Hi folks,
Kernel updates have an interesting property that, unlike most SRUs, the
binary package names change for each update, because the ABI is presumed to
change each time.
The result of this is that each kernel update causes the binary packages
from the previous version to become "NBS" (not built from source).
Cleanup of NBS packages from the archive is a manual process involving
Archive Admins; they are not automatically removed from the archive. And
historically, we did not want to remove NBS kernel packages during a release
cycle, because our netboot images relied on modules of matching ABI being
available in the archive corresponding to the kernel ABI used in the netboot
image - and as we did not control when our users deployed netboot images on
their infrastructure, we did not want to arbitrarily break working customer
systems, we did not remove NBS kernel packages as we went - only at EOL of a
release.
However, netboot images that rely on kernel packages of a matching ABI being
available in the archive are an artifact of debian-installer, and as of
jammy, we no longer ship debian-installer. Therefore, this rationale for
retaining the old kernel binary packages in the archive no longer exists.
Nearly 50% of all binary packages published in the jammy-updates pocket
today are from kernels[1], and this proportion only increases as an LTS
ages. I have not done the analysis, but I expect the kernel packages to
represent a similar or higher proportion of the *size* of the -updates
pocket. Thus, keeping these old binary packages around impacts both the
speed of `apt update` for both -updates and -security pockets, and the size
of the mirror set for these releases.
I am therefore intending that, for jammy and later releases, we start to
prune NBS kernel packages on an ongoing basis, not just at EOL time.
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
Ubuntu Developer https://www.debian.org/
slangasek@ubuntu.com vorlon@debian.org
[1]
$ grep-dctrl -r -FPackage 'linux.*[0-9]\+\.[0-9]\+\.[0-9]' \
-sPackage /var/lib/apt/lists/*jammy*updates*amd64*Packages | wc -l
6638
$ cat /var/lib/apt/lists/*jammy*updates*amd64*Packages | grep -c ^Package:
14243
$
