Background 背景
- Package systems versus image systems
包系统与镜像系统 - How rpm-ostree provides a middle ground
rpm-ostree 如何提供一个折中方案
Package systems versus image systems
软件包系统与镜像系统
Broadly speaking, software update systems for operating systems tend to fall cleanly into one of two camps: package-based or image-based.
广义上说,操作系统的软件更新系统往往可以清晰地分为两大阵营:基于软件包或基于镜像。
Package system benefits and drawbacks
软件包系统的优势和缺点
Benefits: 优势:
- Highly dynamic, fast access to wide array of software
高度动态,快速访问各种软件 - State management in
/etcand/varis well understood
/etc和/var中的状态管理被充分理解 - Can swap between major/minor system states (
apt-get upgradeis similar toapt-get dist-upgrade)
可以在主要/次要系统状态之间切换(apt-get upgrade类似于apt-get dist-upgrade) - Generally supports any filesystem or partition layout
通常支持任何文件系统或分区布局
Drawbacks: 缺点:
- As package set grows, testing becomes combinatorially more expensive
随着软件包集的增长,测试变得组合更加昂贵 - Live system mutation, no rollbacks
实时系统变异,无法回滚
Image benefits and drawbacks
图像的好处和缺点
Benefits: 好处:
- Ensures all users are running a known state
确保所有用户运行在已知状态 - Rollback supported 支持回滚
- Easier to verify system integrity
更容易验证系统完整性
Drawbacks: 缺点:
- Many image systems have a read-only
/etc, and writable partitions elsewhere
许多图像系统具有一个只读/etc,其他地方有可写分区 - Must reboot for updates 必须重新启动以进行更新
- Usually operate at block level, so require fixed partition layout and filesystem
通常在块级别运行,因此需要固定的分区布局和文件系统 - Many use a “dual root” mode which wastes space and is inflexible
许多使用“双根”模式,浪费空间且不灵活 - Often paired with a separate application mechanism, but misses out on things that aren’t apps
通常与单独的应用机制配对,但会错过不是应用程序的东西 - Administrators still need to know content inside
管理员仍然需要了解内容内部
How rpm-ostree provides a middle ground
rpm-ostree 如何提供一个折中方案
rpm-ostree in its default mode feels more like image replication, but the underlying architecture allows a lot of package-like flexibility.
在其默认模式下,rpm-ostree 更像是镜像复制,但底层架构允许很多类似软件包的灵活性。
In this default mode, packages are composed on a server, and clients can replicate that state reliably. For example, if one adds a package on the compose server, clients get it. If one removes a package, it’s also removed when clients upgrade.
在这种默认模式下,软件包在服务器上组合,客户端可以可靠地复制该状态。例如,如果在组合服务器上添加一个软件包,客户端会得到它。如果删除一个软件包,当客户端升级时也会被移除。
One simple mental model for rpm-ostree is: imagine taking a set of packages on the server side, install them to a chroot, then doing git commit on the result. And imagine clients just git pull -r from that. What OSTree adds to this picture is support for file uid/gid, extended attributes, handling of bootloader configuration, and merges of /etc.
一个简单的 rpm-ostree 的心智模型是:想象将一组软件包安装到 chroot 中,然后对结果执行 git commit 。想象客户端只是从中 git pull -r 。OSTree 在这个图景中添加的功能包括对文件 uid/gid、扩展属性、处理引导加载程序配置以及 /etc 的支持。
To emphasize, replication is at a filesystem level - that means things like SELinux labels and uid/gid mappings are assigned on the server side.
强调一下,复制是在文件系统级别进行的 - 这意味着像 SELinux 标签和 uid/gid 映射这样的东西是在服务器端分配的。
On the other hand, rpm-ostree works on top of any Unix filesystem. It will not interfere with any filesystem or block-level snapshots or backups such as LVM or BTRFS.
另一方面,rpm-ostree 可以在任何 Unix 文件系统上运行。它不会干扰任何文件系统或块级快照或备份,比如 LVM 或 BTRFS。