Skip to main content
Version: Torizon OS 7.x.y

OSTree

Introduction

OSTree is a library, technically called libostree, that manages multiple bootable filesystem trees within a single partition. Versions are delivered and maintained atomically, therefore guaranteeing the system integrity in case of a power-cut or dropped internet connectivity. When used for over-the-air updates, it has benefits over the traditional dual partition approach; OSTree updates are provided at the file-level, saving storage and connection bandwidth. Having multiple software revisions on the device at the same time allows for a known-good rollback candidate when deploying updates over-the-air. Additionally, directories such as /var and /etc are handled as special cases, providing persistent configuration and preservation of user data.

OSTree is a key technology used by Torizon Remote and Offline Updates, based on the Aktualizr update client. Users of Torizon should not need to directly interact with OSTree.

WARNING: Invoking OSTree commands directly on a Torizon device will almost certainly break things. Please only do that on debug devices and at the specific direction of Toradex support. You should also plan to reflash the entire device using the Toradex Easy Installer when debugging is completed to ensure that the OSTree system is reset to properly function with the Torizon Remote and Offline Updates system.

Description

OSTree is able to store multiple bootable filesystem versions in a single partition. This is done in a manner very similar to how git store multiple revision of a source base in a single repository. All files that are needed for any of the bootable versions are stored in a repository. This is a folder structure where the files are stored, called objects at this point, indexed by their checksum so that the repository object for a specific file can be easily located. When all objects have been added to the repository, OSTree creates a "deployment" for the specific collection of objects that make up a specific bootable version of the filesystem. This deployment (which is different from, but related to, a "deployment" in the Torizon cloud platform) is a directory of (hard links)[https://en.wikipedia.org/wiki/Hard_link] to the objects in the repository. Code running in both the bootloader and the initial ramdisk is able to select, at boot time, the appropriate version.

Benefits

Using OSTree for updates provides the following benefits:

  • Automatic Rollback - Torizon OS relies on (U-Boot boot count support)[https://docs.u-boot.org/en/latest/api/bootcount.html] to provide automatic rollback in case a bad update has been deployed. Any update that causes issues is expected to reboot and trigger this rollback. Issues such as a kernel panic will automatically reboot. If the kernel crashes, then the watchdog timer will force a reboot. Additionally, Torizon users can install custom post-install checks that can also trigger this process.

  • Atomic Updates - OSTree deployments are atomic units, meaning that they are either completely installed, or not at all installed. Traditional desktop style updates using package managers such as apt are generally not atomic, and in those cases, it can be difficult to know the exact set of packages installed on any device based on a single version number. OSTree solves this issue but using a cryptographically unique commit hash for each version.

  • Immutable Updates - Related to atomic updates, OSTree revisions, as used in the Torizon OS, are immutable. This means that all devices running the same OSTree version (ie the commit hash) will have the exact same set of files.

  • Space reduction - When compared to block-based (ie dual partition) update mechanisms, OSTree is more space efficient. Since you do not need a separate, inactive partition to store new updates, you are able to use a single partition. Additionally, since repository objects are referenced by their checksum, different OSTree versions and share objects which are identical between the versions.

  • Bandwidth reduction - When a new OSTree version is deployed, only new and modified objects will need to be downloaded. All objects which are identical to the ones in the current version can simply be reused with a filesystem hard link.

  • Downtime reduction - When deploying a new update, compared to block-based updates, downloading only the new or modified objects can result in a significant speedup. This results in faster updates and less downtime for users.



Send Feedback!