moss-rs progress and the road ahead

ermo

Hi folks,

Yes, it's been a bit quiet in here lately. However, that does not mean that things have not been happening.

After a lot of deliberation, Ikey decided that it was in the best interests of Serpent OS and the people contributing to it to shift to writing the tooling in languages with better ecosystems and employer mindshare. You can read more about that decision here.

Ikey and new contributor tarkah have been hitting the moss-rs rewrite out of the park, and in the process, they have cleaned up a lot of the inevitable PoC niggles from the previous incarnation of the tooling.

Ikey estimates that the moss-rs rewrite is currently 85-90% done, and has just now begun putting in place the ground work for simulating VFS transactions before they are blitted to disk as a set of hardlinks pointing to files in the Content Addressable Store.

This will be a new addition to the moss tooling and will in turn help power the upcoming upgrade support.

A few days ago, Ikey created this video showcasing the current status of moss-rs in action:

Coincidentally, Ikey had a flash of inspiration just now about how to leverage the existing build infra and tooling to begin the conversion process of Solus 4 into the Serpent OS-based Solus 5. Read more here.

That's all for now. We're really excited about how things are shaping up!

P.S. We are looking for contributors, particularly around a port of our website to Next.js. If this sounds right up your alley, get in touch!

Ikey

Thanks for posting this ermo ! Yeah I'm really pleased with progress of late and moss-rs is making great progress.

Currently we're working on the vfs::Tree type in order to handle file path conflict detection, as well as optimising the blit of the final filesystem.

Apart from that the logic of installs, removals, states, databases, etc, is all in place, so we're almost back to feature parity already. Worth noticing the new implementation is taking more optimal paths now, benefit of hindsight

TheLinuxTube

ermo this look so good ..I'm very excited for this project...we need a more modern day tooled and written independent Linux distro.. this package manager looks blazing fast !!

Ikey

Progress update: https://fosstodon.org/@ikey/111320662405326285

The Rust port is now officially "more better", more robust, and quicker than the original.
It lacks search and upgrade but we'll whack them in quickly, then roll up trigger support, the works.

ermo

Just a quick update that Ikey is now working on thinking through and implementing the moss upgrade support.

https://fosstodon.org/deck/@serpentos/111360546956696273

This is a major milestone for us, and is made possible in part by the work that was done on the new Virtual File System code in moss-rs, which enables the code to resolve and apply transactions up-front in memory.

The point of this is that it ensures that any transactions blitted to disk will be known to be fully resolved ahead of time, thus eliminating file conflicts by design.

Once Ikey lands this, the moss-rs code will have officially superseded the original proof-of-concept moss in terms of functionality and capabilities.

ermo

Following on from the last post on blitting, last week tarkah added the ability to blit very quickly to a new root from the moss store shared with the host system, meaning that standing up a build container is virtually instantaneous, as long as the container root is composed of packages which have already been staged to the local system.

Tarkah and Ikey also landed the ability for moss-rs to distinguish between explicitly installed and implicitly installed packages. This is important for being able to traverse the install digraph for packages that are no longer used after a moss sync.

"Wait, what is moss sync?" you might ask? Well, as moss-rs uses atomic transactions, we started thinking about how useful it would be to be able to sync against the current state of the configured and active repos (a bit like you would git pull from an origin), as a way to reset the installed system state to a predefined system-model for e.g. a GNOME spin etc.

So instead of the usual update and upgrade operations, the primary operation for getting the newest version of the packages in any given repo is now moss sync. This has a bunch of interesting properties, but more on that in a future update.

As an aside, Ikey plumbed in the ability to update repositories, which is useful in case of typos or wanting to switch the install order of local and remote repos for testing. While he was at it, he also fixed a few small niggles regarding symlinks, which enabled him to successfully chroot into moss-rs managed root filesystems.

This week, tarkah started adding the ability for moss-rs to write moss-format v1 .stones, which means moss-rs will soon support the moss index command.

This is important, because it implies that, for all intents and purposes, moss-rs will become drop-in compatible with the existing moss-d code base, while even surpassing it on a couple of fronts.

