Jump to content

Container Linux

From Wikipedia, the free encyclopedia
(Redirected fromContainer Linux by CoreOS)

"CoreOS" redirects here. For its successor, Fedora CoreOS, seeFedora Linux.
Container Linux
Container Linux logo
DeveloperCoreOS team,Red Hat
OS familyLinux(based onGentoo Linux)
Working stateDiscontinued[1]
Source modelOpen source
Initial releaseOctober 3, 2013;10 years ago(2013-10-03)[2]
Latest release2512.3.0[3]/ May 22, 2020;4 years ago(2020-05-22)
Latest preview2513.2.0[4](Beta) / May 22, 2020;4 years ago(2020-05-22)
2514.1.0[5](Alpha) / May 22, 2020;4 years ago(2020-05-22)
Marketing targetServersandclusters
Platformsx86-64[6]
KerneltypeMonolithic(Linux kernel)
LicenseApache License 2.0[7][8]
Succeeded byFedora CoreOS
RHEL CoreOS
Official websitecoreos.com[9]

Container Linux(formerlyCoreOS Linux) is a discontinuedopen-sourcelightweightoperating systembased on theLinux kerneland designed for providing infrastructure forclustereddeployments. One of its focuses wasscalability.As an operating system, Container Linux provided only the minimal functionality required for deploying applications insidesoftware containers,together with built-in mechanisms forservice discoveryand configuration sharing.[10][11][12][13][14]

Container Linux shares foundations withGentoo Linux,[15][16]ChromeOS,andChromiumOSthrough a commonsoftware development kit(SDK). Container Linux adds new functionality and customization to this shared foundation to support server hardware and use cases.[13][17]: 7:02 CoreOS was developed primarily byAlex Polvi,Brandon Philips, and Michael Marineau,[12]with its major features available as astable release.[18][19][20]

The CoreOS team announced theend-of-lifefor Container Linux on May 26, 2020,[1]offeringFedora CoreOS,[21]and RHEL CoreOS as its replacement, both based onRed Hat Enterprise Linux.

Overview[edit]

Container Linux provides nopackage manageras a way for distributing payload applications, requiring instead all applications to run inside their containers. Serving as a single control host, a Container Linux instance uses the underlyingoperating-system-level virtualizationfeatures of the Linux kernel to create and configure multiple containers that perform as isolatedLinuxsystems. That way,resourcepartitioning between containers is performed through multiple isolateduserspaceinstances, instead of using ahypervisorand providing full-fledgedvirtual machines.This approach relies on the Linux kernel'scgroupsandnamespacesfunctionalities,[22][23]which together provide abilities to limit, account and isolate resource usage (CPU,memory, diskI/O,etc.) for the collections of userspaceprocesses.[11][14][24]

Initially, Container Linux exclusively usedDockeras a component providing an additional layer of abstraction andinterface[25]to the operating-system-level virtualization features of the Linux kernel, as well as providing a standardized format for containers that allows applications to run in different environments.[11][24]In December 2014, CoreOS released and started to supportrkt(initially released asRocket) as an alternative to Docker, providing through it another standardized format of the application-container images, the related definition of the containerruntime environment,and aprotocolfor discovering and retrieving container images.[26][27][28][29]CoreOS provides rkt as an implementation of the so-calledapp container(appc) specification that describes the required properties of theapplication container image(ACI). CoreOS created appc and ACI as an independent committee-steered set of specifications[30][31]aimed to become part of the vendor- and operating-system-independentOpen Container Initiative,or OCI, initially named theOpen Container Project(OCP) containerization standard,[32]which was announced[by whom?]in June 2015.[33][34][35]

Container Linux usesebuildscripts from Gentoo Linux for automatedcompilationof its system components,[15][16]and usessystemdas its primaryinitsystem, with tight integration between systemd and various Container Linux's internal mechanisms.[11][36]

Updates distribution[edit]

Container Linux achieves additional security and reliability of its operating systemupdatesby employingFastPatchas a dual-partition scheme for the read-only part of its installation, meaning that the updates are performed as a whole and installed onto a passive secondary bootpartitionthat becomes active upon a reboot orkexec.This approach avoids possible issues arising from updating only certain parts of the operating system, ensures easy rollbacks to a known-to-be-stable version of the operating system, and allows each boot partition to besignedfor additional security.[11][14][37]The root partition and itsroot file systemare automatically resized to fill all available disk-space upon reboots; while the root partition provides read-write storage space, the operating system itself ismountedread-only under/usr.[38][39][40]

