What workflows do developers using Silverblue use?

development

#1

I have to say, I absolutely love Silverblue! However, I’m still kind of trying to figure out how exactly to develop projects.

For instance, let’s take JavaScript. Normally, if you’re avoiding modifying your system installations, you’d probably use the n Node version manager.

Given that Silverblue is focused on container-based workflows, I figured I should use Buildah, so I created a Node container named node. However:

 ryan@fedora  ~  buildah run -v /:/host node ls /host/home
/bin/ls: cannot access /host/home: Permission denied
ERRO[0000] exit status 2                                
 ✘ ryan@fedora  ~  

I figure this probably has something to do with namespacing or SELinux. That being said, I don’t feel like I’m approaching this correctly…

I know there’s also atomic run, but I’m having a bit of trouble trying to find any advantages over buildah run.

Of course, I could always just use the traditional systemless style of using a separate version manager.

All this leads me to ask: how do other developers here who have to work with similar projects approach things?


#2

buildah run

I personally use sudo podman run. Also note that -v /:/host is not recommended. Rather, you can mount e.g. /srv:/srv to share things (see https://bugzilla.redhat.com/show_bug.cgi?id=1493267).

As for workflows… it’s a bit messy right now with everyone doing it their own way. E.g. I just use a single fat container for all my development. (Well, one for Fedora and another for CentOS). I have a little script to make that easier. (I type pet and it enters the container named pet, creating it first if it doesn’t already exist).

But you could also have multiple containers – one for each dev environment. I suspect this will get easier as more people gain experience and more opinionated projects pop up.


#3

Ah, so podman is for using containers and buildah is for building them…that makes a lot more sense! Thanks!


#4

I’m not on Silverblue yet but I’m planning to migrate my workstation from Arch Linux to Silverblue as soon as the Sliverblue 29 beta is released. My typical workflow involves Docker containers and Docker Compose plus a lot of native data science apps. The plan is to migrate as much as possible to pet container web apps, so I have a consistent user interface and can deploy to the cloud.


#5

I am mostly developing python either small scripts or websites, but I think I would do the same for others (like go, rust, etc).

I do take 2 terminals, set them side by side. 1 side if for editing (vim), the other is for running. For the 2nd, I simply start a container, with:

podman run -v $PWD:/srv --rm -ti fedora:28 bash

And then do all the pip install as root and dnf installation needed for my needs. And when I am finished, I can commit, and exit the container who is erased thanks to --rm.

While that’s annoying to configure again everything, starting from 0 permit to make sure that I have a incentive to automate and properly record what I need.


#6

There’s also podman build which basically uses buildah under the covers (I think?)


#7

And there is also buildah run and atomic. I couldn’t find a clear guide that explains when to use podman or buildah or atomic.


#8

Maybe we need to add atomic buildah and atomic podman :stuck_out_tongue:


#9

I spent a good portion of the day searching for current documentation on buildah and podman. It’s out there, but it’s scattered on places like the Project Atomic blog and opensource.com. It absolutely needs to be collected under the Silverblue and Fedora CoreOS documentation sites, but I don’t know that much new writing needs to be done - it’s mostly editing at this point IMHO.

This YouTube is a good place to start: Using buildah + podman + skopeo in a container workflow - YouTube

P.S.: I realized this afternoon I still have my ancient Asus laptop. So I loaded Silverblue 28 on it and am in the process of porting my workflows. So far, the only really annoying absent packages are git and docker-compose.


#10

Git is already installed on silverblue, no ?


#11

git isn’t, git-core is. So, basic things work, but e.g. git add -i doesn’t.


#12

So we do inherit that from Fedora Atomic:

https://pagure.io/workstation-ostree-config/blob/master/f/fedora-common-ostree.json#_13

I guess that since the reason for using git-core are likely to avoid dependencies, and that’s dependencies we already have anyway, it would be IMHO worthwhile to add git by default.


#13

Yes. It was discussed on irc recently :slight_smile:


#14

So after playing around for a bit, I created my own container manager on top of podman: bluecap. The idea is that you can use polkit to have some containers that you trust runnable without root access, as well as all containers being throwaways, automatic bind mounts + persistence, and such.

Now I can get around to actually developing my other projects. :wink:

.