It has been a bit more than a year that we’ve set up the Atomic Workstation SIG. A little later, we settled on the name Silverblue, and did a preview release with Fedora 29.
The recent F30 beta release is an good opportunity to look back. What have we achieved?
When we set out to turn Atomic Workstation into an every-day-usable desktop, we had a list of items that we knew needed to be addressed. As it turns out, we have solved most of them, or are very close to that.
Here is an unsorted list.
Full Flatpak support
GNOME Software already had support for installing Flatpaks, a year ago, so this is not 100% new. But the support has been greatly improved with the port to libflatpak – GNOME Software is now using the same code as the Flatpak commandline. And more recently, it learned to display information about sandbox permissions, so that users can see what level of system access the installed applications have.
This information is now also available in the new Application Settings panel. The panel also offers some control over permissions and lets you clean up storage per application.
A Flatpak registry
Flathub is a great place to find desktop applications – there are over 500 now. But since we can’t enable Flathub by default, we have looked for an alternative, and started to provide Flatpak apps in the Fedora container registry. This is taking advantage of Flatpaks support for the OCI format, and uses the Fedora module-build-system.
GNOME Software support for rpm-ostree
GNOME Software was designed as an application installer, but it also provides the UI for OS updates and upgrades. On a Silverblue system, that means supporting rpm-ostree. GNOME Software has learned to do this.
Another bit of functionality for which GNOME Software was traditionally talking to PackageKit is Addons. These are things that could be classified as system extensions: fonts, language support, shell extensions,, etc. On a Silverblue system, the direct replacement is to use the rpm-ostree layering capability to add such packages to the OS image. GNOME Software knows how to do this now. It is not ideal, since you probably don’t expect to have to reboot your system for installing a font. But it gets us the basic functionality back until we have better solutions for system extensions.
Nvidia driver support
One class of system extensions that I haven’t mention in the previous section is drivers. If you have an Nvidia graphics card, you may want the Nvidia driver to make best use of your hardware. The situation with the Nvidia drivers is a little more complicated than with plain rpms, since the rpm needs to match your kernel, and if you don’t have the right driver, your system may boot to a black screen.
These complications are not unique to Silverblue, and the traditional solution for this in Fedora is to use the akmod system to build drivers that match your kernel. With Fedora 30, we put the necessary changes in place in rpm-ostree and the OS image to make this work for Silverblue as well.
Third-party rpms
Fedora contains a lot of apps, but there’s always the odd one that you can’t find in the repositories. A popular app in this category is the Chrome browser. Thankfully, Google provides an rpm that works on Fedora. But, it installs its content into /opt. That is not technically wrong, but causes a problem on Silverblue, since rpm-ostree has so far insisted on keeping packaged content under its tight control in /usr.
Ultimatively, we want to see apps shipped as Flatpaks, but for Fedora 30, we have managed to get rpm-ostree to handle this situation, so chrome and similar 3rd party rpms can now be installed via package layering on Silverblue.
A toolbox
An important target audience for Fedora Workstation is developers. Not being able to install toolchains and libraries (because the OS is immutable) is obviously not going to make this audience happy.
The short answer is: switch to container-based workflows. Its the future!
But that doesn’t excuse us from making these workflows easy and convenient for people who are used to the power of the commandline. So, we had to come up with a better answer, and started to develop the toolbox. The toolbox is a commandline tool to take the pain out of working with ‘pet’ containers. With a single command,
toolbox enter
it gives you a ‘traditional’ Fedora environment with dnf, where you can install the packages you need. The toolbox has the infrastructure to manage multiple named containers, so you can work on different projects in parallel without interference.
Whats missing?
There are many bigger and smaller things that can still be improved – software is never finished. To name just a few:
- Make IDEs work well with containers on an immutable OS
- Codec availability and installation
- Handle “difficult” applications such as virtualbox well
- Find better ways to handle system extensions
But we’ve come a long way in the one year since I’ve started using Atomic Workstation as my day-to-day OS.
If you want to see for yourself, download the F30 beta image and give it a try!
You write, “switch to container-based workflows. Its the future!”.
As a traditional developer who have just fiddled around with docker a minor bit, I don’t really see the container based workflow for developers in my mind. So it would be great to have that described more in detail what you mean. Do you mean some IDE container integration and things like that, and how do you work with that in practice.
Silverblue is indeed incredible! One point l’d like too see addressed, though, is not having to remove all layered packages from additional repos for every system upgrade. I’m currently thinking of using ZFS for my `~/`, but as I had to uninstall ZFS for the upgrade to FSB30, I assume that this is currently not possible. :/
The Silverblue is really awesome. I want to thank Team Silverblue for making this real. I’m using it for almost half a year on my own workstation and gamestation, both are now running Fedora 30 Silverblue Beta.
Only issues I’m experienced so far are related to gnome-software and all of them were reported.
I’m also missing a official browser in flatpak. I’m using unofficial flatpak of Firefox Nigthly, but it still has some issues.
Thanks for your blogpost! It’s great to see Silverblue making such amazing progress! Although, I am not sure if the new rpm-ostree layering for apps in GNOME Software is a good idea. It is confusing for new users and quite buggy at the moment (one of the bugs is that the rpm-ostree sources are in many cases displayed before the Flatpak ones – regular user will be confused and will install the rpm-ostree version). I think that layering via GUI is a great idea for addons/codecs/fonts/drivers and local rpms, but not for apps.
Hi there, long-time openSUSE user here. I definitely think you guys are going in the right direction with this initiative. And I’m glad to see you are being realistic and pragmatic about things like Gnome Software (GUI) support and 3rd party RPMs; those would both be requirements in order for me to switch.