During testing of the zone "update on attach" feature
we have encountered a problem with IDRs on S10.
If you are not familiar with an IDR, it is a temporary,
one-time patch that is issued to try to solve a problem
before an official patch is released. Because these
are temporary, one-time patches, there is no metadata
in official patches to tell us if the IDR is obsoleted or
not. Because we don't know if the IDR is obsoleted by
some other patch, "update on attach" will require
that any IDRs installed on the source system must also be
installed on the target system.
If you have a zone that you are migrating because of
a disaster recovery situation where the original system
is no longer available, and the original system had
an IDR installed that is not on the target (e.g. s10u4
with IDR to S10u6 where IDR is not needed), then there is
no way to migrate the zone and update it to match the
target if the IDR does not apply to the target system.
If the original system is still available, you can work
around this by removing the IDR before migrating the zone.
I have a few different ideas for how to handle this.
1) change the meaning of attach -u -F
Right now -F just forces the attach, changes the zone
state to installed and we're done. No update occurs. We
could change the interaction of these two options so that
we still do the update but ignore any verification warnings.
However this would allow a potentially major downgrade.
2) attach -u -p xxxxxxx -p yyyyyyy ....
Add a new -p option which allows you to specify patches to
ignore. We would use this to specify IDRs which don't
exist on the target, although it could also be used for
regular patches that might be broken.
The user would have to understand this at a pretty good
level to know when to use the option. We might want to extend
this idea to specify pkgs as well, in case we have a broken
pkg. This allows a potentially major downgrade if the user
specifies a lot of patches.
3) attach -u -i
Add a new -i option which means ignore all IDRs.
This is pretty specific to the IDR issue, doesn't require a
lot of thought for the user, but doesn't give much flexibility
if we hit a different problem with bad patches or pkgs.
This forces the user to think about the impact of ignoring
the IDRs before an update is done.
4) attach -u
No change to the CLI but change the implementation to
always ignore all missing IDRs.
This might still allow a pretty big downgrade with no
user input if you had a lot of IDRs on the source system for
some reason. This is pretty specific to the IDR issue, doesn't
require any thought for the user, but doesn't give much flexibility
if we hit a different problem with bad patches or pkgs.
Let me know what you think about these choices or if there is
another idea that seems better.
Thanks,
Jerry
_______________________________________________
zones-discuss mailing list
zones-discuss@opensolaris.org
