stateless systems factory reset golden master systems and
play

Stateless Systems, Factory Reset, Golden Master Systems and systemd - PowerPoint PPT Presentation

May 26, 2023 •110 likes •930 views

Stateless Systems, Factory Reset, Golden Master Systems and systemd LinuxCon Europe, Duesseldorf October 2014 Stateless Systems, Factory Reset, Golden Master Systems and Factory Reset? Stateless Systems, Factory Reset, Golden Master Systems

  1. Stateless Systems, Factory Reset, Golden Master Systems and systemd LinuxCon Europe, Duesseldorf October 2014 Stateless Systems, Factory Reset, Golden Master Systems and

  2. Factory Reset? Stateless Systems, Factory Reset, Golden Master Systems and

  3. Factory Reset? The procedure to bring a system back into the state that is was shipped in. Stateless Systems, Factory Reset, Golden Master Systems and

  4. Stateless System? Stateless Systems, Factory Reset, Golden Master Systems and

  5. Stateless System? A system where every single boot-up is as if a factory reset was just completed. Stateless Systems, Factory Reset, Golden Master Systems and

  6. Golden Master? The one master image a factory reset returns the state to. Stateless Systems, Factory Reset, Golden Master Systems and

  7. Golden Master? The one master image a factory reset returns the state to. The same image is usually shared between a multitude of systems. Stateless Systems, Factory Reset, Golden Master Systems and

  8. Where do you want this? Stateless Systems, Factory Reset, Golden Master Systems and

  9. Where do you want this? Containers, Stateless Systems, Factory Reset, Golden Master Systems and

  10. Where do you want this? Containers, servers, Stateless Systems, Factory Reset, Golden Master Systems and

  11. Where do you want this? Containers, servers, laptops/desktops/tablets, Stateless Systems, Factory Reset, Golden Master Systems and

  12. Where do you want this? Containers, servers, laptops/desktops/tablets, mobile, Stateless Systems, Factory Reset, Golden Master Systems and

  13. Where do you want this? Containers, servers, laptops/desktops/tablets, mobile, embedded Stateless Systems, Factory Reset, Golden Master Systems and

  14. Where do you want this? Containers, servers, laptops/desktops/tablets, mobile, embedded Verifiable setups Stateless Systems, Factory Reset, Golden Master Systems and

  15. Where do you want this? Containers, servers, laptops/desktops/tablets, mobile, embedded Verifiable setups Apps Stateless Systems, Factory Reset, Golden Master Systems and

  16. Tons of prior art: Android, ChromeOS, CoreOS, virtualization infrastructure, and many embedded systems Stateless Systems, Factory Reset, Golden Master Systems and

  17. Our goal with working on this in the systemd context: to solve this in a modular and generic way, for all usecases Stateless Systems, Factory Reset, Golden Master Systems and

  18. Our goal with working on this in the systemd context: to solve this in a modular and generic way, for all usecases Right in the OS itself. Stateless Systems, Factory Reset, Golden Master Systems and

  19. Let’s seperate state from OS resources! Stateless Systems, Factory Reset, Golden Master Systems and

  20. Let’s seperate state from OS resources! /etc: configuration Stateless Systems, Factory Reset, Golden Master Systems and

  21. Let’s seperate state from OS resources! /etc: configuration /var: state Stateless Systems, Factory Reset, Golden Master Systems and

  22. Let’s seperate state from OS resources! /etc: configuration /var: state /usr: vendor OS resources Stateless Systems, Factory Reset, Golden Master Systems and

  23. Let’s seperate state from OS resources! /etc: configuration /var: state /usr: vendor OS resources (after the /usr merge) Stateless Systems, Factory Reset, Golden Master Systems and

  24. Flushing /etc, /var, just keeping /usr: full factory reset Flushing just /var, keeping /usr and /etc: keeping settings, but dropping collected state Stateless Systems, Factory Reset, Golden Master Systems and

  25. Booting with /var empty? Stateless Systems, Factory Reset, Golden Master Systems and

  26. Booting with /var empty? Mostly just works, just a few more tmpfiles rules Stateless Systems, Factory Reset, Golden Master Systems and

