==== Overwiew ==== * CoreOS Linux was renamed to Container Linux in 2016. Under Apache 2.0 license. coreos is still the company name. The commercial distribution is called Tectonic which integrates kubernetes. * Based on Gentoo Linux. use ebuild scripts from Gentoo Linux for compilation of its system components. use systemd for init. * Major system components such as etcd, rkt, flannel, ignition are all open source and written in GO language on github. * Installation/Deployment * support ISO install, PXE, and deployment on cloud platforms - AWS, GCE, Azure, openstack, Vagrant(vbox, qemu/kvm), vmware. * The cluster customization and first boot configuration(network configurations, user accounts, systemd units) is based on coreos-cloudinit(cloud-config like), coreos started new project named Ignition to replace it. Ignition is a provisioning utility, it can reads configuration from URL, network metadata service and hypervisor bridge and apply the configuration. * Updates * No package manager, automatic software updates * upgrade/version: Alpha, Beta, Stable * Update approach: Dual boot partitions. Updates are performed onto passive secondary partition, and becomes active upon a reboot or kexec. root partition and filesystem are automatically resized upon reboot, root partition is read-write, but /usr is mounted read-only. * container management: initially used docker, in 12/2014, coreos started to include rkt providing support for appc. Now rkt can support both appc and OCI. * Cluster * etcd daemon runs across all cluster nodes. By using etcd, all configuration data are shared between cluster members. etcd is also key-value store. * fleet(deprecated) to deploy cluster-wide services and containers with redundancy, failover features. * Storage and network * ext4 + overlayfs for container image storage * flannel is virtual network that gives subnet to each host for container runtimes. === Appc and OCI === ==== components ==== === kernel === automatic kernel updates === file system === ext4 + overlayfs === systemd === === etcd2 === etcd is key-value store for the most critical data of distributed systems. etcd is a distributed key-value store that provides a relieble way to store data across a cluster of machines. etcd uses[[ https://raft.github.io/| Raft consensus Algorithm]]. Kubernetes uses etcd for data storage. - automatic kernel updates. contain linux uses etcd to store semaphore values to make sure only subset of cluster are rebooting at any given time. - Kubernets uses etcd to store cluster states for service discovery and cluster management, and it uses what API to monitor critical configuration changes. In container linux, it is systemd service daemon. === etcd operator === - single command line - configure and manager the complexities of etcd using simple declarative configuration that will create, configure and manage etcd clusters. - === locksmith === - reboot manager - auto reboot based on update policy after auto updates. ensure a certain part of the cluster reboots once updates are applied. - runs as daemon on all cluster nodes. /etc/coreos/update.conf GROUP=beta change to alpha, then restart update-engine systemctl restart update-engine === fleet === Deprecated by CoreOS. CoreOS instead recommends Kubernetes for clustering needs. fleet is a cluster-wide elaboration on systemd units. fleet supports basic scheduling of systemd unis across nodes in a cluster. For container orchestration system - Kubernetes. Low level cluster scheduler . === rkt === container manager for Linux clusters. - not a background daemon - support both appc(App Container) and OCI(Open Container Initiative) which are container image format and runtime specification. === dockerd and containerd === not owned by coreos. Since 1.11, docker is split into containerd, docker daemon, runC. containerd: daemon, manage docker runtime by runC. provide gRPC interface for dockerd, uses runC tor run container(via containerd-shim) dockerd: daemon, runC: implementation for OCI. === flannel === virtual network that gives a subnet to each host for use with container runtimes. === ignition === provisioning utility designed specifically fore container linux. - most basic level, it is a tool for manipulating disks during early boot. - only runs onece === Clair === project for the static analysis of valnerabilities in appc and docker containers.