a comparison of linux software update technologies
play

A Comparison of Linux Software Update Technologies Matt Porter, - PowerPoint PPT Presentation

Mar 03, 2023 •121 likes •400 views

A Comparison of Linux Software Update Technologies Matt Porter, Konsulko Group Embedded Linux Conference Europe 2016 Overview Background of Linux software update Linux software update strategies Detailed look at each FOSS project

  1. A Comparison of Linux Software Update Technologies Matt Porter, Konsulko Group Embedded Linux Conference Europe 2016

  2. Overview ● Background of Linux software update ● Linux software update strategies ● Detailed look at each FOSS project ○ Strategy employed ○ Other features ○ Maturity ○ Community ○ Downstream projects

  3. Linux software update history ● H.J. Lu’s Boot-root distributions ○ Boot and build the rest, no update mechanism ● MCC, TAMU, and SLS ○ Packages in tarballs, no dependencies ● Slackware ○ Packages in tarballs, no dependencies ○ Per release scripted updates, flaky if too old

  4. Linux software update history ● Debian, Red Hat Linux / Fedora, SUSE ○ Modern deb or rpm package management with complete set of dependencies ○ Non-atomic incremental updates ○ Release updates by designating a set of package versions ○ Driven by complex set of pre/post install scripts which can leave updated systems in a non-working state.

  5. Linux software update requirements ● There are many requirements ○ Tradeoffs are unique for each product. ○ No exact steps only guidelines ● Power fail safe? ● Frequent/infrequent updates? ● Bandwidth of update delivery channel vs. size of updates? ● Speed of update? ● Verification/Authentication?

  6. Linux software update strategies Traditional method ❑ Traditional non-atomic package-based releases ❑ Package based granularity with dependency hierarchy ❑ apt and yum based updates may require luck or other methods for reliability. ❑ Unacceptable for the embedded zoo.

  7. Linux software update strategies Full image updates ● Has been the standard approach since Linux in embedded systems was popularized. ● Single image approach assumes the new update will boot ○ Recoverable if update can be performed from an immutable mechanism (fallback factory bootloader) ● Dual image approach is inherently atomic ○ Bootloader will fallback to previously working image on failure of update ● Update speed relative to size of full image

  8. Linux software update strategies Full image updates Completely unrealistic and simplified dual image example Bootloader 4) Boot new active image B. Fallback to A if boot fails (typically using watchdog 1) Boot active image and/or heartbeat). 3) Toggle B active and A inactive. Reboot. Linux image A Linux image B (active -> inactive) (inactive -> active) 2) Receive and install update to partition B.

  9. Linux software update strategies Incremental atomic updates ● The new kid on the block that does crazy stuff, likely to be called balderdash by the old guard. ● Driven initially by server needs ○ Incremental atomic upgrades that can be quickly deployed or rolled back on demand. ○ Complete history of deployments ● Releases are composed of binary deltas ○ Not a package granularity ○ Deltas are per file modified ○ Size of updates are minimized

  10. Linux software update strategies Containers ● Not usually a complete upgrade solution ● Built on top of a core immutable distribution ● Applications only exist in a container instance ● Updates rolled out in container deltas

  11. SWUpdate ● Single or dual image update framework ○ https://github.com/sbabic/swupdate ○ Written in C. GPL2 license. ○ Attempt to be modular with plugins ○ Supports signed images, local/remote updates, and U-Boot. ○ meta-swupdate layer for Yocto Project ● Has several contributors besides original author ● Used at least by Siemens (http://sched.co/7rrA) and Stefano’s own projects

  12. SWUpdate ● Updates delivered in simple CPIO archive ● Each individual image is described in sw-description and integrity is validated with a SHA256 hash. ● Handler plugins implement the details of how each described image is handled. ○ U-Boot env update ○ NOR, NAND, UBI partition and write ○ MMC/SD/eMMC partition and write ○ Custom installers can enable FPGA bitstream or uC firmware updates

  13. SWUpdate ● sw-descriptions can be extended using custom LUA parsers to support new features ○ multiple hardware platforms in one image ● Configuration file support via libconfig or XML format by default ● Uses Kbuild for configuration ● Supports Mongoose web server and REST interface to Hawkbit server for remote update ● Strange stuff exists like an implementation of a userspace GPIO library that duplicates other projects.

