OpenSUSE MicroOS Desktop: a Flatpak-based immutable distribution

Immutable Linux distributions are on the rise recently, with multiple popular distributions creating their own immutable versions; it could be one of the trends of 2023, as predicted. While many of these immutable distributions are focused on server use, there are also some that offer a desktop experience. OpenSUSE MicroOS Desktop is one of them, with a minimal openSUSE Tumbleweed as the base operating system and applications running as Flatpaks or in containers. In its daily use, it feels a lot like a normal openSUSE desktop. Its biggest benefit is availability of the newest software releases without sacrificing system stability.

Linux users who want to keep up with the latest software generally choose a rolling-release distribution, such as Tumbleweed, Arch Linux, or Gentoo Linux. However, this approach might introduce the risk of incompatibility between software versions or result in an unstable system. On the other hand, stable or Long-Term Support (LTS) distributions cater to the needs of users who prioritize stability over cutting-edge software.

Of course, many users want the best of both worlds: the latest software versions on a stable base operating system. There are solutions that generally bypass the distribution's native package-management system. Flatpak, Snap, and AppImage are the leading technologies for this purpose. Applications are packaged together with their dependencies, thus preventing interference with each other or the underlying distribution. With this approach, users are able to run updated software without encountering dependency woes or compromising system stability.

MicroOS on the desktop

Taking this concept to its extreme results in a small "immutable" core operating system, with as much software as possible contained in isolated packages. The operating system then has a single purpose, such as operating as a container host or providing a minimal desktop environment. All additional software is expected to be containerized or sandboxed. This approach can be implemented on both server and desktop operating systems. For desktops, there's Fedora Silverblue (with GNOME) and Fedora Kinoite (with KDE Plasma), the Ubuntu-based (soon Debian-based) Vanilla OS, Debian-based Endless OS, and openSUSE MicroOS Desktop.

Traditional desktop distributions offer a base operating system, desktop environment, and applications. In contrast, openSUSE MicroOS Desktop is a single-purpose operating system, offering the base operating system and desktop environment. The installer of the MicroOS ISO image is the same as with openSUSE's normal desktop version, but the difference lies in the system roles that the user is able to choose.

For desktop use, there are two system roles: one with GNOME, designated as a release candidate, and another with KDE Plasma, designated as alpha (see the image below). Both install MicroOS Desktop with automatic updates and rollback functionality, and they include the Podman container engine by default. The installer creates a Btrfs root filesystem for the operating system, desktop, and other tools, and this filesystem is mounted read-only after boot.

Running an immutable desktop

The first startup of MicroOS Desktop requires the typical new-installation configuration, such as selecting the language, choosing the time zone, and setting up online accounts for GNOME. What's different is that it is followed by the automatic installation of applications such as Firefox, a calculator, and a text editor. The result is a minimal, bare desktop environment.

All desktop applications in MicroOS Desktop are installed as Flatpaks in the user's directory and automatically get updated. In the GNOME version this is done using GNOME Software, which is normally used to install applications using the operating system's package manager. However, in MicroOS Desktop it's configured to only install Flatpaks from Flathub and to put them in ~/.local/share/flatpak. So installing packages using GNOME Software doesn't touch the underlying operating system. In the same way, the KDE Plasma version of MicroOS Desktop installs applications as Flatpaks using Discover.

In its everyday use, MicroOS Desktop looks much like a normal openSUSE desktop system. The base OS and desktop are actually built on the same RPM packages as openSUSE Tumbleweed, so that shouldn't be surprising. To install and manage GNOME Shell extensions, the Extension Manager is included. However, MicroOS comes with only basic configuration tools by default, such as GNOME Settings and GNOME Tweaks.

System updates are done automatically every day. This is implemented as a systemd timer unit that runs the transactional-update command, which is a wrapper script around the package manager zypper. It creates a new Btrfs snapshot of the root filesystem and then performs an update of this system. If installation of the updates was successful, the script marks the new snapshot as the default snapshot for the next boot of the system. On errors, the snapshot is discarded and the previous one remains as the default.

A reboot activates the new snapshot; if the system detects a problem during the reboot, it automatically rolls back to the previous default snapshot. Users can also manually rollback with the transactional-update rollback command. The whole process of transactional updates is explained in openSUSE's documentation.

