Atomic system updates are at least half of how “Atomic Hosts” earn their Fallout-flavored appellation. Where a standard Fedora, RHEL or CentOS host gets its updates from a sack of RPMs downloaded from various repositories and exploded out where appropriate, the Atomic editions of these distros consume this same software in pre-exploded-and-composed-into-an-image form.
One tricky element of consuming your RPMs in a single blob is choosing a package or two to add beyond what’s been composed into the image. I wanted to do this straightaway after learning about the atomic host concept, and I (semi)helpfully documented my progress with composing custom trees in a few different spots, most recently at: Compose Your Own Atomic Updates.
This works pretty well, but composing and rebasing to a tree of your own is sort of a heavy approach. Shouldn’t you be able to compose just part of a tree, and, like, overlay those packages on your atomic host?
OSTree mastermind Colin Walters has whipped up just such a utility, and today, I took it for a spin with CentOS Atomic Host.
I started with a CentOS Atomic Host vagrant box, which, as you’ll see, doesn’t include the fortune-mod package:
[laptop-host]$ vagrant init centos/atomic-host [laptop-host]$ vagrant up [laptop-host]$ vagrant ssh [atomic-vm]$ fortune bash: fortune: command not found
I need to grab Colin’s tool from git, which is also not included in the CentOS Atomic Host, but which is available in the friendly centos/tools container. For a bit of info about the Fedora flavor of this container, see here.
[atomic-vm]$ sudo atomic run centos/tools [tools-container]$ cd /root [tools-container]$ git clone https://github.com/cgwalters/atomic-pkglayer/ [tools-container]$ cd atomic-pkglayer [tools-container]$ git checkout v2016.1
atomic-pkglayer requires ostree to function, and this package is missing from the centos/tools container, so I need to grab it from the repo below. Also, fortune-mod lives in EPEL, so I’ll install that repo as well.
[tools-container]$ curl -O https://raw.githubusercontent.com/CentOS/sig-atomic-buildscripts/downstream/rhel-atomic-rebuild.repo [tools-container]$ mv rhel-atomic-rebuild.repo /etc/yum.repos.d/ [tools-container]$ yum install ostree epel-release -y
Now I need to grab all the rpms required for fortune-mod, and install them to a pkglayer, before exiting my tools container, rebooting my atomic VM, and logging back in to the rebooted atomic VM:
[tools-container]$ mkdir pkgs [tools-container]$ yumdownloader --resolve --destdir=pkgs fortune-mod [tools-container]$ /root/atomic-pkglayer/atomic-pkglayer pkgs/*rpm [tools-container]$ exit [atomic-vm]$ sudo reboot [laptop-host]$ vagrant ssh
Now, for some fortune:
[atomic-vm]$ fortune
Rune's Rule:
If you don't care where you are, you ain't lost.
You can see my local overlay:
[atomic-vm]$ sudo atomic host status TIMESTAMP (UTC) VERSION ID OSNAME REFSPEC * 2016-01-29 00:30:06 local 0aa16a3e42 centos-atomic-host <unknown origin type> 2015-10-01 09:32:09 7.20151001 1e9838ce88 centos-atomic-host centos-atomic-host:centos-atomic-host/7/x86_64/standard
The system is left in an un-upgradable state — I’ll need to rollback before I can grab updates again, so this overlay is temporary:
[atomic-vm]$ sudo atomic host upgrade error: No origin/refspec in current deployment origin; cannot upgrade via ostree [atomic-vm]$ sudo atomic host rollback Moving '1e9838ce8879112c47c72503bbade0830e6f06dc20f5cabbf6da40a373550f69.0' to be first deployment Transaction complete; bootconfig swap: no deployment count change: 0 Removed: fortune-mod-1.99.1-17.el7.x86_64 recode-3.6-38.el7.x86_64 Successfully reset deployment order; run "systemctl reboot" to start a reboot [atomic-vm]$ sudo systemctl reboot [laptop-host]$ vagrant ssh
Post-rollback, the fortune command is missing once again, and my system is ready for upgrades again:
[atomic-vm]$ fortune bash: fortune: command not found [atomic-vm]$ sudo atomic host upgrade Updating from: centos-atomic-host:centos-atomic-host/7/x86_64/standard
jebpages 