roots/wiki
1
0
Fork 0
Code Pull Requests Activity

clean-up

Browse Source 
reorganize the wiki using only two-levels of directories
This commit is contained in:
lukas
2023-05-27 21:34:15 +02:00
parent 6988e58855
commit 676136cb05
59 changed files with 488 additions and 892 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
phyllomeos/commandments.md
View File

@@ -1,30 +0,0 @@
---
title: Commandments
description:
published: true
date: 2022-01-18T10:06:40.710Z
tags:
editor: markdown
dateCreated: 2022-01-18T10:06:40.709Z
---
# Commandments
Phyllome OS tries to stick to three generic rules or commandments, which can be summed up as follows : Phyllome OS should stay out of users way and allow them to run their current operating system well.
* **Stay out of my way**
* Users shouldnt have to spend much time managing Phyllome OS.
* **Run my current operating system**[^1]
* Phyllome OS is designed to be the coziest home for a users favorite operating system36, not a replacement for it. Users should be able to continue to use their preferred operating system.
[^1]: Such compatible guests include Linux, Windows NT and Darwin-based OS.
* **Run it well**
* Most users will only want to run one, or at most a handful of, virtual machines concurrently [^2], just as most users only use one machine at a time. Phyllome OS should attempt to maximize the performance of the virtual machine it hosts, with the goal of matching its physical counterpart.
[^2]: Of course, power-users will be able to run as many systems as their hardware allows.
---
*[**Go to parent page**](/phyllomeos)*

59
phyllomeos/comparaison.md
View File

@@ -1,59 +0,0 @@
---
title: Comparaison
description:
published: true
date: 2022-01-20T11:16:31.940Z
tags:
editor: markdown
dateCreated: 2022-01-07T10:39:15.878Z
---
# Comparaison
Phyllome OS draws inspiration from numerous other projects, including desktop-oriented systems such as [Qubes OS](https://www.qubes-os.org/), [Tails](https://tails.boum.org/), and [Fedora Silverblue](https://silverblue.fedoraproject.org/), as well as others specialized in running container workloads, such as [Fedora CoreOS](https://silverblue.fedoraproject.org/) and [RancherOS](https://rancher.com/).
When it comes to virtualization-friendly, open-source, desktop-oriented operating systems, two projects stand out: Qubes OS and [Spectrum](https://spectrum-os.org/). How do they compare to Phyllome OS?
## Qubes OS
Like Phyllome OS, Qubes OS is based on Fedora but relies on Xen, the other popular open-source hypervisor for Linux.
Xen strongly isolates components of the hardware stack, including the USB and network controllers. By design, it works in parallel rather than alongside Linux, as KVM does. KVMs more tight integration with the Linux Kernel can be considered an advantage or a disadvantage.
Out of security concerns, Qubes OS does not yet support 3D-accelerated virtual machines, even though its parent project Xen does support this functionality. Phyllome OS intends to support 3D acceleration inside virtual machines, even if it means increasing the attack surface.
## Spectrum
Just as with Qubes OS, Spectrums main focus is secure computing. Spectrum uses Nix, a declarative packet manager. It is built atop crosvm and thus doesnt rely on QEMU, largely reducing the attack surface. Through a re-implementation of the virtio-wayland device, which is used in Chrome OS to securely run Linux apps alongside the main OS, Spectrum will eventually allow its guests virtual machines to have a GPU capable of efficiently accelerating 3D applications.
By design, Spectrum won't support operating systems that don't rely on the Wayland protocol.
| | Qubes OS | Spectrum | Phyllome OS 1.0 |
| :- | :-: | :-: | :-: |
| *Emulator* | QEMU[^1] | crosvm | Cloud Hypervisor |
| *Hypervisor* | Xen | KVM | KVM |
| *Virtual chipset* | i440fx? / Q35? | ? | virt |
| *Default filesystem* | Ext4? | Ext4? | F2F2 |
| *Non-Linux guests support* | Yes | No | Yes |
| *Based on* | Fedora | Chromium OS? | Fedora CoreOS |
| *Desktop Environment* | Xfce | Aura? | GNOME Shell/Headless|
| *Package management* | RPM | Nix | RPM-ostree |
| *Rolling release* | No | Yes? | Yes |
| *Live edition* | No | No | Yes |
| *OS as the center of the UX* | Yes | Yes | No |
| *Portability of VMs* | No | No | Yes |
| *Security-focused* | yes | yes | no |
| *Encryption* | [dm-crypt](https://www.kernel.org/doc/html/latest/admin-guide/device-mapper/dm-crypt.html) | [dm-crypt](https://www.kernel.org/doc/html/latest/admin-guide/device-mapper/dm-crypt.html) | [fscrypt](https://www.kernel.org/doc/html/v4.18/filesystems/fscrypt.html) |
[^1]: Since 2017, Xen, upon which Qubes OS relies, is also exploring the possibility to [avoid using QEMU](https://wiki.xenproject.org/wiki/Xen_Project_Software_Overview#Guest_Types) for guests using hardware-assisted virtualization. See the diagram on the “Guest Types” section:“Xen Project Software Official Overview.”.
From a design perspective, Qubes OS and Spectrum are end-to-end operating systems, whereas Phyllome OS is only a wrapper around the users preferred operating system. Thanks to nested-virtualization, it could even be used to host those operating systems, but in this configuration, the attack surface would be significantly increased, and the performance would take a significant hit, especially for nested guests.
In Phyllome OS, the main computing activity will happen inside the users virtual machine. In QubesOS, Dom0 (“domain zero”) is at the center of the users experience.
In summary, despite some shared characteristics, Phyllome OS is not meant to be a replacement for Qubes OS or Spectrum, but could become a test bed for these operating systems.
---
*[**Go to parent page**](/phyllomeos/)*

