1 |
Hello all, |
2 |
|
3 |
In designing an enterprise infrastructure around Gentoo at my place of |
4 |
employment, I have discovered a feature that would improve Gentoo's |
5 |
usefulness greatly in this field. |
6 |
|
7 |
I'm writing to ask for your opinion on a change to sys-apps/portage that |
8 |
would allow users to maintain local revisions of ebuilds, such as |
9 |
"net-www/apache-2.0.58-r2-local1". This would require a modification to |
10 |
the ebuild version specifications and a patch to two portage source |
11 |
files which you can review here: |
12 |
|
13 |
http://dev.gentoo.org/~malverian/portage_local_version.patch |
14 |
|
15 |
(Please don't complain about the code quality, I cleaned up areas where |
16 |
it was desparately needed such as the string.atof() areas, but for the |
17 |
sake of code coherence, I tried to use the same methodology used elsewhere |
18 |
in the code as much as possible, such as unqualified except statements :P) |
19 |
|
20 |
There are a number of scenarios where such a feature is useful, most of |
21 |
which revolve around the need for a local version bump: |
22 |
|
23 |
1) You have machines using apache-2.0.58-r2 with an unpatched security |
24 |
hole which you would like to immediately patch locally until a fix is |
25 |
committed to the portage tree. |
26 |
|
27 |
2) You are using binary packages and need to simulate a version bump to |
28 |
force re-installation of a binary package with modified USE flags. |
29 |
|
30 |
3) You are using binary packages and need to simulate a version bump to |
31 |
force re-installation of binary packages that were rebuilt during |
32 |
revdep-rebuild |
33 |
|
34 |
In all of the above cases, one could simply bump the package up one |
35 |
revision by creating an ebuild in an overlay for apache-2.0.58-r3. |
36 |
However, using this solution will result in apache not being upgraded |
37 |
when apache-2.0.58-r3 is actually committed to the portage tree unless |
38 |
you perpetuate this bad habit ad nauseum. |
39 |
|
40 |
To give a better explanation of #3, consider the following scenario: |
41 |
|
42 |
- You have 60 servers with mysql-4.0.28 and php-5.1.6-r2 |
43 |
- You want to upgrade to mysql-5.0.30 and continue to use php-5.1.6-r2 |
44 |
- You use binary packages which are built on a staging machine |
45 |
- Your servers know to upgrade via a "pull" method with the help of |
46 |
cfengine which tells each server what packages SHOULD be installed on |
47 |
it. This also makes it very easy later to build another copy of a |
48 |
machine in the case of hardware failure by using the same description |
49 |
files (cfengine config programs) |
50 |
|
51 |
To accomplish the above in an enterprise environment, you would need to |
52 |
perform the following steps: |
53 |
|
54 |
1) Install mysql-5.0.30 on the staging machine and build binary packages |
55 |
|
56 |
2) Perform a revdep-rebuild on all packages using libmysql client |
57 |
libraries, building new binary packages for each of them |
58 |
|
59 |
3) Tell your other 60 servers that it is time to upgrade mysql (and in |
60 |
this case, reinstall php) |
61 |
|
62 |
Assuming you have a description file such as the following: |
63 |
|
64 |
__CUT__ |
65 |
|
66 |
webserver_packages = |
67 |
( |
68 |
dev-db/mysql-4.0.28 |
69 |
dev-lang/php-5.1.6-r2 |
70 |
) |
71 |
|
72 |
... |
73 |
|
74 |
__CUT__ |
75 |
|
76 |
It is obvious what change must be made to install the new version of |
77 |
MySQL, but how do you update PHP without bumping the version of PHP? You |
78 |
would need some extra metadata to tell the servers if they are upgrading |
79 |
from mysql-4.0.28 to mysql-5.0.30 that they should reinstall PHP. This is |
80 |
fine for a few packages, but it can quickly become a maintanence |
81 |
nightmare. |
82 |
|
83 |
Having local revision numbers solves this problem very simply, and |
84 |
provides quite a bit of flexibility as a side-effect. |
85 |
|
86 |
|
87 |
NOTES: |
88 |
|
89 |
- The "-local#" revisions MUST NOT be used in the main portage tree. It |
90 |
is something that system administrators would have exclusively for their |
91 |
own purposes such as those described above. This SHOULD probably be |
92 |
enforced by repoman in addition to policy changes. |
93 |
|
94 |
- The new (completely backward compatible) version priority order would be: |
95 |
|
96 |
apache-2.0.58 |
97 |
apache-2.0.58-r1 |
98 |
apache-2.0.58-r2 |
99 |
apache-2.0.58-r2-local1 |
100 |
apache-2.0.58-r2-local2 |
101 |
apache-2.0.58-r3 |
102 |
apache-2.0.59 |
103 |
|
104 |
-- |
105 |
gentoo-dev@g.o mailing list |