Brian Exelbierd
Brian “bex” Exelbierd is happiest debating the finer points of international taxation over a good coffee. An American expat in Brno, Czech Republic, he balances life as a Linux strategist, home automation tinkerer, and dad. By day he shapes how Microsoft Azure participates in upstream Linux. He spent the previous decade doing similar work at Red Hat. When not reading too much long-form journalism, he writes glue code to connect things that were never meant to be connected.
Microsoft
Principal Product Manager
Session
systemd-sysext is a standard mechanism for overlaying /usr on any systemd-based OS. The spec and tooling exists, but what happens when you push it past "hello world" into production software - GPU drivers, Kubernetes, container runtimes?
Flatcar Container Linux has been shipping all of these as sysext images since 2022. Docker and containerd don't exist as binaries in the base OS - they're sysext images. Kubernetes can upgrade independently of the OS via sysext + sysupdate.
This talk covers what broke, what we fixed, and what we contributed upstream to systemd. You'll see the two hardest engineering problems - dynamic linking collisions and library path isolation - and the open source tools (Flix and Flatwrap) that solve them. We'll discuss when sysext is the right tool and when rpm-ostree is better.
Whether you work on FCOS, Flatcar, or any other systemd-based distro, sysext is already in your systemd. This talk tells you what to expect when you use it for real.