  14. mender.io ● Dual image update framework ● https://github.com/mendersoftware/mender ● Designed as a client/server system for OTA updates. Written in Go. Apache 2 license. ● meta-mender layer supports building the client into a device image using YP/OE ● https://github.com/mendersoftware/meta-mender ● Project contributors are overwhelmingly represented by Mender employees.

  15. mender.io ● Two client modes ○ Standalone - updates are triggered locally (suitable for physical media or any network update in pull mode) ○ Managed - client is a daemon and will poll the server for updates. ● mender’s dual image or “A/B” scheme uses a notion of “commit” when and update has booted properly. On failure it will toggle the inactive/active partitions as with a standard dual image approach

  16. mender.io ● QEMU and BeagleBone Black reference platforms ○ That’s the bee’s knees for getting started easily ● As a complete demonstrable solution, mender relies on some assumptions: ○ U-Boot Boot Count Limit, ext2/3/4fs, and Linux env tools, and a specific U-Boot configuration ○ systemd (and required kernel config options) for managed mode ○ a fixed layout of U-Boot in one partition, a persistent data partition, and two A/B partitions with rootfs/kernel.

  17. mender.io ● Does not support raw NOR, NAND, UBI partitions and volumes. ● Excellent documentation on use and customization. ● Ready to use platforms to test operation. ● Established project CI loop. ● Test/QA tools all available freely.

  18. OSTree ● Incremental atomic upgrade mechanism ● https://github.com/ostreedev/ostree ● Self-described as “git for operating system binaries”. ● Uses a git-like object store to record and deploy complete file system trees using binary deltas. ● Depends on an immutable filesystem hierarchy for the updated root filesystem ( https://www.freedesktop.org/wiki/Software/systemd/TheCaseForTheUsrMerge/ ) ● Persistent data kept in /etc

  19. OSTree ● How does it work? ○ Target has a local copy of a repository in /ostree/repo ○ Target has any number of “deployments” stored in /ostree/deploy ● A deployment is stored physically in /ostree/deploy/$OSNAME/$CHECKSUM and uniquely identified with a SHA256 checksum ● Each deployment has its own copy of /etc ● Activation requires a reboot

  20. OSTree ● Deploy and rollback ○ ostree-admin-upgrade ○ ostree-admin-deploy {REFSPEC} ○ ostree-admin-status ○ ostree-admin-undeploy {INDEX} ● Atomic updates are guaranteed by atomically swapping a /boot symlink to a new deployment /ostree/boot.foo directory ● A bind mount is established at boot time pointing to the currently deployed filesystem.

  21. OSTree ● There are many projects that have adopted OSTree ○ Gnome Continuous https://wiki.gnome.org/Projects/GnomeContinuous ○ Project Atomic http://www.projectatomic.io/ ○ Flatpak https://github.com/flatpak/flatpak ○ Pulp Platform https://github.com/pulp/pulp_ostree ○ Automotive Grade Linux https://jira.automotivelinux.org/browse/SPEC-194 ○ https://git.automotivelinux.org/gerrit/gitweb?p=AGL/meta-agl-extra. git;a=summary

  22. swupd ● Incremental atomic upgrade mechanism ● Originally part of ClearLinux project ○ https://github.com/clearlinux/swupd-client ○ https://github.com/clearlinux/swupd-server ● Functionality is very similar to OSTree. ● Updates are delivered as a stream of bundles containing binary filesystem deltas. ● meta-swupd supports YP/OE target image builds ○ http://git.yoctoproject.org/cgit/cgit.cgi/meta-swupd

  23. swupd ● Key difference is that the swupd-client does not require a reboot to activate a newly released bundle ● swupd-server tool handles creation of bundles and feed update streams to a client. ● Project shows no contributors outside of Intel ● Only projects adopting swupd are ClearLinux and Ostro OS, both Intel projects.

