keremet/rpm-ostree
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
fe0f268bcc
rpm-ostree/man/rpm-ostree.xml
Colin Walters 63af4bbdda bin/compose: Expose phases as [install, postprocess, commit] cmds 
Right now `rpm-ostree compose tree` is very prescriptive about how things work.
Trying to add anything that isn't an RPM is absolutely fighting the system. Our
postprocessing system *enforces* no network access (good for reproducibilty, but
still prescriptive).

There's really a logical split between three phases:

 - install: "build a rootfs that installs packages"
 - postprocess: "run magical ostree postprocessing like kernel"
 - commit: "commit result to ostree"

So there are two high level flows I'd like to enable here. First is to allow
people to do *arbitrary* postprocessing between `install` and `commit`. For
example, run Ansible and change `/etc`. This path basically is like what we have
today with `postprocess-script.sh`, except the builder can do anything they want
with network access enabled.

Going much farther, this helps us support a "build with Dockerfile" style flow.
We can then provide tooling to extract the container image, and combine
`postprocess` and `commit`.

Or completely the other way - if for example someone wants to use `rpm-ostree
compose install`, they could tar up the result as a Docker/OCI image. That's now
easier; an advantage of this flow over e.g. `yum --installroot` is the "change
detection" code we have.

Related issues/PRs:

 - https://github.com/projectatomic/rpm-ostree/pull/96
 - https://github.com/projectatomic/rpm-ostree/issues/471

One disadvantage of this approach right now is that if one *does* go for
the split approach, we lose the "input hash" metadata for example.  And
down the line, I'd like to add even more metadata, like the input rpm repos,
which could also be rendered on the client side.

But, I think we can address that later by e.g. caching the metadata in a file in
the install root and picking it back up or something.

