-
Notifications
You must be signed in to change notification settings - Fork 1.1k
Atomic: OSTree Update
Cockpit should allow people to update their OSTree based Atomic system.
- OSTree has a simple to represent update/rollback model.
- Requires a reboot after an update/rollback.
- Can we figure out if an update represents a security update?
- Or if security updates are available and thus the system needs to be updated/rebooted.
- Not clear if we want to include the concept of switching OSTree branches/channels in Cockpit.
- This feature will probably be simple for the time being.
- This feature doesn't include updating containers, which is pretty undefined at this point.
- https://coreos.com/assets/images/screenshots/GroupList-HiDPI.png
User stories, workflow that will drive design.
User stories:
Robert is a sysadmin at a small IT company. They have 3 servers, one run a file server, one that runs their build server and one that runs the company website. They run Atomic on all 3. Due to a recent security breach in the kernel that affects all 3 machines, he needs to update the system to a newer version.
George runs a startup with two friends of his. They develop a messaging service that has a backend part running on top of CentOS and a app for Android and iPhone. They do all their testing in virtual machines on top of Atomic. They are not concerned too much with security updates, but they do have need a feature that is only part of the latest Atomic release. They are working against a deadline, so if anything goes wrong, they need a smooth downgrade to an earlier version of Atomic.
Workflows:
Robert reads about the fatal kernel security hole in the news. Since the web server is public, he's getting nervous. After logging in to the web server via Cockpit, he gets an alert on the front page that there is a system upgrade available. He presses "Upgrade & Reboot". The machine successfully upgrades and then reboots.