Background: what to expect from Fedora Silverblue

We understand the features of an immutable OS.

/ photo by Clem Onojeghuo Unsplash

How did Silverblue come about?

Fedora Silverblue is an immutable desktop operating system. In it, all applications run in isolated containers, and updates are installed atomically.

Previously, the project was called Fedora Atomic Workstation . It was later renamed Silverblue. According to the developers, they considered more than 150 variants of titles. Silverblue was chosen simply because there was such a free domain and accounts in social networks.
')
The updated system has replaced Fedora Workstation in the post of priority assembly for desktops in Fedora 30. The authors say that in the long run Silverblue can completely replace Fedora Workstation.

One resident at Hacker News suggested that the Silverblue concept was a development of the Stateless Linux project. He was promoted to Fedora about ten years ago. Stateless Linux should have simplified the administration of thin and thick clients. In it, too, all system configuration files were opened in read-only mode.

What gives "immutability"

The term “unchangeable operating system” means that the root and user directories are mounted in read-only mode. All editable data is placed in the / var directory. A similar method is used by the ChromeOS and macOS Catalina developers. This approach enhances the security of the OS and prevents system files from being deleted (for example, by mistake).

One of the residents of Hacker News in the thematic thread said that once he accidentally deleted a number of system files, modifying the theme of Ubuntu Yaru. At the same time, he did not have backups due to an error in the regex. According to him, unchangeable OS would help to avoid problems.

Installation of updates is also simplified - all you need to do is to reboot the system from the new image. Additionally, it is possible to quickly switch between multiple branches (releases of Fedora). For example, between the version of Fedora Rawhide currently being developed and the updates-testing repository with upcoming updates.

What are the differences from classic Fedora

To install the base environment (/ and / usr), OSTree technology is used. We can say that this is a system of “versioning” RPM packages. RPM packages are translated to the OSTree repository using rpm-ostree. By installing the package, it forms a restore point to which you can roll back in case of failure.

OSTree also allows you to install applications from the dnf / yum repositories and repositories that are not supported by Fedora. To do this, instead of using the dnf install command, use rpm-ostree install. The system will form a new base image of the operating system and replace it with the installed one.

Flatpack is used as a mechanism for updating applications. He runs them in containers. Flatpack package includes only application-specific dependencies. All base libraries (like the GNOME and KDE libraries) remain pluggable runtime environments. This approach reduces the size of the packages — eliminating duplicate components from them.


/ photo by Jonathan Larson Unsplash

You can use the Toolbox to install applications that are not packaged in Flatpack. It allows you to create a container with the classic Fedora installer.

Similar solutions

There are other distributions whose tasks are similar to Silverblue. An example would be microOS from openSUSE. This is not a standalone distribution, but part of the openSUSE Kubic platform for deploying CaaS (Container as a Service).

The system works with Docker containers. Their images are distributed as RPM packages. This simplifies the installation of command-line applications that are not available in the Flatpack format. The host system for running containers is based on the official openSUSE Tumbleweed repository.

MicroOS was developed for scanning in large-scale environments (for example, in data centers), but it is also capable of working on single machines.

An example of another similar development is NixOS . This is a Linux distribution, based on the Nix package manager. Its main feature is a declarative description of configurations. The administrator does not need to install the system and configure it manually. The state is prescribed in a special file: all the packages and authentication settings are listed there. Further, the package manager automatically brings the OS to the specified state.

This system is actively used by cloud providers, universities and IT companies.

In any case, Silverblue has a chance to find its niche in the market. Whether it will work - to be seen in the future.

---

Materials from the First Corporate IaaS Blog:

• What is a service-defined firewall and how does it work?
• What can hinder the development of quantum computers?
• What new computing systems may appear in the data center

Additional reading on Habré:

• What incidents with the Border Gateway Protocol can be identified over the past few years
• ICANN removed the .org price threshold - why the IT community is against, and what will happen next