Software:Container Linux by CoreOS

From HandWiki
Container Linux by CoreOS
Container Linux by CoreOS logo
OS familyUnix-like
Working stateIn development
Source modelOpen source
Initial releaseOctober 3, 2013; 10 years ago (2013-10-03)[1]
|Final release|Latest release}}1800.7.0[2] / August 16, 2018; 5 years ago (2018-08-16)
|Final preview|Latest preview}}1871.0.0[3] / August 16, 2018; 5 years ago (2018-08-16)
Marketing targetServers and clusters
Platformsx86-64[4]
Kernel typeMonolithic (Linux kernel)
LicenseApache License 2.0[5][6]
Official websitecoreos.com

Container Linux by CoreOS (formerly CoreOS Linux) is an open-source lightweight operating system based on the Linux kernel and designed for providing infrastructure to clustered deployments, while focusing on automation, ease of application deployment, security, reliability and scalability. As an operating system, Container Linux provides only the minimal functionality required for deploying applications inside software containers, together with built-in mechanisms for service discovery and configuration sharing.[7][8][9][10][11]

Container Linux shares foundations with Gentoo Linux,[12][13] Chrome OS and Chromium OS, through a common software development kit (SDK). Container Linux adds new functionality and customization to this shared foundation to support server hardware and use cases.[10][14]:7:02 (As of January 2015), CoreOS is actively developed, primarily by Alex Polvi, Brandon Philips and Michael Marineau,[9] with its major features available as a stable release.[15][16][17]

Overview

Container Linux provides no package manager as a way for distributing payload applications, requiring instead all applications to run inside their containers. Serving as a single control host, a Container Linux instance uses the underlying operating-system-level virtualization features of the Linux kernel to create and configure multiple containers that perform as isolated Linux systems. That way, resource partitioning between containers is performed through multiple isolated userspace instances, instead of using a hypervisor and providing full-fledged virtual machines. This approach relies on the Linux kernel's cgroups and namespaces functionalities,[18][19] which together provide abilities to limit, account and isolate resource usage (CPU, memory, disk I/O, etc.) for the collections of userspace processes.[8][11][20]

Initially, Container Linux exclusively used Docker as a component providing an additional layer of abstraction and interface[21] to the operating-system-level virtualization features of the Linux kernel, as well as providing a standardized format for containers that allows applications to run in different environments.[8][20] In December 2014, CoreOS released and started to support rkt (initially released as Rocket) as an alternative to Docker, providing through it another standardized format of the application-container images, the related definition of the container runtime environment, and a protocol for discovering and retrieving container images.[22][23][24][25] CoreOS provides rkt as an implementation of the so-called app container (appc) specification that describes required properties of the application container image (ACI); CoreOS initiated appc and ACI as an independent committee-steered set of specifications,[26][27] aiming at having them become part of the vendor- and operating-system-independent Open Container Initiative (OCI; initially named the Open Container Project or OCP[28]) containerization standard, which was announced[by whom?] in June 2015.[29][30][31]

Container Linux uses ebuild scripts from Gentoo Linux for automated compilation of its system components,[12][13] and uses systemd as its primary init system with tight integration between systemd and various Container Linux's internal mechanisms.[8][32]

Updates distribution

Container Linux achieves additional security and reliability of its operating system updates by employing FastPatch as a dual-partition scheme for the read-only part of its installation, meaning that the updates are performed as a whole and installed onto a passive secondary boot partition that becomes active upon a reboot or kexec. This approach avoids possible issues arising from updating only certain parts of the operating system, ensures easy rollbacks to a known-to-be-stable version of the operating system, and allows each boot partition to be signed for additional security.[8][11][33] The root partition and its root file system are automatically resized to fill all available disk-space upon reboots; while the root partition provides read-write storage space, the operating system itself is mounted read-only under /usr.[34][35][36]

To ensure that only a certain part of the cluster reboots at once when the operating system updates are applied, preserving that way the resources required for running deployed applications, CoreOS provides locksmith as a reboot manager for Container Linux.[37] Using locksmith, one can select between different update strategies that are determined by how the reboots are performed as the last step in applying updates; for example, it may be configured how many cluster members are allowed to reboot simultaneously. Internally, locksmith operates as the locksmithd daemon that runs on cluster members, while the locksmithctl command-line utility manages configuration parameters.[38][39] locksmith is written in the Go language and distributed under the terms of the Apache License 2.0.[40]

