OSTree is an updating mechanism that performs upgrade of filesystem trees. In simple terms It is like git for OS, takes the entire file system tree and creates a delta file with the old version .This delta can be sent to the device using Hawkbit framework and then the delta is applied like a patch to the existing filesystem tree on the device.

Now comes the question as to what is the difference between the package upgrading via apt mechanism and ostree ?

In OSTree based mechanism package update via apt mechanism is restricted so this is completely different and it has other features as well such as rollback which is very much required when OTA (Over the Air) updates are performed.Consider a situation where you have your IOT devices are placed at a particular location and needs to be updated and you login to that device and update via package manager and something goes wrong after your update and your machine goes offline and you need to go to the device site to update the faulty device but in case of OSTree we have rollback delta if there are any issues then it simply rollbacks to previous running software.

OS tree and Git comparision

On each client machine, there is an OSTree repository stored in /ostree/repo(system repository), and a set of “deployments” stored in /ostree/deploy/$STATEROOT/$CHECKSUM(this is the downloaded repository)

In git for every object or file added a key is given back so it’ll be a key-value pair similarly os tree also has content and commit objects. Git stores content in a manner similar to a UNIX filesystem, but a bit simplified. All the content is stored as tree and blob objects, with trees corresponding to UNIX directory entries and blobs corresponding more or less to inodes or file contents. A single tree object contains one or more entries, each of which is the SHA-1 hash of a blob or subtree and the tree objects contain permission for their children.

But in OSTree it splits them into “dirtree” and “dirmeta” objects. But unlike git, OSTree’s checksums are SHA256. And most crucially, its content objects include uid, gid, and extended attributes (but still no timestamps).

In Git the directory  git/refs contains the SHA to name mapping like DNS where we can map names like HEAD(current branch),  Remotes(Remote branch)

OSTree uses the terminology “references” (abbreviated “refs”) which are text files that name (refer to) to particular commits

^ — this refers to the parent of the given commit

exampleos/buildmaster/x86_64-runtime^ -> pervious build

exampleos/buildmaster/x86_64-runtime^^ -> refers to one before that

OS tree objects and what do they contain

Types of repository in the OS tree

Bare : files are stored as regular files

Bare-User : extended metadata such as owner uid, gid, and extended attributes are stored but not actually applied used in build systems

Bare-User-Only: either ownership nor extended attributes are stored. These repos are meant to to be checked out in user mode (with the -U flag), where this information is not applied anyway. The main advantage is that repos can be stored on filesystems which do not support extended attributes, such as tmpfs.

 Archive-designed for serving via plain HTTP. Like tar files, it can be read/written by non-root users.

OSTree commands

Command to create the repository just like git

ostree --repo=”repo” init

Creating a test directory with a test file

$ mkdir tree
$ echo "Hello world!" > tree/hello.txt

Command to push the changes to the branch foo just like git push

$ostree --repo=”repo” commit --branch=”foo” tree/

Just like the git branch we can check the branch using the refs

$ostree --repo=”repo” refs

Just like git clone&checkout we can get the branch cloned using this command

ostree --repo=”repo” checkout “branch” “directory path to checkout”/

References

https://www.apertis.org/concepts/system-updates-and-rollback/

https://ostree.readthedocs.io/en/stable/manual/introduction/