This repository has been archived by the owner on Nov 7, 2024. It is now read-only.
container: Cache new manifest/config in prepare, add API to query #537
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Closes: ostreedev#496 In coreos/rpm-ostree#4486 we were working on fixing `rpm-ostree upgrade --check` with containers. However, what we really want here is to *persist* the updated manifest (and config) that we fetch. And if we do that, we might as well just make it part of the current `prepare()` API so it happens automatically. In this change, we do so via detached commit metadata. An important thing here is that the data is then automatically lifecycle bound to the merge commit - and the merge commit always changes when we fetch a new manifest. Then, add this "cached update" metadata to the existing structure which has image state so it can be conveniently queried *without* re-fetching. Hence a flow like this should work: - OS boots - OS updater does a background "check for updates" via calling `prepare()` - OS updater finds an update, and renders metadata to the user or orchestration system - <time passes; OS update is not downloaded - e.g. user is on metered data or whatever> - system reboots for other reasons - OS updater can re-render the fact that a queued update was found *without* touching the network There's one notable piece that is missing to do conveniently: - User can initiate a full fetch (e.g. including image layers) targeting *exactly* the previously prepared fetch. This makes things much more race-free; if the image was GC'd in the meantime we correctly fail. But it can be done manually by e.g. using a digested pull spec temporarily.
cgwalters
force-pushed
the
fetch-updated-manifest
branch
from
2424df7
to
662aca0
Compare
|
OK, I think this is probably good...still doing some further testing with rpm-ostree but I think I'm narrowing in on the last mile of bugs there. |
|
Thinking about this a bit more, two potential issues:
|
|
Why not being able to check for updates from a read-only repo is an issue? |
|
The "read only repo" case happens to day on e.g. the FCOS Live ISO. You can do OK well, this doesn't work today (try with e.g. And so this won't be a regression. |
|
As for "We don't offer a direct API to clear cached updates..." |
jmarrero
approved these changes
Sep 17, 2023
|
Yeah, one can use the low level ostree API to clear detached metadata entirely at least. |
cgwalters
added a commit
to cgwalters/bootc
that referenced
this pull request
Jan 2, 2024
In ostreedev/ostree-rs-ext#537 we added a facility to cache metadata (manifest+config) for container image updates with an eye for use in rpm-ostree. The `bootc update --check` code here in bootc was also updated to use it; but we didn't really expose it back in the status. This closes the gap, just bridging the cached update metadata into status. We want to do this as opposed to having `bootc update --check` grow its own API for example. Signed-off-by: Colin Walters <[email protected]>
cgwalters
added a commit
to cgwalters/bootc
that referenced
this pull request
Jan 2, 2024
In ostreedev/ostree-rs-ext#537 we added a facility to cache metadata (manifest+config) for container image updates with an eye for use in rpm-ostree. The `bootc update --check` code here in bootc was also updated to use it; but we didn't really expose it back in the status. This closes the gap, just bridging the cached update metadata into status. We want to do this as opposed to having `bootc update --check` grow its own API for example. Closes: containers#247 Signed-off-by: Colin Walters <[email protected]>
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Closes: #496
In coreos/rpm-ostree#4486 we were working on fixing
rpm-ostree upgrade --checkwith containers.However, what we really want here is to persist the updated manifest (and config) that we fetch. And if we do that, we might as well just make it part of the current
prepare()API so it happens automatically.In this change, we do so via detached commit metadata. An important thing here is that the data is then automatically lifecycle bound to the merge commit - and the merge commit always changes when we fetch a new manifest.
In order to do an offline query (e.g. in rpm-ostree we want to re-synthesize a higher level summary of the queued update) add an API which allows querying a previously saved cached update.
Hence a flow like this should work:
prepare()