-
Notifications
You must be signed in to change notification settings - Fork 59
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Declarative layering builder/interface #1054
Comments
There is an alternative path here where we still support being mostly declarative, but it happens inside a OK, well actually this was written out before in https://github.com/coreos/enhancements/blob/main/os/coreos-layering.md#butane-as-a-declarative-input-format-for-layering Or, there's a potential here to say let's not have a new tool, let's teach rpm-ostree about ignition and butane. I am...not opposed to that but it's a notable increase in scope, and raises questions about the relationship of ignition/butane and the other systems using rpm-ostree but not ignition such as current Fedora Silverblue/IoT etc. This blending of packages and configuration state would definitely be more NixOS like though. |
Not sure if I'm fully tracking with everything you're describing, but it feels like the direction you're explaining this is take something declarative and build a container layer as an output. To me it seems like that discards some of the benefits of using If we took the route of teaching The strawman I was thinking of was teach treefiles everything we need after firstboot, and then make them composable. That way if a user wants to add a single rpm package, they just write a treefile with that package, and |
This is a super interesting topic for sure. So one thing you mentioned on internal chat is actually we do have This simplifies things for
Hmm. There are definitely benefits to this, among them that we're not introducing a new CLI verb (and a new separate git repo with its own CI, releases, versioning etc.). I guess we could make this a "soft" dependency, i.e. the There's also overlap here with osbuild manifests and it's also possible to involve kickstarts. OTOH, I've thought in the past about writing a kickstart ➡️ ignition (or butane) translator - it wouldn't be hard to get coverage of the 80% case. And ultimately, rpm-ostree still would maintain I'm not sure. |
Either the MCO needs a tool to handle every part of OS state, or it has to be that tool. We already use
|
Yes, this is a great way to say it. This is an important debate to have. OK so today, the MCO is that tool - the rendered machineconfig combines the OS binaries with the configuration. Except for anything which came from the pointer ignition which we need to support for per-node state. (But, right now we are not trying to support "day 2" changes to this state either)
I think the goal here though actually is that we can say that the OS state can be described by a container image, and not a rendered machineconfig. I'd say a container image is actually much less opaque than the rendered machineconfig today, because tons and tons of tools know how to introspect and scan them; but machineconfig CRDs are specific to OpenShift 4.
The thing is the treefile today is not at all designed to capture configuration (that's where Ignition is). Where we've landed with coreos-assembler/FCOS/RHCOS is that it supports injecting an |
I more meant as compared to something like |
Actually though, for the MCO (and since this is a general FCOS issue, also outside of it) I'd say a huge part of the entire idea here is that from a per-machine perspective, all that happens in order to apply an update is that we pull and update to a container image and that's it; as little scripting and per-node state outside of that as possible. (Another way to say this is (as you know but it's worth restating) that this approach will fix openshift/machine-config-operator#1190 which IMO will be huge in and of itself) So this issue is really more about an opinionated, efficient, supportable way to build that image. This of course does tie somewhat into the per-machine state; for example, if part of our opinionated model is that there's a nice declarative file set stored in git (again, much like fedora-coreos-config) then perhaps we can teach Anyways though, as far as this whole thing; what I'm thinking is:
I don't quite understand what you mean here - we can maybe pick this up in a real-time conversation and re-summarize here. Actually this whole thing would be a great topic for the next FCOS community meeting. |
This SGTM, and to be clear, re.
