Brian

Upstream Linux. Open source politics. Tools for oddly specific frustrations.

What I'm reading

Cover of Atomic Habits

Cover of Meditations for Mortals

Submitted to KCD Czech & Slovak 2026 in Prague, Czech Republic on 21-22 May 2026

Abstract

You have a hundred Kubernetes nodes. Can you prove their filesystems match what you shipped?

Kubernetes solves orchestration, not OS integrity. Nodes replace from the same image - but it runs a mutable filesystem. Debug sessions leave files. Daemonsets write to the host. Two nodes report identical versions while filesystems diverge. The orchestrator can’t check.

Most drift defenses detect changes after the fact. Detecting drift isn’t making it structurally impossible. “Shift Down” security pushes integrity into the platform - the node OS is where that starts.

Flatcar Container Linux (CNCF Incubating) treats the node OS like containers: immutable, declarative, atomically updated. /usr is dm-verity protected - cryptographically verified at boot. systemd-sysext extends the base without breaking immutability.

I’ll show how Flatcar provisions identical nodes from Ignition, updates atomically with rollback, and gives platform teams a node they can reason about.