Read-only rootfs. Theory and practice. Chris Simmonds. Embedded Linux Conference Europe Read-only rootfs 1 Copyright , 2net Ltd

Similar documents
A pragmatic guide to boot-time optimization

Advanced UNIX File Systems. Berkley Fast File System, Logging File System, Virtual File Systems

Surviving in the wilderness integrity protection and system update. Patrick Ohly, Intel Open Source Technology Center Preliminary version

CST8177 Linux II. Linux Boot Process

Exam LFCS/Course 55187B Linux System Administration

First Five Minutes on a System. What to do and why

Disks, Filesystems 1

ovirt Node June 9, 2012 Mike Burns ovirt Node 1

HP-UX System Administration Course Overview. Skills Gained. Who will the Course Benefit?

Chapter 5: User Management. Chapter 5 User Management

An Operating System Tailored for Containers and Built for the Embedded World

Course 55187B Linux System Administration

Adding a block devices and extending file systems in Linux environments

Filesystem Hierarchy Operating systems I800 Edmund Laugasson

CompTIA Linux+ Guide to Linux Certification Fourth Edition. Chapter 2 Linux Installation and Usage

At course completion. Overview. Audience profile. Course Outline. : 55187B: Linux System Administration. Course Outline :: 55187B::

Flatpak a technical walk-through. Alexander Larsson, Red Hat

Linux for Beginners. Windows users should download putty or bitvise:

Operating Systems Design 12a. Special File Systems

"Charting the Course... MOC B: Linux System Administration. Course Summary

Embedded lightweight unix

PR2 System Administration. ROS + PR2 Training Workshop

The Linux IPL Procedure

1 / 22. CS 135: File Systems. General Filesystem Design

UEFI Secure Boot and DRI. Kalyan Kumar N

Chapter 6. Boot time configuration. Chapter 6 Boot time configuration

Various Versioning & Snapshot FileSystems

IoT usecase for Yocto Project

The Ultimate Linux/Windows System

WLM1200-RMTS User s Guide

Actual4Test. Actual4test - actual test exam dumps-pass for IT exams

PiCloud. Building owncloud on a Raspberry PI

Welcome to getting started with Ubuntu Server. This System Administrator Manual. guide to be simple to follow, with step by step instructions

Tuning Android for low RAM

SysadminSG RHCSA Study Guide

Variation on AFS as root filesystem

Manual File System Check Linux Command Line

This is Lab Worksheet 13 - not an Assignment. Boot Process and GRUB

RedHat. Rh202. Redhat Certified Technician on Redhat Enterprise Linux 4 (Labs)

Installation of Fedora 12 with CD

1 / 23. CS 137: File Systems. General Filesystem Design

Variation on AFS as root filesystem

Installing caos with Cinch on Floppy Disk

Linux Essentials Objectives Topics:

Disks, Filesystems Todd Kelley CST8177 Todd Kelley 1

Yocto Project and OpenEmbedded training 3-day session

Linux development. Kernel Development with VirtualBox Marco Stornelli. Created with OpenOffice.org 3.1.1

Upgrade Cisco Interface Module for LoRaWAN IXM using the Console

ovirt Node November 1, 2011 Mike Burns Alan Pevec Perry Myers ovirt Node 1

RH202. Redhat Certified Technician on Redhat Enterprise Linux 4 (Labs) Exam.

Installation of the OS

Linux+ Guide to Linux Certification, Third Edition. Chapter 2 Linux Installation and Usage

CHAPTER 2 ACTIVITY

The landscape. File hierarchy overview. A tree structure of directories The directory tree is standardized. But varies slightly among distributions

Filesystem Hierarchy and Permissions

Diskless Linux Clusters

D. Delete the /var/lib/slocate/slocate.db file because it buffers all search results.

How we added software updates to AGL

FastTrack to Red Hat Linux System Administrator Course Overview


ABOUT ZEPCAM SOFTWARE INSTALLATION MANAGEMENT AND BACKUPS. Description What is it Installation requirement Server requirement

Disks, Filesystems, Booting Todd Kelley CST8177 Todd Kelley 1

IoT devices: secure boot and sw maintenance. Open IoT Summit Igor Stoppa

COS 318: Operating Systems. NSF, Snapshot, Dedup and Review

ViryaOS RFC: Secure Containers for Embedded and IoT. A proposal for a new Xen Project sub-project

Lecture 2: The file system

Please choose the best answer. More than one answer might be true, but choose the one that is best.