  27. Booting with /var empty? Mostly just works, just a few more tmpfiles rules Stateless Systems, Factory Reset, Golden Master Systems and

  28. What’s tmpfiles again? Stateless Systems, Factory Reset, Golden Master Systems and

  29. What’s tmpfiles again? d /var 0755 - - - L /var/run - - - - ../run d /var/log 0755 - - - f /var/log/wtmp 0664 root utmp - f /var/log/btmp 0600 root utmp - d /var/cache 0755 - - - d /var/lib 0755 - - - d /var/spool 0755 - - - Stateless Systems, Factory Reset, Golden Master Systems and

  30. Booting with /etc empty? Stateless Systems, Factory Reset, Golden Master Systems and

  31. Booting with /etc empty? More complex Stateless Systems, Factory Reset, Golden Master Systems and

  32. Booting with /etc empty? More complex Software is more allergic if configuration files in /etc are missing Stateless Systems, Factory Reset, Golden Master Systems and

  33. Booting with /etc empty? More complex Software is more allergic if configuration files in /etc are missing User database! Stateless Systems, Factory Reset, Golden Master Systems and

  34. Booting with /etc empty? More complex Software is more allergic if configuration files in /etc are missing User database! Core OS components shipped by systemd are fixed Stateless Systems, Factory Reset, Golden Master Systems and

  35. Booting with /etc empty? More complex Software is more allergic if configuration files in /etc are missing User database! Core OS components shipped by systemd are fixed Exception in the core OS: dbus, PAM Stateless Systems, Factory Reset, Golden Master Systems and

  36. tmpfiles to the rescue: C /etc/pam.d C /etc/nsswitch.conf Introducing: /usr/share/factory/etc Stateless Systems, Factory Reset, Golden Master Systems and

  37. sysusers to the rescue: u root 0 "Super User" /root u nobody 65534 "Nobody" - g adm - - - g wheel - - - g kmem - - - g lock - - - g tty 5 - - g utmp - - - g audio - - - g cdrom - - - g dialout - - - g disk - - - g input - - - g lp - - - g tape - - - g video - - - g users - - - Stateless Systems, Factory Reset, Golden Master Systems and

  38. systemd-nspawn –volatile=no -b -D /srv/mycontainer Stateless Systems, Factory Reset, Golden Master Systems and

  39. systemd-nspawn –volatile=no -b -D /srv/mycontainer systemd-nspawn –volatile=state -b -D /srv/mycontainer Stateless Systems, Factory Reset, Golden Master Systems and

  40. systemd-nspawn –volatile=no -b -D /srv/mycontainer systemd-nspawn –volatile=state -b -D /srv/mycontainer systemd-nspawn –volatile=yes -b -D /srv/mycontainer Stateless Systems, Factory Reset, Golden Master Systems and

  41. Updating Stateless Systems, Factory Reset, Golden Master Systems and

  42. Updating /usr can be updated offline Stateless Systems, Factory Reset, Golden Master Systems and

  43. Updating /usr can be updated offline On next boot, /etc and /var are updated Stateless Systems, Factory Reset, Golden Master Systems and

  44. Updating /usr can be updated offline On next boot, /etc and /var are updated ConditionNeedsUpdate= Stateless Systems, Factory Reset, Golden Master Systems and

  45. Updating /usr can be updated offline On next boot, /etc and /var are updated ConditionNeedsUpdate= ldconfig, sysusers, udev hwdb, . . . Stateless Systems, Factory Reset, Golden Master Systems and

  46. Updating /usr can be updated offline On next boot, /etc and /var are updated ConditionNeedsUpdate= ldconfig, sysusers, udev hwdb, . . . All atomic Stateless Systems, Factory Reset, Golden Master Systems and

  47. Double Buffering Stateless Systems, Factory Reset, Golden Master Systems and

  48. Double Buffering Multiple /usr trees around! Stateless Systems, Factory Reset, Golden Master Systems and

  49. RPM? Classic Distributions? Stateless Systems, Factory Reset, Golden Master Systems and

  50. Timeframe? Stateless Systems, Factory Reset, Golden Master Systems and

  51. Apps! Stateless Systems, Factory Reset, Golden Master Systems and

  52. Apps! /usr: os, runtime, framework Stateless Systems, Factory Reset, Golden Master Systems and

  53. Apps! /usr: os, runtime, framework /opt/ appname : app Stateless Systems, Factory Reset, Golden Master Systems and

  54. OS: a /usr one can boot up a system with Stateless Systems, Factory Reset, Golden Master Systems and

  55. OS: a /usr one can boot up a system with Runtime: a /usr one can run executables against Stateless Systems, Factory Reset, Golden Master Systems and

