[ cross-posted to pkg-discuss and zones-discuss. sorry for any dups. ]
hey all,
one issue that linked images has to deal with is how specify the content
relationship between images. i've written up the proposal below
describing one way this could be done. any comments or feedback would
be greatly appreciated.
thanks
ed
" please ensure that the vim modeline option is not disabled
vim:textwidth=72
------------------------------------------------------------------------------
Linked image content policies - v0.1
The contents of a linked image will be controlled by a linked image
property called "li-content-policy". This content policy value will
take the form of:
<policy>[:<pkg-group>]
The <pkg-group> value determines the set of packages that the policy
gets applied to. In the future we could allow users to define their own
package groups that a content policy could be applied to, but initially
the following three package groups are proposed:
- minimal - the minimal set of packages that need to be kept in sync
between a global zone and non-global zones.
- core-os - all packages that are incorporated by a package which has a
pkg.depend.install-hold value of core-os*.
- all - all available packages.
The actual <policy> value determines the policy behavior applied to the
specified set of packages. Initially the following policies are
proposed:
- mirror - Requires that a package installed in a parent image must also
be installed in the child image at the same version and timestamp.
- sync - Requires that a package be installed in a parent image before
it can optionally be installed in a child image at that same version
and timestamp.
Both the policies above require that a package group be specified, but
in the future there may be other policies that do not require the
specification of a package group.
Here are some examples of how these different policies and pkg groups
can be combined and used in the context of zones.
- sync:minimal - If this setting was applied to a zone then it would
keep the minimal amount of packages in sync between a zone and the
global zone. Any packages in the minimal set would need to be
installed in the global zone before they could be install in a zone.
Also, any package in the minimal set that are installed in a zone must
have exactly the same version and timestamp as the packages in the
global zone. Packages outside the minimal set can be at any version
as long as all their dependencies can be satisfied.
This will be the default content policy for zones.
- sync:core-os - If this setting was applied to a zone then the set of
core-os packages installed in that zone would be equivalent to, or a
subset of, the set of core-os packages installed in the global zone.
The zone could still be minimized, and it would still be free to
install and manage any software as long as it wasn't tagged as
core-os. All core-os packages would need to be managed and updated
from the global zone.
- sync:all - If this setting was applied to a zone then the set of
packages installed in that zone would be equivalent to, or a subset
of, the set of packages installed in the global zone. The zone could
still be minimized, but it would be unable to install any software not
already installed in the global zone. All software would need to be
managed and updated from the global zone.
This will be the default content policy for scratch zone root images. [1]
- mirror:minimal - This setting would be allowable, but wouldn't be
hugely useful.
- mirror:core-os - If this setting was applied to a zone then the set of
core-os packages installed in that zone would be equal to the set of
core-os packages installed in the global zone. The zone could not be
minimized, but it would still be free to install and manage any
software as long as it wasn't tagged as core-os. All core-os packages
would need to be managed and updated from the global zone.
- mirror:all - If this setting was applied to a zone then the set of
packages installed in that zone would be equal to the set of packages
installed in the global zone. The zone could not be minimized and it
would not be able to install any software not already installed in the
global zone. All software would need to be managed and updated from
the global zone.
In the future it may be desirable to support other content policies.
Some (not fully thought through) examples of possible future policies
could be:
- partial - If this setting was applied to a child image then any
package installed in the parent image would be able to satisfy any
package dependency requirements on that package for packages installed
in the child image. Also, any packages installed in both the child
and parent images would need to be at the exact same version and
timestamp. These packages could also be safely removed from the
child image at any time.
Footnotes:
[1] - Scratch zones are temporary zones that are never booted, but can
be entered, and are used to provide a safe environment in which to
manipulate other zone images. The software that runs in a scratch zone
environment should be matched to the software found in the currently
running global zone environment.
------------------------------------------------------------------------------
_______________________________________________
zones-discuss mailing list
zones-discuss@opensolaris.org
