The idea of an "Atomic Workstation" is to use the ideas of "Project Atomic" to have a core operating system for a workstation that updates atomically as a whole, and then layer extra software on top of that. This is as opposed to the traditional model, where the operating system is dynamically composed on the end users system out of individual packages.
The basic advantage of the atomic model is enhanced reliability:
- Reliable and consistent upgrades between versions - F22 is the same as F21-upgraded
- Testing that is done tests the actual operating system that is on users machines; there are not thousands of different variants in the wild.
- There is no possibility that an upgrade of the operating system runs into problems halfway through and leaves the system in a trashed state.
- It is possible to rollback from unsuccessful updates, or if new operating system doesn't work with the user's apps
Currently, many problems with an unbootable Fedora system are bootloader or initrd issues; bootloader configuration issues are still a potential problem with the Atomic model. The ostree handling of /etc, which allows arbitrary modification by the user, also means that there is a gap between the goal of an unbreakable system and the reality.
Pretty much anything that the normal Workstation is used for. The primary target of the Workstation is different varieties of developer, but the Workstation is also supposed to work for other users such as sysadmins, people who want to play games, or people who only want to use productivity applications.
Graphical applications such as productivity applications or games are installed via xdg-app. If we provide a "fedora runtime", we can rebuild Fedora RPMs into applications in a pretty transparent fashion. introduction update
There are some classes of things that a user might want to install that are not applications: for example: fonts, codecs, and proprietary kernel modules. These will require a different installation mechanism.
The Fedora Workstation image might have some set of developer tools installed natively - at least a compiler. But the set of things that a developer might need is far too large to have *everything* part of the operating system. Some examples of what a developer might normally install on a Fedora system:
- A developer of a native Linux GUI or command line application:
- library header files
- tools for compilation like automake or a compiler for a different language
- tools for debugging like gdb or valgrind
- A developer using Python or Ruby for a web application
- modules for the interpreted language
- Server components like mysql or httpd to test there application
- A developer using Java for a server application
- An IDE
- A Fedora developer
- dependencies of a packages that they want to build locally
- A package that they built
- A kernel developer
- Tools required by the kernel build system
- A kernel they just built
Kernel developers are an outspoken and important target for Fedora, but one that is numerically small. Testing a new kernel on bare hardware is inherently tricky, because it is in fact changing the operating system, not testing something on top of the operating system. At least a logical possibility is to have explicit ostree/rpm-ostree support in the kernel build system: a 'make ostree' command would build a new ostree tree based on the current tree plus a commit for the new kernel.
Addressing developer needs
It's unlikely that any single approach can replace all situations where someone would install an RPM on a Fedora system to do a development task. Some things that could be on the menu of options:
Home directory installation
Developer's often already work without modifying the system: examples include GNOME's jhbuild and Python's virtualenv. For a Java developer, the normal workflow is that JAR files live within your development tree and are not installed systemwide. All these cases work perfectly within the "Atomic" model.
Installing tools as applications
Some tools, such as an IDE make sense to install the same way as other applications. Because IDE's are typically large and cross-platform, it may be hard to get them modified to work well within a sandbox system - they might need permissions like "access all files in the users home directory. This doesn't cause any problem for the question of software installation and layering, but does pose an issue for us in terms of how we present application installation to the user: how can you allow the user to easily install Eclipse and simultaneously protect the user from being tricked into installing a trojan that steals credit card data. Perhaps unsandboxed apps, or apps with dangerous permissions are only allowed to be installed from trusted repositories.
https://github.com/projectatomic/rpm-ostree/pull/107/commits is a prototype of how layering packages of an rpm-ostree works - it creates a new tree locally with the specified packages layered on top. This is not necessarily very useful for solving the problem of a developer wanting to install a few packages locally.
- It compromises the idea that we test the same core operating system as the user is running
- It compromises the idea that upgrades cannot break, it's possible that the core operating system plus a set of layered RPMs will hit dependency conflicts if we try to reproduce it on a newer version of Fedora, so the user might need to debug problems with the layered RPMs in order to install an operating system update.
- Installing new packages will require a reboot into a new operating system, this is unlikely to be considered acceptable when installing a development header.
Doing development in containers is one better way to handle these sorts of scenarios. Containers are great for testing: they allow installation of dependencies without conflicts, and also allow creating a container image that can be deployed *exactly as is*, without worrying about whether the deployment operating system is the same as the development system. Containers can also be used for compilation, although this is currently less common. Compiling in a container gives a very straightforward way to build binaries that are independent of the developer's system; that use a standard compiler and library versions. (gnome-continuous is an example of a system that uses containerization in this way.) Compiling against a standard SDK in a container makes even more sense when the build target is an application that will be run in a container.
When the user is using an IDE, it's the IDE's responsibility to make working with containers as transparent and convenient as possible.
The main, and strong, disadvantage of pushing development towards containers is one of consistency with the workflows that developers are used to, and with the documentation that is available out there. If someone finds a tutorial on the internet about how to develop with Django and mysql with Fedora, that tutorial isn't going to work at all if we are asking them to create a Docker image.
Using a nested operating system
The easiest way to handle presenting an environment that looks like a classic Fedora system where you can
dnf install arbitrary packages is to have a nested operating system file system that's separate from the host operating system. This could be done with containers, or virtual machines. If we went this route, there might be an argument that using Vagrant is a superior route than building something new and different. All the documentation and experience with people doing Linux development in an OS X or Windows desktop would carry over. The basic question with using Vagrant from a marketing perspective: how are we a better development environment for deployment on Linux if developers are working the same way they would on a different operating system.