To ensure that only a certain part of theclusterreboots at once when the operating system updates are applied, preserving the resources required for running deployed applications, CoreOS provideslocksmithas arebootmanager for Container Linux.[41]Using locksmith, one can select between different update strategies that are determined by how the reboots are performed as the last step in applying updates; for example, one can configure how many cluster members are allowed to reboot simultaneously. Internally, locksmith operates as thelocksmithddaemonthat runs on cluster members, while thelocksmithctlcommand-line utilitymanages configuration parameters.[42][43]Locksmith is written in theGo languageand distributed under the terms of theApache License 2.0.[44]

The updates distribution system employed by Container Linux is based onGoogle's open-sourceOmahaproject, which provides a mechanism for rolling out updates and the underlyingrequest–responseprotocol based onXML.[6][45][46]Additionally, CoreOS providesCoreUpdateas a web-baseddashboardfor the management of cluster-wide updates. Operations available through CoreUpdate include assigning cluster members to different groups that share customized update policies, reviewing cluster-wide breakdowns of Container Linux versions, stopping and restarting updates, and reviewing recorded update logs. CoreUpdate also provides anHTTP-basedAPIthat allows its integration into third-party utilities ordeployment systems.[37][47][48]

Cluster infrastructure[edit]

A high-level illustration of the CoreOS cluster architecture[49]

Container Linux provides etcd, a daemon that runs across all computers in a cluster and provides a dynamic configuration registry, allowing various configuration data to be easily and reliably shared between the cluster members.[6][38]Since thekey–value datastored withinetcdis automaticallydistributedandreplicatedwith automatedmaster electionandconsensusestablishment using theRaftalgorithm, all changes in stored data are reflected across the entire cluster, while the achievedredundancyprevents failures of single cluster members from causing data loss.[29][50]Beside the configuration management,etcdalso providesservice discoveryby allowing deployed applications to announce themselves and the services they offer. Communication withetcdis performed through an exposedREST-based API, which internally usesJSONon top of HTTP; the API may be used directly (throughcurlorwget,for example), or indirectly throughetcdctl,which is a specialized command-line utility also supplied by CoreOS.[11][14][51][52][53]etcd is also used inKubernetessoftware.

Container Linux also provides thefleetcluster manager, which controls Container Linux's separate systemd instances at the cluster level. As of 2017, "fleet" is no longer actively developed and is deprecated in favor of Kubernetes.[54]By usingfleetd,Container Linux creates a distributedinit systemthat ties together separate systemd instances and a cluster-wideetcddeployment;[50]internally,fleetddaemon communicates with localsystemdinstances overD-Bus,and with theetcddeployment through its exposed API. Usingfleetdallows the deployment of single or multiplecontainerscluster-wide, with more advanced options includingredundancy,failover,deployment to specific cluster members, dependencies between containers, and grouped deployment of containers. A command-line utility calledfleetctlis used to configure and monitor this distributed init system;[55]internally, it communicates with thefleetddaemon using a JSON-based API on top of HTTP, which may also be used directly. When used locally on a cluster member,fleetctlcommunicates with the localfleetdinstance over aUnix domain socket;when used from an external host,SSH tunnelingis used with authentication provided throughpublic SSH keys.[56][57][58][59][60]

All of the above-mentioned daemons and command-line utilities (etcd,etcdctl,fleetdandfleetctl) are written in the Go language and distributed under the terms of the Apache License 2.0.[8][61]

Deployment[edit]

When running on dedicated hardware, Container Linux can be either permanently installed on local storage, such as ahard disk drive(HDD) orsolid-state drive(SSD),[62]or booted remotelyover a networkusingPreboot Execution Environment(PXE) in general, oriPXEas one of its implementations.[63][64]CoreOS also supports deployments on varioushardware virtualizationplatforms, includingAmazon EC2,DigitalOcean,Google Compute Engine,Microsoft Azure,OpenStack,QEMU/KVM,VagrantandVMware.[14][65][66][67]Container Linux may also be installed on Citrix XenServer, noting that a "template" for CoreOS exists.