  24. Container-based solutions ● Resin.io ○ Base OS is flexible, Docker-based deltas ● Ubuntu Snappy ○ Base OS is minimal Ubuntu with deltaed containers ● Project Atomic ○ Base OS managed with OSTree, Docker-based deltas ● Focus on application and middleware update

  25. Related sessions ● Generic System for Safe Upgrades ○ Tuesday 10:00 http://sched.co/7rrp ● ResinOS ○ Tuesday 15:00 http://sched.co/8PTZ ● OSS Remote update for IoT Devices ○ Tuesday 15:00 http://sched.co/7rrA ● Mender.io BoF ○ Tuesday 18:10 http://sched.co/8PeA ● Continuous Delivery with Yocto (Ostro) ○ Wednesday 10:45 http://sched.co/7rrB ● Software update for IoT ○ Wednesday 14:00 http://sched.co/7rrJ ● Software updates for connected devices ○ Wednesday 15:00 http://sched.co/7rrK

  26. Q&A

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Real Time Linux Scheduling Comparison Vince Bridgers Software Architect Altera Corporation Who

Real Time Linux Scheduling Comparison Vince Bridgers Software Architect Altera Corporation Who

Real Time Linux Scheduling Comparison Vince Bridgers Software Architect Altera Corporation Who am I? Software Developer and Architect at Altera Corporation Open Source Development Activities in Austin, Texas Open source projects

649 views • 22 slides
Linux and Advanced Storage Technologies Martin K. Petersen <martin.petersen@oracle.com>

Linux and Advanced Storage Technologies Martin K. Petersen <martin.petersen@oracle.com>

<Insert Picture Here> Linux and Advanced Storage Technologies Martin K. Petersen <martin.petersen@oracle.com> Consulting Software Developer, Linux Kernel Engineering Blocks and Alignment Blocks For decades we have had a common

910 views • 27 slides
DIF, DIX and Linux Data Integrity Martin K. Petersen Consulting Software Developer, Linux

DIF, DIX and Linux Data Integrity Martin K. Petersen Consulting Software Developer, Linux

<Insert Picture Here> DIF, DIX and Linux Data Integrity Martin K. Petersen Consulting Software Developer, Linux Engineering Topics Data Integrity Technologies <Insert Picture Here> Data Corruption T10 DIF Data

752 views • 25 slides
Proactive Security in Linux Lukas Vrabec About me Lukas Vrabec Software Engineer

Proactive Security in Linux Lukas Vrabec About me Lukas Vrabec Software Engineer

Proactive Security in Linux Lukas Vrabec About me Lukas Vrabec Software Engineer Member of Security Technologies team at Red Hat Fedora Contributor (selinux-policy, xguest, udica, netlabel_tools) lvrabec@redhat.com

1.55k views • 122 slides
Dynamic Software Updating for the Linux Kernel Iulian Neamtiu Michael Hicks

Dynamic Software Updating for the Linux Kernel Iulian Neamtiu Michael Hicks

Dynamic Software Updating for the Linux Kernel Iulian Neamtiu Michael Hicks University of Maryland Why On-the-fly Kernel Updates? Software updates - necessary evil Inconvenient, expensive OS update via stop/restart

419 views • 7 slides
Back to the Linux Framebuffer! Linux Framebuffer support in free software Nicolas Caramelli

Back to the Linux Framebuffer! Linux Framebuffer support in free software Nicolas Caramelli

Back to the Linux Framebuffer! Linux Framebuffer support in free software Nicolas Caramelli Contents 1. Getting started /dev/fb0 and mmap fb-test-app, fbmark 2. Some tools Fbpad terminal emulator Fbi, FIM image viewers

747 views • 72 slides
Updating an Embedded System About me Me: Software Engineer at DENX, Gmbh U-Boot

Updating an Embedded System About me Me: Software Engineer at DENX, Gmbh U-Boot

SWUpdate Updating an Embedded System About me Me: Software Engineer at DENX, Gmbh U-Boot Custodian for NXP's i.MX Focus on Linux embedded Author of FOSS SWUpdate Do we update ? Local Update Push Software Pull Software

