Operating system and container binary deployment and upgrades
This project is now known as “libostree”, though it is still appropriate to use
the previous name: “OSTree” (or “ostree”). The focus is on projects which use
libostree’s shared library, rather than users directly invoking the command line
tools (except for build systems). However, in most of the rest of the
documentation, we will use the term “OSTree”, since it’s slightly shorter, and
changing all documentation at once is impractical. We expect to transition to
the new name over time.
As implied above, libostree is both a shared library and suite of command line
tools that combines a “git-like” model for committing and downloading bootable
filesystem trees, along with a layer for deploying them and managing the
bootloader configuration.
The core OSTree model is like git in that it checksums individual files and has
a content-addressed-object store. It’s unlike git in that it “checks out” the
files via hardlinks, and they thus need to be immutable to prevent corruption.
Therefore, another way to think of OSTree is that it’s just a more polished
version of
Linux VServer hardlinks.
Features:
For more information, see the project documentation or the
project documentation website.
Apertis uses libostree for their host system as
well as Flatpak. See update documentation and
apertis-update-manager
Endless OS uses libostree for their host system as
well as Flatpak. See
their eos-updater
and deb-ostree-builder
projects.
For Debian/apt, see also https://github.com/stb-tester/apt2ostree
and the LWN article Merkle trees and build systems.
Fedora derivatives use rpm-ostree (noted below); there are 4 variants using OSTree:
Red Hat Enterprise Linux CoreOS is a derivative of Fedora CoreOS, used in OpenShift 4.
The machine-config-operator
manages upgrades. RHEL CoreOS is also the successor to RHEL Atomic Host, which
uses rpm-ostree as well.
Red Hat In-Vehicle Operating System is a derivative of CentOS Automotive Stream Distribution that uses OSTree, it’s closest Fedora derivative is Fedora IoT although it was created as it’s own distribution.
webOS is an OS for smart devices such as
smart TVs. From version 2.0.0, webOS Open Source Edition (OSE) supports
Firmware-Over-the-Air (FOTA)
based on libostree.
GNOME Continuous is
where OSTree was born - as a high performance continuous delivery/testing
system for GNOME.
GNOME OS is a testing OS that uses libostree for
their host system as well as Flatpak.
Liri OS has the option to install
their distribution using ostree.
Torizon OS
is a Linux distribution for embedded systems that updates via OSTree images
delivered via Uptane and
aktualizr.
meta-updater is
a layer available for OpenEmbedded
systems.
QtOTA is Qt’s over-the-air update framework
which uses libostree.
The BuildStream build and
integration tool supports importing and exporting from libostree repos.
fedora-iot/otto is a tool that helps
ship ostree commits inside Docker/OCI containers and run a webserver
to serve the commits.
Fedora coreos-assembler is
the build tool used to generate Fedora CoreOS derivatives.
debos is a tool-chain for simplifying the
process of building a Debian-based OS image.
gardenlinux/ostree-image-builder
is a sample for building Debian-based OS images.
It is not production ready but it might be useful to get started.
rpm-ostree is used by the
Fedora-derived operating systems listed above. It is a full hybrid
image/package system. By default it uses libostree to atomically replicate a base OS
(all dependency resolution is done on the server), but it supports “package layering”, where
additional RPMs can be layered on top of the base. This brings a “best of both worlds”"
model for image and package systems.
eos-updater is a daemon that implements updates
on EndlessOS.
Flatpak uses libostree for desktop
application containers. Unlike most of the other systems here, Flatpak does not
use the “libostree host system” aspects (e.g. bootloader management), just the
“git-like hardlink dedup”. For example, Flatpak supports a per-user OSTree
repository.
aktualizr is an
Uptane-conformant software update client library
intended for use in automotive and other security-sensitive embedded devices.
It uses OSTree to manage the OS of the host device by default.
libostree is accessible via GObject Introspection;
any language which has implemented the GI binding model should work.
For example, Both pygobject
and gjs are known to work
and further are actually used in libostree’s test suite today.
Some bindings take the approach of using GI as a lower level and
write higher level manual bindings on top; this is more common
for statically compiled languages. Here’s a list of such bindings:
Releases are available as GPG signed git tags, and most recent
versions support extended validation using
git-evtag.
However, in order to build from a git clone, you must update the
submodules. If you’re packaging OSTree and want a tarball, I
recommend using a “recursive git archive” script. There are several
available online;
this code
in OSTree is an example.
Once you have a git clone or recursive archive, building is the
same as almost every autotools project:
git submodule update --init
env NOCONFIGURE=1 ./autogen.sh
./configure --prefix=...
make
make install DESTDIR=/path/to/dest
There is also an #ostree channel on Libera.Chat as
well as enabled Github discussions.
See Contributing.
The licensing for the code of libostree can be canonically found in the individual files;
and the overall status in the COPYING
file in the source. Currently, that’s LGPLv2+. This also covers the man pages and API docs.
The license for the manual documentation in the doc/ directory is:
SPDX-License-Identifier: (CC-BY-SA-3.0 OR GFDL-1.3-or-later)
This is intended to allow use by Wikipedia and other projects.
In general, files should have a SPDX-License-Identifier and that is canonical.