From Fedora Project Wiki
< Changes
mNo edit summary |
Jbtrystram (talk | contribs) (CoreOS to receive updates from quay.io/fedora/fedora-coreos instead of the Fedora OSTree repository.) |
||
| Line 2: | Line 2: | ||
{{Change_Proposal_Banner}} | {{Change_Proposal_Banner}} | ||
== Summary == | |||
Change Fedora CoreOS to receive updates from quay.io/fedora/fedora-coreos instead of the Fedora OSTree repository. | |||
== Owner == | |||
* Name/Email: [[jbtrystram | Jean-Baptiste Trystram]], jbtrystram@redhat.com | |||
* Name/Email: [[User:Siosm| Timothée Ravier]], siosm@fedoraproject.org | |||
* Name/Email: [[jlebon|Jonathan Lebon]], jonathan@jlebon.com | |||
* Name/Email: [[User:Dustymabe|Dusty Mabe]], dusty@dustymabe.com | |||
== Current status == | |||
[[Category:ChangePageIncomplete]] | [[Category:ChangePageIncomplete]] | ||
<!-- When your change proposal page is completed and ready for review and announcement --> | |||
<!-- remove Category:ChangePageIncomplete and change it to Category:ChangeReadyForWrangler --> | |||
<!-- The Wrangler announces the Change to the devel-announce list and changes the category to Category:ChangeAnnounced (no action required) --> | |||
<!-- After review, the Wrangler will move your page to Category:ChangeReadyForFesco... if it still needs more work it will move back to Category:ChangePageIncomplete--> | |||
[[Category:SelfContainedChange]] | [[Category:SelfContainedChange]] | ||
* Targeted release: [https://docs.fedoraproject.org/en-US/releases/f42/ Fedora Linux 42] | |||
* Last updated: <!-- this is an automatic macro — you don't need to change this line --> {{REVISIONYEAR}}-{{REVISIONMONTH}}-{{REVISIONDAY2}} | |||
<!-- After the change proposal is accepted by FESCo, tracking bug is created in Bugzilla and linked to this page | |||
Bugzilla state meanings: | |||
ASSIGNED -> accepted by FESCo with ongoing development | |||
MODIFIED -> change is substantially done and testable | |||
ON_QA -> change is fully code complete | |||
--> | |||
* [<link to devel-announce post will be added by Wrangler> Announced] | |||
* [<will be assigned by the Wrangler> Discussion thread] | |||
* FESCo issue: <will be assigned by the Wrangler> | |||
* Tracker bug: <will be assigned by the Wrangler> | |||
* Release notes tracker: <will be assigned by the Wrangler> | |||
== Detailed Description == | |||
Currently, Fedora CoreOS hosts pull updates from the OSTree repository. With this change, the hosts will pull updates from the Quay.io container registry instead. At first, this should be a transparent change. We will notably keep using rpm-ostree for updates (and not yet bootc). | |||
This is preliminary work to switching to bootc to manage the system and will enable us to deliver the following changes in the future: | |||
* Moving from rpm-ostree to bootc, which only supports OCI. | |||
* Better support for mirroring updates in disconnected setups. | |||
* Moving away from maintaining a Cincinnati server towards having the graph live in an OCI registry alongside the update payload. This also allows users to maintain their own update graphs. | |||
* Users will be able to create their own customized versions of Fedora CoreOS by building a derived container image. | |||
== Feedback == | |||
None yet. | |||
== Benefit to Fedora == | |||
Alignment with the work happening in the [https://https://docs.fedoraproject.org/en-US/bootc/getting-started/#_what_is_a_bootable_container Bootable Containers] initiative. | |||
== Scope == | |||
* Proposal owners: | |||
** Publish an upgrade graph containing the digest pullspec for each FCOS release. This mirrors the current update graph containing the same information, but pointing at OSTree commit checksums. | |||
** Change new nodes on `next` to use OCI from the start. | |||
** After a number of FCOS releases, ship a migration script to switch existing `next` nodes to use OCI. | |||
** Repeat the last two steps for `testing`, and then `stable`. | |||
** Down the line, stop publishing new OSTree commits to the OSTree repo. This will not happen until at least f43. | |||
* Other developers: N/A (not needed for this Change) | |||
* Release engineering: N/A (not needed for this Change) | |||
* Policies and guidelines: N/A (not needed for this Change) | |||
* Trademark approval: N/A (not needed for this Change) | |||
* Alignment with the Fedora Strategy: | |||
** Part of the work to align with Bootable Containers | |||
== Upgrade/compatibility impact == | |||
We will issue a barrier release to migrate users to switch to OCI images. | |||
== Early Testing (Optional) == | |||
<!-- This is an optional step for system-wide changes to avail of. If you would like to build an initial proof of concept of your change and have a member of Fedora QA help you write and/or run some initial basic tests on your code, please email tests@fedoraproject.org and include the link to your change proposal. This step is *optional*. --> | |||
