The idea of an "Atomic Workstation" is to use the ideas of "Project Atomic" to have a core operating system for a workstation that updates atomically as a whole, and then layer extra software on top of that. This is as opposed to the traditional model, where the operating system is dynamically composed on the end users system out of individual packages.
The basic advantage of the atomic model is enhanced reliability:
- Reliable and consistent upgrades between versions - F22 is the same as F21-upgraded
- Testing that is done tests the actual operating system that is on users machines; there are not thousands of different variants in the wild.
- There is no possibility that an upgrade of the operating system runs into problems halfway through and leaves the system in a trashed state.
- It is possible to rollback from unsuccessful updates, or if new operating system doesn't work with the user's apps
Currently, many problems with an unbootable Fedora system are bootloader or initrd issues; bootloader configuration issues are still a potential problem with the Atomic model. The ostree handling of /etc, which allows arbitrary modification by the user, also means that there is a gap between the goal of an unbreakable system and the reality.
Pretty much anything that the normal Workstation is used for. The primary target of the Workstation is different varieties of developer, but the Workstation is also supposed to work for other users such as sysadmins, people who want to play games, or people who only want to use productivity applications.
Graphical applications such as productivity applications or games are installed via xdg-app. If we provide a "fedora runtime", we can rebuild Fedora RPMs into applications in a pretty transparent fashion. introduction update
There are some classes of things that a user might want to install that are not applications: for example: fonts, codecs, and proprietary kernel modules. These will require a different installation mechanism.
It is important that even if there are different underlying technologies, the user experience is seamless: that the user doesn't have one experience with system updates, another experience with applications, and yet another with fonts. We expect to pull everything together in GNOME Software.
The Fedora Workstation image might have some set of developer tools installed natively - at least a compiler. But the set of things that a developer might need is far too large to have *everything* part of the operating system. Some examples of what a developer might normally install on a Fedora system:
- A developer of a native Linux GUI or command line application:
- library header files
- tools for compilation like automake or a compiler for a different language
- tools for debugging like gdb or valgrind
- A developer using Python or Ruby for a web application
- modules for the interpreted language
- Server components like mysql or httpd to test there application
- A developer using Java for a server application
- An IDE
- A Fedora developer
- dependencies of a packages that they want to build locally
- A package that they built
- A kernel developer
- Tools required by the kernel build system
- A kernel they just built
Kernel developers are an outspoken and important target for Fedora, but one that is numerically small. Testing a new kernel on bare hardware is inherently tricky, because it is in fact changing the operating system, not testing something on top of the operating system. At least a logical possibility is to have explicit ostree/rpm-ostree support in the kernel build system: a 'make ostree' command would build a new ostree tree based on the current tree plus a commit for the new kernel.
Addressing developer needs
It's unlikely that any single approach can replace all situations where someone would install an RPM on a Fedora system to do a development task. Some things that could be on the menu of options:
Home directory installation
Developer's often already work without modifying the system: examples include GNOME's jhbuild and Python's virtualenv. For a Java developer, the normal workflow is that JAR files live within your development tree and are not installed systemwide. All these cases work perfectly within the "Atomic" model.
Installing tools as applications
Some tools, such as an IDE make sense to install the same way as other applications. Because IDE's are typically large and cross-platform, it may be hard to get them modified to work well within a sandbox system - they might need permissions like "access all files in the users home directory. This doesn't cause any problem for the question of software installation and layering, but does pose an issue for us in terms of how we present application installation to the user: how can you allow the user to easily install Eclipse and simultaneously protect the user from being tricked into installing a trojan that steals credit card data. Perhaps unsandboxed apps, or apps with dangerous permissions are only allowed to be installed from trusted repositories.
https://github.com/projectatomic/rpm-ostree/pull/107/commits is a prototype of how layering packages of an rpm-ostree works - it creates a new tree locally with the specified packages layered on top. If the package consists only of new files, it may be possible to pull the files into the running system (See http://blog.verbum.org/2014/02/26/ostree-rigorous-and-reliable-deployment/ for some related discussion.) Having to reboot to install development header is likely unacceptable, so it seems like this idea of pulling in new files into the running system is essential for this to be useful.
There also has to be a large degree of robustness - it must be clear to the user what packages can be installed in this fashion and installing has to be reliable. Trying to install packages without upgrading existing packages in current Fedora tends to work very badly because of the degree of flux in the repositories - it's common to have <package>-<version>-<rev> installed, but only <package>-<version>-<rev+1> in the repository.
The effect on updates and upgrades also needs to be carefully considered - packages that have been layered on top of the core operating system can't be allowed to break an update for a security/bug fix or an upgrade to a newer version of Fedora.
Doing development in containers is one better way to handle these sorts of scenarios. Containers are great for testing: they allow installation of dependencies without conflicts, and also allow creating a container image that can be deployed *exactly as is*, without worrying about whether the deployment operating system is the same as the development system. Containers can also be used for compilation, although this is currently less common. Compiling in a container gives a very straightforward way to build binaries that are independent of the developer's system; that use a standard compiler and library versions. (gnome-continuous is an example of a system that uses containerization in this way.) Compiling against a standard SDK in a container makes even more sense when the build target is an application that will be run in a container.
When the user is using an IDE, it's the IDE's responsibility to make working with containers as transparent and convenient as possible.
The main, and strong, disadvantage of pushing development towards containers is one of consistency with the workflows that developers are used to, and with the documentation that is available out there. If someone finds a tutorial on the internet about how to develop with Django and mysql with Fedora, that tutorial isn't going to work at all if we are asking them to create a Docker image.
Using a nested operating system
The easiest way to handle presenting an environment that looks like a classic Fedora system where you can
dnf install arbitrary packages is to have a nested operating system file system that's separate from the host operating system. This could be done with containers, or virtual machines. If we went this route, there might be an argument that using Vagrant is a superior route than building something new and different. All the documentation and experience with people doing Linux development in an OS X or Windows desktop would carry over. The basic question with using Vagrant from a marketing perspective: how are we a better development environment for deployment on Linux if developers are working the same way they would on a different operating system.