Fedora 42 change: composefs enabled by default

[travier]

For the upcoming Fedora 41 release, we are enabling composefs by default for bootable container images of Fedora Atomic Desktops (not for the classic ostree ones).

See:

• https://fedoraproject.org/wiki/Changes/ComposefsAtomicCoreOSIoT
• https://gitlab.com/fedora/ostree/sig/-/issues/35

It's enabled in the Rawhide/41 images from ci-test: https://gitlab.com/fedora/ostree/ci-test/-/blob/main/composefs.yaml?ref_type=heads

Before we move people to composefs, we need them to have a BLS capable bootloader (i.e. an updated open), have BLS config enabled and then set sudo ostree config set sysroot.bootloader none. If some of those things are not set, you might end up with a completely unbootable system (i.e. no rollback either).

See:

• https://gitlab.com/fedora/ostree/sig/-/issues/35#note_1986555833
• https://discussion.fedoraproject.org/t/f41-change-proposal-enabling-composefs-by-default-for-atomic-desktops-coreos-and-iot-self-contained/123166/18

So this is tricky as we don't have a mechanism in Atomic Desktops like we do in Fedora CoreOS to force updates through a barrier releases that would validate all of those elements before updating to a composefs enabled image and setting the ostree repo config.

If that ends up being too much for the F41 release, we can postpone it to F42 or dynamically disable it in a layer (needs an initramfs rebuild).

[travier]

I've pushed F41 images, and they come with composefs enabled by default.

We don't have a real plan for the transition from F40 yet so we might have to disable it until we do.

See: https://gitlab.com/fedora/ostree/sig/-/issues/35#note_1986555833

[travier]

WARNING: Rebasing to those images may make your system unbootable / un-upgradeable.

[castrojo]

Hi Timothee! Greetings from KubeCon in Hong Kong!

We usually don't ingest on our builds until the beta (For F41 in this case) so no one will be rebasing yet.

From a future proof perspective do we need to manually set ostree config set sysroot.bootloader none for folks? Is this something we can automate in the containerfile? Thanks!

[travier]

Hi Timothee! Greetings from KubeCon in Hong Kong!

👋🏻

From a future proof perspective do we need to manually set ostree config set sysroot.bootloader none for folks? Is this something we can automate in the containerfile? Thanks!

We can not automate that in the Containerfile, we need this in a system unit running on the systems.

But doing that also means that we have to make sure that the bootloader is updated before and BLS properly enabled in the GRUB config.

[p5]

So in theory, we need a systemd script that somehow (and I know nothing about bootloaders or BLS):

Checks if BLS is enabled and the bootloader is a suitable version If yes, run ostree config set sysroot.bootloader none If no, pin the user on their current image and inform the user (or try and remediate it ourselves within the script)

[travier]

Yes, something like that.

Updating the bootloader is almost the same as having bootupd and this is only in F41, and it does not handle RAID mirrors yet (https://github.com/coreos/bootupd/issues/132) and I've not tested the setup that Anaconda does for RAID mirror.

[travier]

Summary of what's needed for F41 for the Atomic Desktops to converge with bootc on:

• bootupd: https://gitlab.com/fedora/ostree/sig/-/issues/1#note\_2062751164
• composefs: https://gitlab.com/fedora/ostree/sig/-/issues/35#note\_2062769940

[travier]

The 100% Code Complete Deadline for Fedora 41 is tomorrow and we are not ready with the transition plan for this change in the Atomic Desktops thus I'm pushing this back to Fedora 42.

[castrojo]

@bsherman Heads up that this will still affect uCore.