Flatcar Linux 101

A Hands-Free Server OS

Brian "bex" Exelbierd 🌐 www.bexelbie.com ✉️ [email protected] @[email protected]

--- # What is Flatcar Linux? A container-optimized Linux distribution - Made for running containers - focused on doing this and only this well - Orchestrated: Kubernetes worker nodes, other orchestration systems - Unorchestrated: Docker Compose, Podman, standalone containers - Think of the OS itself as being treated like a container image --- # Flatcar is a CNCF Project  CoreOS → Kinvolk → Microsoft → CNCF --- # Functionality, not Features General-purpose Linux | Flatcar :--|:-- Choose your shell, desktop, language stack | We choose for you Manage updates: backports vs. new repos vs. waiting | Whole OS updates atomically Think about *features*: this version, this package | Think about *functionality*: does it work? You build the system you want | We deliver a light switch Components may shift under your feet | Contract: runtime stays the same --- # Provisioned, not Installed | Install | Provision | |:--|:--| | Make choices during setup | Declare what you need up front | | Interactive process | One declarative configuration | | Each machine slightly different | Every machine identical | Same idea as containers: you don't bake config into the image — you write config and apply it at launch. --- # Immutable by Design - First boot: provisioned from config. After that: the base OS doesn't change. - `/usr` is read-only and dm-verity protected - No individual package updates — the entire OS updates as one unit - Same config + same base OS = identical machine every time --- # Demo: Provisioning a Server --- # A/B Updates ``` ┌──────────────┐ ┌──────────────┐ │ Partition A │ │ Partition B │ │ (running) │ │ (staging) │ └──────────────┘ └──────────────┘ ↕ reboot ↕ ``` - Verified image staged to inactive partition - Reboot activates the new OS - Rollback = reboot to old partition - No intermediate states — it works or it rolls back --- # Channels ``` Alpha → Beta → Stable (+ LTS) ``` - **Alpha**: Fully tested, may have incomplete features. For developers. - **Beta**: Production-ready. Run as canaries alongside stable. - **Stable**: Widespread production. Promoted from beta. - **LTS**: Long-term support track for environments that need slower change. --- # Demo: systemd-sysext --- # Flatcar Runs Everywhere | Environment | Options | |:--|:--| | **Cloud** | Azure, AWS, GCP, and many more | | **Virtualization** | VMware, VirtualBox, libvirt, QEMU | | **Bare metal** | PXE / iPXE | Also: Terraform, Go bindings, Cluster API --- # Try It Today — Get Involved | Community | Try It Locally | |:--|:--| | **flatcar.org** — website & docs | 1. Download the QEMU image from flatcar.org | | **Chat**: Matrix · CNCF Slack | 2. Write a Butane YAML config | | **GitHub Discussions** | 3. Transpile: `butane config.bu > config.ign` | | **Office Hours**: every 2nd Tue, 15:30 UTC | 4. Boot: `./flatcar_production_qemu.sh -i config.ign` | | **DevSync**: every 4th Tue, 15:30 UTC | | | **Bug Smash**: last Fri of the month | ~5 minutes to a running system | --- # Thank You **Visit Flatcar** → flatcar.org

Brian "bex" Exelbierd 🌐 www.bexelbie.com ✉️ [email protected] @[email protected]

---