January 28 29, 2014San Jose. Engineering Workshop

Lab 3a Using the vi editor

Ottimizzare i tempi di boot di Linux. Andrea Righi -

COS 318: Operating Systems. Journaling, NFS and WAFL

CST Algonquin College 2

MASTERING EMBEDDED LINUX PROGRAMMING BY CHRIS SIMMONDS DOWNLOAD EBOOK : MASTERING EMBEDDED LINUX PROGRAMMING BY CHRIS SIMMONDS PDF

This is sometimes necessary to free up disk space on a volume that cannot have extra disk space easily added.

Chapter 11: File-System Interface

CS197U: A Hands on Introduction to Unix

Herding Clones. Mike Kershaw August 17, urmk/

Introduction to Linux Part I: The Filesystem Luca Heltai

An introduction to Logical Volume Management

Operating Systems Design 14. Special File Systems. Paul Krzyzanowski

How To Resize ext3 Partitions Without Losing Data

CS370 Operating Systems

Author : admin. 1. Getting information about current file system partitions with fdisk and mount

RH-202. RedHat. Redhat Certified Technician on Redhat Enterprise Linux 4 (Labs)

CS 416: Operating Systems Design March 30, 2015

Upgrade Guide. This document details the upgrade process for customers moving from the full version of OnApp Cloud v2.3.1 to v2.3.2.

Linux Systems Security. Backup and Change Management NETS Fall 2016

ELE409 SPRING2018 LAB0

ECE 471 Embedded Systems Lecture 16

UNIX System Administration

Setting up 08/2017. Setting up the SIMATIC IOT2000 SIMATIC IOT2020, SIMATIC IOT2040

Linux Files and the File System

Oracle Linux 7: System Administration Ed 1

Filesystem Hierarchy and Permissions

This section describes the procedures needed to add a new disk to a VM. vmkfstools -c 4g /vmfs/volumes/datastore_name/vmname/xxxx.

RH133. Red Hat Linux System Administration

CST8207: GNU/Linux Operating Systems I Lab Ten Boot Process and GRUB. Boot Process and GRUB

Exam Name: Red Hat Certified Engineer on Redhat

Performing Administrative Tasks

minit Felix von Leitner September 2004 minit

Transcription:

Read-only rootfs Theory and practice Chris Simmonds Embedded Linux Conference Europe 2016 Read-only rootfs 1 Copyright 2011-2016, 2net Ltd

License These slides are available under a Creative Commons Attribution-ShareAlike 3.0 license. You can read the full text of the license here http://creativecommons.org/licenses/by-sa/3.0/legalcode You are free to copy, distribute, display, and perform the work make derivative works make commercial use of the work Under the following conditions Attribution: you must give the original author credit Share Alike: if you alter, transform, or build upon this work, you may distribute the resulting work only under a license identical to this one (i.e. include this page exactly as it is) For any reuse or distribution, you must make clear to others the license terms of this work Read-only rootfs 2 Copyright 2011-2016, 2net Ltd

About Chris Simmonds Consultant and trainer Author of Mastering Embedded Linux Programming Working with embedded Linux since 1999 Android since 2009 Speaker at many conferences and workshops "Looking after the Inner Penguin" blog at http://2net.co.uk/ https://uk.linkedin.com/in/chrisdsimmonds/ https://google.com/+chrissimmonds Read-only rootfs 3 Copyright 2011-2016, 2net Ltd

Overview Why you need a read-only rootfs Where it all goes wrong Putting it right Read-only rootfs 4 Copyright 2011-2016, 2net Ltd

Why you need a read-only rootfs Reduce wear on flash memory Eliminate system file corruption Avoid accidents Enable rootfs image to be updated (manually or OTA) Make reset to factory defaults much easier Read-only rootfs 5 Copyright 2011-2016, 2net Ltd

Where it all goes wrong You can t just mount the rootfs ro Some files have to be created or updated at runtime Examples: Passwords Random seed SSH keys Network configuration wpa_supplicant parameters Read-only rootfs 6 Copyright 2011-2016, 2net Ltd