50
phyllomeos/cons-and-pros.md
View File

@@ -1,50 +0,0 @@
---
title: Limitations and advantages
description:
published: true
date: 2022-01-17T15:33:39.501Z
tags:
editor: markdown
dateCreated: 2022-01-07T10:28:18.542Z
---
# Limitations and advantages
There are multiple reasons one would want to rely on virtual machines extensively, or even exclusively, an approach championed by Phyllome OS. Let's list some significant advantages of this approach, but also cover severe limitations.
### Advantages
A software-based/backed computer, or simply a virtual machine, has many advantages over a silicon-based computer:
* **Cost**: the cost of creating a virtual machine tends to zero. Virtual machines are made of computer code, and it is basically free to copy or to duplicate them.
* **Flexibility**: a software-backed computer, alongside its operating system, can be migrated to new physical hosts. In other words, when a user acquires a new physical computer, the entire computing environment may be copy/pasted to the new machine.
* **Compatibility**: contrary to silicon-based computers, which tend to be optimized to work at most with only a handful operating systems, a virtual machine can be designed to work with most operating systems.
* **Support**: Adding a layer of abstraction between the operating system and the virtualization-friendly hardware allows for support of newer operating systems, beyond what the physical hardware can support. Windows 11 requires a Trusted Platform Module (TPM) to be present. By using a virtual machine alongside a virtual TPM on unsupported hardware, one could still run Windows 11.
* **Flexibility**. Due to their software-based nature, virtual machines are extremely flexible, and can for instance emulate features that their physical host may lack (i.e.: a [TPM](https://en.wikipedia.org/wiki/Trusted_Platform_Module); an extra network card).
### Limitations
Relying on a virtual machine as its primarily personal environment comes with several limitations in comparison to using an operating system installed on the hardware (aka known as bare-metal computing). Some of these limitations will be tackled or greatly mitigate one day, others might not.
* **Performance overhead**. Phyllome OS requires resources to run, resources that will not be accessible to guest operating systems.
* *Running Phyllome OS, headless, without a desktop environment, might help to mitigate this issue at the price of usability.*
* *Further optimizations will be made to reduce the memory footprint of Phyllome OS, such as identifying unnecessary services and stopping them.*
* **Suboptimal guest performance**. In most cases, running a virtual machine instead of using the physical hardware directly will come with a performance penalty.
* *This penalty can be greatly reduced by using some techniques, such as letting the virtual machine access the underlying hardware directly. However, this particular solution is by definition not scalable to multiple virtual machines.*
* **Limited out-of-the box hardware support**: hardware-assisted virtualization is available on many computers, but rarely activated by default and not always correctly implemented. Users remain at the mercy of good platform firmware and may have to explicitly activate hardware-assisted virtualization in the BIOS/UEFI. Hardware components are often not correctly isolated in IOMMU groups.
* Offering first-class support for only a handful of curated computers might provide an answer, at the price of compatibility.
* When it comes to IOMMU groups, a workaround might have to be used for models that do not offer well-isolated IOMMU groups, a workaround that has security implications.
* **Limited features set**. Some operating systems are designed to leverage hardware features that may not be accessible to an operating system installed on a virtual machine, or that would require specific developments to be taken advantage of (i.e: a Bluetooth dongle; a [Near-field communication chip](https://en.wikipedia.org/wiki/Near-field_communication); etc.)
* **Increased general complexity**. Instead of running just an operating system on top of some physical hardware, any Phyllome OS user would need to manage it as well as their primarily guest operating system. As a result, it might be more difficult to troubleshoot an issue, and it will add a pile of code that the user has to trust.
* **Decreased general usability**. Any physical device attached to a computer won't automatically be made to a guest virtual machine. For some users, it might be considered a hindrance. Phyllome OS relies on Linux drivers. Not all hardware fully supports Linux well, which may force users to rely on device or controllers passthrough. Finally, the use of Phyllome OS will certainly greatly reduce a laptop's battery-life over running a single system.
* **Lack of guest systems' integration**. Phyllome OS provides an optimized virtual machine model tuned to host modern operating systems, but, at the exception of some RPM-based guests operating systems including Phyllome OS itself, does not intent to provide automated ways to deploy guest operating systems (at the moment, [Infrastructure as code solutions](https://en.wikipedia.org/wiki/Infrastructure_as_code) or instance initialization software like [cloud-init](https://github.com/canonical/cloud-init) do not seem generic enough to satisfy every modern desktop-based operating systems' idiosyncrasies). In other words, contrary to end-to-end operating systems like [Qubes OS](https://www.qubes-os.org/) or the upcoming [Spectrum](https://spectrum-os.org/), which are offering ready to use templates or/and applications isolated in virtual machines by default, Phyllome OS delegates to end-users the task to install their favorite operating system, while trying to provide the best possible underlying defaults for each operating system. In this regard, its model is closer to [Proxmox](https://www.proxmox.com/en/), which doesn't make assumptions about how a guest operating system will be deployed.
---
***[Go to parent page](/phyllomeos)***

