zfs-root and "safe" atomic updates
tzim at tzim.net
tzim at tzim.net
Fri May 27 11:08:54 UTC 2011
I use zfs on / for quite some time now on 8-stable.
Each time I want to update base, I use those steps :
- zfs snapshot tank/root at old
- zfs clone tank/root at old tank/root.old
- csup / Rebuild world and kernel
- install world & kernel
- reboot
- (mergemaster and all usual post-update stuff)
This way, if I unfortunately can't boot, I can revert to old userland &
kernel by :
- dropping into loader prompt
- setting vfs.root.mountfrom to zfs:tank/root.old
- booting kernel.old
- then rollback tank/root to pre-update snapshot and reboot (again)
I see 2 drawbacks to my method :
- This wont work if the update screws the loader.
- I must be able to access the loader prompt (can't do it on a remote
server).
Also, world is updated "in place".
I think it should be possible to do the installworld & installkernel on
a root clone then boot into it (changing tank bootfs property), but then
: how to revert to previous state in case of failure ? Is there a
"nextboot" thing planed for zfs ?
What do you think ? How do you address the problem ?
More information about the freebsd-stable
mailing list