from Hacker News

There are only 12 binaries in Talos Linux

by JustinGarrison on 3/4/24, 6:52 PM with 70 comments

by rwiggins on 3/4/24, 8:40 PM
Super cool. I always enjoy reading about systems that challenge, well, "ossified" assumptions. An OS not providing a shell, for example? Madness! ... or is it genius, if the OS has a specific purpose...? It's thought-provoking, if nothing else.
I'm a bit skeptical of parts. For instance, the "init" binary being less than 400 lines of golang - wow! And sure, main.go [1] is less than 400 lines and very readable. Then you squint at the list of imported packages, or look to the left at the directory list and realize main.go isn't nearly the entire init binary.
That `talosctl list` invocation [2] didn't escape my notice either. Sure, the base OS may have only a handful of binaries - how many of those traditional utilities have been stuffed into the API server? Not that I disagree with the approach! I think every company eventually replaces direct shell access with a daemon like this. It's just that "binary footprint" can get a bit funny if you have a really sophisticated API server sitting somewhere.
[1]: https://github.com/siderolabs/talos/blob/main/internal/app/m...
[2]: https://www.talos.dev/v1.6/reference/cli/#talosctl-list
by Jumziey on 3/4/24, 8:08 PM
SystemD bashing aside :p Talos is pretty awesome for setting up clusters. At home I just run talos with matchbox for PXE bootstrapping it works like a charm. Been really easy to maintain too. I normally just update matchbox and then reset a machine at a time with talos ctl for a clean install. It's something very reassuring with completely reset your machines so you know you could reinstall or replace them easily.
Granted just used in a home setting running smaller workloads for backups, private projects, git etc.
by cperciva on 3/4/24, 8:15 PM
The /sbin/init binary is hard linked to /sbin/dashboard, /sbin/poweroff, /sbin/shutdown, and /sbin/wrapperd. While this technically is 5 files, it’s a single file hard linked 4 times to provide convenience commands.
Err, that's definitely 1 file with 5 directory entries, not 5 files.
by abound on 3/4/24, 8:13 PM
Big fan of Talos, have used it in some homelab + cloud clusters over the years, currently powers all my self-hosting. The `talosctl` command is great, and any time you need to do node-level debugging, there's always something like node-shell [1].
[1] https://github.com/kvaps/kubectl-node-shell
by miki123211 on 3/4/24, 9:21 PM
I wonder how a really slimmed down distro like Alpine would compare here, particularly in terms of image size.
It offers most of the standard Linux utilities we know and love, but most of them are actually just symlinks to Busybox, which is ~900K on my (ARM64) system. That's less than a hello world in Go, for a program that can replace most common Linux utilities in daily usage.
by E39M5S62 on 3/4/24, 8:13 PM
It's disingenuous to say that /sbin/init (machined/main.go) is less than 400 lines of code. Sure, that file is. What about all of the in-tree modules that are being imported? A super lazy summing of Go lines in the master branch of the repo:
$ find . -name *.go | xargs wc -l | tail -1
```
  354085 total
```
Heck, there are almost 100k lines under internal/app!
$ find internal/app -name *.go | xargs wc -l | tail -1
```
  96885 total
```
I'm curious what argument you are making here with regards to the number of lines in a single file.
by cedws on 3/4/24, 7:54 PM
>As opposed to systemd which is over 3000 lines of C code I’ll never comprehend.
Well, technically true, but systemd is a whole lot more than 3000 lines...
I can see another binary in the demo video called apid, does that one not count?
Any comparison with Bottlerocket OS?
by 0xbadcafebee on 3/4/24, 8:46 PM
20 years ago, I used to make custom Linux distros for fun. Floppy distros, CDROM distros, RAM-resident distros, network-boot distros. In a few of them, I custom-made my own binary that was both the init system, and a few applications, stripped it down, and shipped just that as the distro (basically just a few files and my static binary).
A lot of people downloaded them, and it was great fun - to start. Problem is when you want to do more things. You have to start finding workarounds to bolt-on additional tools, or maybe you just throw one or two extra tools in there by default. Over time you find more and more missing things or incompatibilities with other systems, which make it harder to cover more use cases. And finally you realize that "the tiniest system" is a lot more effort than it's worth, and what you really want is "a slim yet compatible system". The system you end up with is a lot fatter, but a lot less headache.
(The security benefits of fewer files are overblown, too. If you audit and harden the system, it doesn't matter how many binaries you have, because the attack vectors they use will be mitigated)
by xcdzvyn on 3/5/24, 1:47 AM
I see Talos only supports XFS, what potential reasons could they have to prefer XFS to competitors?
I've always struggled to compare filesystems fairly. My justification for ext4 is just that everybody else uses it :)
by suralind on 3/4/24, 11:18 PM
Big fan of Talos, I use it on Hetzner and it's a joy!
by wmf on 3/4/24, 8:10 PM
Where is networking configured? I assume the system has to have an IP address before containerd can fetch images.