Container Linux can also be deployed through its commercial distribution calledTectonic,which additionally integrates Google'sKubernetesas a cluster management utility. As of April 2015,Tectonic is planned to be offered asbeta softwareto select customers.[30][68][69]Furthermore, CoreOS providesFlannelas a component, implementing anoverlay networkrequired primarily for the integration with Kubernetes.[30][70][71]

As of February 2015,Container Linux supports only thex86-64architecture.[6]

Derivatives[edit]

Following its acquisition of CoreOS, Inc.[72]in January 2018, Red Hat announced[73]that it would be merging CoreOS Container Linux with Red Hat's Project Atomic to create a new operating system, Red Hat CoreOS, while aligning the upstream Fedora Project open source community around Fedora CoreOS, combining technologies from both predecessors.

On March 6, 2018, Kinvolk GmbH announced[74]Flatcar Container Linux,a derivative of CoreOS Container Linux. This tracks the upstream CoreOS alpha, beta, and stable channel releases, with an experimental Edge release channel added in May 2019.[75]

Reception[edit]

LWN.netreviewed CoreOS in 2014:[76]

For those who are putting together large, distributed systems—web applications being a prime example—CoreOS would appear to have a lot of interesting functionality. It should allow applications of that type to grow and shrink as needed with demand, as well as provide a stable platform where upgrades are not a constant headache. For "massive server deployments", CoreOS, or something with many of the same characteristics, looks like the future.

See also[edit]

References[edit]

