I'm working on my transition plan away from Windows and testing out various things in VMs as I do so, and one big hurdle is making sure the VPN client my work requires can connect. Bazzite is my target distro (primarily gaming, work less frequently), though other more traditionally structured ones like Pop!_OS and Garuda are possibilities.
I'm currently trying and failing to get the VPN client working in a distrobox (throws an error during connection saying PPP isn't installed or supported by the kernel). However, I can successfully get the VPN connected if I overlay the client and its dependencies via rpm-ostree install, but I read somewhere that Bazzite's philosophy is to use rpm-ostree as sparingly as possible for installing software to preserve as much containerization as possible.
Since I can get it working outside of a container, am I overthinking it? Should I just accept that this might be one of the "sparing" cases? Is Bazzite perhaps a poor fit for my use case? I've been trying to make sense of this guide, but I'm having trouble understanding how to apply it to my situation, since I'm not that familiar with Docker or Podman.
Atomic systems or rpm-ostree is an interesting concept and may well be the future of distributing linux, but it has a lot of compromises. It may not be the first place to start when leaving windows.
The problem is all the apps and things you may wish to do with your OS. Flatpak is the preferred method of installing apps as it doesn't interfere with the OS, but that is a compromise that means more overhead for running apps including memory and disk space, and less integration with the host OS than traditional apps.
You can overlay native apps but the more you overlay onto the immutable os, the more complex upgrading gets and the risks of breaking stuff.
I'm not sure I would be starting with an immutable OS when switching away from windows. While it has a lot of theoretical benefits, its a work in progress and with significant compromises at the moment. Your VPN may just be the first of many programmes you find you need to overlay.
I personally would look at a more traditional install, get it working how you like and if you find Linux works as a permanent home then think about how you might recreate that with an immutable OS base. If your needs a re very simple then maybe it'll be easy, but if you're using lots of software and tools (particularly if its not available Flatpak) or custom OS config you may find atomic desktops are not yet quite ready for you.
It could be frustrating and off putting if you try linux immutable, find loads of problems and attribute that to linux when its actually the immutable OS that's the cause.
I currently run Bazzite full time on an HTPC laptop, but I don't use that for work purposes at all. It's been great, and I would be a little sad if I couldn't fit Bazzite into my use case.
But I'm fully aware that my frustrations are atomic problems, and I've had no issues installing the software I need on non-atomic distros. The reason I'm so smitten by atomic distros is the fact that there's theoretically no down time. I've had distros break in the past due to some squirrely install or update, and I've never once had that issue on Bazzite.
I just recently learned that openSUSE users also have a lot of stability due to btrfs snapshots, so maybe that's really the feature I'm looking for. I don't know much about it, honestly.
As someone who switched from Windows to Kinoite about 6 months ago (and now using bluebuild to create custom images), wether to use an atomic distro or not comes down to how much time do you want to spend learning everything.
I’m a very technical person with years of experience, and I’m still figuring a lot out. You’r not only learning about the ins and outs of linux, but now your adding more complexity with an atomic distro, and even more if you decided to create your own image.
Atomic distros are very much a work in progress and they do have issues you won’t find in non-atomic distros. Creating your image allows you to get around some issues you may run into that layering alone can’t do.
Also, keep in mind that version upgrades (which happen every 6 months or so on Fedora based atomic distros like Bazzite), can and do sometimes break apps baked into your image until they are updated (which also happens in non-atomic distros). Flatpaks can help avoid this breakage.
There are other distros that are gaming focused if atomic distros are not for you.
Atomic distros are very much a work in progress and they do have issues you won’t find in non-atomic distros.
And this is kind of how I'm starting to look at it, after reading all of these comments. There definitely feels like there's a disconnect between services like Podman and atomic ideology born out of the fact that they were created with different goals in mind. If the two can be married a bit better, the learning curve can be flattened (and I think that's a distinct future possibility, since Podman and Fedora Atomics have Red Hat backing).
Regarding breaks, being able to rollback is very handy, and I've used it many times when I was running Bazzite on my Steam Deck. Regressions happen, and I've experienced problematic regressions on non-atomic distros where my only option was to reinstall. This will be my daily driver that needs near full uptime, so whatever I pick, it's gotta be solid without entirely sacrificing relative newness (i.e. not Debian).
Either way, there's more to consider than I initially thought, and I appreciate your input.
But I’m fully aware that my frustrations are atomic problems
Are these frustrations solved by layering with rpm-ostree? If so, just go with it. I've always layered over a dozen or so packages and it has worked out fine; it's defaulted to automatic upgrades in the background, so you don't feel much of it anyways.
I just recently learned that openSUSE users also have a lot of stability due to btrfs snapshots, so maybe that’s really the feature I’m looking for. I don’t know much about it, honestly.
I love openSUSE and what they do with Btrfs snapshots and Snapper.
