Replies: 8 comments 5 replies
-
xref https://gitlab.com/CentOS/cloud/sagano which would use this |
Beta Was this translation helpful? Give feedback.
-
Hi everyone, I work on the installer ISOs for theUniversal Blue project and we’ve had issues on creating offline installer images for ostree container native systems due to limitations in the ostreecontainer verb. I would like to make sure we can get support for offline installation with the new bootc capabilities. The current implementation of the ostreecontainer verb does not allow us to set the —target-imgref correctly so we’ve had to resort to hacks (rebasing on first boot) to work around this limitation (ref: ostreedev/ostree-rs-ext#512). I’m not sure what this would mean for the bootc implementation. I imagine we would put the container archive in the ISO and pull from there similar to how the ostree repo is embedded in existing Silverblue images. As a side note I was going to try to craft a patch to add this support to the ostreecontainer verb but it’s clear bootc switch the way of the future so not sure if such patch would be accepted - if so I will create a separate issue for that. |
Beta Was this translation helpful? Give feedback.
-
I'm sure we could get a patch merged that added better support for --target-imgref to the ostreecontainer verb! But yes, would like to move in the bootc direction overall. |
Beta Was this translation helpful? Give feedback.
-
BTW an important detail in this is that |
Beta Was this translation helpful? Give feedback.
-
Would there be other options than |
Beta Was this translation helpful? Give feedback.
-
One thing I hope we can fix as we do this is e.g. ostreedev/ostree#3193 - the bootc install flow just uses kernel arguments for the rootfs and I think this is ultimately the right thing. |
Beta Was this translation helpful? Give feedback.
-
So recently we've done quite a lot in bootc (layered on top of ostree) and in the current situation none of those features will apply. For example the kernel argument support. But even more recently we're switching bootc to support logically bound containers |
Beta Was this translation helpful? Give feedback.
-
Thinking about this more. First let's assume we have podman in the Anaconda ISO. A core problem to solve is pulling the container image. Let's assume that this phase happens after the target filesystem is created. One option I think would be viable is to always create a temporary swap file on that filesystem. Alternatively, pull that image to a temporary place on the target FS (e.g. The basic idea either way is to avoid the "running from RAM" penalty - and also in the bootc case, we could in theory optimize this to avoid writing the OS files twice by using reflinks (also xref containers/storage#1849 ). This would greatly help in the implementation of a However one thing that would be significantly cleaned up here is if bootc itself offered a way to spawn code running against the target root after |
Beta Was this translation helpful? Give feedback.
-
So a while ago, we added the
ostreecontainer
kickstart verb. The advantage of this is that it works in exactly the same way/shape as theostreesetup
did.However, the bigger picture direction I'd like to go is actually towards bootc install - where a container image can install itself.
The relevance to Anaconda here is that we'd support something like this:
Goals:
inst.bootc=quay.io/exampleos/blah
And here, this uses
bootc install-to-filesystem
; Anaconda takes care of initializing the filesystem tree, but otherwise just executes the container to do the install.Crucially in the
bootc install
flow, it's actually the container that installs the bootloader to the target disk, not Anaconda.Other higher level goals
Implementation goals
Implementing this is mostly:
podman
to the ISObootc
expands topodman run --privileged --pid=host --net=none --security-opt label=type:unconfined_t <image>
per the docOf course, one thing we could do is add generalized support for pulling and executing a container...basically do an install like this:
But, that has a few downsides around ergonomics, fragility, etc.
Beta Was this translation helpful? Give feedback.
All reactions