search

coreos / rpm-ostree

⚛📦 Hybrid image/package system with atomic upgrades and package layering
https://coreos.github.io/rpm-ostree
Other
872 stars 195 forks source link

Override seems to work fine, but does not apply after reboot #1782

Open omonnin opened 5 years ago

omonnin commented 5 years ago

Host system details

So, I'm running CentOS Atomic from Vagrant on Windows and I need to update Docker to 17.12.1 to use recent features (docker run --mount and multi-stage builds.) I followed the tutorial in the RHEL Atomic doc, heading 6.2.4. However, the changes are not applied even after reboot.

rpm-ostree status: (before any changes)

State: idle; auto updates disabled
Deployments:
● ostree://centos-atomic-host:centos-atomic-host/7/x86_64/standard
                   Version: 7.1811 (2018-12-06 22:08:05)
                    Commit: ee5a6f25f64d140a15a94278790840c3d58585b69dab9a1c33928d3cfe45cfd9
              GPGSignature: Valid signature by 64E3E7558572B59A319452AAF17E745691BA8335

  ostree://centos-atomic-host:centos-atomic-host/7/x86_64/standard
                   Version: 7.1811 (2018-12-06 22:08:05)
                    Commit: ee5a6f25f64d140a15a94278790840c3d58585b69dab9a1c33928d3cfe45cfd9
              GPGSignature: Valid signature by 64E3E7558572B59A319452AAF17E745691BA8335

Behavior

bash-4.2# rpm-ostree override replace docker-ce-17.12.1.ce-1.el7.centos.x86_64.rpm
Checking out tree ee5a6f2... done
Copying /etc changes: 25 modified, 8 removed, 47 added
Transaction complete; bootconfig swap: yes; deployment count change: 1
Run "systemctl reboot" to start a reboot
bash-4.2# systemctl reboot

Then I ssh in there, and "atomic host status" gives the exact same output as above. If I run the override again, then I get "error: Override already exists for package 'docker-ce-17.12.1.ce-1.el7.centos.x86_64", and some other commands list it as an "inactive base replacement." There is no difference if I use vagrant reload instead of rebooting from the VM.

Am I doing something wrong or is there something else wrong?

jlebon commented 5 years ago

The override commands are used to modify the package set from the base layer itself. Contrast this with the install/uninstall commands, which are used to layer additional packages on top of the base layer. In this case, because docker-ce is not part of the base layer, you can just use install to layer it on top. E.g. something like:

rpm-ostree install docker-ce-17.12.1.ce-1.el7.centos.x86_64.rpm

(And you can do override reset docker-ce to drop the inactive base replacement from the previous override replace command).

omonnin commented 5 years ago

Thanks for the help. I've just tried installing it the normal way, and I get

bash-4.2# rpm-ostree install docker-ce-17.12.1.ce-1.el7.centos.x86_64.rpm Checking out tree ee5a6f2... done Enabled rpm-md repositories: base updates extras Updating metadata for 'base': [=============] 100% rpm-md repo 'base'; generated: 2018-11-25 16:00:34 Updating metadata for 'updates': [=============] 100% rpm-md repo 'updates'; generated: 2019-03-08 14:57:29 Updating metadata for 'extras': [=============] 100% rpm-md repo 'extras'; generated: 2019-02-22 12:17:31 Importing metadata [=============] 100% Resolving dependencies... failed error: The following base packages would be removed: docker-2:1.13.1-84.git07f3374.el7.centos.x86_64, docker-lvm-plugin-2:1.13.1-84.git07f3374.el7.centos.x86_64, docker-novolume-plugin-2:1.13.1-84.git07f3374.el7.centos.x86_64

But trying to rpm-ostree uninstall any of these packages yields "error: Package/capability 'docker' is not currently requested." I imagine this is because they are part of the base layer, so I removed them (and cockpit-docker, another dependency) with one rpm-ostree override remove command. Then, I reboot, get good results from atomic host status and try rpm-ostree install:

bash-4.2# atomic host status State: idle; auto updates disabled Deployments: ● ostree://centos-atomic-host:centos-atomic-host/7/x86_64/standard Version: 7.1811 (2018-12-06 22:08:05) BaseCommit: ee5a6f25f64d140a15a94278790840c3d58585b69dab9a1c33928d3cfe45cfd9 GPGSignature: Valid signature by 64E3E7558572B59A319452AAF17E745691BA8335 RemovedBasePackages: cockpit-docker-176-4.el7.centos.x86_64, docker-2:1.13.1-84.git07f3374.el7.centos.x86_64, docker-novolume-plugin-2:1.13.1-84.git07f3374.el7.centos.x86_64, docker-lvm-plugin-2:1.13.1-84.git07f3374.el7.centos.x86_64

