Reproducible and Customizable Deployments with GNU Guix
Why "app bundles" get it wrong
“It used to work perfectly, then I upgraded something, and somehow…” Sounds like a déjà vu? Sometimes feel like software deployment is unpredictable? Ever wondered if you can trust your compiler or the integrity of those binary packages you have downloaded? Falling for VM/Docker images to address the shortcomings of “traditional distros”?
This talk introduces GNU Guix, a package manager that implements the functional package management paradigm pioneered by Nix to address these issues.
Guix supports transactional upgrades and rollbacks, as well as support for multiple software profiles. In this talk, I will introduce functional package management and demonstrate Guix on practical use cases. We will show that the approach provides better resource usage and transparency than "app bundles" as popularized by Docker. I will discuss the implications on (bit-)reproducible packages and environments, and how this can lead to verifiable binaries. Lastly, we will see how this extends to whole-system deployments with GuixSD, the Guix System Distribution.