Escaping from Flatpakland

The number of available Flatpaks is still limited compared to what's in the traditional distribution repositories. Currently, counting the entries in a flatpak remote-ls command on MicroOS Desktop shows a bit more than 3,600 Flatpaks on Flathub. So there invariably comes a time when the user needs some software that isn't available as a Flatpak. But MicroOS Desktop has a solution for this too: it comes with Distrobox in the default installation. Distrobox uses Podman to create containers that are tightly integrated with the host, sharing the user's home directory, external storage, USB devices, and graphical applications.

So if the user can't find specific software as a Flatpak, a simple distrobox-enter command in the terminal creates (or enters, if the container is already created) a container running Tumbleweed. In this container, all RPM packages available in openSUSE's repositories can be installed using the zypper command. Currently, these are more than 75,000 packages available. See the image below, which shows a Distrobox container running Tumbleweed and querying the number of available packages, alongside GNOME Software running on the host and displaying Flatpaks available from Flathub.

Distrobox is also able to export an application from the container to the host. This creates a .desktop file so that the application appears in GNOME's Activities. If the user clicks on the icon, this starts the Distrobox container in the background and opens the application's window on the desktop of the host. The application just appears as a normal desktop application of the host. Command-line applications can be exported too, for example to the user's ~/bin directory. If the user starts this script, it runs the application in the container. The other way works too: distrobox-host-exec lets the user execute a command on the host from the container.

A last resort, for software that isn't feasible to install even with Distrobox, is to install RPM packages on the host using the transactional-update command, which installs the software after making a snapshot; a reboot is then needed to make the new snapshot active so that the new software can be used. But this is only recommended for drivers, kernel modules, virtual private network (VPN) clients, and other low-level packages that have to integrate tightly with the operating system, because every extra package in the host incurs extra risk of instability. The MicroOS Desktop wiki has some tips for using transactional-update.

Newest developments

OpenSUSE MicroOS is related to the Adaptable Linux Platform (ALP), which is the minimal, immutable operating system poised to become SUSE's next-generation enterprise Linux distribution. OpenSUSE users have been encouraged to try MicroOS Desktop to see how working with an immutable desktop fits into their workflows and to provide feedback to the ALP project.

SUSE is known for its powerful configuration tool, YaST, which is able to handle all types of system administration tasks. Long-time openSUSE users will miss it for configuration in the MicroOS Desktop, although it is used to install the distribution. The YaST blog notes that some parts of YaST need to be adapted to better handle the administration of transactional systems such as MicroOS. But, then again, a minimal system probably shouldn't need too much administration.

Full-disk encryption is currently not supported in MicroOS Desktop. Users are able to customize their partitions in the installer, but this can result in a broken configuration. On Reddit, Richard Brown, MicroOS release engineer and MicroOS Desktop's main developer, said that full-disk encryption can be expected when MicroOS Desktop stops using YaST for its installation. It should be noted that Brown is moving into a different role as a Distributions Architect at SUSE in April.

MicroOS also lacks a firewall. According to Brown, this is by design, because they cause problems with container runtimes. He also says that it would have no real benefit, "as you should be running your workloads in containers and port mapping/opening/redirection is a core part of configuring a container". Users can still install firewalld, but it won't be installed by default "as long as it doesn’t play well with container tools".

Brown is also working on a solution for developers who want to have a fully customizable desktop environment based on an immutable operating system. His Project Greybeard will be based on MicroOS Desktop using the Wayland compositor and the tiling window manager Sway. It's not an official openSUSE project (yet), and Brown considers it to be an example project for developers who want to build custom derivatives of openSUSE MicroOS or MicroOS Desktop.

Conclusion

For users who like to tinker, openSUSE MicroOS Desktop can't completely replace the normal openSUSE desktop, since options to configure the desktop are quite limited. However, in the right circumstances, openSUSE's immutable desktop is quite usable. It might be the ideal operating system for someone who is used to the way mobile operating systems work. On a Chromebook, iOS, or Android, the operating system itself isn't customizable either. Users only upgrade their operating system with image-based system upgrades, and they install isolated apps. OpenSUSE MicroOS Desktop offers the same approach for a Linux desktop.