This is really great! Was definitely getting lost when it comes to actual use of ostree stuff before watching this. Is there a way to manage /etc and other configuration declaratively? I understand the merge thing between /usr/etc and /etc on update (where the modified /etc file wins if the usr has touched it), but it would be nice to say "no matter what /etc/MyApp.conf is, please ensure this setting is set" (e.g. disable root password login for ssh), yet still track with any updates from the default provided package for it. I remember Colin saying in some 2022 presentation that it's being worked on, but maybe I misunderstood
Colin was probably referring to Bootc. Which allows you to define your OS in a Containerfile. github.com/containers/bootc containers.github.io/bootc/ So if you wanted to make a system change, you would add it to your Containerfile, rebuild the container and then rebase your system onto the new image.
Earlier this year I was really enjoying Fedora Desktop 39, my first Linux OS since moving from Windows. Then Fedora 40 came along and, sure, I agreed to update. Not sure what went wrong, but it got totally borked, my system was half-updated and left unbootable. I felt betrayed. I thought, "what's the point of grub allowing me to boot to a previous kernel version, it's still unbootable, I wish a system update took the obvious precaution of a btrfs snapshot I could rollback to". I was left with an unusable computer for days unless I booted back into Windows. The whole experience left me with a unpleasant aftertaste of my perception of Linux's "amateurism". Thankfully no data was lost so I hopped to Zorin and reconfigured everything back to a workable state, took almost a week though. A few months later and I'm trying out Kinoite in what used to be my Windows' SSD, really enjoying learning how different it is and how it could help me as a developer. Most importantly, a rollback would've been easy in case of a failed update. It also wouldn't have failed the same way, the update being atomic.
@@triplewho1448 once I get through my current nix phase I’ll have to give silverblue another spin. It’s been a minute and looks pretty neat these days.
It's pretty cool hey! They have some good YT videos too if you haven't seen them. I like what they're doing with Fedora Atomic, I can see how a similar approach would be valuable for organisations looking to create standardised images for staff and updates. Stable base system built as per their requirements, then user applications in containers and flatpaks to keep things predictable at the system level.
@@triplewho1448 For servers it would be cool to see a simpler more universal infrastructure-as-code using OCI based operating systems. NixOS is cool but their security and enterprise readiness leave a lot to be desired. It seems like folks are on the way there. In a few years, i could see it being possible to define server hosts and container services using a more unified configuration as code. Perhaps even using systemd with quadlet to manage the containers for more stability and less overhead than docker. Images for the host OS being extremely slim because they just have to run containers and no containerless services. Slimming down like this would allow for extreme efficiency in cloud usage , especially when paired with serverless functions like Lambda. And also make Cloud Engineering and DevOps Engineering much more manageable, and thus more secure. Smaller attack surfaces, layers of containerization and virtualization, and less juggling of many separate scripts and configs. Bluefin is definitely an extremely forward thinking project
Hey, it will be presented at Red Hat Summit this year: events.experiences.redhat.com/widget/redhat/sum24/SessionCatalog2024/session/1706889018008001wfcU The project I’m referring to is mentioned in that event description. It’s called bootc github.com/containers/bootc
In this particular video, I believe it was the mic on the Logitech brio webcam. But in every video I have uploaded since this one, I have used AirPods for Audio, my iPhone for the face camera and recorded those two on my MacBook. Then my Thinkpad for the computer I’m actually working on and screen sharing. :)
This feels right and much closer to the end state of what an operating system/desktop environment should be like
Thanks :-) a concise overview and excellent explanation on fedora silverblue and best practices
This is really great! Was definitely getting lost when it comes to actual use of ostree stuff before watching this.
Is there a way to manage /etc and other configuration declaratively?
I understand the merge thing between /usr/etc and /etc on update (where the modified /etc file wins if the usr has touched it), but it would be nice to say "no matter what /etc/MyApp.conf is, please ensure this setting is set" (e.g. disable root password login for ssh), yet still track with any updates from the default provided package for it.
I remember Colin saying in some 2022 presentation that it's being worked on, but maybe I misunderstood
Colin was probably referring to Bootc. Which allows you to define your OS in a Containerfile. github.com/containers/bootc
containers.github.io/bootc/
So if you wanted to make a system change, you would add it to your Containerfile, rebuild the container and then rebase your system onto the new image.
Earlier this year I was really enjoying Fedora Desktop 39, my first Linux OS since moving from Windows. Then Fedora 40 came along and, sure, I agreed to update. Not sure what went wrong, but it got totally borked, my system was half-updated and left unbootable. I felt betrayed. I thought, "what's the point of grub allowing me to boot to a previous kernel version, it's still unbootable, I wish a system update took the obvious precaution of a btrfs snapshot I could rollback to". I was left with an unusable computer for days unless I booted back into Windows. The whole experience left me with a unpleasant aftertaste of my perception of Linux's "amateurism". Thankfully no data was lost so I hopped to Zorin and reconfigured everything back to a workable state, took almost a week though.
A few months later and I'm trying out Kinoite in what used to be my Windows' SSD, really enjoying learning how different it is and how it could help me as a developer. Most importantly, a rollback would've been easy in case of a failed update. It also wouldn't have failed the same way, the update being atomic.
Nice walk through.
Thanks man, glad you liked it. I know you're a recent NixOS convert; great that you still gave a Silverblue video a watch. :)
@@triplewho1448 once I get through my current nix phase I’ll have to give silverblue another spin. It’s been a minute and looks pretty neat these days.
The Bluefin site at 8:25 would be a sweet wallpaper 😆
It's pretty cool hey! They have some good YT videos too if you haven't seen them. I like what they're doing with Fedora Atomic, I can see how a similar approach would be valuable for organisations looking to create standardised images for staff and updates. Stable base system built as per their requirements, then user applications in containers and flatpaks to keep things predictable at the system level.
@@triplewho1448 For servers it would be cool to see a simpler more universal infrastructure-as-code using OCI based operating systems. NixOS is cool but their security and enterprise readiness leave a lot to be desired. It seems like folks are on the way there. In a few years, i could see it being possible to define server hosts and container services using a more unified configuration as code. Perhaps even using systemd with quadlet to manage the containers for more stability and less overhead than docker. Images for the host OS being extremely slim because they just have to run containers and no containerless services. Slimming down like this would allow for extreme efficiency in cloud usage , especially when paired with serverless functions like Lambda. And also make Cloud Engineering and DevOps Engineering much more manageable, and thus more secure. Smaller attack surfaces, layers of containerization and virtualization, and less juggling of many separate scripts and configs.
Bluefin is definitely an extremely forward thinking project
Do you have a link to the Red Hat presentation on the boot from podman thing you mentioned? Or was the summit private? What’s it called?
Hey, it will be presented at Red Hat Summit this year:
events.experiences.redhat.com/widget/redhat/sum24/SessionCatalog2024/session/1706889018008001wfcU
The project I’m referring to is mentioned in that event description. It’s called bootc
github.com/containers/bootc
@@triplewho1448 thank you!
What mic are you using, if you don't mind me asking?
In this particular video, I believe it was the mic on the Logitech brio webcam. But in every video I have uploaded since this one, I have used AirPods for Audio, my iPhone for the face camera and recorded those two on my MacBook. Then my Thinkpad for the computer I’m actually working on and screen sharing. :)
@@triplewho1448 That is awsome! Thanks for letting me know.