  56. OS: a /usr one can boot up a system with Runtime: a /usr one can run executables against Framework: a /usr one can build executables with Stateless Systems, Factory Reset, Golden Master Systems and

  57. OS, Runtime, Framework, Instance, Apps Stateless Systems, Factory Reset, Golden Master Systems and

  58. OS, Runtime, Framework, Instance, Apps All in multiple versions on the same system Stateless Systems, Factory Reset, Golden Master Systems and

  59. OS, Runtime, Framework, Instance, Apps All in multiple versions on the same system btrfs subvolumes Stateless Systems, Factory Reset, Golden Master Systems and

  60. btrfs??? Stateless Systems, Factory Reset, Golden Master Systems and

  61. Clear naming Scheme for subvolumes Stateless Systems, Factory Reset, Golden Master Systems and

  62. Clear naming Scheme for subvolumes usr: vendorid : architecture : version Stateless Systems, Factory Reset, Golden Master Systems and

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Stateless Reset QUIC Interim 2017-06, Paris Manifest Confusion What is the purpose of a

Stateless Reset QUIC Interim 2017-06, Paris Manifest Confusion What is the purpose of a

Stateless Reset QUIC Interim 2017-06, Paris Manifest Confusion What is the purpose of a Stateless Reset? What signals do we want endpoints to generate? ...and who do we want to have consume those signals? What is the role of a middlebox in

390 views • 13 slides
4TU MASTER EMBEDDED SYSTEMS Bert Molenkamp 19/03/2020 Master Embedded Systems 1 Table of

4TU MASTER EMBEDDED SYSTEMS Bert Molenkamp 19/03/2020 Master Embedded Systems 1 Table of

4TU MASTER EMBEDDED SYSTEMS Bert Molenkamp 19/03/2020 Master Embedded Systems 1 Table of contents What is an embedded system Examples of research topics Admission Overview of the programme Success rates Master Embedded

814 views • 31 slides
Stateless Clustering Using OSCAR and PERCEUS Abhishek Kulkarni and Andrew Lumsdaine Open Systems

Stateless Clustering Using OSCAR and PERCEUS Abhishek Kulkarni and Andrew Lumsdaine Open Systems

Stateless Clustering Using OSCAR and PERCEUS Abhishek Kulkarni and Andrew Lumsdaine Open Systems Laboratory, Indiana University The 6th Annual Symposium on OSCAR and HPC Cluster Systems University of Laval Quebec City, Quebec, Canada

581 views • 28 slides
Real-Time Systems Prof. Chenyang Lu TAs: Ruixuan Dai, Jiangnan Liu Real-Time Systems Systems

Real-Time Systems Prof. Chenyang Lu TAs: Ruixuan Dai, Jiangnan Liu Real-Time Systems Systems

CSE 520S Real-Time Systems Prof. Chenyang Lu TAs: Ruixuan Dai, Jiangnan Liu Real-Time Systems Systems operating under timing constraints Safety-critical systems q Automobiles. q Airplanes. q Mars rovers. q Factory automation. q Air traffic

897 views • 31 slides
1 Production Cell Set-up Pervasive Systems Robotics and Mechatronics Bio-inspired wireless

1 Production Cell Set-up Pervasive Systems Robotics and Mechatronics Bio-inspired wireless

Programme Today Master programme Embedded Systems Bert Molenkamp (programme mentor) Demo 4TU MASTER EMBEDDED SYSTEMS Gerwin Hoogsteen (ZI 5078); smart grid Masoud Abbasi Alaei (ZI 5098); wireless communication Tour

413 views • 4 slides
95-702 Distributed Systems Lecture 1: Introduction 95-702Distributed Systems 1 Master of

95-702 Distributed Systems Lecture 1: Introduction 95-702Distributed Systems 1 Master of

