Fedora's Boltron preview

By Jake Edge
August 30, 2017

In many ways, distributions shackle their users to particular versions of tools, libraries, and frameworks. Distributions do not do that to be cruel, of course, but to try to ensure a consistent and well-functioning experience across all of the software they ship. But users have often chafed at these restrictions, especially for the fast-moving environments surrounding various web frameworks and their dependencies. Fedora has been making an effort to make it easier for a single system to support these kinds of environments with its Modularity initiative. In late July, Fedora announced a preview release of the server side of the Modularity equation, Boltron, which is a version of the distribution that supports the initiative.

In order to be able to support multiple versions of various packages, those packages need to be created and made available to Fedora installations. That's where Boltron comes in. First, the packages need to be decoupled from a Fedora release, which is how they are delivered today. This was done by adjusting the existing tools rather than starting over. The Modularity working group did so to try to reduce the effects of the changes:

The Working Group also took on the requirement to impact the Fedora Infrastructure, user base, and packager community as little as possible. The group also wanted to increase quality and reliability of the Fedora distribution, and drastically increase the automation, and therefore speed, of delivery.

As a result, the group didn't treat this as a greenfield experiment that would take years to harden and trust. Instead, they kept the warts and wrinkles with the toolset, and implemented tools and procedures that slightly adjusted the existing systems to provide something new. Largely, the resultant package set can be thought of as virtualized, separate repositories. In other words, the client tooling (dnf) treats the traditional flat repo as if it was a set of repos that are only enabled when you want that version of the component.

This was done by modifying the existing tooling to support arbitrary branching within the package database so the service level (SL) and end of life (EOL) dates can be separated from a specific Fedora release. More information about arbitrary branching—how it would work and why it is needed—can be found in the focus document.

That document uses the example of the Django web framework and the Python Requests module. The packages in the database would no longer only have branches for each release (e.g. Fedora 25, EPEL 7), but would also have branches corresponding to the upstream release versions. That way, a Django module could have multiple versions that depended on particular versions of its dependencies. So, for example, Django module 1.9 could depend on Requests 2.12, while Django module 1.10 could depend on the master branch for Requests (or, perhaps, 2.13 if following the upstream master is deemed too risky).

There is another side to Modularity, though. There needs to be a way to allow incompatible modules to coexist on a single system. There are a number of ways to support that, each with its own set of tradeoffs. Instead of coming up with yet another solution, the working group is focused on supporting existing mechanisms, such as Flatpak and containers of various sorts (Open Container Initiative (OCI) containers and System containers).

As the announcement notes, the Boltron preview is "somewhere between a Spin and a preview for the future of Fedora Server Edition". There is a wealth of information on the Modularity page for those interested in trying it out or simply for curiosity's sake. Boltron is shipped as a container image that can be downloaded from the Fedora Docker registry as described in the "getting started" guide. There is also a guided walkthrough that serves both as an guide to using Boltron and as a way for the working group to collect feedback on the changes.

A module is simply a collection of related packages that work together to provide some task or service. That could be a web server and a selected group of modules or add-ons, a particular version of a web framework and its dependencies, or a particular language version with any needed runtime components. Multiple versions of those modules can be created, each with its own stability level and lifetime. Each of those versions is handled as a different "stream" of the module.

In Boltron, an updated version of the now familiar dnf command is used to manage modules. For example:

    # dnf install httpd
    # dnf install @httpd
    # dnf module install httpd

The first of these would install the httpd module, if one exists, or fall back to installing the httpd package. The latter two are requesting the httpd module only (the middle reuses the existing "group" syntax for dnf). Individual streams can be chosen for installation by appending the stream name (e.g. httpd-2.4). When a dnf update is done, updates are only taken from the appropriate stream. There are ways to install different profiles of modules (for a database server versus client, say) or to simply install certain packages from a module. Eventually, packages will only come from modules, so a module must be enabled before individual packages can be installed from it.

As the "preview" term would imply, there's not much more to Boltron at this point. There are some 25 modules that have the same stream as that of the regular packages for Fedora 26. So far, the only module with multiple streams is for Node.js, with version 8 being available in the nodejs-8 stream. The intent is that more modules and streams will be added so that Fedora 27 servers can be composed by picking and choosing modules and streams to fit their intended use cases. Containers would presumably be used to manage multiple conflicting modules. There is, clearly, plenty more to be worked on.

The Modularity effort is a bold rethinking of how Fedora is built, used, and managed, as we have noted in some previous articles along the way. For a year or more, Modularity has largely just been an idea and a few, somewhat confusing diagrams, at least from the perspective of Fedora users. We are finally starting to see some of the behind-the-scenes efforts bear fruit. It will be interesting to watch and see where it all leads.

Fedora's Boltron preview

Posted Aug 30, 2017 20:42 UTC (Wed) by cyperpunks (subscriber, #39406) [Link] (7 responses)

I am really confused now, at least for the very fast moving distro Fedora this seems like a way support legacy versions of a project. I don't have that need, I want to move forward, not backwards.

