Desktop Linux at Facebook: A Brief History
Facebook as an organization hsa been using Chef to manage our CentOS servers for years. Most employees use macOS or Windows on their laptops, but there's a significant minority of Linux desktop users.
As security requirements evolve, it is increasingly important to have a managed solution for desktop Linux, that allow employees to focus on their work instead of how to make sure their machines can get on the internal network.
Our desktop Linux population has also been evolving over time, and now encompasses not only enthusiasts who use the platform by choice, but also those who need it as part of their job role; this has a significant bearing on the kind of support needed.
We initially chose to standardize on Fedora, as it balances support for newer hardware and being aligned with our server-side tooling, and that works well for the majority of our user base, but we increasingly find problems with this one-size-fits-all approach.
We are thus in the process of branching out, supporting CentOS on select hardware configurations and evaluating the use of application containers to ship internal tooling, to broaden the range of Linux distributions that can be feasibly supported.
One key part of supporting a mostly community-supported operating system is making sure the hardware works, so we'll also discuss our hardware validation workflow and how we work with manufacturers to make sure we minimize the amount of compatibility issues.
We manage our client fleet using Chef, similar to how we manage our server fleet; there are major differences between the two environments, evolving around connectivity, user interactions and fleet diversity, so we will cover how we accomodate these differences while using mostly the same design patterns such as API cookbooks.