Closes: #1039
Approved by: jlebon
2017-10-25 17:43:09 +00:00

526 lines
18 KiB
XML
Raw Blame History

<?xml version='1.0'?> <!--*-nxml-*-->
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
<!--
Copyright 2011,2013,2014 Colin Walters <walters@verbum.org>
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2 of the License, or (at your option) any later version.
This library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with this library; if not, write to the
Free Software Foundation, Inc., 59 Temple Place - Suite 330,
Boston, MA 02111-1307, USA.
-->
<refentry id="rpm-ostree">
<refentryinfo>
<title>rpm-ostree</title>
<productname>rpm-ostree</productname>
<authorgroup>
<author>
<contrib>Developer</contrib>
<firstname>Colin</firstname>
<surname>Walters</surname>
<email>walters@redhat.com</email>
</author>
</authorgroup>
</refentryinfo>
<refmeta>
<refentrytitle>rpm-ostree</refentrytitle>
<manvolnum>1</manvolnum>
</refmeta>
<refnamediv>
<refname>rpm-ostree</refname>
<refpurpose>
Operating system upgrade and software management tool
</refpurpose>
</refnamediv>
<refsynopsisdiv>
<cmdsynopsis>
<command>rpm-ostree</command>
<arg choice="req">COMMAND</arg>
<arg choice="opt" rep="repeat">OPTIONS</arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1>
<title>Description</title>
<para>
rpm-ostree (also called "atomic" if configured) is a system
software management tool that combines features of both
traditional RPM and OSTree. It has support for both server-side
composing of trees, as well as client-side upgrading and
management of deployments.
</para>
<para>
On an rpm-ostree managed system, the traditional
<literal>yum</literal> (if installed) and <literal>rpm</literal>
tools operate in a read-only state; the RPM database is stored
in <literal>/usr/share/rpm</literal> which is underneath a
read-only bind mount.
</para>
<para>
Instead of live package-by-package upgrades, the underlying
OSTree layer replicates a complete filesystem tree from a
compose server into a new deployment, available on the next
reboot. One benefit of this is that there will always be a
previous deployment, available for rollback.
</para>
<para>
Note in this "pure replication" model, at present there is no
dependency resolution on the client machines, nor any ability to
add or remove packages. You may however use /usr/local/bin, or
an application mechanism such as
<citerefentry>
<refentrytitle>docker</refentrytitle>
<manvolnum>1</manvolnum>
</citerefentry>.
</para>
</refsect1>
<refsect1>
<title>Commands</title>
<variablelist>
<varlistentry>
<term><command>compose</command></term>
<listitem>
<para>
Entrypoint for tree composition; most typically used on servers to
prepare trees for replication by client systems. The
<literal>tree</literal> subcommand processes a treefile, installs
packages, and commits the result to an OSTree repository. There are
also split commands <literal>install</literal>,
<literal>postprocess</literal>, and <literal>commit</literal>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>db</command></term>
<listitem>
<para>
Gives information pertaining to <literal>rpm</literal> data
within the file system trees within the ostree commits.
There are three sub-commands:
</para>
<para>
<command>diff</command> to see how the packages are
different between the trees in two commits. The
<option>--format=diff</option> option uses
<literal>-</literal> for removed packages,
<literal>+</literal> for added packages, and finally
<literal>!</literal> for the old version of an updated
package, with a following <literal>=</literal> for the new
version.
</para>
<para>
<command>list</command> to see which packages are within the
commit(s) (works like yum list). At least one commit must be
specified, but more than one or a range will also work.
</para>
<para>
<command>version</command> to see the rpmdb version of the
packages within the commit (works like yum version
nogroups). At least one commit must be specified, but more
than one or a range will also work.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>deploy</command></term>
<listitem>
<para>
Takes version, branch, or commit ID as an argument, and
creates a new deployment using it, setting it up as the
default for the next boot. Unlike most other commands, this
will automatically fetch and traverse the origin history to
find the target. By design, this has no effect on your
running filesystem tree. You must reboot for any changes to
take effect.
</para>
<para>
In addition to exit status 0 for success and 1 for error,
this command also uses exit status 77 to indicate that the
system is already on the specified commit. This tristate
return model is intended to support idempotency-oriented
systems automation tools like Ansible.
</para>
<para>
<command>--reboot</command> or <command>-r</command> to
initiate a reboot after the upgrade is prepared.
</para>
<para>
<command>--preview</command> download enough metadata to
inspect the RPM diff, but do not actually create a new
deployment.
</para>
<para>
<option>--cache-only</option> or <command>-C</command> to
perform the operation without trying to download the target
tree from the remote nor the latest packages.
</para>
<para>
<option>--download-only</option> to only download the target
ostree and layered RPMs without actually performing the
deployment. This can be used with a subsequent
<option>--cache-only</option> invocation to perform the
operation completely offline.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>install (pkg-add)</command></term>
<listitem>
<para>
Takes one or more packages as arguments. The packages are
fetched from the enabled repositories in
<filename>/etc/yum.repos.d/</filename> and are overlayed on
top of a new deployment.
</para>
<para>
<command>--reboot</command> or <command>-r</command> to
initiate a reboot after the deployment is prepared.
</para>
<para>
<command>--dry-run</command> or <command>-n</command> to
exit after printing the transaction rather than downloading
the packages and creating a new deployment.
</para>
<para>
<option>--cache-only</option> or <command>-C</command> to
perform the operation without trying to download the latest
packages.
</para>
<para>
<option>--download-only</option> to only download the target
layered RPMs without actually performing the deployment.
This can be used with a subsequent
<option>--cache-only</option> invocation to perform the
operation completely offline.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>uninstall (pkg-remove)</command></term>
<listitem>
<para>
Takes one or more packages as arguments. The packages are
removed from the set of packages that are currently
overlayed. The remaining packages in the set (if any) are
fetched from the enabled repositories in
<filename>/etc/yum.repos.d/</filename> and are overlayed on
top of a new deployment.
</para>
<para>
<command>--reboot</command> or <command>-r</command> to
initiate a reboot after the deployment is prepared.
</para>
<para>
<command>--dry-run</command> or <command>-n</command> to
exit after printing the transaction rather than downloading
the packages and creating a new deployment.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>rebase</command></term>
