With F41 coming up and with it the switch to OSTree Native Container, I’ve been trying to learn what the changes will mean as a current user of Kinoite and rpm-ostree. I’ve read some information on bootc as well as the dnf cli wrapper to try to understand how things should work in the new container-based model using these new tools. However, there are still some things that are confusing and I am wondering if there will be any sort of documentation planned that’s tailored to existing rpm-ostree users to educate them to the new container tools and workflow? For example, I find the following things to be slightly confusing or need clarification:
-
bootc
seems to be the newrpm-ostree
command, except for when it’s not. There seems to be a direct equivalent for many commands:rpm-ostree status
→bootc status
rpm-ostree upgrade
→bootc upgrade
rpm-ostree rollback
→bootc rollback
(ordnf image rollback
[1]?)rpm-ostree usroverlay
→bootc usr-overlay
rpm-ostree rebase
→bootc switch
(ordnf image rebase
)
However, one of the most common rpm-ostree commands used for layering packages,
rpm-ostree install
=/=bootc install
. The latter command is used for something completely different. -
So how is layering going to be supported? This I found confusing and conflicting information.
a. Under the section for Relationship with rpm-ostree in the bootc documentation, it gives the impression that layering isn’t supported fully:Today both bootc and rpm-ostree use the ostree project as a backing model. Hence, when using a container source,
rpm-ostree upgrade
andbootc upgrade
are effectively equivalent; you can use either command.
However with rpm-ostree (or, perhaps re-framed as “dnf image”), it will continue to work to e.g.dnf install
(i.e.rpm-ostree install
) on the client side system. In addition there are other client-side mutation commands such asrpm-ostree initramfs --enable
.
However, as soon as you mutate the system in this way,bootc upgrade
will error out as it will not understand how to upgrade the system. The bootc project currently takes a relatively hard stance that system state should come from a container imageb. Layering will still exist, but it’s unclear how to do it going forward. I don’t think we will be forced to create custom containers via Containerfiles, but its unclear whether we are supposed to use
dnf install
,rpm-ostree install
, and whether that will break container upgrades (as stated above).c. Or perhaps I’m completely misunderstanding the purpose of
bootc
, and should stick todnf image
to manage my local machine? -
I think this all boils down to documenting when a user should be using
bootc
,dnf image
, orrpm-ostree
[2] commands where previously users were using justrpm-ostree
. -
Will the switch be automatic or voluntary? On one hand, it sounds voluntary:
If you’re a user of ostree today: no need to worry. Everything that works today in ostree and rpm-ostree will continue to work for years to come (it’s shipped in RHEL9). However, it’s expected that most users will find the new model sufficiently compelling to switch fairly quickly.[3]
But lower in the same page it sounds like there will be an automated switchover, or maybe this systemd unit will be disabled by default:
We will ship a systemd unit that transitions systems currently using OSTree on the wire over to tracking the corresponding container images. Note again, all features of rpm-ostree continue to work! For example, if you have layered packages, that will continue to be applied.[4]
To complete this story on the client side, what is today called “ostree native containers” will be exposed via a new dnf image subcommand on the client system.
For example:
$ dnf image rebase quay.io/examplecorp/customos:latest
As well as other offline/“image based” functionality such as dnf image rollback and dnf image apply-live. ↩︎Assuming that this command will still be included and relevant, as it seems that some commands such as
rpm-ostree override replace
won’t be supported in the dnf wrapper ↩︎https://fedoraproject.org/wiki/Changes/OstreeNativeContainerStable#Backwards_compatibility ↩︎
https://fedoraproject.org/wiki/Changes/OstreeNativeContainerStable#Upgrade/compatibility_impact ↩︎