Copyediting and URL updates #17
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -7,14 +7,15 @@ layout: home | |
|
|
||
| Over the last decade, [OCI containers](https://specs.opencontainers.org/image-spec/) have become a de facto way to deploy a complete functioning Linux user space as an application. | ||
| A large set of practices and tooling have evolved around them. | ||
| Bootable containers are a modern opinionated way of deploying, configuring and managing image based Linux systems. | ||
|
|
||
| Our goals are: | ||
|
|
||
| 1. Use standard container practices and tooling, such as the [OCI standard](https://specs.opencontainers.org/image-spec/), layering, container registries, [signing](https://docs.sigstore.dev/signing/signing_with_containers/), testing, and GitOps workflows to build Linux systems. | ||
|
|
||
| 1. Container images describe the operating system behavior as a prebuilt predefined unit, rather than defined as a set of fine grained packages during deployment. | ||
| There is a strong bias toward having the full system definition committed to version control, including a list of components, application files, and system configuration. | ||
| This bias leads to a composable operating system that can be iterated upon quickly. | ||
|
|
||
| 1. The system updates atomically. | ||
| It is robust to power outages or software failures during updates. | ||
|
|
@@ -24,7 +25,7 @@ The system either uses the contents of the old system, or the new image; Never s | |
| Updates can be delayed or scheduled. | ||
| This default behavior can be adapted or controlled by a larger management system. | ||
|
|
||
| 1. If an update does not function correctly it is possible to roll back to the container image previously functioning before the update, or to any previously bootable version in the registry. | ||
|
There was a problem hiding this comment. @castrojo Is this really a roll back though? @cgwalters Can we roll back to another version in the registry, or only what's on the system? There was a problem hiding this comment. We're doing this in practice with our images but now that you bring it up I'm not sure how officially supported that is. The use case is usually when people don't have a pinned snapshot or didn't realize they had a regression on something. The it's useful to be able to grab a remote older version to try to pin down where the regression happened. There was a problem hiding this comment.
|
||
|
|
||
| 1. State (including per-machine configuration) is preserved across updates. | ||
| State is written to specific writable directories on the system, by default these are /etc and /var. | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for doing this!
It's a challenge since I think the usage of "immutable" is widespread in the industry still years later. My high level thoughts is that it's a word that is only useful at a very introductory level but once you get past the surface it can be more misleading than helpful.
So 👍 to dropping it here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sure, although I am not sure there is another word that is helpful.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Atomic / Image-based Linux systems #17 (comment)