Fedora's elections are now open until Wednesday, 7th January!
I'm applying for a seat at FESCo [1] as I want to represent the interests of users, developers and maintainers of what we call Atomic, Bootable Container, Image Based or Immutable variants of Fedora (CoreOS, Atomic Desktops, IoT, bootc, etc.).
You can find my full interview at https://communityblog.fedoraproject.org/f43-fesco-elections-siosm/
And vote at https://elections.fedoraproject.org/
The recording of my third talk with Pragyan and Vitaly at All Systems Go! about UKI, composefs and remote attestation for Bootable Containers is now available: https://app.media.ccc.de/v/all-systems-go-2025-362-uki-composefs-and-remote-attestation-for-bootable-containers
#ASG2025 #AllSystemsGo #AllSystemsGo2025 #UKI #composefs #bootc #BootableContainers #RemoteAttestation
With Bootable Containers (bootc), we can place the operating system files inside a standard OCI container. This lets users modify the con...
The recording of my second talk at All Systems Go! about how we moved Fedora CoreOS to Bootable Containers is now available: https://app.media.ccc.de/v/all-systems-go-2025-375-leveraging-bootable-oci-images-in-fedora-coreos-and-rhel-coreos
While I'm the one doing the talk, all the credit goes to Jonathan Lebon who did most of the work mentioned there.
#ASG2025 #AllSystemsGo #AllSystemsGo2025 #Fedora #CoreOS #bootc #BootableContainers
In last year's ASG!, bootc and bootable containers were introduced. In this talk, we'll go over what changed since last year, and how Fed...
We are bringing UKI and strong boot integrity guarantees with composefs to Bootable Containers. We demonstrated our latest progress on that front at DevConf.cz 2025: https://pretalx.devconf.info/devconf-cz-2025/talk/739KGC/
Using composefs and fs-verity, we can link a UKI to a complete read only filesystem tree, guarenteeing that every byte of every file is verified on load. This is done, similar to Git, using only hashes. This means that the signature on the UKI effectively signs the whole tree. With composefs, file content is split from the metadata which enables de-duplication at the file level. We can thus host any number of OS images on a single filesystem and there is no need to reserve space on the system in advance for each image. This frees us from fixed size disk image formats such as dm-verity which is used in a lot of image based systems. We illustrate this architecture by building an OS image using an OCI container via the familiar Containerfile syntax, then pushing it to a container registry and finally deploying it on a system. We will also explain how this will be integrated with the Bootable Containers project (bootc).
Sean tells us about bootable containers and asks for our opinions on how he plans to use them with Kubernetes.
You can thank `bootc`, `/usr/lib/bootc/kargs.d/`, and @fiftydinar for your new ability to include kargs in your native container image.
Just make sure to update with `bootc` instead of `rpm-ostree`.
Check it out!
https://blue-build.org/reference/modules/kargs/
#BlueBuild #FedoraAtomic #Containers #OCI #Fedora #imagebased #bootc #BootableContainers
Having spent a couple of decades in the Linux world, I have always had an interest in Linux desktop environments and how they are themed. I would often come across a post on /r/unixporn that inspired me to try to customize the look and feel of my desktop environment. So I would install Xfce, LXQt or Sway and try to recreate components that I like from other users or create my own. I would end up installing different kinds of panels, plugins, docks and launchers as well as random themes, fonts and sounds.
With Allison, I presented at FOSDEM how we can combine UKI, composefs and containers to build a fully signed boot chain. The slides and the recording are now available: https://fosdem.org/2025/schedule/event/fosdem-2025-5191--signed-sealed-and-delivered-with-ukis-and-composefs/
This is how we are planning to bring boot chain integrity to Bootable Containers.
This is a follow up on the initial work that we presented last year at @allsystemsgo: https://cfp.all-systems-go.io/all-systems-go-2024/talk/HVEZQQ/
#BootableContainers #bootc #Fedora #CoreOS #AtomicDesktpos #FedoraCoreOS #FOSDEM #FOSDEM2025
There's a big new update to the BlueBuild CLI, with some real nice DX upgrades. Thanks @gmpinder 💙
Make sure to read our release blog for a full list of features; and breaking changes!
https://blue-build.org/blog/v090-features-changes/
#BlueBuild #FedoraAtomic #Containers #OCI #UniversalBlue #Fedora #ImageBased #BootableContainers #Linux #OpenSource #CloudNative #uBlue
Bootable Containers are the future of Fedora Atomic Desktops and we presented that at @allsystemsgo.
Introduction by @cgwalters and Ben: https://media.ccc.de/v/all-systems-go-2024-266-bootc-generating-an-ecosystem-around-bootable-oci-containers
Then take a look at how we could use sysext's to improve the local layering story with @tormath1: https://media.ccc.de/v/all-systems-go-2024-313-waiter-an-os-please-with-some-sysext-sprinkled-on-top
And then finally dive into Trusted Boot with UKI and composefs with @jbtrystram: https://media.ccc.de/v/all-systems-go-2024-309-the-road-to-a-trusted-and-measured-boot-chain-in-bootable-containers
#Fedora #AtomicDesktops #FedoraAtomic #BootableContainers #ASG2024 #AllSystemGo #AllSystemsGo2024
Timothée Ravier
The Late Night Linux Family
BlueBuild
N-gated Hacker News
