Skip to content

Atomic: OSTree Update

Jump to bottom Edit New page
andreasn edited this page Jul 22, 2014 · 24 revisions

Cockpit should allow people to update their OSTree based Atomic system.

Notes

  • OSTree has a simple to represent update/rollback model.
  • Requires a reboot after an update/rollback.
  • Can we figure out if an update represents a security update?
    • Or if security updates are available and thus the system needs to be updated/rebooted.
  • Not clear if we want to include the concept of switching OSTree branches/channels in Cockpit.
  • This feature will probably be simple for the time being.
  • This feature doesn't include updating containers, which is pretty undefined at this point.
  • https://coreos.com/assets/images/screenshots/GroupList-HiDPI.png

Stories

User stories, workflow that will drive design.

User stories:

Robert is a sysadmin at a small IT company. They have 3 servers, one run a file server, one that runs their build server and one that runs the company website. They run Atomic on all 3. Due to a recent security breach in the kernel that affects all 3 machines, he needs to update the system to a newer version.

George runs a startup with two friends of his. They develop a messaging service that has a backend part running on top of CentOS and a app for Android and iPhone. They do all their testing in virtual machines on top of Atomic. They are not concerned too much with security updates, but they do have need a feature that is only part of the latest Atomic release. They are working against a deadline, so if anything goes wrong, they need a smooth downgrade to an earlier version of Atomic.

Workflows:

Robert:

  • Robert reads about the fatal kernel security hole in the news. Since the web server is public, he's getting nervous.
  • After logging in to the web server via Cockpit, he gets an alert on the front page that there is a system upgrade available. This links to some details about the update, so that he can verify that the update indeed contains the kernel security fix he needs.
  • He presses "Upgrade & Reboot". The machine successfully upgrades, showing the progress as it downloads and then reboots.
  • The system boots, the machine now uses the kernel with the security hole fixed.

George:

  • George gets notified that a new version of Atomic is available in one of the VMs they develop against.
  • He looks at the change details, sees that it contains a couple of bug fixes and a new version of systemd and thinks "sure, why not?" and presses the "Update & Reboot"-button.
  • After the reboot, he logs into the machine again, but realizes that their software doesn't work quite well with the newest Atomic. They have an important deadline coming in a week, so in retrospect it had made more sense to do the upgrade after the deadline.
  • He therefore chooses to downgrade to the version he was running before the upgrade.
  • He selects the previous update snapshot from Cockpit and reboots the VM.
  • Everything is back to normal.

Home / About / Contributing / Cockpit project website

Home

About

Contributing

Design Guidelines

Team/Project guidelines

User Experience Research

Clone this wiki locally