Re: Adapting linux distro to use ostree

[Dan Nicholson <dbn endlessos org>]

On Tue, Sep 22, 2020 at 8:02 AM Bruno Rogerio Fernandes via
ostree-list <ostree-list gnome org> wrote:
> Hello
> First of all thank you for this amazing software, I've just discovered it (better late than never).
> Also, if this mailing list is not the right place for this, I'm sorry.
>
> So, I manage some computer labs and some servers at a University. What I'm trying to accomplish is to 
> create a central installation of a linux distro, probably Arch, and once is convenient and I have stable 
> updates I want to roll out this updated image to computers, so ostree is perfect for this task. Of course I 
> could just do the traditional way of cloning/deploying images, but with ostree I have the possibility to do 
> atomic upgrades, and roll back in case of failure or a non-stable update.
>
> Initially I'm trying to adapt a minimal arch linux installation to use ostree.
> To simplify things I created a virtual machine with a single partitioned disk and created a minimal arch 
> installation by the standard way (https://wiki.archlinux.org/index.php/Installation_guide) but on a 
> subdirectory (.arch) and a have used dracut to generate my initramfs with ostree module. Also, I followed 
> the recommends on the docs, adapting my mutable directories to point to /var, creating necessaries symlinks 
> to /var/home, /var/roothome, /var/opt, and so on.
>
> After that, I installed ostree on livecd and initialized the mounted partition with:
> ostree admin --sysroot=/mnt/ init-fs
>
> And committed my installation with:
> ostree commit --repo=/mnt/ostree/repo --branch=arch /mnt/.arch/
>
> Then I deployed it with:
> ostree admin --sysroot=/mnt/ os-init arch
> ostree admin --sysroot=/mnt/ deploy --os=arch arch
>
> Finally I've booted my machine passing kernel, initrd and kernel args to boot directly (I didn't understand 
> how ostree is supposed to generate grub scripts yet, so I got the generated entries in /boot/loader/) and I 
> got some errors from systemd saying that a have a readonly /var. Despites the error, my VM has booted and I 
> could check that /var is in fact readonly, but I can't figure out the why. I took a look at ostree source 
> code, and, if I'm not missing something, I think that ostree-prepare-root is the piece of software that 
> bind mount /var to my deploy var, but there is nothing there mounting it readonly. I don't know what is 
> causing this. Some tips here?

There's another service that runs post-boot, ostree-remount.service,
that remounts /var read-write. However, it only runs if it finds
ostree=* in the kernel command line (and if it's enabled).

> Another problem that I barely mentioned is that I don't know how I can integrate ostree with a boot 
> manager. Preferably I would like to use grub because it has good features and I have a heterogeneous 
> environment with BIOS and EFI machines, misc filesystems, mdadm arrays. But this is not set on stone, as I 
> have some autonomy regarding changes of those configurations.

There are 2 ways that grub.cfg is updated depending on how ostree is
built. You should see some info at the end of the configure output
about what method it's going to use. If you are using the system's
grub-mkconfig, then you should have /etc/grub.d/15_ostree. If you're
not using the system grub-mkconfig, then you should have
/usr/lib/ostree/ostree-grub-generator. In either case, they should try
to update /boot/grub/grub.cfg (or whatever path is used on arch)
during the deploy step. You should check grub.cfg after that step to
see if anything happened.

The 3rd way to do this with grub is if grub natively supports the boot
loader spec files in /boot/loader/entries. I don't think upstream grub
does this. We've been patching it in on Endless for years based on a
patch from Fedora. It works very well since you don't even need to
touch the grub configuration, but obviously if your grub doesn't
support that, that's not going to help you.

--
Dan