Port Equinix Metal (Packet) OEM away from the base Ignition #1143
Description
Current situation
The Equinix Metal OEM setup uses a base Ignition file that gets merged with the user-passed Ignition config.
Currently the only action is to enable coreos-metadata-sshkeys@.service and create/enable packet-phone-home.service.
Impact
The setup writes state to the rootfs that is not updated.
Ideal future situation
We don't use the base/default Ignition approach but have a unit in the generic image that enables/runs/depends-on coreos-metadata-sshkeys@.service with a condition for KernelCommandLine=coreos.oem.id=packet or KernelCommandLine=flatcar.oem.id=packet. The packet-phone-home.service service can equally be one the generic image.
A migration action can be done live in flatcar-postinst based on the current and next version being ≥ the major version that introduces the change. It would remove the packet-phone-home.service under /etc and maybe the enablement symlink for coreos-metadata-sshkeys@.service depending on the chosen new approach.
Additional information
We could also create a sysext image but that does not make much sense, we already ship KernelCommandLine= OEM units in the base image and the initrd.