95-702 Distributed Systems Lecture 1: Introduction 95-702Distributed Systems 1 Master of Information System Management Course Web Site http://www.andrew.cmu.edu/~mm6 95-702Distributed Systems 2 Master of Information System Management How

547 views • 32 slides
Golden lden Six CII CII-Mast Master er Class 2 nd nd Dec Dec-2015 2015, , New Delhi hi

Golden lden Six CII CII-Mast Master er Class 2 nd nd Dec Dec-2015 2015, , New Delhi hi

Golden lden Six CII CII-Mast Master er Class 2 nd nd Dec Dec-2015 2015, , New Delhi hi Harshad shad Pathak ak Take Home messages the juice .. Golden Six is Common sense (Caution it is not always common) Simple tool to

495 views • 21 slides
Types of Expert Systems Interpretation Systems Prediction Systems Diagnosis Systems

Types of Expert Systems Interpretation Systems Prediction Systems Diagnosis Systems

Types of Expert Systems Interpretation Systems Prediction Systems Diagnosis Systems Design Systems Planning Systems Monitoring Systems Debugging Systems Repair Systems Instruction Systems Control

329 views • 7 slides
95-702 Distributed Systems Lecture 6: Web Services Chapter 19 of Coulouris 95-702 Distributed

95-702 Distributed Systems Lecture 6: Web Services Chapter 19 of Coulouris 95-702 Distributed

95-702 Distributed Systems Lecture 6: Web Services Chapter 19 of Coulouris 95-702 Distributed Systems 1 Master of Information System Management In A Nutshell From Globus.org (Grid computing) 95-702 Distributed Systems 2 Master of Information

779 views • 51 slides
Construction Products Conference By Keith Pheasey ARC Management Systems Topics for discussion:

Construction Products Conference By Keith Pheasey ARC Management Systems Topics for discussion:

Factory Production Control and Initial Type Testing Presentation for CE Marking Construction Products Conference By Keith Pheasey ARC Management Systems Topics for discussion: Identification of Attestation Level Factory Production

642 views • 40 slides
If the you can read If the you can read this Click on the this Click on the icon to choose a

If the you can read If the you can read this Click on the this Click on the icon to choose a

If the you can read If the you can read this Click on the this Click on the icon to choose a icon to choose a picture or picture or Reset the slide . Reset the slide . BUILDING WIDE SYSTEMS INTEGRATION To Reset: Right click on the To Reset:

603 views • 25 slides
Module 17: Distributed-File Systems Background Naming and Transparency Remote File

Module 17: Distributed-File Systems Background Naming and Transparency Remote File

Module 17: Distributed-File Systems Background Naming and Transparency Remote File Access Stateful versus Stateless Service File Replication Example Systems Silberschatz, Galvin, and Gagne 1999 Applied Operating System

726 views • 58 slides
Chapter 16 Distributed-File Systems Background Naming and Transparency Remote File

Chapter 16 Distributed-File Systems Background Naming and Transparency Remote File

Chapter 16 Distributed-File Systems Background Naming and Transparency Remote File Access Stateful versus Stateless Service File Replication Example Systems Operating System Concepts Silberschatz, Galvin and Gagne 2002

168 views • 12 slides
Module 17: Distributed-File Systems Background Naming and Transparency Remote File

Module 17: Distributed-File Systems Background Naming and Transparency Remote File

Module 17: Distributed-File Systems Background Naming and Transparency Remote File Access Stateful versus Stateless Service File Replication Example Systems Silberschatz, Galvin, and Gagne 1999 Applied Operating System

1.3k views • 29 slides
Chapter 16 Distributed-File Systems Background Naming and Transparency Remote File

Chapter 16 Distributed-File Systems Background Naming and Transparency Remote File

Chapter 16 Distributed-File Systems Background Naming and Transparency Remote File Access Stateful versus Stateless Service File Replication Example Systems Operating System Concepts 16.1 Silberschatz, Galvin and Gagne

277 views • 24 slides
SafePlex Systems, Inc. SafePlex Systems, Inc. SafePlex Systems, Inc. SafePlex Systems, Inc. P