However, in terms of 'robustness' and 'stability', I don't think anything currently out there can hold up to Fedora Atomic, Guix System and NixOS. This is just by design; the leap from traditional to atomic, then reproducible and finally declarative ensures that issues related to hidden/unknown state, accumulation of cruft, bitrot, configuration drift are left behind in the past. If Btrfs snapshots + Snapper would have been sufficient, then openSUSE themselves would never have desired the creation of openSUSE MicroOS (i.e. their attempt at an 'immutable' distro) in the first place.
If Btrfs snapshots + Snapper would have been sufficient, then openSUSE themselves would never have desired the creation of openSUSE MicroOS (i.e. their attempt at an 'immutable' distro) in the first place.
An excellent point.
But to your earlier one, I can get the VPN client working outside of a container. There's even an RPM file from the vendor, so installing it is just as easy as installing any other package.
But to your earlier one, I can get the VPN client working outside of a container. There’s even an RPM file from the vendor, so installing it is just as easy as installing any other package.
I just recently learned that openSUSE users also have a lot of stability due to btrfs snapshots, so maybe that's really the feature I'm looking for. I don't know much about it, honestly.
I'm been daily driving openSUSE Tumbleweed for almost a year and from my end there are no problems with it. In fact, no problem that can be pinned to the particular distro.
I ran into an audio issue with my Bluetooth Headset in Kernel 6.9 3, with sound profiles not appearing. However, this has now been fixed since 2 kernel updates, (eg.it was a bug in the kernel)
The snapshot feature is awesome and always worked without a hitch when I have been tinkering with stuff I dont know how it works.
It has my recommendation. Good for gaming as its a rolling release with all the new stuff to boot.
That's good to know, especially the gaming part. I have tried it in the past, only briefly, and I remember enjoying the experience (older laptop, so gaming was out of the question). I'll have to throw an ISO on my thumb drive to give it another try!
We're appreciative of your considerations and reservations. However, some of your views seem unnuanced at best or plain biased at worst.
The problem is all the apps and things you may wish to do with your OS.
I'm aware that the rest of the comment goes over this. But, I hope the mention of "all" here is merely an oversight.
Flatpak is the preferred method of installing apps as it doesn't interfere with the OS, but that is a compromise that means more overhead for running apps including memory and disk space
While that's technically true, a (relatively) modern device wouldn't even care. I don't recall OP mention their hardware specifications; but if they're perfectly capable of running VMs, then I don't see why they would be bothered by this (almost) unnoticeable amount of overhead.
its a work in progress
Sure..., but we're not talking about alpha, beta or even RC software. Like, I'm not sure if you're aware, but you make it sound as if it's very new and/or immature. Fedora Atomic has been in the works for over 10 years. It first released their Fedora Atomic Host (currently known as Fedora CoreOS) in 2014 and later released Fedora Atomic Workstation (currently known as Fedora Silverblue) in 2018. Heck, Fedora has already put so much trust in their Atomic branch that they intend for 2028 that immutable variants are the majority of Fedora Linux in use.
By contrast, what is it that you base this statement of? That it receives very active development that most other distros would be jealous of? That it rapidly implements all kinds of new features that you're having difficulty keeping track of?
and with significant compromises at the moment.
This is a big claim. But I haven't seen enough in your comment to substantiate this. Your two best claims are:
Flatpak is the preferred method of installing apps as it doesn't interfere with the OS, but that is a compromise that means more overhead for running apps including memory and disk space, and less integration with the host OS than traditional apps.
Which is a problem of Flatpak on all platforms. The very same Flatpak that was recommended by people associated with Steam/Valve for Ubuntu. Furthermore, if OP creates their own image, then this isn't even an issue; they can practically bake whatever they want into their image. There are also multiple tools to get this going. I achieved it in a weekend (as a noob) last year, so it ain't hard. Finally, 'over-reliance' on Flatpak is not even a thing on Guix System and NixOS.
You can overlay native apps but the more you overlay onto the immutable os, the more complex upgrading gets and the risks of breaking stuff.
This is not an issue with your own image. If the image itself is busted, then it doesn't come out of the pipeline. Hence, the busted image would not have been delivered to your device in the first place. And, again, layering isn't a thing on Guix System and NixOS. Hence, this problem doesn't exist for them.
Your VPN may just be the first of many programmes you find you need to overlay.
Do you (for some reason) imply that layering is necessarily a bad thing?
If your needs a re very simple then maybe it'll be easy, but if you're using lots of software and tools (particularly if its not available Flatpak) or custom OS config you may find atomic desktops are not yet quite ready for you.
I have yet to receive substantive evidence from you to support this view of yours. I hope you'll deliver...
It could be frustrating and off putting if you try linux immutable, find loads of problems and attribute that to linux when its actually the immutable OS that's the cause.
I could change the word "immutable" in the above sentence to "traditional" and it would have been an equally nonsensical statement.