Cannot pin kernel using proxmox-boot-tool

Thibaut

Member
Jun 7, 2020
4
2
23
57
Hello,

I'm currently setting up a testing environment based on a 2 nodes Proxmox cluster.
The 2 nodes are absolutely identical machines (micro-PC).

I've followed the exact same procedure to install both nodes, booting from the proxmox-ve_8.3-1.iso.
Both installations went off without a hitch.

Then I went through some configuration settings and updated the repositories to the No-Subscription ones (from the GUI).
The effective update was carried out from the command line, using apt update and apt -y upgrade
Both systems were then rebooted, and a peculiar behavior could be observed: after rebooting, node1 booted on kernel 6.8.12-4-pve, while node2 booted on kernel 6.8.12-5-pve.

I tried pinning kernel 6.8.12-5-pve on node1:

Bash:
root@node1:~# uname -r
6.8.12-4-pve

root@node1:~# proxmox-boot-tool kernel list
Manually selected kernels:
None.

Automatically selected kernels:
6.8.12-4-pve
6.8.12-5-pve

root@node1:~# proxmox-boot-tool status
Re-executing '/usr/sbin/proxmox-boot-tool' in new private mount namespace..
System currently booted with uefi
AD85-A0BC is configured with: uefi (versions: 6.8.12-4-pve, 6.8.12-5-pve)

root@node1:~# proxmox-boot-tool kernel pin 6.8.12-5-pve
Set kernel '6.8.12-5-pve' in /etc/kernel/proxmox-boot-pin.
Refresh the actual boot ESPs now? [yN] y
Running hook script 'proxmox-auto-removal'..
Running hook script 'zz-proxmox-boot'..
Re-executing '/etc/kernel/postinst.d/zz-proxmox-boot' in new private mount namespace..
Copying and configuring kernels on /dev/disk/by-uuid/AD85-A0BC
        Copying kernel and creating boot-entry for 6.8.12-4-pve
        Copying kernel and creating boot-entry for 6.8.12-5-pve

Rebooting the system didn't load the 6.8.12-5-pve kernel, but the 6.8.12-4-pve kernel.
I found absolutely no way to pin the targeted kernel, even though I even tried a re-install from scratch!

Since the objective is to create a cluster, it seems it would be wiser to have all nodes using the same kernel version, am I wrong?
Moreover, I suppose the latest kernel version is probably automatically defined as the default one when an upgrade takes place. It would become tedious to have to re-pin each and every new kernel version.

In the end, I decided to go the other way around, pinning node2 to the 6.8.12-4-pve kernel, which worked as expected on the next node2 reboot. But, obviously, this is exactly the opposite of what I would want.

I'm out of ideas on where to go from here.
In case someone reading this has some track I could follow it would be welcome.

Thanks.
 
Last edited:
Really strange... I could not reproduce it here.

And if you are currently a
Code:
proxmox-boot-tool kernel list
execute, does the newer kernel show up as pinned?

Can you even manually boot the newer kernel from the boot menu?

Do you use secure boot?
 
Thank you for taking the time to answer me.

Yes, the kernel is shown as pinned, although the active kernel is not the pinned one:
Code:
root@node1:~# proxmox-boot-tool kernel list
Manually selected kernels:
None.

Automatically selected kernels:
6.8.12-4-pve
6.8.12-5-pve

Pinned kernel:
6.8.12-5-pve
root@node1:~# uname -r
6.8.12-4-pve

Yes, manually selecting the 6.8.12-5-pve kernel using the keyboard selection before the boot process does work.
But there is an arrow next to the 6.8.12-4-pve one, which stays there even when the other kernel is pinned.

No, secure boot is disabled:

Code:
root@node1:~# mokutil --sb-state
SecureBoot disabled
 
Last edited:
Basically, it looks the way it should look. Please show me what's in your EFI partition in “loader.conf”. So mount one of your EFI Partitions on /boot/efi:

On my example this is "sda2"
Code:
NAME   MAJ:MIN RM  SIZE RO TYPE MOUNTPOINTS
sda      8:0    0   35G  0 disk
├─sda1   8:1    0 1007K  0 part
├─sda2   8:2    0  512M  0 part /boot/efi
└─sda3   8:3    0 34.5G  0 part
sdb      8:16   0   35G  0 disk
├─sdb1   8:17   0 1007K  0 part
├─sdb2   8:18   0  512M  0 part
└─sdb3   8:19   0 34.5G  0 part

After show me the content of the loader.conf:
Code:
cat /boot/efi/loader/loader.conf
The pinned kernel is always available there. In our case, we want to see “proxmox-6.8.12-5-pve.conf” here. And then also the content of this config file:

Code:
cat /boot/efi/loader/entries/proxmox-6.8.12-5-pve.conf

The content should look like this:
Code:
title    Proxmox Virtual Environment
version  6.8.12-5-pve
options  root=ZFS=rpool/ROOT/pve-1 boot=zfs
linux    /EFI/proxmox/6.8.12-5-pve/vmlinuz-6.8.12-5-pve
initrd   /EFI/proxmox/6.8.12-5-pve/initrd.img-6.8.12-5-pve

See also: https://pve.proxmox.com/wiki/Host_Bootloader#sysboot_systemd_boot
 
Last edited:
I mounted the EFi partition (which in my case is /dev/mmcblk0p2).

While the 6.8.12-5-pve kernel is pinned:

Code:
root@node1:~# proxmox-boot-tool kernel list
Manually selected kernels:
None.

Automatically selected kernels:
6.8.12-4-pve
6.8.12-5-pve

Pinned kernel:
6.8.12-5-pve

root@node1:~# cat /boot/efi/loader/loader.conf
timeout 3
default proxmox-6.8.12-5-pve.conf

When no kernel is pinned:

Code:
root@node1:~# proxmox-boot-tool kernel list
Manually selected kernels:
None.

Automatically selected kernels:
6.8.12-4-pve
6.8.12-5-pve

root@node1:~# cat /boot/efi/loader/loader.conf
timeout 3
default proxmox-*

Here are the contents of both files present under /boot/efi/loader/entries/:

Code:
root@node1:~# cat /boot/efi/loader/entries/proxmox-6.8.12-4-pve.conf
title    Proxmox Virtual Environment
version  6.8.12-4-pve
options  root=ZFS=rpool/ROOT/pve-1 boot=zfs
linux    /EFI/proxmox/6.8.12-4-pve/vmlinuz-6.8.12-4-pve
initrd   /EFI/proxmox/6.8.12-4-pve/initrd.img-6.8.12-4-pve

root@node1:~# cat /boot/efi/loader/entries/proxmox-6.8.12-5-pve.conf
title    Proxmox Virtual Environment
version  6.8.12-5-pve
options  root=ZFS=rpool/ROOT/pve-1 boot=zfs
linux    /EFI/proxmox/6.8.12-5-pve/vmlinuz-6.8.12-5-pve
initrd   /EFI/proxmox/6.8.12-5-pve/initrd.img-6.8.12-5-pve

I see the exact same behavior on node2, except that on node2 the pinned kernel is the one used at reboot while I cannot get the pinned kernel to be activated on node1. It's still a total mystery for me!
 
apt -y upgrade
NEVER upgrade Proxmox with that command.

You should either use the apt-get dist-upgrade in the CLI or use the >_ Upgrade button in the GUI (which does the same).

Search these forums (& the official docs) for further info.

I only skimmed this thread, but the behavior you describe is probably caused by this.
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!