  1. ^ab"End-of-life announcement for CoreOS Container Linux".coreos.com.RetrievedAugust 16,2020.
  2. ^"coreos/manifest: Release v94.0.0 (Container Linux v94.0.0)".github.com.October 3, 2013.RetrievedSeptember 22,2014.
  3. ^"CoreOS Container Linux Release Notes # Stable channel".coreos.com.May 22, 2020. Archived fromthe originalon November 11, 2020.RetrievedMay 22,2020.
  4. ^"CoreOS Container Linux Release Notes # Beta channel".coreos.com.May 22, 2020. Archived fromthe originalon November 11, 2020.RetrievedMay 22,2020.
  5. ^"CoreOS Container Linux Release Notes # Alpha channel".coreos.com.May 22, 2020. Archived fromthe originalon November 11, 2020.RetrievedMay 22,2020.
  6. ^abcdTimothy Prickett Morgan (February 15, 2015)."CoreOS Hyperscales Linux By Making It Invisible".nextplatform.com.RetrievedJune 14,2015.
  7. ^"CoreOS Pilot Agreement".coreos.com.March 13, 2014. Archived fromthe originalon September 12, 2014.RetrievedMarch 26,2014.
  8. ^ab"coreos/etcd: etcd/LICENSE at master".github.com.July 31, 2013.RetrievedMarch 26,2014.
  9. ^"CoreOS Container Linux 2514.1.0 Documentation".coreos.com.January 21, 2021. Archived fromthe originalon January 21, 2021.RetrievedJanuary 21,2021.
  10. ^"CoreOS Linux is now Container Linux".coreos.com.RetrievedDecember 20,2016.
  11. ^abcdefLibby Clark (September 9, 2013)."Brandon Philips: How the CoreOS Linux Distro Uses Cgroups".Linux.com.Archived fromthe originalon February 22, 2014.RetrievedFebruary 13,2014.
  12. ^abCade Metz (August 21, 2013)."Linux Hackers Rebuild Internet From Silicon Valley Garage".Wired.RetrievedFebruary 13,2014.
  13. ^ab"CoreOS – a new approach to Linux-based server systems".itnews2day.com.August 22, 2013. Archived fromthe originalon November 29, 2014.RetrievedMarch 26,2014.
  14. ^abcde"CoreOS documentation: Using CoreOS".coreos.com.Archived fromthe originalon February 23, 2014.RetrievedFebruary 13,2014.
  15. ^ab"Building development images: Updating portage-stable ebuilds from Gentoo".coreos.com.Archived fromthe originalon July 14, 2017.RetrievedMay 24,2016.
  16. ^ab"Distributions based on Gentoo".gentoo.org.March 25, 2016.RetrievedMay 24,2016.
  17. ^Brian Harrington (July 8, 2014)."CoreOS: Anatomy of a CoreOS update".youtube.com.Rackspace.RetrievedJuly 25,2014.
  18. ^Alex Polvi (July 25, 2014)."CoreOS Stable Release".coreos.com.RetrievedAugust 28,2014.
  19. ^"CoreOS Release Notes".coreos.com.Archived fromthe originalon November 11, 2020.RetrievedAugust 28,2014.
  20. ^Brandon Philips (January 28, 2015)."etcd 2.0 Release – First Major Stable Release".coreos.com.RetrievedJune 14,2015.
  21. ^"Fedora CoreOS Documentation:: Fedora Docs Site".docs.fedoraproject.org.RetrievedAugust 16,2020.
  22. ^Jonathan Corbet (October 29, 2007)."Notes from a container".LWN.net.RetrievedJuly 3,2016.
  23. ^Jake Edge (November 19, 2014)."Control group namespaces".LWN.net.RetrievedJuly 3,2016.
  24. ^ab"CoreOS documentation: Using Docker with CoreOS".coreos.com.Archived fromthe originalon August 4, 2016.RetrievedJune 14,2015.
  25. ^"Docker 0.9: Introducing execution drivers and libcontainer".docker.com.March 10, 2014.RetrievedJanuary 20,2015.
  26. ^Libby Clark (January 30, 2015)."CoreOS Co-Founder Alex Polvi Talks Containers, Rocket vs. Docker, and More".Linux.com.RetrievedJune 14,2015.
  27. ^Charles Babcock (February 20, 2015)."Rocket Containers: How CoreOS Plans To Challenge Docker".informationweek.com.RetrievedJune 14,2015.
  28. ^Alex Polvi (December 1, 2014)."CoreOS is building a container runtime, rkt".coreos.com.RetrievedJune 14,2015.
  29. ^abJosh Berkus (February 4, 2015)."New etcd, appc, and Rocket releases from CoreOS".LWN.net.RetrievedJune 22,2015.
  30. ^abcJosh Berkus (May 13, 2015)."CoreOS Fest and the world of containers, part 1".LWN.net.RetrievedJune 22,2015.
  31. ^Nathan Willis (December 3, 2014)."The Rocket containerization system".LWN.net.RetrievedJune 22,2015.
  32. ^ McAllister, Neil (June 22, 2015)."Docker and chums unveil standards org for software containers".Data Centre.The Register.RetrievedJanuary 19,2017.Announced at the DockerCon conference in San Francisco on Monday, the Open Container Project (OCP) will maintain and develop a common container runtime and image format based in part on code and specs donated by Docker.
  33. ^Frederic Lardinois (June 22, 2015)."Docker, CoreOS, Google, Microsoft, Amazon and others come together to develop common container standard".TechCrunch.RetrievedJune 24,2015.
  34. ^"Industry Leaders Unite to Create Project for Open Container Standards".opencontainers.org.June 22, 2015. Archived fromthe originalon August 13, 2015.RetrievedJune 24,2015.
  35. ^Neil McAllister (July 22, 2015)."Open Container Project renames, says standard is just weeks away: Linux Foundation, Docker and friends opt for Open Container Initiative".The Register.RetrievedJanuary 29,2016.
