17 October 2014

I was digging through my bookmarks tonight and was reminded of OStree. These types of architectures are gaining in popularity due to containerization technologies such as Docker. If you can have all your applications running in containers why have a full OS below the containers? It has a massive attack surface, patching is a pain, it has way more than you need, and you are wasting disk space. Lennart Poettering wrote a superb blog entry entitled Factory Reset, Stateless Systems, Reproducible Systems & Verifiable Systems where he lays out a ton of use cases for systems similar to OStree.

Are people actually using this stuff? Yep. Fedora has Fedora Atomic / Atomic Cloud Image and Red Hat upstreams it as Project Atomic (aka RHEL Atomic).

It’s simple. It’s secure. It’s lightweight. It makes patching a breeze. It’s the future.