Rolling my own immutable distro

BrianTheeBiscuiteer@lemmy.world to Linux@lemmy.ml – 36 points –

I've looked at a lot of other immutable distros and I might just end up using one of those, but I feel like taking on a bit of a challenge and there's a few things I'm not very keen on with existing solutions (last paragraph is my idea if you want to skip the context).

Most immutable systems I've seen require a reboot in order to apply system changes. What is this, Windows? Yeah, reboots are quick but restoring my windows and getting back into my groove is not quick. Also, every immutable OS I've seen wants you to opt-in to a rollback. Rarely do I see the full effects of installing a package or altering a config immediately. By the time I notice an issue maybe it's too late to rollback to before the change or maybe I've done a few other things since and I don't want to rollback everything. I would much prefer to make "rolling forward" or persisting changes to be a very conscious process.

I started messing with BTRFS and I think I've come up with a process that will get me what I want, no matter the distro. Please poke holes in my idea. So I think I can use BTRFS to hold data for the rootfs in three different subvolumes (at minimum): root-A, root-B, root-Z. root-Z is my golden image and it represents what I want root to look like after reboot. root-A and root-B are the active and passive instances of rootfs, but which one is active will flip-flop after every reboot. So if I boot with A, B gets replaced with the contents of Z. In the meantime I can do whatever I want with A. Not sure how I'll update Z (chroot or "promote" the active subvol to be Z) but without an update every reboot is an automatic rollback.

Thoughts?

26

You are viewing a single comment

Most immutable systems I’ve seen require a reboot in order to apply system changes.

It depends on the type of change you're applying and which specific immutable/atomic/composable distro we're talking about. In the case of GuixSD and NixOS, this is simply (mostly) false. For the others, if you're going to change the base-system/image, then a reboot is required. Though, it's important to mention that often enough systemctl soft-reboot suffices. And even then, some of them (like Fedora Atomic) offer functionality (e.g. through --apply-live) to apply the changes directly to the working system. And we're not even talking about the latest innovations (like systemd-sysext that might be able to provide a revolutionary solution to this problem altogether.

Also, even immutable OS I’ve seen wants you to opt-in to a rollback. Rarely do I see the full effects of installing a package or altering a config immediately. By the time I notice an issue maybe it’s too late to rollback to before the change or maybe I’ve done a few other things since and I don’t want to rollback everything. I would much prefer to make “rolling forward” or persisting changes to be a very conscious process.

You seem to have false notions on how this works on atomic distros, or at least it seems your understanding only applies to a small subset of them. E.g. responsible use of GuixSD and/or NixOS completely circumvents this from the get-go. Even Fedora Atomic offers (relatively) sane management of rollbacks.

I started messing with BTRFS and I think I’ve come up with a process that will get me what I want, no matter the distro. Please poke holes in my idea. So I think I can use BTRFS to hold data for the rootfs in three different subvolumes (at minimum): root-A, root-B, root-Z. root-Z is my golden image and it represents what I want root to look like after reboot. root-A and root-B are the active and passive instances of rootfs, but which one is active will flip-flop after every reboot. So if I boot with A, B gets replaced with the contents of Z. In the meantime I can do whatever I want with A. Not sure how I’ll update Z (chroot or “promote” the active subvol to be Z) but without an update every reboot is an automatic rollback.

I don't understand how this solves your (conceived) issue with rollbacks. Furthermore, I also wonder what kinda changes you're applying to your system on a daily basis. Like, do you really feel the need to poke at /usr every day? Aren't your needs regarding installing software already (mostly) solved through AppImage/Nix/Flatpak/Snap/Brew etc?

I'm not planning to alter the system daily so, admittedly, this is a bespoke, non-trivial process to handle an uncommon use case. In general I haven't run into the kind of issues that immutable distros proport to fix. I would say this is moreso an OCD friendly approach to OS management. I'm also hoping this setup will basically force me into using Ansible more and manual tweaks less.

I feel Guix and NixOS are a bit more in a league of their own due to their declarative nature. I'm on the fence if I want to go that far. Again, I'll admit my knowledge of these systems is based on docs and I'll probably have much different thoughts getting hands on.

And my goal is to rely on Flatpak and containers but if that was the answer then all the immutable distros out there are about as overbaked as my idea.

Thank you for the reply!

I’m not planning to alter the system daily so, admittedly, this is a bespoke, non-trivial process to handle an uncommon use case.

Honestly, I think you're underselling the potential importance this has; I wouldn't be surprised if a lot of users that have tried Fedora Silverblue, openSUSE Aeon or Vanilla OS were simply put off by how long it took them to get going post-installation compared to any other distros they're used to. So, I do believe it's a noble endeavor. However, I'm actually more in favor of educating people on the paradigm shift that comes with an atomic distro.

In general I haven’t run into the kind of issues that immutable distros proport to fix.

That's excellent! If I may ask, which distro(s) do you usually run on your systems?

I would say this is moreso an OCD friendly approach to OS management.

Hehe, great way to put it.

I’m also hoping this setup will basically force me into using Ansible more and manual tweaks less.

Interesting to see you mention Ansible. I'll get to this in a moment.

I feel Guix and NixOS are a bit more in a league of their own due to their declarative nature.

Exactly.

I’m on the fence if I want to go that far.

I believe you're ripe for it; if you want to force yourself into using Ansible, then you might as well commit to GuixSD or NixOS instead.

Again, I’ll admit my knowledge of these systems is based on docs and I’ll probably have much different thoughts getting hands on.

That's fine. We're all continuously educating ourselves.

And my goal is to rely on Flatpak and containers

Interesting! Like, 100% rely on those two only? So not even installing software directly to base system*? This is actually kinda similar to openSUSE's current implementation for its atomic distros**.

but if that was the answer then all the immutable distros out there are about as overbaked as my idea.

I'm not entirely sure if I understood you correctly. But I agree that Flatpak and containers can basically be achieved on any distro out there. No need to go immutable/atomic/composable if you just want Flatpak+containers.