miscing

deleted by creator

Immutable systems do not “lock you out of changes you might want to do that aren’t official”, even if steamOS specifically does.

Microos and coreos both allow package layering client side. There is also features landing allowing “unlocking” the read-only filesystem.

More importantly, coreos now allows using Containerfile to customize the distro server side, and then all your computers can pull the same image (with all your hard work stored in the registry, and reapplied via the Containerfile and some cicd). It’s certainly a very different and new workflow and there is a lack of tools user facing tools, but that is always the case with new tech.

The workflow I would sell you on is this:

• “unlock” system (allowing non-persistent changes)
• test everything works as you would like
• apply same changes via Containerfile
• Enjoy all your computers automatically updating to this and all your hard work being stored permanently in a registry.

This is a simplification and in practice currently a lot of things are hard to accomplish this way (say bootloader changes). But that is the “goal”, and after running highly customized distros for a decade, I at least would love to be able to have all my changes in all my (present and future) computers without the hassle that brings currently

deleted by creator

At least in coreos. rpm-ostree let’s you “layer” packages on top of the base image, so when you install the next update it will automatically install your packages on top. You get to have the cake and eat it too.

Because I forgot one of the most important features: true automatic updates with auto-revert. Reproducible OS’s are updated in the background and the updates don’t take effect until you reboot. This means you can finally safely update the OS. And if something fails, the bootloader can autorevert to the previous working version.

This is more impactful in server world. In your personal computer you update packages and most of the time “everything is fine”, if it’s not you reboot. But accurately knowing which packages require a reboot has been a long standing problem, which reproducible OS now fix by just not doing that. In server world an update breaking things can take time to find and can affect multiple machines at the same time. The stakes are higher to make sure updates are stable.

Immutable distros seem to get a lot of hate, and a lot of it seems misplaced (and imo from people that haven’t really read up on it). I want to try to clear up a couple of common misconptions:

Immutability: Immutability is not the purpose of coreos or microos, but rather a side effect. The purpose is reproducibility, and for that immutability is needed. This is related to the mechanism used to achieve reproducibility. That doesn’t mean immutability isn’t a useful side-effect (security), it just means it’s not the main objective.

Reproducibility: The main desired outcome. And why I don’t understand opinions like “why are they still made (since nobody wants it)”. Reproducibility has been worked on for along time in the OS world and is a worthy goal. We aren’t there yet but an obvious use case is voting machines. A more immediate benefit is: we can finally guarantee that a collection of packages that has been extensively tested will be deployed bit to bit in all servers.

User usage: there is an argument to made that this isn’t useful in end-user distros, and is more of a server feature. Largely for linux power users this will continue to be true. But for others: it lets the distro makers make a stronger guarantee on the interoperability of the programs packaged in a specific version. A OS version has been tested thoroughly and you get a bit to bit copy of it. No more “package X broke package Y”. Or “package Z is missing from the dependencies”. Reproducible distros have the potential to be a more “out-of-the-box” stable experience.

I would argue that calling them “immutable” is part of what is fueling a lot of the hate and misconceptions. I would prefer “reproducible distros”. Another often ignored aspects is the the newness of the technology. While these distros look to provide a more stable experience, for now that won’t be case (but they aren’t far away anymore).

Final note: to those power users that hate the idea that they can’t “control” the distro, coreos based distros are already capable of using containers images as a transport. This means you can do anything you want through a Containerfile. And you can deploy this exact configuration to all you computers. No need for scripts to extract and install your desired configuration, just pull your personal OS image from your image registry.

Wrap up: I don’t understand how a someone who uses linux in the server world can not see the value of this tech. It offers a long wanted solution to server deployment: using container engines ability to abstract the OS environment from the application environment. To be short: it lets the OS and the apps it runs live “their own life”, with independent update cycles.