Categories of storage Non-volatile: flash memory Rootfs: read-only User data read-write Volatile: tmpfs Temporary files: read-write Read-only rootfs 7 Copyright 2011-2016, 2net Ltd

Becoming stateless The state (stuff that changes) is either Non-volatile: state that needs to be preserved Volatile: state that is only needed for the session To create a stateless rootfs: Move non-volatile state into an area of permanent storage reserved for that purpose Move Volatile state to temporary storage (tmpfs RAM disk) Read-only rootfs 8 Copyright 2011-2016, 2net Ltd

The ideal of a stateless rootfs No state stored in rootfs Each component can revert to sensible default configuration if there is no local configuration Read-only rootfs 9 Copyright 2011-2016, 2net Ltd

Factory reset Just wipe the non-volatile state Read-only rootfs 10 Copyright 2011-2016, 2net Ltd

System update Simply write a new rootfs image Two common mechanisms: A/B rootfs partitions : A is live while B is being updated, then swap Or, normal/recovery rootfs: boot into the recovery rootfs to update the normal rootfs This is the subject of several other presentations this week One of which is mine: Software Update for IoT: The Current State of Play, Wednesday 14:00 Read-only rootfs 11 Copyright 2011-2016, 2net Ltd

Identifying state Which files are being written to? And by whom? Tools diskstats block_dump Read-only rootfs 12 Copyright 2011-2016, 2net Ltd

diskstats /proc/diskstats contains information about disk reads and writes Useful stuff is field 1: reads completed and field 5: writes completed Format is documented in Documentation/iostats.txt vmstat -d prints the same information but better Example # cat /proc/diskstats 179 0 mmcblk0 2640 543 48969 207880 127 171 596 9990 0 26380 217830 179 1 mmcblk0p1 99 0 1169 6260 0 0 0 0 0 1790 6260 179 2 mmcblk0p2 2118 425 39212 160130 118 170 576 9860 0 23250 169950 179 3 mmcblk0p3 97 0 2088 15510 0 0 0 0 0 1860 15510 179 4 mmcblk0p4 2 0 10 150 0 0 0 0 0 150 150 179 5 mmcblk0p5 271 118 5426 23540 9 1 20 130 0 2830 23670 Number of reads = 2640; Number of writes = 127 Read-only rootfs 13 Copyright 2011-2016, 2net Ltd

block_dump But, what is the cause of those writes? Which files? Turn on block system kernel logging using block_dump See Documentation/laptops/laptop-mode.txt in kernel source Example (rootfs is on /dev/vda): # echo 1 > /proc/sys/vm/block_dump # echo hello > world.txt # dmesg sh(234): dirtied inode 701 (.ash_history) on vda sh(234): dirtied inode 701 (.ash_history) on vda sh(234): dirtied inode 701 (.ash_history) on vda sh(234): dirtied inode 694 (world.txt) on vda sh(234): dirtied inode 694 (world.txt) on vda jbd2/vda-8(78): WRITE block 802 on vda (2 sectors) jbd2/vda-8(78): WRITE block 804 on vda (2 sectors) Read-only rootfs 14 Copyright 2011-2016, 2net Ltd

Logging block I/O from bootup Set block_dump in early boot script (may need to bump the size of the kernel log buffer to capture everything) Then filter out the junk: # dmesg grep dirtied grep "on vda" sort chown(150): dirtied inode 548 (passwd) on vda dd(298): dirtied inode 716 (random-seed) on vda dd(298): dirtied inode 716 (random-seed) on vda dropbearkey(325): dirtied inode 717 (dropbear_rsa_host_key) on vda dropbearkey(325): dirtied inode 717 (dropbear_rsa_host_key) on vda gzip(197): dirtied inode 714 (udev-cache.tar.gz) on vda gzip(197): dirtied inode 714 (udev-cache.tar.gz) on vda gzip(197): dirtied inode 714 (udev-cache.tar.gz) on vda login(347): dirtied inode 543 (motd) on vda [...] Only the file name is displayed, not full path name, but it s enough Read-only rootfs 15 Copyright 2011-2016, 2net Ltd