<listitem>
<para>
Switch to a different branch (possibly using a new remote),
while preserving all of the state that <command>upgrade</command>
does, such as <literal>/etc</literal> changes, any layered RPM
packages, etc.
</para>
<para>
The full syntax is <literal>rebase REMOTENAME:BRANCHNAME</literal>.
Alternatively, you can use the <command>--branch</command> or
<command>--remote</command> options mentioned below. With the
argument syntax, specifying just <literal>BRANCHNAME</literal> will
reuse the same remote. You may also omit one of
<literal>REMOTENAME</literal> or <literal>BRANCHNAME</literal>
(keeping the colon). In the former case, the branch refers to a
local branch; in the latter case, the same branch will be used on a
different remote.
</para>
<para>
<command>--branch</command> or <command>-b</command> to
to pick a branch name.
</para>
<para>
<command>--remote</command> or <command>-m</command> to
to pick a remote name.
</para>
<para>
<option>--cache-only</option> or <command>-C</command> to
perform the rebase without trying to download the target
tree from the remote nor the latest packages.
</para>
<para>
<option>--download-only</option> to only download the target
ostree and layered RPMs without actually performing the
deployment. This can be used with a subsequent
<option>--cache-only</option> invocation to perform the
operation completely offline.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>rollback</command></term>
<listitem>
<para>
OSTree manages an ordered list of bootloader entries, called
"deployments". The entry at index 0 is the default
bootloader entry. Each entry has a separate
<filename>/etc</filename>, but they all share a single
<filename>/var</filename>. You can use the bootloader to
choose between entries by pressing Tab to interrupt
startup.
</para>
<para>
This command then changes the default bootloader entry. If
the current default is booted, then set the default to the
previous entry. Otherwise, make the currently booted tree
the default.
</para>
<para>
<command>--reboot</command> or <command>-r</command> to
initiate a reboot after rollback is prepared.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>status</command></term>
<listitem>
<para>
Gives information pertaining to the current deployment in
use. Lists the names and refspecs of all possible
deployments in order, such that the first deployment in the
list is the default upon boot. The deployment marked with *
is the current booted deployment, and marking with 'r'
indicates the most recent upgrade (the newest deployment
version).
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>upgrade</command></term>
<listitem>
<para>
Download the latest version of the current tree, and deploy
it, setting it up as the default for the next boot. By
design, this has no effect on your running filesystem tree.
You must reboot for any changes to take effect.
</para>
<para>
In addition to exit status 0 for success and 1 for error,
this command also uses exit status 77 to indicate that no
upgrade is available.
</para>
<para>
<command>--reboot</command> or <command>-r</command> to
initiate a reboot after upgrade is prepared.
</para>
<para>
<command>--allow-downgrade</command> to permit deployment of
chronologically older trees.
</para>
<para>
<option>--preview</option> to download only /usr/share/rpm
in order to do a package-level diff between the two
versions.
</para>
<para>
<option>--check</option> to just check if an upgrade is
available, without downloading it or performing a
package-level diff.
</para>
<para>
<option>--cache-only</option> or <command>-C</command> to
perform the upgrade without trying to download the latest
tree from the remote nor the latest packages.
</para>
<para>
<option>--download-only</option> to only download the target
ostree and layered RPMs without actually performing the
deployment. This can be used with a subsequent
<option>--cache-only</option> invocation to perform the
operation completely offline.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>refresh-md</command></term>
<listitem>
<para>
Download the latest rpm repo metadata if necessary and generate the
cache.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>cleanup</command></term>
<listitem>
<para>
Commands such as <command>upgrade</command> create new deployments,
which affect the next boot, and take up additional storage space. In
some cases, you may want to undo and clean up these operations. This
command supports both removing additional deployments such as the
"pending" deployment (the next boot) as well as the default rollback
deployment. Use <option>-p/--pending</option> to remove the pending
deployment, and <option>-r/--rollback</option> to remove the
rollback.
</para>
<para>
The <option>-b/--base</option> option does not affect finished
deployments, but will clean up any transient allocated space that
may result from interrupted operations. If you want to free up disk
space safely, use this option first.
</para>
<para>
The <option>-m/--repomd</option> option cleans up cached RPM
repodata and any partially downloaded (but not imported) packages.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>reload</command></term>
<listitem>
<para>
Some configuration and state data such as
<literal>/etc/ostree/remotes.d</literal> changes may not be
reflected until a daemon reload is invoked. Use this command to
initiate a reload.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>initramfs</command></term>
<listitem>
<para>
By default, the primary use case mode for rpm-ostree is to replicate
an initramfs as part of a base layer. However, some use cases
require locally regenerating it to add configuration or drivers. Use
<command>rpm-ostree initramfs</command> to inspect the current
status.
</para>
<para>
Use <command>--enable</command> to turn on client side initramfs
regeneration. A new deployment will be generated, and after reboot,
further upgrades will continue regenerating. You must reboot for the
new initramfs to take effect.
</para>
<para>
To append additional custom arguments to the initramfs program
(currently dracut), use <command>--arg</command>. For example,
<command>--arg=-I --arg=/etc/someconfigfile</command>.
</para>
<para>
The <command>--disable</command> option will disable
regeneration. You must reboot for the change to take effect.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>ex</command></term>
<listitem>
<para>
This command offers access to experimental features; command line
stability is not guaranteed. The available subcommands will be listed
by invoking <command>rpm-ostree ex</command>. For example, there is
<command>rpm-ostree ex livefs</command> which is an experimental
interface for applying changes to the booted deployment.
</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1>
<title>See Also</title>
<para>
<citerefentry><refentrytitle>ostree</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
<citerefentry><refentrytitle>rpm</refentrytitle><manvolnum>8</manvolnum></citerefentry>
</para>
</refsect1>
</refentry>
Reference in New Issue View Git Blame Copy Permalink