46
phyllomeos/context.md
View File

@@ -69,6 +69,52 @@ Thanks to the rust-vmm umbrella project, assembling such an operating system is
Phyllome OS intends to tap into some modern software- and hardware-related innovations used in the cloud and make them available to a wider audience locally: to bring some of the cloud back home, so to speak.
## Comparaison
Phyllome OS draws inspiration from numerous other projects, including desktop-oriented systems such as [Qubes OS](https://www.qubes-os.org/), [Tails](https://tails.boum.org/), and [Fedora Silverblue](https://silverblue.fedoraproject.org/), as well as others specialized in running container workloads, such as [Fedora CoreOS](https://silverblue.fedoraproject.org/) and [RancherOS](https://rancher.com/).
When it comes to virtualization-friendly, open-source, desktop-oriented operating systems, two projects stand out: Qubes OS and [Spectrum](https://spectrum-os.org/). How do they compare to Phyllome OS?
## Qubes OS
Like Phyllome OS, Qubes OS is based on Fedora but relies on Xen, the other popular open-source hypervisor for Linux.
Xen strongly isolates components of the hardware stack, including the USB and network controllers. By design, it works in parallel rather than alongside Linux, as KVM does. KVMs more tight integration with the Linux Kernel can be considered an advantage or a disadvantage.
Out of security concerns, Qubes OS does not yet support 3D-accelerated virtual machines, even though its parent project Xen does support this functionality. Phyllome OS intends to support 3D acceleration inside virtual machines, even if it means increasing the attack surface.
## Spectrum
Just as with Qubes OS, Spectrums main focus is secure computing. Spectrum uses Nix, a declarative packet manager. It is built atop crosvm and thus doesnt rely on QEMU, largely reducing the attack surface. Through a re-implementation of the virtio-wayland device, which is used in Chrome OS to securely run Linux apps alongside the main OS, Spectrum will eventually allow its guests virtual machines to have a GPU capable of efficiently accelerating 3D applications.
By design, Spectrum won't support operating systems that don't rely on the Wayland protocol.
| | Qubes OS | Spectrum | Phyllome OS 1.0 |
| :- | :-: | :-: | :-: |
| *Emulator* | QEMU[^1] | crosvm | Cloud Hypervisor |
| *Hypervisor* | Xen | KVM | KVM |
| *Virtual chipset* | i440fx? / Q35? | ? | virt |
| *Default filesystem* | Ext4? | Ext4? | F2F2 |
| *Non-Linux guests support* | Yes | No | Yes |
| *Based on* | Fedora | Chromium OS? | Fedora CoreOS |
| *Desktop Environment* | Xfce | Aura? | GNOME Shell/Headless|
| *Package management* | RPM | Nix | RPM-ostree |
| *Rolling release* | No | Yes? | Yes |
| *Live edition* | No | No | Yes |
| *OS as the center of the UX* | Yes | Yes | No |
| *Portability of VMs* | No | No | Yes |
| *Security-focused* | yes | yes | no |
| *Encryption* | [dm-crypt](https://www.kernel.org/doc/html/latest/admin-guide/device-mapper/dm-crypt.html) | [dm-crypt](https://www.kernel.org/doc/html/latest/admin-guide/device-mapper/dm-crypt.html) | [fscrypt](https://www.kernel.org/doc/html/v4.18/filesystems/fscrypt.html) |
[^1]: Since 2017, Xen, upon which Qubes OS relies, is also exploring the possibility to [avoid using QEMU](https://wiki.xenproject.org/wiki/Xen_Project_Software_Overview#Guest_Types) for guests using hardware-assisted virtualization. See the diagram on the “Guest Types” section:“Xen Project Software Official Overview.”.
From a design perspective, Qubes OS and Spectrum are end-to-end operating systems, whereas Phyllome OS is only a wrapper around the users preferred operating system. Thanks to nested-virtualization, it could even be used to host those operating systems, but in this configuration, the attack surface would be significantly increased, and the performance would take a significant hit, especially for nested guests.
In Phyllome OS, the main computing activity will happen inside the users virtual machine. In QubesOS, Dom0 (“domain zero”) is at the center of the users experience.
In summary, despite some shared characteristics, Phyllome OS is not meant to be a replacement for Qubes OS or Spectrum, but could become a test bed for these operating systems.
---
*[**Go back to parent page**](/phyllomeos)*

37
phyllomeos/design.md
View File

@@ -1,37 +0,0 @@
---
title: Design
description:
published: true
date: 2022-01-20T11:16:54.755Z
tags:
editor: markdown
dateCreated: 2022-01-18T10:28:26.221Z
---
# Design decisions
* **Provide a user-friendly interface**
* The first iteration of Phyllome OS will ship with a stripped-down GNOME-based shell, `libvirt` a powerful and almost ubiquitous virtualization API and the virtual machine manager software. Having a full-feature desktop environment will allow users to switch more easily between virtual machines and to fall back to a friendly environment whenever they shut down their virtual machine. A headless version of Phyllome OS will eventually be released.
* **Just enough applications by default, only the necessary software**
* Phyllome OS is meant to be distraction-free, which means that it will only ship with applications required to satisfy its main purpose: run modern virtual machines.
* **Favor generic virtual hardware, use passthrough at a last resort**
* Phyllome OS is about making your personal computing environment less reliant on the hardware you currently use to host it. As a result, it will favor virtual hardware and especially paravirtualized hardware (virtio) over real hardware passthrough. Hardware passthrough is considered an anti-pattern, as it requires users to make sure that the operating system a device is being passthroughed to does actually support the device.
* **Read-only whenever possible**
* Phyllome OS is not made to be heavily modifiable on run-time.
* Two Phyllome OS hosts using the same version should barely differ, allowing a user to easily migrate their virtual machines to compatible hosts.
* **Encrypt virtual disks by default**
* Phyllome OS will rely on fscrypt to encrypt virtual disks at rest.
* **Minimize user generated-data storage**
* Phyllome OS should avoid touching user-generated data or storing it. In general, it is not meant as a place for the user to do computing.
* **Be compatible with proprietary operating systems**
* hyllome OS strongly favors virtual machines running free software and will support running Linux systems natively, with the widest number of features and virtual devices. Alas, on the desktop, the vast majority of users still rely on proprietary operating systems. Phyllome OS will do its best to take into account the needs of those users too, and to offer a good experience with virtualization.
---
*[**Go to parent page**](/phyllomeos/)*

