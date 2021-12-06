3 Immutable Operating Systems: Bottlerocket, Flatcar and Talos Linux
For those that don’t know, immutable operating systems have been increasing in popularity recently. An immutable operating system is one in which some, or all, of the operating system file systems, are read-only, and cannot be changed.
Immutable operating systems have a lot of advantages. They are inherently more secure, because many attacks and exploits depend on writing or changing files. Also, even if an exploit is found, bad actors cannot change the operating system on disk (which in itself will thwart attacks that depend on writing to the filesystem), so a reboot will clear any memory-resident malware and recover back to a non-exploited state.
Immutable systems are also easier to manage and update: the operating system images are not patched or updated but replaced atomically (in one operation that is guaranteed to fully complete or fully fail — no partial upgrades!)
Immutable systems also can claim to be more stable than traditional operating systems, simply by virtue of eliminating many of the vectors that introduce instability into a system — most of which are human. No sysadmins can “just change this one setting to fix things” — with unforeseen impacts that aren’t found until hours later. (I’ve been that sysadmin.) No partially complete terraform or puppet runs that leave systems in odd states…
On the workstation side, there are approaches to immutable OSes such as rpm-ostree. This attempts to create immutability and image-based deployments in the operating system, but layers a flexible file system architecture on top, so that packages can still be managed and updated by RPM.
On the server side, there is a spectrum of immutability amongst container-specific operating systems. All support image-based OS updates, and no package manager at all. Some operating systems such as Flatcar Linux make /usr read-only, but allow common runtime modifications such as dynamically loading kernel modules, and overriding systemd configurations.
Ten years ago this week (more or less), the Open Source Robotics Foundation announced that it was spinning out of Willow Garage as a more permanent home for the Robot Operating System. We covered this news at the time (which makes yours truly feel not quite so young anymore), but it wasn't entirely clear just what would happen to OSRF long term. Obviously, things have gone well over the last decade, not just for OSRF, but also for Gazebo, ROS, and the ROS community as a whole. OSRF is now officially Open Robotics, but that hasn't stopped all sane people from continuing to call it OSRF anyway, because five syllables is just ridiculous. Meanwhile, ROS has been successful enough that it's getting increasingly difficult to find alliterative turtle names to mark new releases. To celebrate this milestone, we asked some of the original OSRF folks some awkward questions, including what it is about ROS or ROS users that scares them the most.