870 views • 38 slides
Linux For Beginners April 26, 2016 Dualboot Linux and Windows Dualboot Linux and Windows

Linux For Beginners April 26, 2016 Dualboot Linux and Windows Dualboot Linux and Windows

Linux For Beginners April 26, 2016 Dualboot Linux and Windows Dualboot Linux and Windows Reinstall usually keeps personal files Advantages of Linux More secure Package manager Software installation is easy, fast and secure Keeps

528 views • 15 slides
AOS Linux Tutorial Introduction to Linux Michael Havas Dept. of Atmospheric and Oceanic Sciences

AOS Linux Tutorial Introduction to Linux Michael Havas Dept. of Atmospheric and Oceanic Sciences

AOS Linux Tutorial Introduction to Linux Michael Havas Dept. of Atmospheric and Oceanic Sciences McGill University September 15, 2011 Outline 1 Introduction to Linux Benefits of Linux What Exactly is Linux? The Free-Software Philosophy 2

898 views • 69 slides
Presentation Software Comparison Chart Software Using desktop/laptop software is the usually the

Presentation Software Comparison Chart Software Using desktop/laptop software is the usually the

Presentation Software Comparison Chart Software Using desktop/laptop software is the usually the best option for creating a presentation, especially for longer deadlines where you have the time for learning the software and creating the

529 views • 7 slides
. Linux/Moose endangered or extinct? An update on this atypical embedded Linux botnet by

. Linux/Moose endangered or extinct? An update on this atypical embedded Linux botnet by

. Linux/Moose endangered or extinct? An update on this atypical embedded Linux botnet by Olivier Bilodeau $ apropos Statically linked stripped ELF challenges Moose DNA (description) Moose Herding (the Operation) A Strange Animal Latest

727 views • 55 slides
LSS 2017: linux-integrity subsystem update Mimi Zohar 1 IBM Research Linux Integrity Subsystem

LSS 2017: linux-integrity subsystem update Mimi Zohar 1 IBM Research Linux Integrity Subsystem

LSS 2017: linux-integrity subsystem update Mimi Zohar 1 IBM Research Linux Integrity Subsystem Status Update Review of IMA goals New IMA features and other changes TPM related work Possible IMA specific fixes for TPM

567 views • 17 slides
The State of the Linux Desktop An OSDL Perspective John Cherry OSDL Desktop Linux (DTL)

The State of the Linux Desktop An OSDL Perspective John Cherry OSDL Desktop Linux (DTL)

The State of the Linux Desktop An OSDL Perspective John Cherry OSDL Desktop Linux (DTL) September 23, 2006 1 2 The State of the Linux Desktop Riding the Open Software Wave The Linux Desktop Markets Linux Desktop Market Data The Linux

543 views • 40 slides
Tempesta FW Linux Application Delivery Controller Alexander Krizhanovsky Tempesta Technologies,

Tempesta FW Linux Application Delivery Controller Alexander Krizhanovsky Tempesta Technologies,

Tempesta FW Linux Application Delivery Controller Alexander Krizhanovsky Tempesta Technologies, Inc. ak@tempesta-tech.com Who am I? CEO & CTO at Tempesta Technologies (Seattle, WA) Developing Tempesta FW open source Linux Application

1.05k views • 55 slides
Linux Kung Fu Introduction What is Linux? Why Linux? What is the difference between a client

Linux Kung Fu Introduction What is Linux? Why Linux? What is the difference between a client

Linux Kung Fu Introduction What is Linux? Why Linux? What is the difference between a client and a server? What is Linux? Linux generally refers to a group of Unix-like free and open-source operating system distributions that use the Linux

562 views • 53 slides
CISC 322 Software/Game Architecture Module 4: Examples of Architectures (Linux) Ahmed E. Hassan

CISC 322 Software/Game Architecture Module 4: Examples of Architectures (Linux) Ahmed E. Hassan

CISC 322 Software/Game Architecture Module 4: Examples of Architectures (Linux) Ahmed E. Hassan Linux as a Case Study: Its Extracted Software Architecture Paper By: Ivan T. Bowman, Richard C. Holt and Neil V. Brewster Slides By: Jack