35
phyllomeos/features.md
View File

@@ -1,35 +0,0 @@
---
title: Features
description:
published: true
date: 2022-02-09T19:50:17.396Z
tags:
editor: markdown
dateCreated: 2022-01-18T10:44:15.279Z
---
# Roadmap
Below are the targeted features for the alpha version.
| | Phyllome OS alpha features |
| :- | :-: |
| *Nested-virtualization* | Yes |
| *Paravirtualization* | Full support on Linux guests |
| *IOMMU support* | Yes |
| *Migration* | Cold migration only |
| *Snapshots* | No |
| *Cloning* | Yes |
| *Virtual disks format* | RAW only |
| *PCI Passthrough* | Yes |
| *Sound* | PCI Passthrough |
| *Bluetooth* | PCI Passthrough |
| *USB* | PCI Passthrough |
| *Display modes* | Spice and VNC |
| *UEFI* | Yes |
| *Secure Boot* | Yes |
| *TPM* | Yes |
---
*[**Go to parent page**](/phyllomeos/)*

12
phyllomeos/guests.md
View File

@@ -1,12 +0,0 @@
---
title: Guests support matrix
description:
published: true
date: 2021-11-13T11:55:41.102Z
tags:
editor: markdown
dateCreated: 2021-11-13T11:55:41.102Z
---
> Section under construction. Sources are missing.
{.is-warning}