In turn, all of the above opens up the door for work to begin in earnest on bringing the Serpent base system up to scratch again, after a lot of work and effort has gone into stabilising Solus for the past six months. In particular, it allows the existing boulder-d code base to begin using moss-rs to install roots for use when building packages.

In short, the future prospects for Serpent just got a whole lot brighter.

Bring it on!

Ikey

I'm really quite pleased with the moss-rs progress lately. I think its about time we start refreshing the ISOs!

ermo

After some back and forth discussions concerning build container requirements, tarkah landed a boulder-rs MVP PR that can start a bash shell from within the new rust-based tooling code base using user name spaces. This is significant, because it demonstrates how the new boulder-rs container build tool will be able to run both as a normal user and with elevated privileges out of the box.

Related to this milestone, we want to highlight the work that Fabio (livingsilver94) did on this in the DLang-based moss-container code base, so a big shout out to him for his prior work in this area.

Ikey did some work on wrapping up the Linux-specific renameat2 syscall for use inside moss-rs, modeled on how the Rust nix crate does things. This means that moss-rs is now built statically against the musl libc, which is a pretty big deal, because Ikey managed to demonstrate that moss-rs is now largely drop-in capable on existing systems, thus enabling trivial rescue scenarios of moss-based installations.

Additionally, at Ikey's request, our devops guy (Philipp) built a pipeline that spits out optimised moss-rs nightly builds, enabling much simpler onboarding for people who want to play with the tooling compared to our previous onboarding setup.

Philipp has also done a lot of work behind the scenes to automate dependency updates in our crates and ensuring that we have good PR workflows etc., which is something we have really come to appreciate over time.

Ermo (hi!) is currently in the process of cleaning up and updating the existing onboarding repo, which -- when work is completed -- will once again enable people to experiment with building and installing their own .stone packages and moss-based roots.

ermo

Just a quick note that the onboarding repo should now be in a working state again.

It still needs a bit of refinement re. the Rust-based moss version, but at least it now it updates and compiles the new moss-rs plus the existing legacy DLang tooling automagically.

ermo

Hi folks,

Time for a another short update:

With the coming of colder weather, Ikey has been out of commission for a bit due to carpal and cubital tunnel syndrome wrecking his beauty sleep and his ability to type on a keyboard. He has elected to schedule some much needed PTO over the month of December to support his continuing recovery.

Still, Ikey has not stopped thinking about serpent-related design issues and has managed to come up with a simple, yet elegant design for so-called "triggers" for moss-rs.

The goal of this trigger design is to ensure that certain post-install actions are performed in an isolated, reproducible root after staging the transaction of packages containing triggers. This ensures that trigger outcomes and package-related file system transaction will always be in sync, meaning that rolling back will also roll back the derived state imposed by the execution of triggers.

In short, triggers as we have envisioned them is a pretty nice feature.

Meanwhile, tarkah has continued working on the port of the legacy DLang boulder code base to Rust, and has made impressive progress on this over the past two weeks. He is now at a point where, he insists, it won't be long until boulder-rs is functionally at feature parity with legacy boulder, as evidenced by the fact that he is already building simple packages in an isolated, unprivileged environment inside boulder-rs!

This work has of course involved lots of research, including picking Ikey's brain re. the (sometimes somewhat opinionated) design ideas inherent to boulder and we're quietly confident that this will eventually result in a fundamentally better, more robust and flexible design, which incorporates all the lessons learned during the previous boulder Proof of Concept phase.

Ermo has been on hand for serpent tooling-related design discussions and feedback in parallel to his operations-and admin-related responsibilities in keeping the Solus ship sailing smoothly. He's still working his way through learning Rust on the side and is very much looking forward to reaching a point where he's able to actively contribute code to the new serpent tooling.

That's all for now. Stay tuned for further updates in the coming weeks!

Gavin

ermo I like to see the progress.

Get well soon @Ikey. More health and wealth as you are on the mend.

ermo

Another week, another update.

At his MZLA $DAYJOB, Ikey landed his long-in-development "Rust in Thunderbird" patch. This has been a long and arduous journey for him, and his relief and elation with it finally landing has been palpable and has served to lift a huge weight off his shoulders.

He has also gotten a hold of a new ergonomic keyboard + mouse setup and has gotten back into the swing of serpent-y things and built a pattern parser that imitates the python fnmatch unix filename parser. This will be used for building regular expressions with match groups, which can then be used to ensure that triggers grab and check the correct filename patterns, while checking if running the trigger is actually necessary.

On that note, he was lucky enough to be able to dig up some earlier prototype work on the trigger file format, which means that he can now begin implementing the scaffolding for the trigger functionality. Exciting times ahead!

Tarkah has continued his work on the boulder-rs implementation, the main part of which (+5k lines!) was recently merged into the main branch of the moss-rs repo. He also worked with ermo (hi!) on some Terminal User Interface and Developer Experience niceties, including the ability to set so-called "breakpoints" inside stone.yml recipes via %break_continue (name subject to change) and %break_exit actions.

People familiar with debuggers will know that the term breakpoint implies that they enable pausing the execution of a program at a certain point in the code, in order to then inspect the state of the program at that specific point. Upon continuing from the breakpoint, the program will either continue to the next breakpoint (or program completion) or immediately exit after said breakpoint for further development.

For packagers, the equivalent feature allows them to effectively introspect the package state at any given point in the build of their recipe, which will hopefully result in quicker packaging turnaround times. So far, the prospect of having this feature available has resulted in overwhelmingly positive feedback from experienced packagers.

In closing, we want to give a special mention to our devops guy, Philipp, who became a father to a beautiful and healthy little girl a couple of weeks ago and is now beginning to come up for air. Congratulations! 🥳

ermo

Now that the Christmas holidays are over, work is beginning to pick up on moss-rs and boulder-rs again.

Ikey has continued tinkering with triggers in moss-rs and is now closer to having a functional prototype. He has figured out how to run triggers in an isolated container using a mutable /usr mount, with /var and /etc being read-only. This ensures that trigger actions which modify state as part of a transaction can't "escape" their confinement and it also ensures that broken trigger actions will abort the entire transaction so the user's system doesn't end up in a broken state due to a bad trigger run.

Tarkah has begun working on porting the moss-service DLang code base to Rust, which will be used as the basis of our build pipeline (which currently runs on our legacy DLang PoC codebase). When completed, this should offer us some nice opportunities for separation of concerns in terms of both hosting/operations and front-ends.

I have mostly been working on leveling up my Rust skills next to some Solus and Serpent PR review work, but I've also found time to discuss Serpent strategy and approaches with Ikey, which will hopefully lead to good outcomes in the following weeks and months. In addition, I've done some admin work in terms of setting up our own Serpent build infra paid for by Ikey's GH sponsors.

ermo

Time for a quick update.

Ikey had a small health setback due to a cold flash, which made his carpal and cubital tunnel issues flare up, making his hands more or less useless. Luckily, he's now found a way to handle it that takes the edge off so he can sleep properly again. His new puppy, Tiny (a Jack Russell terrier), unfortunately also took ill due to the cold flash and is now recovering wrapped in warm blankets next to the heater. Get well soon Tiny!

Ikey and I have been working on some boring admin related to moving the serpent services to a separate server. We're happy to report that this work is now complete and that we have reset the build history and imported the existing .stones from the old server. This means that we can now begin resuming the work of updating our base system to recent releases.

We have also been having discussions about how to move forward with the work on triggers and have agreed that we're going for a "divide-and-conquer" approach where we deliberately only concern ourselves with pre-activation triggers. These are triggers that run inside a container before the new filesystem transaction is activated and turns into the current /usr directory. We're going to make the simplest possible PoC implementation and then develop from there, on the basis of wanting to encounter real-world issues and "failing forward".

Meanwhile, tarkah has been plugging away on porting the moss-service framework to Rust. In the past week, he's demonstrated successful pairing between services, which is going to be the backbone of our distributed micro-services design going forward. We're really excited about the progress he's making here and literally can't wait to see the MVP.

That's all for now, stay tuned for further updates.

ermo

Time for a short, but important, update.

Ikey is recovering from a bout of illness that's been going around in UK schools, but has still found the time and energy to work on moss trigger support.

In fact, he's now at the point in development where he's just demonstrated the first working set of pre-activation triggers:

This is a huge deal, because it solves a long-standing blocker for packaging e.g. GTK3, which is a prerequisite for packaging up e.g. GNOME.

Exciting times ahead!

ermo

Time for yet another update.

This past week, Ikey's Luck o' the Irish struck again, and he tested positive for CoViD-19. He was supposed to be presenting for MZLA at FOSDEM, but with a positive CoViD-19 test, no way that was going to happen. Instead, he's currently at home with his family recovering from his illness. Get well soon Ikey!

Still, being sick as a dog and bored is pretty much the worst punishment that can be visited on Ikey, so purely out of spite (and despite feeling like death warmed over), Ikey's been thinking deeply about how the newly landed trigger work can interact with our package-splitting machinery in boulder, which means that he's decided on an approach that will ensure that the binaries necessary for triggers are split out in such a way as to minimise package download and update sizes.

He's implemented and verified the initial version of what he calls "Transaction scope triggers", which are system triggers that are run after a package is built (e.g. to regenerate icon caches) but before it is turned into a finished transaction and applied to the file system. This means that Transaction triggers that fail will also abort the transaction, meaning that the system will never be allowed to go into an undefined state.

The day before yesterday, Ikey and I had a good chat about how to expand the concept of Transaction scope triggers (tx triggers for short) to also store transaction-locked local filesystem directories outside of /usr (e.g. /var/), such that e.g. man-db tx trigger results saved in a /var "jail" as part of the transaction, will be properly linked up, paired, and activated when activating the transaction itself. The concept is sound, but it might be painful to implement it properly, given there are a few moving parts that need to line up just so.

During his work on GNOME stack bring-up, Ikey has also gotten the serpent systemd working with json userdb functionality, which essentially allows us to predefine permanent system users, such as the gdm user etc. This is useful because it allows us to have consistent and known-in-advance users in the local user database, which in turn allows us to prune left-behind files outside of the moss-controlled /usr dir belonging to said user. This is going to be a very, very useful capability to have in the longer run. To those following along at home, this is achieved by using nss-systemd + userdb, so we can avoid relying on sysusers (adding normal system users leaves users behind after packages have been uninstalled).

Meanwhile, Philipp and I stuck our heads together and figured out how automate the creation of libvirt-managed qemu-kvm virtual machines using the existing (somwhat primitive, but still perfectly cromulent) image tooling in the img-tests repository. This makes it possible to use moss to directly write to a new root location on the host filesystem, and then use that location as a chroot for the virtual machine. This makes standing up proper virtual machines and testing the graphical stack that we're building out much easier and quicker than spinning up actual ISOs. This work was built on groundwork laid by Reilly Brogan, who is currently busy keeping the Solus package repo ship shape.

Philipp also found the time to not only update a bunch of packages, but also to get flatpak and a rudimental (but functional) swaywm configuration w/alacritty sorted. This means we can now start up terminal emulators on a graphical stack for more convenient development and testing during the GNOME stack package build-out. Philipp even found the time to get a typescript CI linter check going for discovering package file conflicts in the repository packages.

In addition, Joey was kind enough to drop in and contribute a couple of font packages, which helped flesh out the swaywm configuration as well. Thanks Joey! Community member OGINO Masanori from Japan even took the time to submit a couple of zlib PRs, for which we are grateful.

That's all for this week, stay tuned for more updates soon.

Gavin

ermo Get well soon, @Ikey.

Ikey

Gavin thanks!

Ikey

THREAD HIJACK TIME

Gavin

Ikey Really like what I'm seeing. The command syntax also seems well thought out and intuitive. I'm really loving the uncluttered look of the terminal window when the installs are being done.