rpm-ostree install docker-ce-17.12.1.ce-1.el7.centos.x86_64.rpm Checking out tree ee5a6f2... done Enabled rpm-md repositories: base updates extras rpm-md repo 'base' (cached); generated: 2018-11-25 16:00:34 rpm-md repo 'updates' (cached); generated: 2019-03-08 14:57:29 rpm-md repo 'extras' (cached); generated: 2019-02-22 12:17:31 Importing metadata [=============] 100% Resolving dependencies... done Will download: 1 package (50.1 kB) Downloading from base: [=============] 100% Importing (1/1) [=============] 100% Applying 4 overrides and 2 overlays

error: Checkout docker-ce-17.12.1.ce-1.el7.centos.x86_64: Hardlinking fb/314431490bde4c9c766dccb7773efaa768d5671d423b60e6da368b2480e689.file to docker: File exists

Any idea where to proceed here? Also, I will set this up as part of the vagrantfile, so ideally I'd like to avoid rebooting where possible.

jlebon commented 5 years ago

Hmm, I don't remember the full details, but IIRC there might also be a docker-latest there you'll want to override remove. (Or rpm -qf /usr/bin/docker should tell you which package it is).

omonnin commented 5 years ago

Yes, I also had to remove docker-client, docker-client-latest, docker-latest and docker-common with it, but I was finally able to install docker 17.12.1! Again, thanks for the help. However, I'm not sure if docker-ce provides adequate replacement for all the packages I removed. Is the docker installation on CentOS Atomic particularly customized? Should I also try to find RPMs for the packages I removed or are they included as part of Docker-CE?

My current setup:

bash-4.2# atomic host status State: idle; auto updates disabled Deployments: ● ostree://centos-atomic-host:centos-atomic-host/7/x86_64/standard Version: 7.1811 (2018-12-06 22:08:05) BaseCommit: ee5a6f25f64d140a15a94278790840c3d58585b69dab9a1c33928d3cfe45cfd9 GPGSignature: Valid signature by 64E3E7558572B59A319452AAF17E745691BA8335 RemovedBasePackages: docker-lvm-plugin-2:1.13.1-84.git07f3374.el7.centos.x86_64, docker-client-latest-1.13.1-58.git87f2fab.el7.centos.x86_64, docker-common-2:1.13.1-84.git07f3374.el7.centos.x86_64, docker-2:1.13.1-84.git07f3374.el7.centos.x86_64, docker-novolume-plugin-2:1.13.1-84.git07f3374.el7.centos.x86_64, cockpit-docker-176-4.el7.centos.x86_64, docker-latest-1.13.1-58.git87f2fab.el7.centos.x86_64, docker-client-2:1.13.1-84.git07f3374.el7.centos.x86_64 LocalPackages: docker-ce-17.12.1.ce-1.el7.centos.x86_64

ostree://centos-atomic-host:centos-atomic-host/7/x86_64/standard Version: 7.1811 (2018-12-06 22:08:05) BaseCommit: ee5a6f25f64d140a15a94278790840c3d58585b69dab9a1c33928d3cfe45cfd9 GPGSignature: Valid signature by 64E3E7558572B59A319452AAF17E745691BA8335 RemovedBasePackages: docker-lvm-plugin-2:1.13.1-84.git07f3374.el7.centos.x86_64, docker-client-latest-1.13.1-58.git87f2fab.el7.centos.x86_64, docker-common-2:1.13.1-84.git07f3374.el7.centos.x86_64, docker-2:1.13.1-84.git07f3374.el7.centos.x86_64, docker-novolume-plugin-2:1.13.1-84.git07f3374.el7.centos.x86_64, cockpit-docker-176-4.el7.centos.x86_64, docker-latest-1.13.1-58.git87f2fab.el7.centos.x86_64, docker-client-2:1.13.1-84.git07f3374.el7.centos.x86_64

jlebon commented 5 years ago

AFAIK, there aren't equivalent upstream community versions of these packages. You should be good to go once you have docker-ce installed.