 My name is Adam Shamalik. I'm a software engineer in Red Hat. Most of my work goes to Fedora, and I came to talk about things So Let's start with question. Um, Who of you is a developer? Okay, cool. We have quite a few developers. Um, so I think what you want if you're developing something besides tooling and everything You need to use you want to use as many things to make your job as easy as possible, right? So if you're writing something in Python, you won't be rewriting like Yamaha or anything. You will just get everything from the Internet and In it as much as thing is it's out there and usually I think you would need the latest version possible because they have the big big speech first and just like make your work very very easy, right and You don't really care where it comes from. It just needs to work and make your job easy and then it's ready it goes to production and I know it's a pilot. I couldn't find another picture System systems means operators any of you maintaining servers Is on call these guys will hate you if you do that for them. So What they want is packages Auditability life cycle support. It's a really really different thing, right? These people are really different, but they have to work together so variety versus stability and So how to make those two worlds? connected and somehow how to fix this problem so First question that I have isn't this just packaging because that's kind of what Linux distributions do, right? What is packaging actually so it makes software I'm integrated tested updated and easily installable and I remember when I switched to the next It's 2019. So I can say 12 years ago From Windows XP actually, I didn't have to really like I didn't have to go to the Internet I just download everything I wanted to install and just search for it and it would break but I just typed a command and it was there for basically anything it was a magic and That was kind of cool and there are people actually making sure that everything is easily installable You get the updates. It's tested and integrated together. So it works in a consistent manner Another thing I didn't care about is life cycles, but now I need to run services or something I kind of care about life cycles because This says this brings an overtime stability to diverse open source world, but what that what that means really is If you look at the open source project, and I don't think there are seven there like millions, but this is kind of simplified view and it's kind of mess right this is this is a view of maintenance timeline And they just new projects appear disappear new versions appear and just like Crazy and if you need to have a lot of them on the server, how can you know that someone's actually taking care of it? so what then is distribution do they somehow squeeze it together they pick the right ones and They put them all in the same life cycle. So it's a little bit less crazy So, you know that everything is the same and there somehow conveniently released as Distribution releases we called them for example Fedora 27, Fedora 28 So it has a version so it you kind of know what's in there and it's consistent And of course the many Linux distributions out there. It's not just Fedora. So For example, CentOS. It's really long time stability or Fedora a little bit shorter And then we have something like Arch Linux, which basically that's no release. It's just like new features coming all the time So you can kind of choose what you want. What's the best for you and If you're a developer you might choose something faster If yours is I mean, okay, you can choose something slower it really depends but But this whole concept I think it sounds great for Operators, right? We have packages. We have life cycles. We have updates with everything. It's transparent I kind of know what's in the system. That's great but it's monolithic and Developers might be limited or even CIS admins might be limited because a certain app is a certain version. So What to do with that? Containers, maybe Do they make both happy Let's let's have a look at containers then so They're kind of isolated and portable which is great So like I have this image with raspberries so imagine like a huge pile of raspberries How do you move it? That's possible But if you put it into boxes, you can kind of move it around you can sell it quickly and easily And it's great. How will that look like in a week or five? Containers are just isolated and portable The thing that you just have something in a container and make it run doesn't somehow magically make it better, right? so Containers are great, but for this particular problem, there might not be the solution at least not the first step. So what we kind of need is new versions or variety of versions for developers With the qualities required by operators And I think that's easy to say but let's have a look if we can somehow figure it out And that's why we started project in Fedora code Fedora modularity, which kind of does this thing So let's have a look what's what's going on in there. So modularity basically separates the life cycle of Different pieces of the distribution. So I have like OS and maybe some application. So it's kind of going back to the image with the upstreams, but not too much and We saw this image, right? So let's have a look what's inside If I see inside, I'll just narrow it down to Node.js package and then just one package there like tens of thousands, but I Can see that For example f26 Fedora 26 ship Node.js version 6 just one and 27 had Node.js 8 just one and if you need to like Have a different version. It was kind of difficult. So what happened in Fedora 28 is that we in the Fedora 28 server we introduced modularity and what it does is and This is kind of high-level, but we basically enable multiple streams of content to be available to the system and We call it streams. We don't call it version because there's a Important difference. You can't just go back to an old version and just like pin it in there You still need to get updates. So these are like streams of backwards compatible updates for for the application and When you're ready to upgrade to a new version of the OS you can you can change Or you can keep the same one. It's kind of it's independent so you can do whatever your application needs, but you can keep the latest OS for example and If you're an engineer, you might see that this is kind of lie We are not trying to make binaries that just run everywhere. It's it's mostly like this We produce actual native binaries for the OS, but in concept. They're the same thing So in the UI it's then easier to navigate through All right, so before I show you a demo, um, there are like four concepts that we need to have a look at to understand modularity so packages Everything in the Linux distro is a package and we're not changing anything in there If you know Fedora if you use Fedora or Debian or whatever If I don't change the packages at all, they're still in there But what we do is we introduce this concept called module and it's like a logical group of packages on independent life cycles and We group them to make the navigation a little bit easier So you don't have to work on the package level and figure out which one of the tenth of thousands packages is Continuing your application. It's just no JS or a database and Then we have independent life cycles. We can provide them on multiple versions that you can choose from and if there are Many versions we also don't want to make you choose every time because that would be crazy So we have defaults and that means that you can only choose you need to only choose when you really want to so If you don't care, you don't care everything works as it before but if you need to switch a version you actually can and then We also need to make sure that if you update the system and you say I want no JS 8 You don't get 10 by accident when it comes in, right? So the updates will respect your choice and unless you change it explicitly, it will stay on the steam you chose alright So let's have a demo and I really like live demos. So I don't want to ruin their reputation. So let's do a recorded demo All right, let's see how that works So this is a federal command line and I'm tying DNF module list Which is a new command list all the modules available in the distro and I might even yeah So this is a list of the modules we there. It's we have it's been long, but I'm highlighting no JS I'm at the time of recording. There were two streams of no JS 8 and 10 and I can choose Which one I want so I Might eventually type a command To install it Maybe yeah, so I type DNF module install no JS 8 and this is like well-known syntax for example in the container world or other places So I'm just choosing the stream 8 here and what happens. It just gives me the packages. I need for no JS 8 it'll download them install them everything works as expected and These are packages that are the same as there were always so I don't know if you know software collections or other technologies I don't need to do anything. It's just like at the place as I want it So no no dash V actually gives me the version 8 so I can prove it's there All right. I think we should switch to version 10 and see what's gonna happen No, I forgot the video. I need to demonstrate update first so there's 8 and 10 sorry and I can see I have no update because I installed 8 and even though it's 10 is available I Still have 8. All right. Now I make the conscious choice and I say I want 10 So I type DNF module install No, just 10 and it swaps the version and upgrades of the packages to the version 10 and again Standard packages no magic. So if I type no dash V, I will see no just 10 installed on the system So everything works as expected All right, there's one more thing I haven't mentioned and these are installation profiles I Will see in a minute How that works? So for example, I can make a summary. Um, so if I have These modules I can install them in different ways So let's highlight some database I think yeah, MongoDB. Oh Yeah, and I can install database as a client or as a server or both so Let's install it as a server. So I type DNF module install MongoDB the version and slash profile and I get the server packages so This functionality in the UI is kind of useful if you don't want to dig into the packages and just like Care about the package names and everything you just have the application as the module and then maybe two or three profiles How you can install it if it makes sense So it's easier for for people to consume and I can just type Mongo, I think I'll do tap-tap just to prove there are the binaries. I won't run anything. It's yeah, I have the mongo demon I just control that see so we're wasting time and then I can Install the client packages if I want so I just take the same command and just type client and Again, I don't need to care which packages get installed. It's the client profile and Few other packages mongo tools and mongo DB get installed. The internet is really slow here. Oh It's a video wait, okay And there we go, and I just type mongo tap tap. I'll see the binaries I'd like mongo tools and Things I'm not a database expert, but that think those things mean something to people. So that's that's good So just control C and I'm done All right, so that was modularity So I could see that I have multiple versions available to the system and I can choose one that I want I can't install two at the same time because they would collide because they are at the proper place I would expect but Let's have a look at containers again So I like containers. I think they're great But we should let's let's have a look at that Right at the real benefits. So They run almost everywhere That's the first and I can do the compost and testing upfront and then just deploy it in production and actually I can even make other people to do it for me and Then we had that we have the third party container registries full of useful software I can just like grab a database and just deploy it on my server and just run right. That's perfectly fine Right. Oh, no, no, okay So what kind of happens sometimes is that there are people with not good intentions Maybe and there were some content images on Docker have but any public registry could do that Basically run fine, but they were mining cryptocurrency on your hardware and they make quite a bit a lot of money. So You you really need to know what's in the container So back to the true container benefits again, they run everywhere. I can do the compost and testing upfront so I Can build custom containers with Linux distributions and I can leverage the same benefits I have for the service So I can have the packaging a lifecycle benefits and I can actually run it everywhere So I can just in the Docker file the DNF module install no JSA or whatever Or I can use a tool called builder, which is a tool that builds containers Without actually the installations for being in them so it can just build small application container just with the dependencies You need and what's nice about it if you need an update just rebuild the container It picks the updates automatically. You don't have to go to the upstreams and do anything. So that works quite nicely and Then when your application is in a container and You can kind of run everything in container, then there's the question. What about the OS that's below the containers Do you actually need to care? really The answer is definitely yes You need to care about the OS because the security for performance for hardware compatibility and other things But it doesn't need to be your pet in the sense that you doesn't need to care what exactly it's installed in it Or you don't have to change it. So you can use so-called immutable OS and in Fedora we have two projects one is called Fedora core OS and one is called silver blue and it's a It's a container focused operating system and One of the main benefits is the way it gets updated. So I Like small animation. So I'll just do another animation Let's let's have a look at a traditional system that has packages and I want to do distribution upgrade or just DNF updates What happens? I'll update it from orange to green and I can see that it just like modifies itself underneath itself and One by one piece it just changes, right? Which is kind of cool, but it can break and you can be in a state That's not quite good. So But I actually don't need to care about the individual packages in them So what silver blue and core OS can do for you is they have a technology called rpm OS 3 and It basically built an image Or Fedora built an image out of rpm's and you just download the whole image on the side just like that and then You can just reboot to the image and if it doesn't work you can just go back and that's really nice on Service for example, if you're like remote service somewhere, you really don't want it to break and not boot. So This is quite handy or on your laptop actually when I use I know this is a Mac But I normally use silver blue as well and I Remember when I when I upgraded from federal 28 to 20 20 federal 29. I just did it over Over lunch break. I didn't really care if it works or not because I could always go back and it worked nicely So we can even experiment and it's kind of nice so This is core OS and silver blue and I call them feel as upgrades because you always can go back That's the rollback All right, so We talked about about few things and that was quite fast. So If you have to remember three things from all of this, I think it'll be these so Linux distributions and modularity and the packaging and lifecycle benefits So I can get software very easily with some guarantees and different levels guarantees with different OSes Containers are just portable and isolated but they're great and I can use Distributions and modularity in containers to make them work nicely and quick to make them work great and I can run them on Corvus and silver blue and I can I feel as upgrades and that's the story that we built in Fedora for life cycles and applications and how to make Developers and operators friends and that's all I have Any questions? Yeah So why would I choose silver blue or coro s and if they're competing them? So they are very similar technologies, but coro s is focused on your server So it's like a minimal host just to run containers, but silver blue is a full desktop environment So you can run containers, but you can also run flat packs, which are like containers for graphical applications and That's basically the difference so there's very different focus in those Any other question? Yeah? If I take Alright, so that's a question if I choose to have a specific Module stream and if there are some packages that would somehow overlap with the module What happens and the module always wins? and that's the way how we can actually have modules even for example if you have third-party repos and You want to try? I don't know a new version of gnome for example, and you try it on Fedora, which The gnome is not as a module. It's just a normal packages, right? But you can actually just add a module repo Install it if you want and it just replaces the packages, but then you can just Install it again and just gets the normal packages. So It always wins. That's how you can deliver additional versions This is true always for dependencies for the stream Because I noticed that the node.js is GCC as dependency, and it's not really Good to have all versions of GCC Because you need all that. Oh, yeah, if you notice something in the demo. I recorded a while ago I think it was on Fedora beta Whatever so that there might be some packaging issues in there But in general you shouldn't bundle GCC or something in your module, right? If that happened that was a bug and I should probably fix it for the next demo. Thanks for noticing Yeah Good question. Can I in a can I install multiple module streams at once like php6 php7? No, and that's the design choice we made because we install Software in the proper paths as you would normally expect So, I don't know if someone of you are familiar with technology called software collections These were like RPM packages that installing software in separate parts So you could actually that would be able in conflict, but it was kind of pain to maintain and pain to use So yeah, these are just just the standard parts and we are not trying to re-implement this And we're gonna see that the world is moving to containers. Anyway, so that's that would be the way how to run multiple versions Yeah Yeah Yes, yeah, if I can compare module to young package groups definitely and So in federal they were always young package groups, which are like also gonna represent an application But what would happen if you install a package group you install the whole thing? So that's one and you couldn't Make multiple versions available to the system So it was just like just grouping packages, but not adding really much benefits in there modules at the benefits of Independent life cycle and you can choose which stream we want and also on the build side Which is kind of hidden for the users, but you can have one source and just build it for multiple federal releases And they produce native binaries for all the releases and then you can do even magic like built against multiple modules So it's just like you have like a matrix of explosion if you really want to So there are additional benefits to that Yeah You Yeah, what's a great point? I'll just repeat it for the recording. So yeah If you want to if you want to just install a package just without caring about modules We can just do yum install package name and it works as we're used to it can enable the module for you And just consume the packages natively. So it basically works like groups in that regard as well. Yeah All right If I know when modules are ready for enterprise Linux, so Recently there was well very enterprise Linux 8 beta out and if you look at the upstream repository So which is like a repository with the applications. They use technology Basically very similar to this you have yum module install something. So it looks like it's coming I can't speculate on that. But yeah in the beta. Yeah, you can you can see there Any other question? All right. Well, thanks for coming and Yeah, if you have any question and see me on the whole way just come