Do you require 'QA Blueprint' support? Y/N <!-- Optional Step for System-Wide Changes only --> | |||
== How To Test == | |||
Once the changes are ready, they will be enabled for the *next* stream. | |||
<!-- This does not need to be a full-fledged document. Describe the dimensions of tests that this change implementation is expected to pass when it is done. This can be based off of the above section if early testing has been completed. If it needs to be tested with different hardware or software configurations, indicate them. The more specific you can be, the better the community testing can be. | |||
Remember that you are writing this how to for interested testers to use to check out your change implementation - documenting what you do for testing is OK, but it's much better to document what *I* can do to test your change. | |||
A good "how to test" should answer these four questions: | |||
0. What special hardware / data / etc. is needed (if any)? | |||
1. How do I prepare my system to test this change? What packages | |||
need to be installed, config files edited, etc.? | |||
2. What specific actions do I perform to check that the change is | |||
working like it's supposed to? | |||
3. What are the expected results of those actions? | |||
--> | |||
<!-- REQUIRED FOR SYSTEM WIDE CHANGES --> | |||
== User Experience == | |||
<!-- If this change proposal is noticeable by users, how will their experiences change as a result? | |||
This section partially overlaps with the Benefit to Fedora section above. This section should be primarily about the User Experience, written in a way that does not assume deep technical knowledge. More detailed technical description should be left for the Benefit to Fedora section. | |||
Describe what Users will see or notice, for example: | |||
- Packages are compressed more efficiently, making downloads and upgrades faster by 10%. | |||
- Kerberos tickets can be renewed automatically. Users will now have to authenticate less and become more productive. Credential management improvements mean a user can start their work day with a single sign on and not have to pause for reauthentication during their entire day. | |||
- Libreoffice is one of the most commonly installed applications on Fedora and it is now available by default to help users "hit the ground running". | |||
- Green has been scientifically proven to be the most relaxing color. The move to a default background color of green with green text will result in Fedora users being the most relaxed users of any operating system. | |||
--> | |||
This change won't be visible to users running auto-updates, except cosmetic changes in `rpm-ostree status` output. | |||
== Dependencies == | |||
<!-- What other packages (RPMs) depend on this package? Are there changes outside the developers' control on which completion of this change depends? In other words, completion of another change owned by someone else and might cause you to not be able to finish on time or that you would need to coordinate? Other upstream projects like the kernel (if this is not a kernel change)? --> | |||
<!-- REQUIRED FOR SYSTEM WIDE CHANGES --> | |||
N/A. We (the coreOS Team) own the zincati package that needs to be updated. | |||
== Contingency Plan == | |||
<!-- If you cannot complete your feature by the final development freeze, what is the backup plan? This might be as simple as "Revert the shipped configuration". Or it might not (e.g. rebuilding a number of dependent packages). If you feature is not completed in time we want to assure others that other parts of Fedora will not be in jeopardy. --> | |||
Revert the change to switch back to the OSTree repo. Both will be active until the Fedora 43 release. | |||
== Documentation == | |||
<!-- Is there upstream documentation on this change, or notes you have written yourself? Link to that material here so other interested developers can get involved. --> | |||
https://github.com/coreos/fedora-coreos-tracker/issues/1823 | |||
== Release Notes == | |||
<!-- The Fedora Release Notes inform end-users about what is new in the release. Examples of past release notes are at https://docs.fedoraproject.org/en-US/fedora/latest/release-notes/ --> | |||
<!-- The release notes also help users know how to deal with platform changes such as ABIs/APIs, configuration or data file formats, or upgrade concerns. If there are any such changes involved in this change, indicate them here. A link to upstream documentation will often satisfy this need. This information forms the basis of the release notes edited by the documentation team and shipped with the release. | |||
Release Notes are not required for initial draft of the Change Proposal but has to be completed by the Change Freeze. | |||
--> | |||
Revision as of 15:10, 14 January 2025
Move Fedora CoreOS updates from OSTree to OCI
This is a proposed Change for Fedora Linux.