  36. ^"CoreOS documentation: Using systemd with CoreOS".coreos.com.Archived fromthe originalon February 14, 2014.RetrievedFebruary 13,2014.
  37. ^ab"CoreOS documentation: Updates & patches".coreos.com.Archived fromthe originalon February 14, 2014.RetrievedFebruary 27,2015.
  38. ^abPhil Whelan (August 28, 2013)."Alex Polvi Explains CoreOS".activestate.com.Archived fromthe originalon February 24, 2015.RetrievedMay 7,2015.
  39. ^"CoreOS documentation: Adding disk space to your CoreOS machine".coreos.com.RetrievedFebruary 27,2015.
  40. ^Alex Polvi (March 27, 2014)."Major Update: btrfs, Docker 0.9, add users, writable /etc, and more!".coreos.com.RetrievedFebruary 27,2015.
  41. ^"Simple Introduction to CoreOS with CEO Alex Polvi and CTO Brandon Philips".centurylinklabs.com.June 6, 2014. Archived fromthe originalon June 22, 2015.RetrievedJune 22,2015.
  42. ^"CoreOS documentation: Update strategies".coreos.com.RetrievedApril 17,2015.
  43. ^"coreos/locksmith: locksmith/README.md at master".github.com.February 1, 2015.RetrievedApril 17,2015.
  44. ^"coreos/locksmith: locksmith/LICENSE at master".github.com.January 19, 2014.RetrievedApril 17,2015.
  45. ^"Omaha – software installer and auto-updater for Windows".code.google.com.RetrievedOctober 11,2014.
  46. ^"Omaha Overview".omaha.googlecode.com.September 23, 2009. Archived fromthe originalon May 6, 2009.RetrievedOctober 11,2014.
  47. ^"Package omaha".godoc.org.June 24, 2014.RetrievedJuly 4,2014.
  48. ^"CoreOS documentation: CoreUpdate".coreos.com.RetrievedJuly 4,2014.
  49. ^Mark Moudy (May 16, 2014)."CoreOS + Docker Development Environment Demo".github.com.RetrievedApril 16,2015.
  50. ^abJonathan Corbet (October 22, 2014)."Etcd and fleet".LWN.net.RetrievedJune 22,2015.
  51. ^"CoreOS documentation: Using etcd with CoreOS".coreos.com.RetrievedFebruary 13,2014.
  52. ^"CoreOS documentation: Getting started with etcd".coreos.com.RetrievedFebruary 13,2014.
  53. ^Brandon Philips (January 15, 2014)."etcd @ GoSF".speakerdeck.com.RetrievedFebruary 13,2014.
  54. ^Wood, Josh."Container orchestration: Moving from fleet to Kubernetes".coreos..com.CoreOS.
  55. ^Justin Ellingwood (September 12, 2014)."How To Use Fleet and Fleetctl to Manage your CoreOS Cluster".digitalocean.com.RetrievedJune 22,2015.
  56. ^"CoreOS documentation: Launching containers with fleet".coreos.com.RetrievedApril 3,2014.
  57. ^"CoreOS documentation: Using the client".coreos.com.RetrievedApril 3,2014.
  58. ^"coreos/fleet: fleet/README.md at master".github.com.February 18, 2014.RetrievedApril 3,2014.
  59. ^"coreos/fleet: fleet/Documentation/deployment-and-configuration.md at master (Deploying fleet)".github.com.April 14, 2015.RetrievedApril 17,2015.
  60. ^"coreos/fleet: fleet/Documentation/api-v1.md (fleet API v1)".github.com.October 29, 2014.RetrievedApril 17,2015.
  61. ^ "coreos/fleet: fleet/LICENSE at master".github.com.February 6, 2014.RetrievedApril 3,2014.
  62. ^"CoreOS documentation: Installing CoreOS to disk".coreos.com.RetrievedFebruary 13,2014.
  63. ^"CoreOS documentation: Booting CoreOS via PXE".coreos.com.RetrievedFebruary 13,2014.
  64. ^"CoreOS documentation: Booting CoreOS via iPXE".coreos.com.RetrievedFebruary 13,2014.
  65. ^Alex Crawford (September 5, 2014)."CoreOS Image Now Available On DigitalOcean".coreos.com.RetrievedSeptember 5,2014.
  66. ^Jack Clark (May 23, 2014)."Google brings futuristic Linux software CoreOS onto its cloud".The Register.RetrievedMay 26,2014.
  67. ^Alex Crawford (October 20, 2014)."CoreOS Now Available On Microsoft Azure".coreos.com.RetrievedOctober 22,2014.
  68. ^Steven J. Vaughan-Nichols (April 6, 2015)."CoreOS is bringing Google's Kubernetes to the enterprise".ZDNet.RetrievedApril 29,2015.
  69. ^Ben Kepes (April 6, 2015)."CoreOS And Google Make Their Defensive Plays, Is Docker The Victim?".Forbes.RetrievedApril 29,2015.
  70. ^Eugene Yakubovich (August 28, 2014)."Introducing flannel: An etcd-backed overlay network for containers".coreos.com.RetrievedJune 22,2015.
  71. ^"Tutorial on using CoreOS Flannel for Docker".slideshare.net.November 2014.RetrievedJune 22,2015.
  72. ^Rosoff, Matt (January 30, 2018)."Red Hat pays $250 million for CoreOS, a start-up that sells Google-developed technology".CNBC.RetrievedJune 6,2019.
  73. ^"Fedora CoreOS, Red Hat CoreOS, and the future of Container Linux | CoreOS".coreos.com.RetrievedJune 6,2019.
  74. ^"Announcing the Flatcar Linux project | Kinvolk".kinvolk.io.March 6, 2018.RetrievedJune 6,2019.
  75. ^"Introducing the Flatcar Linux Edge Channel | Kinvolk".kinvolk.io.May 15, 2019.RetrievedJune 6,2019.
  76. ^CoreOS: A different kind of Linux distribution [LWN.net]

External links[edit]

Wikimedia Commons has media related toCoreOS.
Retrieved from "https://en.wikipedia.org/w/index.php?title=Container_Linux&oldid=1225866933"