For RHEL this makes sense, since they are stuck on outdated legacy versions even before first GA.
By now more or less everything in RHEL6 is hopeless outdated: MySQL 5.1, GCC 4.4, etc etc.

Can someone explain the benefit for Fedora users?

Fedora's Boltron preview

Posted Aug 30, 2017 21:56 UTC (Wed) by khim (subscriber, #9252) [Link] (4 responses)

I don't have that need, I want to move forward, not backwards.

And you couldn't.

Can someone explain the benefit for Fedora users?

Let's use Django as an example.

Planned release dates:
Fedora 27 - 2017-10-31
Fedora 28 - 2018-05-08

Django 2.0 release - December 2017
Django 2.0 end of mainstream support - August 2017

As you could see Django 2.0 clearly misses Fedora 27 and is released about 1.5 months after it. Then you moan and complain for about 5 months because you couldn't use released and stable version of Django - and in Fedora 28 it's only supported for about four months before it's declared obsolete and you are supposed to switch to Django 2.1

Which means that with our "very fast moving distro" half of the time you would be forced to use old, obsolete package in the "extended support" state (basically: only security bugfixes) and half of them time you would enjoy supported package. If Fedora release wouldn't slip (they don't ever slip, right?), that is. Otherwise situation would be even worse.

Fedora's Boltron preview

Posted Aug 30, 2017 23:11 UTC (Wed) by jhoblitt (subscriber, #77733) [Link] (2 responses)

EOL'd before its even released!

Fedora's Boltron preview

Posted Aug 30, 2017 23:26 UTC (Wed) by rahulsundaram (subscriber, #21946) [Link]

This is not true. Every release is maintained according to the policy at

https://fedoraproject.org/wiki/Fedora_Release_Life_Cycle#...

Fedora's Boltron preview

Posted Aug 30, 2017 23:57 UTC (Wed) by anselm (subscriber, #2796) [Link]

That's a typo – Django 2.0 is supposed to be supported until August 2018, not 2017. This is “mainstream support”, which according to the Django team means they will deal with “security fixes, data loss bugs, crashing bugs, major functionality bugs in newly-introduced features, and regressions from older versions of Django”. Django 2.0 is scheduled to be on “extended support”, i.e., security fixes and fixes for data loss bugs, until April 2019.

Having said that, Django 1.11, which is the current version, will enjoy extended support until at least April 2020 because it is an “LTS”, or “long-term support” release. The next planned LTS release is Django 2.2, which according to the current roadmap will be out in April 2019. It would make reasonable sense today to base a new web project on Django 1.11, because that gives you two and a half years of fixes and a year of overlap between this LTS release and the next one. You will also want to use Python 3 from the get-go, since one significant difference between Django 1.x and Django 2.x is that Django 2.x will no longer support Python 2.

Fedora's Boltron preview

Posted Aug 30, 2017 23:47 UTC (Wed) by Conan_Kudo (subscriber, #103240) [Link]

> Which means that with our "very fast moving distro" half of the time you would be forced to use old, obsolete package in the "extended support" state (basically: only security bugfixes) and half of them time you would enjoy supported package. If Fedora release wouldn't slip (they don't ever slip, right?), that is. Otherwise situation would be even worse.

Your example is invalid. Django 2.0 will release in December 2017 and mainstream support will end in August 2018. All support ends April 2019. That fits perfectly fine within any Fedora support window. Django 1.11 ends mainstream support in December 2017, but all support ends in April 2020 (the end date for Python 2, incidentally).

You could probably come up with something that would demonstrate your point, but the thing is, as a Fedora user and contributor, as well as an independent software developer, modules do not make my life easier. Instead, they make it harder. The problems that "modules" attempt to solve are not problems for a distribution like Fedora. They are problems for a distribution like Red Hat Enterprise Linux.

At this stage, I seriously hope we do not throw all of our eggs into the modularity basket, because it's clearly not in a sane state.

Fedora's Boltron preview

Posted Aug 31, 2017 9:42 UTC (Thu) by NAR (subscriber, #1313) [Link]

Maybe they want users who do not want the latest from everything? Heaven forbid, might want to use different versions of the same software?

Fedora's Boltron preview

Posted Aug 31, 2017 12:26 UTC (Thu) by mattdm (subscriber, #18) [Link]

Often, users of even a fast-moving distro want to develop against whatever is latest, and then feel secure in the knowledge that what they just did will keep working. With modularity, we hope to have offerings where can keep the parts likely to impact _whatever_ your thing is moving slowly, and still have the benefit of the rest moving quickly. _Or_, you can choose a slower moving base OS and add Fedora modules on top to track the leading edge — like a super-powered EPEL.

Fedora's Boltron preview

Posted Sep 4, 2017 13:05 UTC (Mon) by Cato (guest, #7643) [Link]

Sounds useful for developers and anyone else who needs some rapidly updated packages.

However, maybe this ship has sailed - lots of development teams are using Docker these days for similar reasons. Docker, Flatpak, etc also have the advantage of not being coupled to a particular distribution.