-
Notifications
You must be signed in to change notification settings - Fork 191
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
live updates design #639
Comments
I plan to use this for `rpm-ostree livefs`. coreos/rpm-ostree#639
WIP due to missing tests and docs. But I've been playing with this interactively, and it's at a useful place already. The primary target here is supporting live addition of new packages, while *also* allowing people to do completely arbitrary replacement if that's what they want. Depends: GNOME/libglnx#36 ostreedev/ostree#714 Closes: coreos#639
WIP due to missing tests and docs. But I've been playing with this interactively, and it's at a useful place already. The primary target here is supporting live addition of new packages, while *also* allowing people to do completely arbitrary replacement if that's what they want. Depends: GNOME/libglnx#36 ostreedev/ostree#714 Closes: coreos#639
Now thinking of something like this:
Where Going back to the example case where we have a pending base update with new kernel, NetworkManager, and a security update for The WIP I have for Something to solve as well is - what happens with (and how do we display) the result of multiple livefs applications? |
Nice feature, does it possible to live update current tree ? For example i have booted system with some services running, now i know that my new composed tree have updates to libvirt, docker and other stuff. Kernel can be updated via kpatch (i'm working on automatic building packages with patches for kernel). But software can be updated only via ostree admin unlock and install needed packages..... I want feature that can overlay on current composed tree new tree (optionally reload services to get updates) |
Hi @vtolstov, indeed that's the goal, and what's supported by the initial WIP pull request. |
Ok, i'm happy to test it =) |
WIP due to missing tests and docs. But I've been playing with this interactively, and it's at a useful place already. The primary target here is supporting live addition of new packages, while *also* allowing people to do completely arbitrary replacement if that's what they want. Depends: GNOME/libglnx#36 ostreedev/ostree#714 Closes: coreos#639
I plan to use this for `rpm-ostree livefs`. coreos/rpm-ostree#639
I plan to use this for `rpm-ostree livefs`. coreos/rpm-ostree#639
I plan to use this for `rpm-ostree livefs`. coreos/rpm-ostree#639 Closes: #714 Approved by: jlebon
The case for
|
WIP due to missing tests and docs. But I've been playing with this interactively, and it's at a useful place already. The primary target here is supporting live addition of new packages, while *also* allowing people to do completely arbitrary replacement if that's what they want. Depends: GNOME/libglnx#36 ostreedev/ostree#714 Closes: coreos#639
WIP due to missing tests and docs. But I've been playing with this interactively, and it's at a useful place already. The primary target here is supporting live addition of new packages, while *also* allowing people to do completely arbitrary replacement if that's what they want. Depends: GNOME/libglnx#36 ostreedev/ostree#714 Closes: coreos#639
WIP due to missing tests and docs. But I've been playing with this interactively, and it's at a useful place already. The primary target here is supporting live addition of new packages, while *also* allowing people to do completely arbitrary replacement if that's what they want. Depends: GNOME/libglnx#36 ostreedev/ostree#714 Closes: coreos#639
But I've been playing with this interactively, and it's at a useful place already. The primary target here is supporting live addition of new packages, while *also* allowing people to do completely arbitrary replacement if that's what they want. Depends: GNOME/libglnx#36 ostreedev/ostree#714 Closes: coreos#639
But I've been playing with this interactively, and it's at a useful place already. The primary target here is supporting live addition of new packages, while *also* allowing people to do completely arbitrary replacement if that's what they want. Depends: GNOME/libglnx#36 ostreedev/ostree#714 Closes: coreos#639
But I've been playing with this interactively, and it's at a useful place already. The primary target here is supporting live addition of new packages, while *also* allowing people to do completely arbitrary replacement if that's what they want. Depends: GNOME/libglnx#36 ostreedev/ostree#714 Closes: coreos#639
But I've been playing with this interactively, and it's at a useful place already. The primary target here is supporting live addition of new packages, while *also* allowing people to do completely arbitrary replacement if that's what they want. Depends: GNOME/libglnx#36 ostreedev/ostree#714 Closes: coreos#639
