Re: upgrades in a container

On Fri, Oct 21, 2016, at 04:08 PM, Chris Murphy wrote:

Question as it relates to rpm-ostree: does it make any sense to have
ostree upgrades done in an nspawn container? Does it improve the
chances of a successful upgrade?

It's really important to understand that when using ostree replication,
of which rpm-ostree is one variant, there is *absolutely no code*
executed on the client system - all of the %posts and the like
have been run on the server.

There's literally no code to run in a container.  This aspect of
ostree is what makes it "image-like", even though it operates
on the filesystem level.

However of course, on the *next* boot, daemons may perform
data migrations that on a traditional (apt-get/yum/etc) type system
might have been performed in a %post.

That's all the ostree layer.  Now, when using `rpm-ostree install`,
we *do* execute %posts on the client side, and rpm-ostree has
already integrated bubblewrap[1] - every single script runs
in a container *every time*, unlike yum/rpm.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]