To me, this is exactly the kind of thing that makes using Butane more appealing for this. It means users only have to keep understanding Butane. We can just say e.g. "you can now apply your Butane config before deploying". The flip side to this though is that if some of the Butane sugar knobs we want add in the future are only valid for CoreOS layering and not first boot, it'll be really confusing. So... ideally everything CoreOS layering supports would be a subset of what first boot supports (obviously partitioning and e.g. kargs means they'll never be at parity). |
One conclusion here is that we will likely want to compile butane into rpm-ostree treefiles, so it can be the build engine. This will allow all the e.g. change detection to work. (OTOH, treefiles are weak on non-rpm content) It'd be good to clarify what the MCO's role is - specifically does the MCO take butane as input - do we make it a CRD? Short term may be more "glue", long term may defer to rpm-ostree/CoreOS? Once we add package installs to butane, the overlap with treefiles will actually get a bit larger, but that will help us understand whether butane is the right interface. |
From discussion, the primary reason given to use Butane was that it's a better interface for users since it doesn't have some of the knobs that treefiles have. Some of my own thoughts: while there's some distinction between what treefiles and Butane do, because there's some overlap in what they do (eg either could apply files or systemd units), it doesn't seem technically clear to me right now exactly what the distinction is. Not sure if this is correct, but right now it seems like the distinction is more that treefiles are a tool for us to build an image, and Butane is a tool for users to apply configuration. That's making me wonder about some of the questions I have about the MCO's role/goals. Is the MCO an operator to apply Red Hat supported options to nodes? In that case it makes sense that treefiles are a tool for us to build images, and Butane is a tool for users without all knobs enabled. Is the MCO an operator that glues Kubernetes + Linux OS's? Then the MCO would need to support a more complete Spec for Linux nodes, and we could just disable anything we don't want to support. That would feel even more appropriate if we were downstream from OKD. Maybe there's a 3rd option where the MCO glues Kubernetes + desirable options for Linux nodes, in which Butane would also make a lot of sense, but I don't have a grasp of why that would be the case. |
@jkyros in case you aren't following this issue |
This is correct. But you're right that there's definitely a lot of overlap conceptually between the two in the context of CoreOS layering. To some extent, either could work (or even a third separate DSL) and there isn't a clearly "right" or "wrong" choice. They both would require some amount of work to adapt to the use case here. As mentioned earlier, my vote goes to Butane for various reasons, but as Colin said, at this point, we need to try, learn, and iterate. |
This command takes a *derivation* treefile and applies necessary changes to the live container to make it true. Currently, only `packages` is supported. But this paves the way for supporting more derivation fields as well as making currently "base" fields only become valid derivation fields too (by promoting it from the `BaseComposeConfigFields` struct to `TreeComposeConfig`). I think this also helps the move towards coreos#2326 by formalizing "client" or "derivation" treefiles more and introducing code which consumes them. What we're doing here is providing a "container" backend for derivation treefiles, but coreos#2326 will provide a "client" backend which uses the core more fully. But the input file itself is the exact same, hence providing symmetry between the two flows. (See also discussions about this in coreos/fedora-coreos-tracker#1054). This will also allow us to drop the `microdnf` dependency, though I haven't yet done that.
This command takes a *derivation* treefile and "applies" it to the live container. Currently, only `packages` is supported. But this paves the way for supporting more derivation fields as well as making currently "base" fields only become valid derivation fields too (by promoting it from the `BaseComposeConfigFields` struct to `TreeComposeConfig`). I think this also helps the move towards coreos#2326 by formalizing "client" or "derivation" treefiles more and introducing code which consumes them. What we're doing here is providing a "container" backend for derivation treefiles, but coreos#2326 will provide a "client" backend which uses the core more fully. But the input file itself is the exact same, hence providing symmetry between the two flows. (See also discussions about this in coreos/fedora-coreos-tracker#1054). This will also allow us to drop the `microdnf` dependency, though I haven't yet done that.
This command takes a *derivation* treefile and applies it to the live OSTree container. Currently, only `packages` is supported. But this paves the way for supporting more derivation fields as well as making currently "base" fields only become valid derivation fields too (by promoting it from the `BaseComposeConfigFields` struct to `TreeComposeConfig`). I think this also helps the move towards coreos#2326 by formalizing "client" or "derivation" treefiles more and introducing code which consumes them. What we're doing here is providing a "container" backend for derivation treefiles, but coreos#2326 will provide a "client" backend which uses the core more fully. But the input file itself is the exact same, hence providing symmetry between the two flows. (See also discussions about this in coreos/fedora-coreos-tracker#1054). This will also allow us to drop the `microdnf` dependency, though I haven't yet done that.
This command takes a *derivation* treefile and applies it to the live OSTree container. Currently, only `packages` is supported. But this paves the way for supporting more derivation fields as well as making currently "base" fields only become valid derivation fields too (by promoting it from the `BaseComposeConfigFields` struct to `TreeComposeConfig`). I think this also helps the move towards coreos#2326 by formalizing "client" or "derivation" treefiles more and introducing code which consumes them. What we're doing here is providing a "container" backend for derivation treefiles, but coreos#2326 will provide a "client" backend which uses the core more fully. But the input file itself is the exact same, hence providing symmetry between the two flows. (See also discussions about this in coreos/fedora-coreos-tracker#1054). This will also allow us to drop the `microdnf` dependency, though I haven't yet done that.