But I've been playing with this interactively, and it's at a useful place already. The primary target here is supporting live addition of new packages, while *also* allowing people to do completely arbitrary replacement if that's what they want. Depends: GNOME/libglnx#36 ostreedev/ostree#714 Closes: coreos#639
But I've been playing with this interactively, and it's at a useful place already. The primary target here is supporting live addition of new packages, while *also* allowing people to do completely arbitrary replacement if that's what they want. Depends: GNOME/libglnx#36 ostreedev/ostree#714 Closes: coreos#639
But I've been playing with this interactively, and it's at a useful place already. The primary target here is supporting live addition of new packages, while *also* allowing people to do completely arbitrary replacement if that's what they want. Depends: GNOME/libglnx#36 ostreedev/ostree#714 Closes: coreos#639
But I've been playing with this interactively, and it's at a useful place already. The primary target here is supporting live addition of new packages, while *also* allowing people to do completely arbitrary replacement if that's what they want. Depends: GNOME/libglnx#36 ostreedev/ostree#714 Closes: coreos#639
IMHO, any install/update to a client system should look at the current version of the tree and the old version of the tree and "live-update" the differences. So say I update openssh server side. When clients get that new tree, rpm-ostree should compare the new tree with the currently running tree and compare the differences (think |
Hi @iamthemuffinman - Yep, the work-in-progress here does something like that indeed. |
@cgwalters Good to hear! Thanks for the update! |
Hmm, could we avoid the "stacking mounts" problem by just modifying the checkout itself, so e.g.:
? Then we don't have to teach cleanup code to avoid the pending deployment.
Heh, right, that's understood. Just like you're still using the older glibc until you reboot.
We should still be able to implement that using the same trick above. For wholesale replace, we checkout
What do you think of the single |
That dir is going to be subject to repo cleanup; even an |
The model of having per-deployment |
Nesting it in the current deployment root makes sense, yeah. Though we should avoid embedding a checksum in the name if we want to support e.g. |
So thinking about this some more, one concern that comes to mind is that only the first One way we could make it atomic all the time would be to use symlinks on the
Then just play the |
The thing is though, unless software goes to the effort of doing e.g. One thing that would be possible but a whole lot of work would be to serialize systemd unit file startup on this, and have it maintain a private bind mount per-service for Which, at that point we've basically gone really far down the path of having a container framework... |
Yeah, that's true, it'd be a lot of work to try to somehow cover those cases. Though I'm more concerned with indeterminately being stuck with a broken |
Should be pretty easy to "roll back" by overmounting the original |
(Side note: going by #1504, it seems like even a regular |
So, remounting on top of the Basically, what I mean is this:
|
I was thinking a bit more recently about the "live" changes stuff coreos/rpm-ostree#639 (particularly since coreos/rpm-ostree#2060 ) and I realized reading the last debates in that issue that there's really a much simpler solution; do exactly the same thing we do for `ostree admin unlock`, except mount it read-only by default. Then, anything that wants to modify it does the same thing libostree does for `/sysroot` and `/boot` as of recently; create a new mount namespace and do the modifications there. The advantages of this are numerous. First, we already have all of the code, it's basically just plumbing through a new entry in the state enumeration and passing `MS_RDONLY` into the `mount()` system call. "live" changes here also naturally don't persist, unlike what we are currently doing in rpm-ostree.
I was thinking a bit more recently about the "live" changes stuff coreos/rpm-ostree#639 (particularly since coreos/rpm-ostree#2060 ) and I realized reading the last debates in that issue that there's really a much simpler solution; do exactly the same thing we do for `ostree admin unlock`, except mount it read-only by default. Then, anything that wants to modify it does the same thing libostree does for `/sysroot` and `/boot` as of recently; create a new mount namespace and do the modifications there. The advantages of this are numerous. First, we already have all of the code, it's basically just plumbing through a new entry in the state enumeration and passing `MS_RDONLY` into the `mount()` system call. "live" changes here also naturally don't persist, unlike what we are currently doing in rpm-ostree.