Common problems A lot of stuff happens on first boot e.g. Dropbear writes SSH keys to /etc/dropbear, udev snapshot saved to /etc/udev-cache.tar.gz Some of these things can be done at build time Others need be changed to put stuff in a non-volatile state partition System config, including network parameters Saving random-seed Log files Read-only rootfs 16 Copyright 2011-2016, 2net Ltd

Putting it right In reality, packages store state in various places Pragmatic solutions include: Adding symlinks from rootfs to non volatile storage: e.g. /etc to /data/etc Using unionfs or similar to overlay rootfs with non volatile storage Read-only rootfs 17 Copyright 2011-2016, 2net Ltd

Putting it right: first pass Create a new partition for non-volatile state For example /data (an idea borrowed from Android) Remount rootfs readonly Use tmpfs for volatile state (/run and /var/volatile) /etc/fstab /dev/root / auto defaults,ro 1 1 /dev/vdb /data ext4 defaults 0 0 tmpfs /run tmpfs mode=0755,nodev,nosuid,strictatime 0 0 tmpfs /var/volatile tmpfs defaults 0 0 [...] Read-only rootfs 18 Copyright 2011-2016, 2net Ltd

log files Many daemons write log files to /var/log Including syslogd Usually, such log files are unnecessary for embedded Solution: make log files part of the volatile state by mounting a tmpfs on /var/log Poky core-image-minimal does this already: # ls -ld /var/log lrwxrwxrwx 1 root root 12 Oct 6 14:11 /var/log -> volatile/log # mount tmpfs on /var/volatile type tmpfs (rw,relatime) Read-only rootfs 19 Copyright 2011-2016, 2net Ltd

random-seed Saving random-seed at shutdown is necessary when using /dev/urandom Solution: make it part of non-volatile state by symlinking /var/lib/urandom to /data/var/lib/urandom Or, modify the shell script that creates and restores random-seed Read-only rootfs 20 Copyright 2011-2016, 2net Ltd

ssh keys The Dropbear ssh daemon stores keys in /etc/dropbear or /var/lib/dropbear Keys should be unique per device Solution: either move to non-volatile state by symlinking /var/lib/dropbear to /data Or, generate and pre load keys when device is provisioned Read-only rootfs 21 Copyright 2011-2016, 2net Ltd

Doing less on first boot Build packages with sensible defaults so they work without config files Or, pre-load config files into the /data partition Generate per-device configuration at build-time rather than at first-boot Populate configuration files that are common for many packages (e.g. passwd, group with the composite requirements of all Read-only rootfs 22 Copyright 2011-2016, 2net Ltd

What about Android/Brillo? Android is a good example rootfs moved into /system, which is read only and stateless Non-volatile state in /data Has factory reset Has OTA update Read-only rootfs 23 Copyright 2011-2016, 2net Ltd

What about Yocto Project? Current versions of Yocto Project have a partial solution Add to your config: IMAGE_FEATURES = "read-only-rootfs" Sets ROOTFS_READ_ONLY=yes in /etc/default/rcs Mounts rootfs ro and /var/lib as tmpfs But, nowhere to store non volatile state Read-only rootfs 24 Copyright 2011-2016, 2net Ltd

Conclusion Read-only rootfs makes for better embedded systems Make rootfs stateless by moving state into non-volatile and volatile filesystems diskstats and block_dump will help identify state Read-only rootfs 25 Copyright 2011-2016, 2net Ltd

Questions? Slides on Slide Share http://www.slideshare.net/chrissimmonds/ readonly-rootfs-theory-and-practice Read-only rootfs 26 Copyright 2011-2016, 2net Ltd

Containers Containerised operating systems (e.g CoreOS) are a popular way to implement Internet/cloud services They have a similar problem: Removing state from containers makes deployment easier Consequently, they are leading the way on statelessness Containers may be a useful way to deploy embedded swupd from Clear Linux resoin.io Read-only rootfs 27 Copyright 2011-2016, 2net Ltd

Embedded!= cloud service Use cases differ Cloud can assume high speed network to supply config (via LDAP, NFS, DHCP, etc) Emphasis on run-time integration of different app images into a base os Embedded Static app image (in a monolithic rootfs) Have to function stand-alone Read-only rootfs 28 Copyright 2011-2016, 2net Ltd

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback