Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

systemd: New bootc-fetch-apply-updates.{timer,service} #179

Merged
merged 1 commit into from
Jan 17, 2024
Merged

systemd: New bootc-fetch-apply-updates.{timer,service} #179

merged 1 commit into from
Jan 17, 2024

Conversation

cgwalters
Copy link
Collaborator

Let's ship a baseline systemd unit that can be enabled for automatic updates.

vrothberg
vrothberg reviewed Nov 6, 2023
View reviewed changes
systemd/bootc-apply.service Outdated Show resolved Hide resolved
systemd/bootc-apply.service Outdated Show resolved Hide resolved
jlebon
jlebon reviewed Nov 6, 2023
View reviewed changes
systemd/bootc-apply.service Outdated Show resolved Hide resolved
@cgwalters cgwalters marked this pull request as draft November 6, 2023 18:23
@cgwalters
Copy link
Collaborator Author

OK per #179 (comment) let's think about this one a bit more. We should perhaps also have bootc-fetch.service as an explicitly separated unit?

While this project is still classified as "interfaces subject to change", these particular units will be a really important "UX touchpoint" and it'd be good to get them as close to right as we think early on.

This whole thread really intersects with #2 which is a tension I've felt since the start.

@cgwalters cgwalters changed the title systemd: New bootc-apply.{timer,service} systemd: New bootc-fetch-apply-updates.{timer,service} Nov 6, 2023
@vrothberg
Copy link
Member

OK per #179 (comment) let's think about this one a bit more. We should perhaps also have bootc-fetch.service as an explicitly separated unit?

I wonder when such a unit would be useful? Splitting fetching updates from applying them seems special.

If there's a use case to check for an update prior to executing it, callers could do an upgrade --check and then fire the unit.

PR as is LGTM

@jlebon
Copy link
Contributor

jlebon commented Nov 7, 2023

OK per #179 (comment) let's think about this one a bit more. We should perhaps also have bootc-fetch.service as an explicitly separated unit?

I wonder when such a unit would be useful? Splitting fetching updates from applying them seems special.

With finalization locking, you can do all the steps ahead of time (fetch and deploy) and minimize down time to just updating the bootloader and restarting.

@cgwalters
Copy link
Collaborator Author

Right, for locking let's reference ostreedev/ostree#3025

@cgwalters
Copy link
Collaborator Author

Actually one thing I'm really strongly opinionated on is that we should default to respecting systemd blocking inhibitors; see coreos/rpm-ostree#2862

It allows the use case of ssh root@examplemachine systemd-inhibit --mode=block bash to debug something reliably.

I am also thinking here that alongside it'd make sense to add an explicit bootc-apply.service (and CLI verb that starts it?) that can have arbitrary hooks added.

For example, zincati today has code to invoke the classic notify via tty code. It's not clear to me that we should duplicate that in bootc, but we could easily support it externally via code that adds a systemd-drop-in that adds ExecStartPre or so?

@cgwalters
Copy link
Collaborator Author

OK, did ostreedev/ostree#3090

@cgwalters cgwalters mentioned this pull request Jan 12, 2024
Closed
@rhatdan
Copy link
Member

rhatdan commented Jan 13, 2024

Is this ready to merge?

@cgwalters
systemd: New bootc-fetch-apply-updates.{timer,service}
c13c9eb 
Let's ship a baseline systemd unit that can be enabled
for automatic updates.

Signed-off-by: Colin Walters <walters@verbum.org>
@cgwalters
Copy link
Collaborator Author

Actually one thing I'm really strongly opinionated on is that we should default to respecting systemd blocking inhibitors; see coreos/rpm-ostree#2862

We still don't do this...definitely in the nice to have.

@cgwalters
Copy link
Collaborator Author

We're also not using finalization locking here yet. Not fatal, because we're doing an "all-in-one" unit that does everything in one go, so the case of handling out-of-cycle reboots is a bit moot.

@cgwalters cgwalters marked this pull request as ready for review January 17, 2024 13:16
@rhatdan
Copy link
Member

rhatdan commented Jan 17, 2024

/lgtm

@rhatdan rhatdan merged commit d720fdd into containers:main Jan 17, 2024
11 checks passed
@cgwalters cgwalters mentioned this pull request Jan 25, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vrothberg vrothberg vrothberg left review comments

@jlebon jlebon jlebon left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@cgwalters @vrothberg @jlebon @rhatdan