Project News

Problems Are Just Opportunities in Disguise

As a father who’s ushered one child through their teen years, and with two more in the teens now, I know about problems. Problems with the WiFi not working, or the shoes that are two months old and now two sizes too small. Those are the easy ones, the harder ones come in with sleepovers with their significant others, the broken down car after curfew or the death of a classmate. In my at-work life, I was explaining to my scrum master that I’d not been picking off any cards off our board in the past sprint because I’d spent all my time working on issues. He remarked that as a software engineer we’re not so much coders as we’re problem solvers. I guess I can’t escape problems either at work or at home.

Recently one of the folks that talks about Buildah, Podman, and other related container technologies at conferences sent me an email about a problem he was having with a demo script he was hoping to show.

Read More »

Building Kernel Modules with Podman

Building Kernel Modules on Atomic with Podman

The goal of this post is to explain how to build and load a kernel module inside a container using Podman.

Building and using third party kernel modules on Atomic is a challenging task. There are a handful of methods for supporting kernel modules on a Linux system such as kmods, akmods, DKMS, and manually building them by hand. Digging into all of the technical hurdles Atomic faces with each method is a very large topic and a bit out of scope for this blog post, so we will focus on DKMS for the time being.

Using DKMS on Atomic does not work as expected. This means using popular third party kernel modules such as NVidia drivers, VirtualBox, and WireGuard via their supported install methods will not work as a result, but I will explain how we can work around these limitations in this blog post.

Read More »

User namespaces support in Podman

We recently added support for user namespaces to Podman. This has some major benefits for security and added flexibility when running containers. It allows processes to have privileges inside of the container, but no privileges if they escape the container.

Read More »

Pinning Deployments in OSTree Based Systems


RPM-OSTree/OSTree conveniently allows you to rollback if you upgrade and don’t like the upgraded software. This is done by keeping around the old deployment; the old software you booted in to. After a single upgrade you’ll have a booted deployement and the rollback deployment. On the next upgrade the current rollback deployment will be discarded and the current booted deployment will become the new rollback deployment.

Typically these two deployments are all that is kept around. However, recently a new pinning feature was added that allows the user to pin a deployment to make sure it doesn’t get garbage collected.

Read More »

Welcome to Red Hat CoreOS

Welcome to Red Hat CoreOS

When Red Hat acquired CoreOS, you asked what will become of Project Atomic or Container Linux. Today at Red Hat Summit, we’re sharing more details around the acquisition. Customers and community users will benefit from the plans around Tectonic and OpenShift, Container Linux and Atomic Host, as well as Quay.

Our other popular community projects such as Buildah, Cockpit, and Skopeo continue as usual. Fedora Atomic Workstation already announced that it is now a Fedora initiative with the codename Team Silverblue, continuing to improve an image-based Fedora Workstation as well as potentially adding GUI tools for pet containers. If you happen to be at Red Hat Summit, check out the Atomic BoF session where you can ask questions and tell us which features you would like to see in the future. Read more about our shared vision for the future at the CoreOS blog.

View article »