The What, Why and Wow! Behind the CoreOS Container Linux
By. Steven J. Vaughan-Nichols
Latest Linux distro automatically updates kernel software and gives full configuration control across clusters.
The usual debate over server Linux distributions begins with:
So, you may be asking yourself: “Why should I bother, when there are so many other solid Linux distros?” Well, I’ll let Greg Kroah-Hartman, the kernel maintainer for the Linux-stable branch and CoreOS advisor, start the conversation:
(CoreOS) handles distro updates (based on the ChromeOS code) combined with Docker and potentially checkpoint/restore, (which) means that you might be able to update the distro under your application without stopping/starting the process/container. I’ve seen it happen in testing, and it’s scary [good].”
And that assessment came when CoreOS was in alpha. Back then, CoreOS was being developed in — believe it or not — a Silicon Valley garage. While CoreOS is no Apple or HPE, it’s grown considerably in the last four years.
When I checked in on them at 2017’s CoreOS Fest in San Francisco, CoreOS had support from Google Cloud, IBM, Amazon Web Services, and Microsoft. The project itself now has over a thousand contributors. They think they’re on to something good, and I agree.
Why? Because, CoreOS is a lightweight Linux designed from the get-go for running containers. It started as a Docker platform, but over time CoreOS has taken its own path to containers. It now supports both its own take on containers, rkt (pronounced rocket), and Docker.
Unlike most Linux distributions, CoreOS doesn’t have a package manager. Instead it takes a page from Google’s ChromeOS and automates software updates to ensure better security and reliability of machines and containers running on clusters. Both operating system updates and security patches are regularly pushed to CoreOS Container Linux machines without sysadmin intervention.
You control how often patches are pushed using CoreUpdate, with its web-based interface. This enables you to control when your machines update, and how quickly an update is rolled out across your cluster.
Specifically, CoreOS does this with the the distributed configuration service etcd. This is an open-source, distributed key value store based on YAML. Etcd provides shared configuration and service discovery for Container Linux clusters.
This service runs on each machine in a cluster. When one server goes down, say to update, it handles the leader election so that the overall Linux system and containerized applications keep running as each server is updated.
To handle cluster management, CoreOS used to use fleet. This ties together systemd and etcd into a distributed init system. While fleet is still around, CoreOS has joined etcd with Kubernetes container orchestration to form an even more powerful management tool.
CoreOS also enables you to declaratively customize other operating system specifications, such as network configuration, user accounts, and systemd units, with cloud-config.
Put it all together and you have a Linux that’s constantly self-updating to the latest patches while giving you full control over its configuration from individual systems to thousand of container instances. Or, as CoreOS puts it, “You’ll never have to run Chef on every machine in order to change a single config value ever again.”
Let’s say you want to expand your DevOps control even further. CoreOS helps you there, too, by making it easy to deploy Kubernetes.
So, what does all this mean? CoreOS is built from the ground-up to make it easy to deploy, manage and run containers. Yes, other Linux distributions, such as the Red Hat family with Project Atomic, also enable you to do this, but for these distributions, it’s an add-on. CoreOS was designed from day one for containers.
If you foresee using containers in your business — and you’d better because Docker and containers are fast becoming The Way to develop and run business applications — then you must consider CoreOS Container Linux, no matter whether you’re running on bare-metal, virtual machines, or the cloud.
Please feel free to share below any comments or insights about your experience with or questions about CoreOS. And if you found this blog useful, please consider sharing it through social media.
About the blogger: Steven J. Vaughan-Nichols is a veteran IT journalist whose estimable work can be found on a host of channels, including ZDNet.com, PC Magazine, InfoWorld, ComputerWorld, Linux Today and eWEEK. Steven’s IT expertise comes without parallel — he has even been a Jeopardy! clue. And while his views and cloud situations are solely his and don’t necessarily reflect those of Linode, we are grateful for his contributions. He can be followed on Twitter (@sjvn).