SafePlex Systems, Inc. SafePlex Systems, Inc. SafePlex Systems, Inc. SafePlex Systems, Inc. P

SafePlex Systems, Inc. SafePlex Systems, Inc. SafePlex Systems, Inc. SafePlex Systems, Inc. P P HOUSTON, TEXAS S S S S Sales@safeplexsystems.com Systems, ystems, P Products, roducts, S Services, ervices, I Integrity ntegrity S I

80 views • 5 slides
Hard State Revisited: Network Filesystems Hard State Revisited: Network Filesystems Jeff Chase

Hard State Revisited: Network Filesystems Hard State Revisited: Network Filesystems Jeff Chase

Hard State Revisited: Network Filesystems Hard State Revisited: Network Filesystems Jeff Chase CPS 212, Fall 2000 Network File System (NFS) Network File System (NFS) server client syscall layer user programs VFS syscall layer NFS VFS

430 views • 29 slides
IOFSL Scalable HEC I/O Forwarding Layer Rob Ross, Pete Beckman, Dries Kimpe, Kamil Iskra

IOFSL Scalable HEC I/O Forwarding Layer Rob Ross, Pete Beckman, Dries Kimpe, Kamil Iskra

IOFSL Scalable HEC I/O Forwarding Layer Rob Ross, Pete Beckman, Dries Kimpe, Kamil Iskra (Argonne) James Nunez, John Bent, Gary Grider, Sean Blanchard, Latchesar Ionkov, Hugh Greenberg (Los Alamos) Steve Poole, Terry Jones (Oak Ridge) Lee

416 views • 16 slides
Fork-exec model Server Architecture Models Operating Systems Hebrew University Spring 2004

Fork-exec model Server Architecture Models Operating Systems Hebrew University Spring 2004

Fork-exec model Server Architecture Models Operating Systems Hebrew University Spring 2004 Server Behavior Drawbacks 1. This multiprocessing architecture is useful if the handling of the client request takes some time or a session state has

355 views • 4 slides
SCNP: A protocol for automatic, decentralized and scalable IP network configuration T. Delaet

SCNP: A protocol for automatic, decentralized and scalable IP network configuration T. Delaet

Motivation Our Solution Summary SCNP: A protocol for automatic, decentralized and scalable IP network configuration T. Delaet Department of Computer Science K.U.Leuven IFIP/IEEE International Workshop on Self-Managed Systems & Services,

547 views • 18 slides
Wednesday, March 7, 2012 Our games all look the same Flash client Backend

Wednesday, March 7, 2012 Our games all look the same Flash client Backend

G AMES FOR THE M ASSES How DevOps Affects Architecture Jesper Richter-Reichhelm, @jrirei Wednesday, March 7, 2012 Wednesday, March 7, 2012 Our games all look the same Flash client Backend Wednesday, March 7,

1.77k views • 145 slides
Internet Systems Programming NFS: Protocols, Programming, and Implementation Erez Zadok

Internet Systems Programming NFS: Protocols, Programming, and Implementation Erez Zadok

Internet Systems Programming NFS: Protocols, Programming, and Implementation Erez Zadok ezk@cs.columbia.edu October 25, 1999 The BIG Picture portmap biod NFS Client (kernel) mountd process lockd NFS_READ read() RPC XDR XDR RPC

469 views • 15 slides
Development of Web Applications Principles and Practice Vincent Simonet, 2013-2014 Universit

Development of Web Applications Principles and Practice Vincent Simonet, 2013-2014 Universit

Development of Web Applications Principles and Practice Vincent Simonet, 2013-2014 Universit Pierre et Marie Curie, Master Informatique, Spcialit STL 2 Communication Vincent Simonet, 2013-2014 Universit Pierre et Marie Curie, Master

782 views • 57 slides
David Rook Agnitio Security code review swiss army knife Hack in Paris, Paris Friday, 17 June

David Rook Agnitio Security code review swiss army knife Hack in Paris, Paris Friday, 17 June

David Rook Agnitio Security code review swiss army knife Hack in Paris, Paris Friday, 17 June 2011 if (slide == introduction) System.out.println( " Im David Rook " ); Security Analyst, Realex Payments, Ireland CISSP, CISA,

933 views • 74 slides

More recommend