Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Merge bootc branch to master #2180

Open
wants to merge 8 commits into
base: master
Choose a base branch
from
Open

Merge bootc branch to master #2180

wants to merge 8 commits into from

Conversation

evan-goode
Copy link
Member

@evan-goode evan-goode commented Dec 13, 2024
edited
Loading

This PR, along with rpm-software-management/libdnf#1683, merges support for the --transient flag and the persistence=auto|persist|transient configuration option for https://issues.redhat.com/browse/RHEL-70917. See also #2155.

Also included are some build files for Copr that may be useful for future feature branches similar to bootc.

Merging this PR doesn't mean that work on the --transient feature is 100% done, just that we're confident enough we're not going to totally scrap it and we want to continue its development on the master branch.

dcantrell and others added 3 commits November 14, 2024 13:34
@dcantrell
copr: Add Copr build files
877a8f2 
Support automatic builds on git commits.  Used to generate up to date
RPMs of dnf for testing and development purposes.
@dcantrell
copr: Small Copr build file improvements
6bbe920 
Text alignment and formatting in the spec file.
@evan-goode
Add support for --transient
0e71e95 
Adds support for the --transient option on all transactions. Passing
--transient on a bootc system will call `bootc usr-overlay` to create a
transient writeable /usr and continue the transaction.

Specifying --transient on a non-bootc system will throw an error; we
don't want to mislead users to thinking this feature works on non-bootc
systems.

If --transient is not specified and the bootc system is in a locked
state, the operation will be aborted and a message will be printed
suggesting to try again with --transient.
@evan-goode evan-goode mentioned this pull request Dec 13, 2024
Merged
@evan-goode
Copy link
Member Author

#2186 should be merged first.

evan-goode added a commit to evan-goode/ci-dnf-stack that referenced this pull request Jan 15, 2025
@evan-goode
Add test for --transient and persistence option
2ef92af 
The --transient flag only works on a bootc system, but we should test
that it throws the correct error and doesn't do anything unexpected on
non-bootc systems.

Requires rpm-software-management/dnf#2180 and
rpm-software-management/libdnf#1683.
@evan-goode evan-goode mentioned this pull request Jan 15, 2025
Merged
evan-goode added a commit to rpm-software-management/ci-dnf-stack that referenced this pull request Jan 15, 2025
@evan-goode
Add test for --transient and persistence option
70c9b73 
The --transient flag only works on a bootc system, but we should test
that it throws the correct error and doesn't do anything unexpected on
non-bootc systems.

Requires rpm-software-management/dnf#2180 and
rpm-software-management/libdnf#1683.
@evan-goode
bootc: Document --transient and persistence
77696a9 
Documents the new `--transient` command-line argument and `persistence`
configuration option. I tried to use a table for listing the valid
options for `persistence`, but RST does not automatically wrap table
cells containing long lines, so a list was much easier.
@evan-goode evan-goode marked this pull request as ready for review January 15, 2025 18:50
@evan-goode evan-goode mentioned this pull request Jan 15, 2025
Open
@evan-goode @ppisar
doc: Note transient transactions will appear in history
742f1cd
@evan-goode
bootc: Use ostree GObject API to get deployment status
337795f 
Using libostree gives us more detail about the current state of the
deployment than only checking whether /usr is writable.
@evan-goode
bootc: "Re-locking": use ostree admin unlock --transient
4304f2b 
To keep /usr read-only after DNF is finished with a transient
transaction, we call `ostree admin unlock --transient` to mount the /usr
overlay as read-only by default. Then, we create a private mount
namespace for DNF and its child processes and remount the /usr overlayfs
as read/write in the private mountns.

os.unshare is unfortunately only available in Python >= 3.12, so we have
to call libc.unshare via Python ctypes here and hardcode the CLONE_NEWNS
flag that we need to pass.
@evan-goode
Copy link
Member Author

For testing this, you'll need to do the following broad steps:

  1. Write a Containerfile. For example:
# Containerfile
FROM quay.io/centos-bootc/centos-bootc:stream9

RUN echo 'root:password' | chpasswd

# Use the dnf-bootc Copr built from the bootc branches, or alternatively you could COPY your own RPMs into the container
RUN dnf -y install dnf-plugins-core && \
	dnf -y copr enable dcantrell/dnf-bootc && \
	dnf -y upgrade && \
	dnf -y distro-sync --repo copr:copr.fedorainfracloud.org:dcantrell:dnf-bootc
  1. Build a container from the Containerfile using podman
  2. Build a qcow2 image from the container using podman-bootc or bootc-image-builder
  3. Boot the qcow2 image in a VM using standalone QEMU, libvirt, or podman-bootc

podman-bootc is the recommended way to do all this, but from my experience it can be a little unreliable. I personally use these scripts based on bootc-image-builder and virt-install.

@evan-goode
spec: Add dnf-bootc subpackage
960b2f4 
dnf-bootc's only job is to Require python3-gobject-base and ostree-libs,
which are needed to check the unlock status on bootc systems. We don't
want to add these dependencies on `python3-dnf` because we don't want
them on non-bootc systems, so we use a subpackage.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@evan-goode @dcantrell