows them to load a Linux kernel and init ramdisk directly into the droplet, thereby circumventing bootloader (GRUB/LILO, etc..).
Now what? Fortunately there is a workaround called kexec.
kexec is a system call that enables you to load and boot into another kernel from the currently running kernel. kexec performs the function of the boot loader from within the kernel. The primary difference between a standard system boot and a kexec boot is that the hardware initialization normally performed by the BIOS or firmware (depending on architecture) is not performed during a kexec boot. This has the effect of reducing the time required for a reboot.
Booting kernel from currently running OS can be done with the below command.
$ kexec -l /boot/vmlinuz-custom-kernel \
After which we need to do the reboot.
On the end of this short post I'd like to admit, that there are other IaaS cloud providers (for instance e24cloud), which are using similar technologies (KVM with QEMU), but in contrast to DigitalOcean, are giving the user ability to use a bootloader in a typical way - no need to invoke kexec tool.
About this "feature" you can read more on DigitalOcean forums.Share on Twitter Share on Facebook