93
phyllomeos/purpose.md
View File

@@ -36,7 +36,98 @@ The idea behind Phyllome OS is to rely on Linux to provide drivers for specific
Technically speaking, Phyllome OS is an operating system, a free and open source Linux distribution, a Fedora Remix based on Fedora Server designed to leverage hardware-assisted virtualization to run graphically-accelerated UNIX and non-UNIX-based operating systems locally, in a virtual machine, using off-the-shelf hardware and open source software.
## Commandments
Phyllome OS tries to stick to three generic rules or commandments, which can be summed up as follows : Phyllome OS should stay out of users way and allow them to run their current operating system well.
* **Stay out of my way**
* Users shouldnt have to spend much time managing Phyllome OS.
* **Run my current operating system**[^1]
* Phyllome OS is designed to be the coziest home for a users favorite operating system36, not a replacement for it. Users should be able to continue to use their preferred operating system.
[^1]: Such compatible guests include Linux, Windows NT and Darwin-based OS.
* **Run it well**
* Most users will only want to run one, or at most a handful of, virtual machines concurrently [^2], just as most users only use one machine at a time. Phyllome OS should attempt to maximize the performance of the virtual machine it hosts, with the goal of matching its physical counterpart.
[^2]: Of course, power-users will be able to run as many systems as their hardware allows.
# Design decisions
* **Provide a user-friendly interface**
* The first iteration of Phyllome OS will ship with a stripped-down GNOME-based shell, `libvirt` a powerful and almost ubiquitous virtualization API and the virtual machine manager software. Having a full-feature desktop environment will allow users to switch more easily between virtual machines and to fall back to a friendly environment whenever they shut down their virtual machine. A headless version of Phyllome OS will eventually be released.
* **Just enough applications by default, only the necessary software**
* Phyllome OS is meant to be distraction-free, which means that it will only ship with applications required to satisfy its main purpose: run modern virtual machines.
* **Favor generic virtual hardware, use passthrough at a last resort**
* Phyllome OS is about making your personal computing environment less reliant on the hardware you currently use to host it. As a result, it will favor virtual hardware and especially paravirtualized hardware (virtio) over real hardware passthrough. Hardware passthrough is considered an anti-pattern, as it requires users to make sure that the operating system a device is being passthroughed to does actually support the device.
* **Read-only whenever possible**
* Phyllome OS is not made to be heavily modifiable on run-time.
* Two Phyllome OS hosts using the same version should barely differ, allowing a user to easily migrate their virtual machines to compatible hosts.
* **Encrypt virtual disks by default**
* Phyllome OS will rely on fscrypt to encrypt virtual disks at rest.
* **Minimize user generated-data storage**
* Phyllome OS should avoid touching user-generated data or storing it. In general, it is not meant as a place for the user to do computing.
* **Be compatible with proprietary operating systems**
* hyllome OS strongly favors virtual machines running free software and will support running Linux systems natively, with the widest number of features and virtual devices. Alas, on the desktop, the vast majority of users still rely on proprietary operating systems. Phyllome OS will do its best to take into account the needs of those users too, and to offer a good experience with virtualization.
## Limitations and advantages
There are multiple reasons one would want to rely on virtual machines extensively, or even exclusively, an approach championed by Phyllome OS. Let's list some significant advantages of this approach, but also cover severe limitations.
### Advantages
A software-based/backed computer, or simply a virtual machine, has many advantages over a silicon-based computer:
* **Cost**: the cost of creating a virtual machine tends to zero. Virtual machines are made of computer code, and it is basically free to copy or to duplicate them.
* **Flexibility**: a software-backed computer, alongside its operating system, can be migrated to new physical hosts. In other words, when a user acquires a new physical computer, the entire computing environment may be copy/pasted to the new machine.
* **Compatibility**: contrary to silicon-based computers, which tend to be optimized to work at most with only a handful operating systems, a virtual machine can be designed to work with most operating systems.
* **Support**: Adding a layer of abstraction between the operating system and the virtualization-friendly hardware allows for support of newer operating systems, beyond what the physical hardware can support. Windows 11 requires a Trusted Platform Module (TPM) to be present. By using a virtual machine alongside a virtual TPM on unsupported hardware, one could still run Windows 11.
* **Flexibility**. Due to their software-based nature, virtual machines are extremely flexible, and can for instance emulate features that their physical host may lack (i.e.: a [TPM](https://en.wikipedia.org/wiki/Trusted_Platform_Module); an extra network card).