I was thinking a bit more recently about the "live" changes stuff coreos/rpm-ostree#639 (particularly since coreos/rpm-ostree#2060 ) and I realized reading the last debates in that issue that there's really a much simpler solution; do exactly the same thing we do for `ostree admin unlock`, except mount it read-only by default. Then, anything that wants to modify it does the same thing libostree does for `/sysroot` and `/boot` as of recently; create a new mount namespace and do the modifications there. The advantages of this are numerous. First, we already have all of the code, it's basically just plumbing through a new entry in the state enumeration and passing `MS_RDONLY` into the `mount()` system call. "live" changes here also naturally don't persist, unlike what we are currently doing in rpm-ostree.
I was thinking a bit more recently about the "live" changes stuff coreos/rpm-ostree#639 (particularly since coreos/rpm-ostree#2060 ) and I realized reading the last debates in that issue that there's really a much simpler solution; do exactly the same thing we do for `ostree admin unlock`, except mount it read-only by default. Then, anything that wants to modify it does the same thing libostree does for `/sysroot` and `/boot` as of recently; create a new mount namespace and do the modifications there. The advantages of this are numerous. First, we already have all of the code, it's basically just plumbing through a new entry in the state enumeration and passing `MS_RDONLY` into the `mount()` system call. "live" changes here also naturally don't persist, unlike what we are currently doing in rpm-ostree.
I was thinking a bit more recently about the "live" changes stuff coreos/rpm-ostree#639 (particularly since coreos/rpm-ostree#2060 ) and I realized reading the last debates in that issue that there's really a much simpler solution; do exactly the same thing we do for `ostree admin unlock`, except mount it read-only by default. Then, anything that wants to modify it does the same thing libostree does for `/sysroot` and `/boot` as of recently; create a new mount namespace and do the modifications there. The advantages of this are numerous. First, we already have all of the code, it's basically just plumbing through a new entry in the state enumeration and passing `MS_RDONLY` into the `mount()` system call. "live" changes here also naturally don't persist, unlike what we are currently doing in rpm-ostree.
WIP rewrite of current livefs in #2293 |
A lot of discussions in this ticket, but I think the approach we're going with now was implemented in #2293. Let's do any follow-up design tweaks in a separate ticket based on that. |
Background
Some people may wonder - why does
rpm-ostree install
require a reboot today? The answer is because all of the internal infrastructure is oriented around:Diving into point 2) is interesting here. (Updated 2018-06-14) - Today one can
systemctl enable rpm-ostree-automatic.timer
with auto-updates, or simply scriptrpm-ostree upgrade
as part of a cron job or other automation, and have confidence that it has no impact on the running system.This "offline pull" model can greatly reduce total operational downtime versus a default "live apply" model as implemented by
yum/apt
etc. The reason is that any time one is doing a live update, it's a "sysadmin pagers at the ready" event. Whereas with rpm-ostree's offline capabilities, one can fearlessly set up a systemd timer/cron job to do pulls in the background, and only take a single reboot to have everything ready.Of course, one can with some effort script
yum/apt
into just downloading the packages into/var/cache
, but you still have downtime and potential instability when they're being applied.Use cases
New package installs:
Security updates - take just the updated openssl from the new update, and apply it live:
We can obviously generalize this to support more than one package:
Let's think a little bit about what
rpm-ostree status
should show. There are some prior musings in #118And maybe
LiveUpdates: all
? This type of stuff is really going to want a smarter status display (something diff-based like I mused on a bit #295 ?)What happens if one does e.g.
rpm-ostree upgrade
again before rebooting? Or for that matterrpm-ostree cleanup -p
?Also, do we use transient overlays like
ostree admin unlock
, or do we push a rollback, then mutate in place?The text was updated successfully, but these errors were encountered: