companion icon indicating copy to clipboard operation
companion copied to clipboard
verified publisher icon bluerobotics

Add multiboot + recovery/update partition

Open jaxxzer opened this issue 7 years ago • 2 comments

As an alternative to the update process, we can have a small recover/update partition that we can boot into. This partition would remain completely static, and serve a webpage that allows uploading a new image file. The recovery partition will image a second (main) partition with the companion software image.

This method of updates will provide a lot of benefits:

  • safer (can't brick companion)
  • more consistent (check partition hash, no failed downloads)
  • does not depend on wifi
  • maintainable (does not require maintaining/bugfixing scripts that install dependencies)
  • better application longevity (like a bootloader, the updating software/implementation is completely independent of the main/companion software)

Some things to think about:

  • will this work on any companion computer? If so, are there any additional requirements on certain systems (ie two storage mediums, or differences in software approach)?

jaxxzer avatar May 27 '18 20:05 jaxxzer

  • [x] Multiboot working
    1. Boot partition to manage boot order
    2. Recovery partition with clean debian operating system plus a simple webserver to manage the recovery and installation of the new companion image.
    3. Partition as destination for the companion image installation

Next steps with the multiboot is like this:

  • Add an option in companion to reboot into update mode.
  • Add an updater image that runs a "Recovery web server".
  • The "Recovery web server" needs to have an interface for you to upload a compressed companion rootfs image to save to the raspberry pi disk.
  • The "Recovery web server" needs to extracts the compressed linux image over top of the existing old image.
  • Companion reboots into the updated partition.
  • If there is any failure to boot into the main companion partition, always revert to boot into the updater partition running the "Recovery web server".
  • Figure out handling of user data or configuration files so they are not overwritten.
  • Maybe: Add a write protection on the updater partition

patrickelectric avatar Jul 20 '18 20:07 patrickelectric

For user data and configuration we can have yet another partition that is just for this, and remains untouched during the update process.

jaxxzer avatar Jul 20 '18 20:07 jaxxzer