### Limitations
Relying on a virtual machine as its primarily personal environment comes with several limitations in comparison to using an operating system installed on the hardware (aka known as bare-metal computing). Some of these limitations will be tackled or greatly mitigate one day, others might not.
* **Performance overhead**. Phyllome OS requires resources to run, resources that will not be accessible to guest operating systems.
* *Running Phyllome OS, headless, without a desktop environment, might help to mitigate this issue at the price of usability.*
* *Further optimizations will be made to reduce the memory footprint of Phyllome OS, such as identifying unnecessary services and stopping them.*
* **Suboptimal guest performance**. In most cases, running a virtual machine instead of using the physical hardware directly will come with a performance penalty.
* *This penalty can be greatly reduced by using some techniques, such as letting the virtual machine access the underlying hardware directly. However, this particular solution is by definition not scalable to multiple virtual machines.*
* **Limited out-of-the box hardware support**: hardware-assisted virtualization is available on many computers, but rarely activated by default and not always correctly implemented. Users remain at the mercy of good platform firmware and may have to explicitly activate hardware-assisted virtualization in the BIOS/UEFI. Hardware components are often not correctly isolated in IOMMU groups.
* Offering first-class support for only a handful of curated computers might provide an answer, at the price of compatibility.
* When it comes to IOMMU groups, a workaround might have to be used for models that do not offer well-isolated IOMMU groups, a workaround that has security implications.
* **Limited features set**. Some operating systems are designed to leverage hardware features that may not be accessible to an operating system installed on a virtual machine, or that would require specific developments to be taken advantage of (i.e: a Bluetooth dongle; a [Near-field communication chip](https://en.wikipedia.org/wiki/Near-field_communication); etc.)
* **Increased general complexity**. Instead of running just an operating system on top of some physical hardware, any Phyllome OS user would need to manage it as well as their primarily guest operating system. As a result, it might be more difficult to troubleshoot an issue, and it will add a pile of code that the user has to trust.
* **Decreased general usability**. Any physical device attached to a computer won't automatically be made to a guest virtual machine. For some users, it might be considered a hindrance. Phyllome OS relies on Linux drivers. Not all hardware fully supports Linux well, which may force users to rely on device or controllers passthrough. Finally, the use of Phyllome OS will certainly greatly reduce a laptop's battery-life over running a single system.
* **Lack of guest systems' integration**. Phyllome OS provides an optimized virtual machine model tuned to host modern operating systems, but, at the exception of some RPM-based guests operating systems including Phyllome OS itself, does not intent to provide automated ways to deploy guest operating systems (at the moment, [Infrastructure as code solutions](https://en.wikipedia.org/wiki/Infrastructure_as_code) or instance initialization software like [cloud-init](https://github.com/canonical/cloud-init) do not seem generic enough to satisfy every modern desktop-based operating systems' idiosyncrasies). In other words, contrary to end-to-end operating systems like [Qubes OS](https://www.qubes-os.org/) or the upcoming [Spectrum](https://spectrum-os.org/), which are offering ready to use templates or/and applications isolated in virtual machines by default, Phyllome OS delegates to end-users the task to install their favorite operating system, while trying to provide the best possible underlying defaults for each operating system. In this regard, its model is closer to [Proxmox](https://www.proxmox.com/en/), which doesn't make assumptions about how a guest operating system will be deployed.
## Use cases
* **Run multiple guest operating systems concurrently**
* Plug in two screens, two sets of keyboards, and two mice to the same PC and spawn two machines to do graphic intensive tasks such as gaming or 3D modeling. No need to buy another computer, just split the one you already have.
* **Painlessly move to new hardware**
* When virtualized, your operating system is just a file on Phyllome OS' disk. You can move and restore it on another computer, provided that the targeted host runs Phyllome OS.
* **Make your current hardware last longer**
* Most recent versions of modern operating systems require recent hardware to function, and may not work on otherwise perfectly functioning hardware. By providing modern virtual hardware, Phyllome OS allows users to receive operating system updates, despite the fact that their underlying may not officially be supported.
* **Go beyond what your physical hardware is capable of**
* A virtual display in a virtual machine can be set to a resolution that exceeds what the underling physical display is capable of, and such a virtual display may be accessible remotely, over the network.
---
*[**Go to parent page**](https://wiki.phyllo.me/phyllomeos)*
*[**Go to parent page**](https://wiki.phyllo.me/)*

