KRDucky 1 Posted February 17, 2018 Share Posted February 17, 2018 Would anyone be so kind as to show/write how to setup an Emby server using Fedora Atomic? I am fixing to upgrade my system to the new AMD Ryzen 5 2400G and plan to transition Fedora Atomic. Fedora Atomic includes the os-tree system along with live updates which is a nice touch. --From Fedora: "Atomic Host from Project Atomic is a lightweight, immutable platform, designed with the sole purpose of running containerized applications." https://getfedora.org/en/atomic/ I want to run my application stack in containers. All pulling from my library data pool. (LVM2 array) My stack is usually, Emby - Sonarr - Sabnzbdplus - Cockpit - Organizr - SFTP server As the AMD Zen architecture has a good memory cryptography solution that seems to eliminate the vulnerability to VMs and containers running on an AMD platform, I figured it would be a good idea to containerize my server's services. Does anyone have a walkthrough or guide for how to accomplish this on Fedora Atomic? Link to comment Share on other sites More sharing options...
Luke 37019 Posted February 17, 2018 Share Posted February 17, 2018 Hi, so I'm guessing our regular Fedora install won't suffice? Link to comment Share on other sites More sharing options...
KRDucky 1 Posted February 17, 2018 Author Share Posted February 17, 2018 Hi, so I'm guessing our regular Fedora install won't suffice? i dont think so. Plus, I think the regular install is for Fedora 25. While we are on 27 and 28 is due shortly. Fedora Atomic is "the Next Generation Container OS". So similar to Docker I guess. Using Atomic, I can administer and control the entire server with Cockpit. I can do the same using Docker containers through Cockpit but Atomic containers are more tightly integrated. Just to clarify, the Atomic container is built using a Docker container. So you start with a Docker container and build an Atomic container from it. - https://github.com/projectatomic/buildah An example of how using an Atomic container is potentially better than a straight Docker container: https://github.com/projectatomic/bubblewrap Many container runtime tools like systemd-nspawn, docker, etc. focus on providing infrastructure for system administrators and orchestration tools (e.g. Kubernetes) to run containers. These tools are not suitable to give to unprivileged users, because it is trivial to turn such access into to a fully privileged root shell on the host. Bubblewrap works by creating a new, completely empty, mount namespace where the root is on a tmpfs that is invisible from the host, and will be automatically cleaned up when the last process exits. Link to comment Share on other sites More sharing options...
KRDucky 1 Posted February 17, 2018 Author Share Posted February 17, 2018 Fedora Atomic: It's literally a tree representation of the bootable OS, similar to how a git repository is a merkle tree of source code. The ostree rolls forward as the operating system is updated, so when I push out the daily Fedora updates, a new ostree is generated with those stable updates applied. But for users of Atomic Host, Instead of installing a bunch RPM packages, one does a "pull" and all the updates are applied in one transaction. Again, similar to a git fetch/pull. The ostree can also roll backwards, say for example something breaks, it's trivial to go back to know-good state. Fedora Atomic is the immutable image version of Fedora. It works best for running Kubernetes and Docker cause all other software is run in containers. It is distributed as images that can run in VMs. The immutable image means updates are applied by updating the whole image. There is even a workstation version aka desktop version instead of server. All the software that runs on it is containerized and distributed as flatpaks. Link to comment Share on other sites More sharing options...
Luke 37019 Posted February 17, 2018 Share Posted February 17, 2018 So would our Docker install be an option? Link to comment Share on other sites More sharing options...
KRDucky 1 Posted February 17, 2018 Author Share Posted February 17, 2018 theoretically yes. And if I can figure out the method, Ill post a guide. But im kinda hoping someone else has already tried it. Link to comment Share on other sites More sharing options...
Luke 37019 Posted February 17, 2018 Share Posted February 17, 2018 @@fc7 may know. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now