This command reads treefile dropins in `/etc` and applies it to the system. Only the OSTree container flow is supported for now. For the client-side flow, see coreos#2326. In the container flow, only `packages` is currently supported. But this paves the way for supporting more derivation fields as well as making currently "base" fields only become valid derivation fields too (by promoting it from the `BaseComposeConfigFields` struct to `TreeComposeConfig`). What we're doing here is providing a "container" backend for derivation treefiles, but coreos#2326 will provide a "client" backend which uses the core more fully. But the inputs themselves are the exact same, hence providing symmetry between the two flows. (See also discussions about this in coreos/fedora-coreos-tracker#1054). This will also allow us to drop the `microdnf` dependency which will be done in a following patch.
This command reads treefile dropins in `/etc` and applies it to the system. Only the OSTree container flow is supported for now. For the client-side flow, see coreos#2326. In the container flow, only `packages` is currently supported. But this paves the way for supporting more derivation fields as well as making currently "base" fields only become valid derivation fields too (by promoting it from the `BaseComposeConfigFields` struct to `TreeComposeConfig`). What we're doing here is providing a "container" backend for derivation treefiles, but coreos#2326 will provide a "client" backend which uses the core more fully. But the inputs themselves are the exact same, hence providing symmetry between the two flows. (See also discussions about this in coreos/fedora-coreos-tracker#1054). This will also allow us to drop the `microdnf` dependency which will be done in a following patch.
This command reads treefile dropins in `/etc` and applies it to the system. Only the OSTree container flow is supported for now. For the client-side flow, see coreos#2326. In the container flow, only `packages` is currently supported. But this paves the way for supporting more derivation fields as well as making currently "base" fields only become valid derivation fields too (by promoting it from the `BaseComposeConfigFields` struct to `TreeComposeConfig`). What we're doing here is providing a "container" backend for derivation treefiles, but coreos#2326 will provide a "client" backend which uses the core more fully. But the inputs themselves are the exact same, hence providing symmetry between the two flows. (See also discussions about this in coreos/fedora-coreos-tracker#1054). This will also allow us to drop the `microdnf` dependency which will be done in a following patch.
This command reads treefile dropins in `/etc` and applies it to the system. Only the OSTree container flow is supported for now. For the client-side flow, see #2326. In the container flow, only `packages` is currently supported. But this paves the way for supporting more derivation fields as well as making currently "base" fields only become valid derivation fields too (by promoting it from the `BaseComposeConfigFields` struct to `TreeComposeConfig`). What we're doing here is providing a "container" backend for derivation treefiles, but #2326 will provide a "client" backend which uses the core more fully. But the inputs themselves are the exact same, hence providing symmetry between the two flows. (See also discussions about this in coreos/fedora-coreos-tracker#1054). This will also allow us to drop the `microdnf` dependency which will be done in a following patch.
Splitting this out from https://github.com/coreos/enhancements/blob/main/os/coreos-layering.md
Basically this thread is about how we offer a declarative layered coreos build interface that constrains input as much as possible to flows that we have tested.
For example with a
Dockerfile
today, one can invoke e.g.RUN useradd foo
but such a thing right now deeply conflicts with the user management flows of rpm-ostree and Ignition and would need nontrivial work to support. What we need to do for now for local user management is include it in Ignition, and have Ignition run it on firstboot as happens normally today. Which in turn, means it can't be part of the ignition rendered into a container image, but needs to be part of the Ignition config provided to the machine on firstboot.OK, the digression on
useradd
aside: I think what we should try to ship for this is basically something that can take a butane configuration and build a container image from it.This would build on coreos/ignition#1285 - and really the biggest gap is having a declarative package install interface. Of course, rpm-ostree already has one of those but I don't think we should expose the full treefile; about half of those flags only apply to base images (e.g.
boot-location
) or would be messy to implement correctlyinstall-langs
. To start really, we could support a tiny subset of that yaml which allows specifyingpackages
. Perhaps we could extend it withpackage-repos
. Some people are definitely going to want lockfiles.For the butane package bits, see #681
(And a big bonus would be if this same stanza worked for both container builds and as part of the per-machine config!)
So here's a strawman:
Notice here a big benefit is we can carry forward the "change detection" that rpm-ostree has today for
compose tree
. This is coreos/rpm-ostree#3238Supported butane inputs
We should error out on input butane stanzas like
storage
- things like LUKS and RAID need to be set up by the Ignition provided on firstboot.The text was updated successfully, but these errors were encountered: