 Thank you very much. Thanks for coming to this talk about the toolbox containers Yeah, I've introduced them. I'm Jens Peterson. I work at Red Hat for quite a long time on OS development It's great to be back in person here And yeah, so just to motivate a little bit about I've been using these toolbox containers for quite a while. I just find it really nice to have it my sort of development environment is completely separate from the system environment so I can Choose to upgrade when I want or I can use an older system sometimes if I need something there Yeah, so today I'll mainly be talking about two projects Which I've contributed to but I'm not the main developer I just want to say upfront Taking credit to this but so one is toolbox another is district box. They're somewhat similar, but they also have Some slight differences Yeah, as we'll see So, yes, what's the toolbox container This is just a so-called pat container which means it's not something that you're taking care of that sort of that's Maybe it's valuable to you Something you might be using for a longer period of time and Yeah, so it'd be using podman or Docker and The special thing about it is that it has access to your home directory and desktop environment and system resources and so on so Yeah, but I mean obviously the environment in the container is different from the system environment usually Oh, well, it doesn't have to be you might want to have it Install packages which you don't want in the system because you don't want to mess around mess up your system But you just want you still need those tools or applications So I'm going to approach this For fundamental questions why how What and who so Let's start with why a bit more Yeah, so when the main yeah, I think I more has covered some of this but So yeah, there's two main use cases I mean originally the toolbox project came up in the context of OS tree Operating systems where you cannot have an immutable operating system But then it's a bit awkward to like have development tools and so on in that kind of environment So then you then you'd have a toolbox container where you could install your compilers and IDs and so on But Yeah, and Also another vantage of say of toolbox is compared to say using a VM or something is that it's a lot less resource intensive You can save memory and this space and so on or as a VM what might need 10 20 gigabytes to run in The toolbox container will just share memory with the system and also this space and so on so Yeah, it's quite good in that sense So I'm not really going to go into a lot of detail because it's a very short talk but yeah, so basically I just Especially under podman the rootless privileged user containers And then they're using like name spaces and bind mounts To bring like sockets and system directories and so on into your toolbox and So usually it's a sort of two-step process first you create the toolbox and then you enter it or you can also run directly from your host show but So yeah, so today I want to demo This toolbox and also destroy box, which is the two main projects which are kind of for sort of interactive graphical Environments So first, yeah, there's toolbox Which is now kind of stood in this Containers org on github So it's originally started by debauchy ray in 2018 Originally it was just a shell script But then it was rewritten later in go lang The idea was that go lang would bring it closer to podman and most of the container tools and so on a written in go lang so Though I think in practice, it's more just calling out to podman these days, but So yeah, it's packaged in fedora from the beginning also available in rel and arch and also it's available in Debian and Ubuntu now Yeah, I guess one of the differences between toolbox and destroy box is that toolbox requires custom container images, so it kind of assumes that certain tools and Well, some minor files are in place Unlike a distro box which can use a standard distro containers to build its toolboxes And yes, then for that we have this fedora toolbox image and Which I also help to maintain a little and also in rel. We also have a toolbox Yeah, this is the UBI, but there's also a official rel toolbox container, but then in last year the community kind of Got tired of waiting and so yeah various people also some of the red hat helped to create this new repository for other operating systems So now there are a lot more toolbox containers available for lots of different distros listed here So that's quite a nice development Yeah, so Maybe I can show a bit So this this is actually a VM running on my laptop and Yeah, and So here's a list of Yeah, you can see that there's various toolbox images here like for centos Ubuntu fedora rel And I've got a few so let's try to Enter one Box here at the side here in purple. It's just to show you it's a toolbox container and So yeah, I've actually well for example my host system I don't have a emacs, but I installed emacs over here So I just learned this soft code here too, but Anyway Perhaps I'll move on To in Ubuntu toolbox So yeah, it's yeah, so that's running Ubuntu inside This fedora system So I have access to all my home directory here and as you can see yes I could I could install some graphical application and run it. Let's move on to talk about the distro box. Sorry Graphic, so this is a community project Started in in 2021 and it's all I think it's written. It was a port of of the toolbox shell script So it takes a bit of different approach. Like I said, it doesn't need custom Custom images It supports a quite a wide range of distros probably more than toolbox does There's some we can see this This is the distros that it runs on I think and also You can also see where it's packaged here. I think open source is also using it So it also supports toolbox container. So you can use like this Repository I mentioned earlier of the toolbox containers. There's lots of different distros that are supported. That's quite nice Yeah, and it has another nice features. For example, you can set a different home directory. So if you're worried about interfering with so you Do your home directory files or something then you can create a distro box toolbox which uses different home directory It also has some other good things it has for example dry run option which will show you like the commands that are Like the podman command and so on that are being run There's also support for kind of ephemeral or short short lived toolboxes, so you can just start up an ephemeral toolbox test something and then Go out again and it will just disappear and So yeah, I think toolbox is good for developers and also testers I often use it I'm often want to compare something in one version of the operating system with another version or if I'm debugging something I want to check if something's fixed in a newer your library or things like that Also, it can be used so it's particularly particularly on say OS trees for sort of a system troubleshooting as well where maybe some tools that you want are not available in the system, but you can then put them in a toolbox and So that's really the talk The Projects and my contact details Happy to take any questions you may have Hello, thanks for the presentation Can I saw that you you open? GUI version of Emax, right? UI version of Emax So so my question is can we run any UI any GUI without complex configurations likes in Docker Like can you open browser or anything easily in toolbox? Anything Okay, so no no complex configurations required for that Okay, thank you. Any more questions by the hell of this destroyer boss Okay, and there will be the new image of us There is only one colonel and the process one then any other disorders is with these two boss Okay, I think it's interesting and I have another question is and because we talked about the container OS like always yeah, and the OS is Read only so very deep back you install a deep back container Yeah What kind of tools we will install in this debug to boss and is it suitable to for for the maintenance on the flight of the network you have or just It's just suitable for use for the SI team like this way Just put all the debugging tools in this container. It's okay. I think I Want to hear some Advices from you The Colonel yeah, so that the toolbox depends on the system colonel, so There can be issues with certain issues like with drivers and some like GPUs and things like that so ideally it should have the same Ideally the districts and the colonel should kind of be For the same colonel and also that there's no system D running in the In the containers, so that is a problem like some services may not work into a box, so that's an limitation As for the troubleshooting. Yeah, I haven't done it my love myself. But yeah, for example Even the chorus is moving to use toolbox. They previously had their own kind of simpler toolbox But yeah, I don't know it could be like some debuggers or Network I don't troubleshooting tools or something So these these green Toolboxes are still running actually even in the background and No, I know a thing. I That you can you can also run applications from the host. I mean for the toolbox this using is one command Only I think I forgot is the distro box also allows you to export Desktop files to the host host desktop So you can like see Think I had one example This this GTK demo It's not very exciting, but it's actually running in a So I just want to ask one question So how my understanding is that container you need a process key printing like PID one or something that so that the containers Stays alive looks like on your case. It's staying alive because you know, you can do it so how that is being handled and Is it being recommended? How how can we spawn up multiple processes? Is it recommended to do like, you know, you can spawn up multiple processes like how we can handle Good question. Um, the system is running and the whole system There's also something called con con one, which is kind of a container monitor Which sort of works together with pod man. So It checks that the container is sort of continues to run Yeah, you can run multiple processes in within one container it It feels like just a normal like shell or other desktop Environment so you can have multiple processes running there. Yeah, you can if you want, yeah I mean, I usually have two of us running in the foreground in my shell. So, yeah There's also integration in scone terminal so that if you create a new tab it automatically starts up in a In the same toolbox that you're already running. So thank you. Thanks for your attention