From owner-freebsd-stable@FreeBSD.ORG Fri May 27 11:42:02 2011 Return-Path: Delivered-To: freebsd-stable@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3A354106564A for ; Fri, 27 May 2011 11:42:02 +0000 (UTC) (envelope-from avg@FreeBSD.org) Received: from citadel.icyb.net.ua (citadel.icyb.net.ua [212.40.38.140]) by mx1.freebsd.org (Postfix) with ESMTP id 84EA88FC1A for ; Fri, 27 May 2011 11:42:01 +0000 (UTC) Received: from odyssey.starpoint.kiev.ua (alpha-e.starpoint.kiev.ua [212.40.38.101]) by citadel.icyb.net.ua (8.8.8p3/ICyb-2.3exp) with ESMTP id OAA07351; Fri, 27 May 2011 14:41:55 +0300 (EEST) (envelope-from avg@FreeBSD.org) Message-ID: <4DDF8E02.4060108@FreeBSD.org> Date: Fri, 27 May 2011 14:41:54 +0300 From: Andriy Gapon User-Agent: Mozilla/5.0 (X11; U; FreeBSD amd64; en-US; rv:1.9.2.17) Gecko/20110504 Lightning/1.0b2 Thunderbird/3.1.10 MIME-Version: 1.0 To: tzim@tzim.net References: <63454684d7d46c2ef76cfcc979500612@tzim.net> In-Reply-To: <63454684d7d46c2ef76cfcc979500612@tzim.net> X-Enigmail-Version: 1.1.2 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Cc: freebsd-stable@FreeBSD.org Subject: Re: zfs-root and "safe" atomic updates X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 May 2011 11:42:02 -0000 on 27/05/2011 14:08 tzim@tzim.net said the following: > I use zfs on / for quite some time now on 8-stable. > > Each time I want to update base, I use those steps : > > - zfs snapshot tank/root@old > - zfs clone tank/root@old tank/root.old > - csup / Rebuild world and kernel > - install world & kernel > - reboot > - (mergemaster and all usual post-update stuff) > > This way, if I unfortunately can't boot, I can revert to old userland & kernel by : > > - dropping into loader prompt > - setting vfs.root.mountfrom to zfs:tank/root.old > - booting kernel.old Just for the records, I would like to poin out that kernel.old would be loaded from zfs:tank/root. > - then rollback tank/root to pre-update snapshot and reboot (again) > > > I see 2 drawbacks to my method : > > - This wont work if the update screws the loader. > - I must be able to access the loader prompt (can't do it on a remote server). Yes. > Also, world is updated "in place". > > I think it should be possible to do the installworld & installkernel on a root > clone then boot into it (changing tank bootfs property), but then : how to revert > to previous state in case of failure ? Is there a "nextboot" thing planed for zfs ? I am not aware of any plans to implement nextboot for zfs as it would require at least some write support for zpool and there is none (for boot code) at the moment. > What do you think ? How do you address the problem ? I have some patches that allow to boot a different loader or a kernel from a different (non-bootfs) ZFS dataset: http://lists.freebsd.org/pipermail/freebsd-fs/2010-July/008976.html But that still requires access to zfs boot and/or loader command interface. -- Andriy Gapon