75
phyllomeos/roadmap.md
View File

@@ -8,42 +8,45 @@ editor: markdown
dateCreated: 2021-11-13T11:55:14.298Z
---
> Section under construction. Tables is broken. Would have to fix it.
{.is-warning}
Below are the targeted features for the alpha version.
Take this table as an example:
| | Phyllome OS alpha features |
| :- | :-: |
| *Nested-virtualization* | Yes |
| *Paravirtualization* | Full support on Linux guests |
| *IOMMU support* | Yes |
| *Migration* | Cold migration only |
| *Snapshots* | No |
| *Cloning* | Yes |
| *Virtual disks format* | RAW only |
| *PCI Passthrough* | Yes |
| *Sound* | PCI Passthrough |
| *Bluetooth* | PCI Passthrough |
| *USB* | PCI Passthrough |
| *Display modes* | Spice and VNC |
| *UEFI* | Yes |
| *Secure Boot* | Yes |
| *TPM* | Yes |
| Description | vfio-pci | vfio-mdev | vfio-gpu |
|---|---|---|---|
| *Performance* | Near-native performance and full features set | Near-native performance and full features set | Degraded performance and limited features set |
| *Guests support* | UNIX and non-UNIX guests | UNIX and non-UNIX guests | Works only on selected UNIX guests |
| *Driver* | No special driver in the guest | No special driver in the guest | Requires a special driver in the guest |
| *Number of host GPUs* | Two GPUs in most situations | A single GPU | A single GPU |
| *GPU support* | Mostly GPU agnostic | Recent Intel integrated GPUs and some professional grade Nvidia GPUs | Mostly GPU agnostic |
## Roadmap
# Roadmap
------------------------------------------- ----------------------- ------------------- ---------------------------------------------------- ----------------------------
Fedora 34 Phyllome OS alpha Phyllome OS beta Phyllome OS 1.0
Out-of-the box support for virtualization No Yes Yes Yes
Emulator/virtualizer QEMU QEMU QEMU, Cloud Hypervisor (does CH support vfio-pci?) Cloud Hypervisor
Virtual motherboard support i440fx / Q35 Q35 Q35, virt virt
Firmware OVMF, SeaBIOS OVMF OVMF OVMF
Hypervisor KVM KVM KVM KVM
Based on Itself Fedora Server Fedora Silverblue Fedora Silverblue
Desktop-oriented (GNOME-shell) Possible Yes, GNOME-shell Yes Yes
Package management RPM RPM RPM-ostree RPM-ostree
Rolling release No No Yes Yes
Live-edition No No No Yes
Local first Possible Yes Yes Yes
Default filesystem Btrfs Ext4 Ext4 F2FS
Host encryption Possible No Filesystem-level (fscrypt) Filesystem-level (fscrypt)
GPU support Intel, AMD and Nvidia Intel Intel and AMD Intel AMD and Nvidia
Target release date Released 2021 2022 2022
------------------------------------------- ----------------------- ------------------- ---------------------------------------------------- ----------------------------
| Fedora 34 | Phyllome OS alpha | Phyllome OS beta | Phyllome OS 1.0 |
| :- | :-: | :-: | :-: |
|Out-of-the box support for virtualization | No | Yes | Yes | Yes |
| Emulator/virtualizer | QEMU | QEMU | QEMU, Cloud Hypervisor | Cloud Hypervisor |
| Virtual chipset | i440fx / Q35 | Q35 | Q35, virt | virt |
| Firmware | OVMF, SeaBIOS | OVMF | OVMF | OVMF |
| Hypervisor | KVM | KVM | KVM | KVM |
| Based on | Itself | Fedora Server | Fedora Silverblue | Fedora Silverblue |
| Desktop-oriented | Possible | Yes | Yes | Yes |
| Package management | RPM | RPM | RPM-ostree | RPM-ostree |
| Rolling release | No | No | Yes | Yes |
| Live-edition | No | No | No | Yes |
| Local-first | Possible | Yes | Yes | Yes |
| Default filesystem | Btrfs | Ext4 | Ext4 | F2FS|
| Host encryption | Possible | No | Filesystem-level encryption | Filesystem-level encryption |
| GPU support | Intel, AMD and Nvidia | Intel | Intel and AMD | Intel, AMD and Nvidia |
| Target release date | Released | 2021 | 2022| 2022 |
### Beyond the first production-ready release
@@ -76,4 +79,8 @@ Here are some features that may be added later :
* It would be great to optimize Phyllome OS to work on a recent, more open x86 motherboard that supports both openBMC and
Coreboot[^54].
* **Support beyond the x86 architecture**
* Support for hardware based on ARM and RISC-V architectures would be great.
* Support for hardware based on ARM and RISC-V architectures would be great.
---
*[**Go to parent page**](https://wiki.phyllo.me/)*

