Fedora Classroom: Getting to Know Silverblue


Fedora Silverblue is a variant of Fedora Workstation that is composed and delivered using ostree technology. It uses some of the same RPMs found in Fedora Workstation but delivers them in a way that produces an “immutable host” for the end user. This provides atomic upgrades for end users and allows users to move to a fully containerized environment using traditional containers and flatpaks.


Micah Abbott is a Principal Quality Engineer working for Red Hat. He remembers his first introduction to Linux was during university when someone showed him Red Hat Linux running on a DEC Alpha Workstation. He’s dabbled with various distributions in the following years, but has always had a soft spot for Fedora. Micah has recently been contributing towards the development of Fedora/Red Hat CoreOS and before that Project Atomic. He enjoys engaging with the community to help solve problems that users are facing and has most recently been spending a lot of time involved with the Fedora Silverblue community.

View the classroom here: Fedora YouTube Channel: Getting to Know Silverblue

Feel free to make your questions under this topic.


One question: in the demo, @rageear showed some rpm-ostree status options that I don’t seem to have on my installed Silverblue 29 system. For example, he showed more than two deployments and what would be upgraded at the bottom. How do I get those options?


Hi @znmeb,

Try something like this. sudo ostree pull fedora:fedora/29/x86_64/silverblue --commit-metadata-only --depth=5 you can change the depth to what you want.
On my system fedora: is fedora-workstation. Also there is an open issue for an enhancement that may be what you saw, at this link https://github.com/projectatomic/rpm-ostree/issues/1489.
For myself I used the above command to find previous ostree commits I had and was able to go back to basically previous install’s. The caveat being your home dir and flatpaks don’t go back to that state.


I like my flatpaks and everything useful in my home directory either lives on GitHub or is sycned via SpiderOak. :wink:


I was referring mostly about the fuller information display @miabbott had on his other host in the classroom for Silverblue, which was what I thought you meant above. When I was trying to repeat an issue I had encountered with Silverblue, I had to go back to a specific time and redeploy a commit I had for rpm-ostree, and there wasn’t an available command to go past the rollback point using rpm-ostree, so I was directed by @dustymabe to the above noted issue for rpm-ostree. I would hazard a guess that @rageear is using the future version of the rpm-ostree command status. To get the type of info he was displaying currently I think I would be using ostree. The pinning option is interesting too.

I too like my flatpaks, and generally speaking the pet container doesn’t get much use. I find the more I use Silverblue, the less I miss the old workstation


The only thing that’s keeping me from migrating my laptop to Silverblue from Arch is not having the proprietary NVidia drivers. Everything else I use now has workarounds.

That said, I don’t see podman replacing Docker just yet. The networking interface in podman lags docker network by too many features, and rootless containers don’t even publish ports yet.


Have you checked into the extensions that are available for nvidia on flathub? I’m not certain what they are for but they have nvidia in the name. There is a whole bunch of them listed when you do a remote-ls of the flathub flatpak repo with the --runtime option.


They won’t work without the proprietary drivers - the standard nouveau open-source driver black-screens on the NVidia GPU I have (1050Ti).


IME for rootless containers, --net host is basically close enough. Specific port publishing is most useful for cases where you’re running containers in production, which I’d hope you’re not doing on your personal system… :eyes:


Most of the containers I run are web apps or databases which expose single specific ports. PostgreSQL is 5432, RStudio Server is 8787, etc. If I have PostgreSQL on my host I either have to change its port or map the container’s 5432 to another port, like 5439.


For the “extended” information that I demo’ed during the classroom, you can use rpm-ostree status -a.

That prints out the AvailableUpdate section which lists the CVEs that have been fixed in the update.

In the case of more than two deployments, I had listed four deployments (as shown in order):

  • upgraded deployment, ready to be booted into
  • currently booted deployment
  • previous deployment
  • pinned deployment to F28

You can pin a deployment with the ostree admin pin command.