Re: Updating disconnected systems

From: Pat <cli_junkie_at_protonmail.com>
Date: Thu, 10 Oct 2024 20:13:51 UTC
On Monday, September 30th, 2024 at 06:50, Dave Cottlehuber <dch@skunkwerks.at> wrote:

> 
> 
> On Fri, 27 Sep 2024, at 19:18, Pat wrote:
> 
> > I figure can use Poudriere for packages, but that doesn't work for the
> > core system as far as I can tell?
> 
> 
> Yes this is also possible.
> 
> Klara Systems released a tool, sync-be, to use zfs boot environments and
> poudriere-image which works very nicely in airgapped systems.
> 
> It is a lot less complicated to setup and use than it appears to be,
> probably is exactly what you want.
> 
> - servers configured with zfs boot environments
> - poudriere-image (builds freebsd from sources and then builds packages)
> - the resulting output is a new zfs boot environment, as a single tarball
> - use https://github.com/KlaraSystems/sync-be to fetch and deploy it
> - insert airgaps at appropriate points in the process
> 
> So a high-level upgrade process looks like:
> 
> - [net] update src & ports, and ports distfile tarballs
> - [air] move them to your build machine
> - `poudriere image -t zfs+send+be -j builder ...`
> - [air] move the image file to the airgapped system
> - install `/usr/local/bin/sync-be 13.4-RELEASE /etc/syncbe.conf < be202409301146.be.zfs`
> - `bectl activate -t ...` and reboot
> 
> the boot env allows a trivial rollback in case of issues to the prior
> boot env.
> 
> The syncbe.conf file takes a little bit of work to prepare, it's the
> server-specific files and directories that should be shifted from
> the current BE (root / dataset) into the new one. /etc/sshd/, /etc/hostid,
> password files etc are common examples, and any custom stuff in /usr/local/etc/
> or similar depending on your circumstances.
> 
> A+
> Dave

Thank you Dave, and previously to Dewayne as well. Very nice
and useful information.

I plan to start this migration soon and may be back with further
questions as I progress.

And apologies for the extended delay, I've been traveling.

Regards,
Pat