This document represents a proposed Change. As part of the Changes process, proposals are publicly announced in order to receive community feedback. This proposal will only be implemented if approved by the Fedora Engineering Steering Committee.
This document represents a proposed Change. As part of the Changes process, proposals are publicly announced in order to receive community feedback. This proposal will only be implemented if approved by the Fedora Engineering Steering Committee.
Summary
Change Fedora CoreOS to receive updates from quay.io/fedora/fedora-coreos instead of the Fedora OSTree repository.
Owner
- Name/Email: Jean-Baptiste Trystram, jbtrystram@redhat.com
- Name/Email: Timothée Ravier, siosm@fedoraproject.org
- Name/Email: Jonathan Lebon, jonathan@jlebon.com
- Name/Email: Dusty Mabe, dusty@dustymabe.com
Current status
- Targeted release: Fedora Linux 42
- Last updated: 2025-01-14
- [<link to devel-announce post will be added by Wrangler> Announced]
- [<will be assigned by the Wrangler> Discussion thread]
- FESCo issue: <will be assigned by the Wrangler>
- Tracker bug: <will be assigned by the Wrangler>
- Release notes tracker: <will be assigned by the Wrangler>
Detailed Description
Currently, Fedora CoreOS hosts pull updates from the OSTree repository. With this change, the hosts will pull updates from the Quay.io container registry instead. At first, this should be a transparent change. We will notably keep using rpm-ostree for updates (and not yet bootc).
This is preliminary work to switching to bootc to manage the system and will enable us to deliver the following changes in the future:
- Moving from rpm-ostree to bootc, which only supports OCI.
- Better support for mirroring updates in disconnected setups.
- Moving away from maintaining a Cincinnati server towards having the graph live in an OCI registry alongside the update payload. This also allows users to maintain their own update graphs.
- Users will be able to create their own customized versions of Fedora CoreOS by building a derived container image.
Feedback
None yet.
Benefit to Fedora
Alignment with the work happening in the Bootable Containers initiative.
Scope
- Proposal owners:
- Publish an upgrade graph containing the digest pullspec for each FCOS release. This mirrors the current update graph containing the same information, but pointing at OSTree commit checksums.
- Change new nodes on
nextto use OCI from the start. - After a number of FCOS releases, ship a migration script to switch existing
nextnodes to use OCI. - Repeat the last two steps for
testing, and thenstable. - Down the line, stop publishing new OSTree commits to the OSTree repo. This will not happen until at least f43.
- Other developers: N/A (not needed for this Change)
- Release engineering: N/A (not needed for this Change)
- Policies and guidelines: N/A (not needed for this Change)
- Trademark approval: N/A (not needed for this Change)
- Alignment with the Fedora Strategy:
- Part of the work to align with Bootable Containers
Upgrade/compatibility impact
We will issue a barrier release to migrate users to switch to OCI images.
Early Testing (Optional)
Do you require 'QA Blueprint' support? Y/N
How To Test
Once the changes are ready, they will be enabled for the *next* stream.
User Experience
This change won't be visible to users running auto-updates, except cosmetic changes in rpm-ostree status output.
Dependencies
N/A. We (the coreOS Team) own the zincati package that needs to be updated.
Contingency Plan
Revert the change to switch back to the OSTree repo. Both will be active until the Fedora 43 release.
Documentation
https://github.com/coreos/fedora-coreos-tracker/issues/1823