Flatcar Container Linux

Posted by D2i Team on April 20, 2022

Containers are lightweight packages of your application code along with their dependencies such as specific versions of programming language runtimes and libraries required to run your software services. Container-based infrastructure was a paradigm shift. For cloud-native infrastructure, a Container optimized Linux distribution is the best foundation.

Red Hat announced the End of Life of CoreOS Container Linux will be 2020, May 26th, and the company said they would no longer develop or support Container Linux.

This had been expected since soon after the CoreOS acquisition was announced.

In 2018, Kinvolk announce Flatcar Container Linux and in Feb 2020 after the Red hat announcement it became a derivate and drop-in replacement for CoreOS Container Linux

Flatcar Container Linux is designed from the scratch for running container workloads. It is a lightweight OS that includes minimal tools needed to run containers that continue to deliver what Container Linux promised.

The OS includes automatic atomic updates and is shipped through an immutable file system eliminating security vulnerabilities.

Features of flatcar

Immutability: Flatcar linux container is immutable, /usr is a read-only partition and other packages are not allowed. Hence there is no chance of information leakage both intentionally or accidentally.

Scale: Flatcar Container Linux includes tools to manage or control large-scale, global infrastructure. Group instances, and update policies and versions are easily manageable.

Complexity: There is no need for package managers as container images itself dependencies and libraries are packaged and delivered. This simplifies the OS.

Security: In Flatcar Container Linux security updates are automated, preventing potential vulnerabilities. By including what is required and making the partitions immutable/read-only. It eliminates high-impact security vulnerabilities and the further attack surface is also reduced.

Automated Updates: By taking advantage of automated and atomic updates you will always have a secure, latest, and most table Flat car version.