6
phyllomeos/sbom.md
View File

@@ -563,4 +563,8 @@ The following list is provided by the following command `dnf list --installed |
* zlib.x86_64
* zram - "zram-generator - Systemd unit generator for zram swap devices"
* zram-generator.x86_64
* zram-generator-defaults.noarch
* zram-generator-defaults.noarch
---
*[**Go to parent page**](https://wiki.phyllo.me/)*

2
phyllomeos/security.md
View File

@@ -43,4 +43,4 @@ Phyllome OS heavily relies on GPU or graphic virtualization, most notably throug
---
*[**Go back to parent page**](/phyllomeos)*
*[**Go to parent page**](https://wiki.phyllo.me/)*

27
phyllomeos/use-cases.md
View File

@@ -1,27 +0,0 @@
---
title: Illustrations or what you may do with Phyllome OS
description:
published: true
date: 2022-01-20T11:16:45.952Z
tags:
editor: markdown
dateCreated: 2021-11-11T19:07:41.722Z
---
# Use cases
* **Run multiple guest operating systems concurrently**
* Plug in two screens, two sets of keyboards, and two mice to the same PC and spawn two machines to do graphic intensive tasks such as gaming or 3D modeling. No need to buy another computer, just split the one you already have.
* **Painlessly move to new hardware**
* When virtualized, your operating system is just a file on Phyllome OS' disk. You can move and restore it on another computer, provided that the targeted host runs Phyllome OS.
* **Make your current hardware last longer**
* Most recent versions of modern operating systems require recent hardware to function, and may not work on otherwise perfectly functioning hardware. By providing modern virtual hardware, Phyllome OS allows users to receive operating system updates, despite the fact that their underlying may not officially be supported.
* **Go beyond what your physical hardware is capable of**
* A virtual display in a virtual machine can be set to a resolution that exceeds what the underling physical display is capable of, and such a virtual display may be accessible remotely, over the network.
---
*[**Go to parent page**](/phyllomeos/)*