-
Notifications
You must be signed in to change notification settings - Fork 307
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
libostree/deploy: enable composefs by default #3353
Conversation
Haven't tested this yet. |
OK so after looking at this a bit more, this doesn't quite do what I thought. I was planning to use If we don't think we're ready for that, then we might need another config knob to express what we want here. |
I think one thing that helps here is the "with composefs" part. If you're compiling libostree today with composefs enabled, then you're already tracking this tech and possibly using it already. Everyone else will not really be affected. |
Maybe. I think it's probably fine to do that change and release note it heavily, but it is a semantic change.
That said, how does patching the current ostree help at all for this problem? Unless we back port this patch to y-stream branches...but I dunno, that seems like a big task to do. I think we need to investigate instead fixing this up post-deploy pre-reboot via code execution which we're already tracking in other venues (e.g. the discussions of using |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Marking as requested changes just to signal it's reviewed
If we were to try to cherry pick this patch to older releases, it'd definitely also want a6d07b6 for example |
OK cool, I'll test it in earnest. Definitely at least some tests need to be adjusted it seems.
Backporting is not necessary. With this patch, the node eventually converges to composefs enabled. The first upgrade to an image which has this patch will not have composefs. The second upgrade starting from this patch and onward will.
For the OCP/OKD case, we clearly need to eventually be able to just assume that composefs is on to unblock other feature work that rely on it. There's indeed workarounds we could do (though actually with this patch, one workaround is just redeploy the same commit after updating) though we're also close I think to be able to addressing the old bootimages problem which would just solve... so much. At least until then, we can get the hardening benefits of composefs. |
debd2f4
to
9a9eaf7
Compare
maybe
Tweaked the tests and added more colour to the commit message! Still want to sanity-check this in e.g. c9s. |
9a9eaf7
to
7daeaa2
Compare
If I understand correctly, this means that we do not explicitly enable composefs on RHCOS yet but any system that updates using an ostree with this code will start using composefs? |
Hum, I'm just realizing that we might need this for the Atomic Desktops as well and now I don't understand anymore how we could make it work in Fedora CoreOS without this 😕 |
The more I think about this the more I lean towards trying to cleanly split "generate" vs "consume". Today |
Yeah, exactly. RHCOS would ship with
It worked in FCOS because the previous version has new enough libostree. FCOS has periodic barriers. Upgrade tests would've hit this if it weren't covered by one of the existing barriers. It should equally work in the Atomic Desktops given that we require that nodes go through every major at least once.
I'm OK with that. If we do that, then we should also make the deploy logic match the |
Hmm, based on ostree/src/libostree/ostree-sysroot-deploy.c Lines 657 to 658 in 7daeaa2
|
7daeaa2
to
0643544
Compare
Updated! |
But won't this cause the opposite problem where we will just bomb out on upgrades because the new prepare-root won't find a composefs for systems that didn't have it configured on previously? |
I think you're right. So... I think we either have to leave the default on |
Wouldn't my previous suggestion work? |
Gotcha, I had misunderstood your suggestion. Hmm... it's confusing though that we'd still be generating composefs images even if it's been explicitly turned off. I feel like this is quite close to the Another way to look at the |
The composefs libostree integration has been supported for a while now and is actively in use in various ostree/bootc-based systems. Let's turn it on by default. This has no effect if composefs support is not compiled in. Note also that this does not change the default value of the `composefs.enabled` tristate to `true`. The default is still `maybe`, but the deploy API will now also create composefs images for `maybe`. The reason for doing it this way is so that systems upgrading from old libostree versions (which may either not have composefs support or may have composefs-related bugs) will still be able to upgrade and not trip `ostree-prepare-root` in the new deployment (which allows missing composefs images for `maybe`). We may in the future change the default value to `true`. See also: ostreedev#2867
If composefs was explicitly requested (`enabled = true`) but libostree was not compiled with composefs support, error out at deploy time. This matches the logic in `ostree-prepare-root`.
0643544
to
41a7f36
Compare
Updated this now but haven't tested it yet! |
OK yup, can confirm this allows ratcheting from older libostree versions. ✔️
|
/override ci/prow/fcos-e2e |
@cgwalters: Overrode contexts on behalf of cgwalters: ci/prow/fcos-e2e In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
There are issues currently on ppc64le and kernel-64k in el9 that break with composefs. So it's not sufficient to do an architecture check anyway. See: https://issues.redhat.com/browse/RHEL-63985. The upcoming release of libostree will turn on composefs by default, so it's not sufficient to delete `prepare-root.conf`; we need to explicitly turn it off. See: ostreedev/ostree#3353.
As far as I understand, we will have to force disable composefs in Atomic Desktops for F40 & F41 before ostree 2024.10 lands with this change in Fedora:
Which makes me wonder how that will work for the update to Fedora 42 as ostree won't generate the composefs blob until on F42 but the initrd prepare-root config will ask for it :/ |
This will likely impact Fedora IoT & RHEL 4 Edge as well cc @pcdubs |
In conversations here we should start trying to use terms like "generated" vs "runtime enabled" instead of just "enabled" - a root problem here is we're conflating those two things with the single flag right now. Hmmm...you're trying to avoid having composefs runtime-enabled for stable releases just because ostree updated? That makes sense if so. The simplest thing that comes to mind here is we can just unconditionally always generate the composefs blob, even if Then the flag becomes purely about runtime state, which is far easier to reason about. EDIT: If we go that route though, it would mean that people who don't set the composefs configuration would actually switch to be enabled. I think that's probably fine per discussion previously; people who don't want composefs at all for custom OSes can already compile it out, and they can also set the runtime config. |
👍🏻
Yes
Sounds good to me.
👍🏻 |
➡️ #3366 |
In the intermediate time though, I think we should also start telling everyone who doesn't want composefs to explicitly disable it in their base images. Obviously the goal of #3366 is to be compatible, and I think we'll do that, but maybe at some point in the future we do push for it to be on by default. |
Starting with ostree 2024.10, composefs is now enabled by default. Enabling composefs is not ready in F41 so force disable it. See: ostreedev/ostree#3353 See: https://fedoraproject.org/wiki/Changes/ComposefsAtomicDesktops
The composefs libostree integration has been supported for a while now
and is actively in use in various ostree/bootc-based systems. Let's
turn it on by default.
This has no effect if composefs support is not compiled in. Note also
that this does not change the default value of the
composefs.enabled
tristate to
true
. The default is stillmaybe
, but the deploy APIwill now also create composefs images for
maybe
.The reason for doing it this way is so that systems upgrading from
old libostree versions (which may either not have composefs support or
may have composefs-related bugs) will still be able to upgrade and not
trip
ostree-prepare-root
in the new deployment (which allows missingcomposefs images for
maybe
).We may in the future change the default value to
true
.See also: #2867