RpmOstree - Server side composes and atomic upgrades
Summary
The rpm-ostree tool provides a new way to deploy and manage RPM-based operating systems. Instead of performing a package-by-package install and upgrade on each client machine, the tooling supports "composing" sets of packages on a server side, and then clients can perform atomic upgrades as a tree.
The system by default preserves the previously booted deployment, providing an "A/B partition" type feel, allowing quick system rollbacks for the entire OS content (kernel and userspace).
This is a dependency of the Changes/AtomicHost.
Owner
- Name: Colin Walters
- Email: walters@verbum.org
- Product: Fedora All
- Responsible WG: FESCO ?
Current status
- Targeted release: Fedora 22
- Last updated: 2015-01-08
- Tracker bug: None yet
Detailed Description
rpm-ostree is far from the first effort in the field of "image-like" update systems in Fedora. The StatelessLinux project was first prototyped in Fedora Core 6 timeframe. Today, particularly in the cloud, many deployments perform OS upgrades by terminating an instance, and booting a new OS image and having it discover previous state stored in an external volume or network store.
Another model is to perform an atomic upgrade by delivering the OS content via an ISO or USB stick, and simply swapping it out, then rebooting. The oVirt Node is an example of this model.
The most challenging case though is stateful systems that require online/incremental Internet/Intranet connected upgrades. This is the default model for traditional Fedora package managers such as yum. A common approach for this to have an "A/B" partition model, and to use rsync or a custom tool to perform upgrades offline into the non-active partition.
rpm-ostree is attempting to address this last case, but in a more flexible and dynamic fashion. It has some of the flexibility of package systems, with the atomic upgrade and rollback of image-based systems. Furthermore, rpm-ostree intends to bind together the world of packages with an image-like update system. For example, an "rpm-ostree upgrade" command can show the system administrator the package-level diff.
In the future, the intention is for rpm-ostree to further gain package-system like features. See package layering prototype . An active git branch uses libhif.
Benefit to Fedora
A server-side compose mechanism for atomic upgrades can be used by many deployments where Fedora is used.
Scope
- Proposal owners: work on http://projectatomic.io upstream
- Other developers:
- Anaconda: Help maintain rpmostreepayload.py
- Anaconda/Architecture porters: Backends for the OSTree bootloader code, similar to grubby
- RPM content:
- Use systemd-tmpfiles instead of placing content in /var: https://lists.fedoraproject.org/pipermail/devel/2015-January/206462.html
- Change "rootfiles" and "bash" to not require files in /root by default: https://bugzilla.redhat.com/show_bug.cgi?id=1193590
- RPM content:
- Release engineering: None, but will be needed for AtomicHost.
- Policies and guidelines: Potentially create one for the /var changes.
Upgrade/compatibility impact
Existing installations will continue to function as before with the previous system's package manager; this feature is opt-in for new installations. (However, rpm-ostree does support nondestrucive parallel installation inside existing roots)
How To Test
- For client testing, use Anaconda or an Atomic cloud image to install, then "rpm-ostree upgrade" and "rpm-ostree rollback"
- For server testing, use rpm-ostree compose tree to commit a set of RPMs to an OSTree repository.
User Experience
For systems which are deployed using this model, the user experience difference is very large. The traditional package managers such as yum/dnf/PackageKit, if installed, can only operate in a read-only mode.
Dependencies
The rpm-ostree tooling depends on and intends to integrate with other fundamental Fedora components such as Anaconda. It makes use of the new hawkey library which is a component underlying dnf.
Contingency Plan
- Contingency mechanism:
A showstopper in rpm-ostree would block Changes/AtomicHost.
But, all of this is aside from the traditional package system, which continues as before. Anaconda will retain traditional package payload, etc.
There is an intersection between rpm-ostree and dnf - they share hawkey and librepo. Ideally, both projects improve those libraries.
- Contingency deadline:
- Blocks release? Unknown
- Blocks product? Fedora Atomic
Documentation
https://github.com/projectatomic/rpm-ostree