463 views • 15 slides
Pulp Google Hacking The Next Generation Search Engine Hacking Arsenal 3 August 2011 Black Hat

Pulp Google Hacking The Next Generation Search Engine Hacking Arsenal 3 August 2011 Black Hat

Pulp Google Hacking The Next Generation Search Engine Hacking Arsenal 3 August 2011 Black Hat 2011 Las Vegas, NV Presen sented ed b by: Francis Brown Rob Ragan Stach & Liu, LLC www.stachliu.com Agenda O V E R V I E W

1.07k views • 72 slides
Meeting of the EPA Science Advisory Board Meeting of the EPA Science Advisory Board Biogenic

Meeting of the EPA Science Advisory Board Meeting of the EPA Science Advisory Board Biogenic

Meeting of the EPA Science Advisory Board Meeting of the EPA Science Advisory Board Biogenic Carbon Emissions Panel Paul Noe Vice President for Public Policy October 25 2011 October 25, 2011 U.S. forests have national growth/drain ratio of

254 views • 6 slides
Partitioning Problem and Usage Lecture 8 CSCI 4974/6971 26 Sep 2016 1 / 14 Todays Biz 1.

Partitioning Problem and Usage Lecture 8 CSCI 4974/6971 26 Sep 2016 1 / 14 Todays Biz 1.

Partitioning Problem and Usage Lecture 8 CSCI 4974/6971 26 Sep 2016 1 / 14 Todays Biz 1. Reminders 2. Review 3. Graph Partitioning overview 4. Graph Partitioning Small-world Graphs 5. Partitioning Usage example 2 / 14 Todays Biz 1.

1.47k views • 102 slides
Near infrared spectroscopy: A rapid nondestructive method for measuring wood properties and its

Near infrared spectroscopy: A rapid nondestructive method for measuring wood properties and its

Near infrared spectroscopy: A rapid nondestructive method for measuring wood properties and its application to tree breeding L. R. Schimleck Warnell School of Forestry and Natural Resources The University of Georgia Overview Introduction

731 views • 39 slides
Rotary Press Revolutionizes Sludge Compaction Presented by: Ross Elliot VP & GM Tecumseth

Rotary Press Revolutionizes Sludge Compaction Presented by: Ross Elliot VP & GM Tecumseth

Rotary Press Revolutionizes Sludge Compaction Presented by: Ross Elliot VP & GM Tecumseth Filtration Inc. Rotary Press Introduction Waste sludge dewatering issues Pulp and Paper mill sludge categories Mechanical dewatering

716 views • 28 slides
WEYERHAEUSER Earnings Release 3rd Quarter 2010 Forward-looking Statement This presentation

WEYERHAEUSER Earnings Release 3rd Quarter 2010 Forward-looking Statement This presentation

WEYERHAEUSER Earnings Release 3rd Quarter 2010 Forward-looking Statement This presentation contains statements concerning the companys future results and performance that are forward -looking statements within the meaning of the Private

613 views • 20 slides
Flexible and Scalable Acceleration Techniques for Low-Power Edge Computing 2nd Italian Workshop

Flexible and Scalable Acceleration Techniques for Low-Power Edge Computing 2nd Italian Workshop

Flexible and Scalable Acceleration Techniques for Low-Power Edge Computing 2nd Italian Workshop on Embedded Systems 8.9.2017 Universit degli Studi di Roma La Sapienza Francesco Conti 1,2 , Davide Rossi 1 , Luca Benini 1,2

873 views • 53 slides
AI for AI Systems and Chips Azalia Mirhoseini Senior Research Scientist, Google Brain In the

AI for AI Systems and Chips Azalia Mirhoseini Senior Research Scientist, Google Brain In the

AI for AI Systems and Chips Azalia Mirhoseini Senior Research Scientist, Google Brain In the past decade, systems and chips have transformed AI. Systems AI and Chips In the past decade, systems and chips have transformed AI. Now, its time

502 views • 33 slides

More recommend