Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SWUpdate successful boot check and rollback #75

Merged
merged 3 commits into from
Mar 20, 2021
Merged

SWUpdate successful boot check and rollback #75

merged 3 commits into from
Mar 20, 2021

Conversation

zehnm
Copy link
Member

@zehnm zehnm commented Mar 20, 2021
edited
Loading

U-Boot boot count limit support

Use U-Boot boot count limit functionality to detect a system update and failed startups.

This uses the following U-Boot env variables:

  • bootlimit: defines the maximum number of reboot cycles allowed. Default value: 3
  • bootcount: will be incremented at each reboot IF upgrade_available is set to 1
  • upgrade_available: indicates that a system update has been applied.
    • SWUpdate sets this value to 1 after a new system update has been written.
    • Verified after boot with a systemd timer:
      If after a system update the remote app is still running after 3 minutes after boot up, the update is considered successful and upgrade_available and bootcount U-Boot env vars are cleared.
  • rootfspart: holds the current active root filesystem partition number to boot from.
  • altbootcmd: alternative U-Boot boot command if bootlimit is exceeded.
    • Switches the rootfspart to the old partition number to restore the old system.

This closes #69

Remote app auto restart

Changed the systemd service file:

  • Proper service integration without forking in the start script
  • Automatically restart app if crashed
  • Force reboot if app failed to startup 2 times within 60 seconds

This closes #23

SWUpdate version update

  • Bump SWUpdate version to 2020.11
  • Install SWUpdate client tools and shared library
    • swupdate-client, swupdate-sysrestart, swupdate-progress
    • swupdate-sendtohawkbit, swupdate-hawkbitcfg

Open issues

  • Configuration settings are not persisted
    • WiFi configuration, host name, etc. are lost after update
    • Remote setup will be triggered if there's no /boot/wpa_supplicant.conf
    • This will be resolved with a data partition in Add partitions for software update #16
    • Workaround: define a /boot/wpa_supplicant.conf for your wifi
      • This will skip initial setup
      • After update the remote will reboot twice. Once for the system update, the 2nd time to apply the wifi configuration.

This PR is part of #29

@zehnm zehnm added the enhancement New feature or request label Mar 20, 2021
@zehnm zehnm added this to the Full System Update milestone Mar 20, 2021
@zehnm zehnm self-assigned this Mar 20, 2021
@zehnm zehnm changed the title Swupdate bootflags SWUpdate successful boot check and rollback Mar 20, 2021
@zehnm zehnm force-pushed the swupdate-bootflags branch from 4b95de9 to 517c099 Compare March 20, 2021 15:15
@zehnm zehnm marked this pull request as ready for review March 20, 2021 15:17
@zehnm zehnm requested a review from martonborzak March 20, 2021 15:17
@zehnm
feat: U-Boot boot limit with fallback to old system
825aa97 
Use U-Boot boot limit functionality to detect a system update and failed startups.

This uses the following U-Boot env variables:
- `bootlimit`: defines the maximum number of reboot cycles allowed. Default value: 3
- `bootcount`: will be incremented at each reboot IF `upgrade_available` is set to 1
- `upgrade_available`: indicates that a system update has been applied.
  - SWUpdate sets this value to 1 after a new system update has been written.
  - Verified after boot with a systemd timer:
    If after a system update the remote app is still running after 3 minutes after boot up,
    the update is considered successful and `upgrade_available` and `bootcount` U-Boot env vars are cleared.
- `rootfspart`: holds the current active root filesystem partition number to boot from.
- `altbootcmd`: alternative U-Boot boot command if bootlimit is exceeded.
  - Switches the `rootfspart` to the old partition number to restore the old system.
@zehnm zehnm force-pushed the swupdate-bootflags branch from 517c099 to 825aa97 Compare March 20, 2021 17:57
@zehnm zehnm merged commit 820d9cd into master Mar 20, 2021
@zehnm zehnm deleted the swupdate-bootflags branch March 20, 2021 18:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@martonborzak martonborzak martonborzak approved these changes

Assignees

@zehnm zehnm

Labels
enhancement New feature or request
Projects
None yet
Milestone
Full System Update
Development

Successfully merging this pull request may close these issues.

System update: add successful boot feature Use linux watchdog to restart the Pi when the remote app crashes
2 participants
@zehnm @martonborzak