The updates distribution system employed by Container Linux is based on Google's open-source Omaha project, which provides a mechanism for rolling out updates and the underlying request–response protocol based on XML.[4][41][42] Additionally, CoreOS provides CoreUpdate as a web-based dashboard for the management of cluster-wide updates. Operations available through CoreUpdate include assigning cluster members to different groups that share customized update policies, reviewing cluster-wide breakdowns of Container Linux versions, stopping and restarting updates, and reviewing recorded update logs. CoreUpdate also provides a HTTP-based API that allows its integration into third-party utilities or deployment systems.[33][43][44]

Cluster infrastructure

A high-level illustration of the CoreOS cluster architecture[45]

Container Linux provides etcd, a daemon that runs across all computers in a cluster and provides a dynamic configuration registry, allowing various configuration data to be easily and reliably shared between the cluster members.[4][34] Since the key–value data stored within etcd is automatically distributed and replicated with automated master election and consensus establishment using the Raft algorithm, all changes in stored data are reflected across the entire cluster, while the achieved redundancy prevents failures of single cluster members from causing data loss.[25][46] Beside the configuration management, etcd also provides service discovery by allowing deployed applications to announce themselves and the services they offer. Communication with etcd is performed through an exposed REST-based API, which internally uses JSON on top of HTTP; the API may be used directly (through curl or wget, for example), or indirectly through etcdctl, which is a specialized command-line utility also supplied by CoreOS.[8][11][47][48][49]. Etcd is also used in Kubernetes software.

Container Linux also provides the fleet cluster manager which controls Container Linux's separate systemd instances at the cluster level. As of 2017 "fleet" is no longer actively developed and is deprecated in favor of Kubernetes.[50] By using fleetd, Container Linux creates a distributed init system that ties together separate systemd instances and a cluster-wide etcd deployment;[46] internally, fleetd daemon communicates with local systemd instances over D-Bus, and with the etcd deployment through its exposed API. Using fleetd allows the deployment of single or multiple containers cluster-wide, with more advanced options including redundancy, failover, deployment to specific cluster members, dependencies between containers, and grouped deployment of containers. A command-line utility called fleetctl is used to configure and monitor this distributed init system;[51] internally, it communicates with the fleetd daemon using a JSON-based API on top of HTTP, which may also be used directly. When used locally on a cluster member, fleetctl communicates with the local fleetd instance over a Unix domain socket; when used from an external host, SSH tunneling is used with authentication provided through public SSH keys.[52][53][54][55][56]

All of the above-mentioned daemons and command-line utilities (etcd, etcdctl, fleetd and fleetctl) are written in the Go language and distributed under the terms of the Apache License 2.0.[6][57]

Deployment

When running on dedicated hardware, Container Linux can be either permanently installed to local storage, such as a hard disk drive (HDD) or solid-state drive (SSD),[58] or booted remotely over a network using Preboot Execution Environment (PXE) in general, or iPXE as one of its implementations.[59][60] CoreOS also supports deployments on various hardware virtualization platforms, including Amazon EC2, DigitalOcean, Google Compute Engine, Microsoft Azure, OpenStack, QEMU/KVM, Vagrant and VMware.[11][61][62][63] Container Linux may also be installed on Citrix XenServer, noting that a "templates" for CoreOS exists.

Container Linux can also be deployed through its commercial distribution called Tectonic, which additionally integrates Google's Kubernetes as a cluster management utility. (As of April 2015), Tectonic is planned to be offered as beta software to select customers.[26][64][65] Furthermore, CoreOS provides Flannel as a component implementing an overlay network required primarily for the integration with Kubernetes.[26][66][67]

(As of February 2015), Container Linux supports only the x86-64 architecture.[4]

CoreOS Inc

CoreOS, Inc supports the development of open source projects including Container Linux, Kubernetes, rkt application container engine[68] and others[69] and creates products for management of containerized applications such as Quay image/container registry. CoreOS, Inc is based in San Francisco, CA and was founded in 2013[70] in Palo Alto, CA.[9] The CoreOS corporation was purchased by Red Hat in January 2018 for a purchase price of $250 million.[71]

Reception

LWN.net reviewed CoreOS in 2014:[72]

For those who are putting together large, distributed systems—web applications being a prime example—CoreOS would appear to have a lot of interesting functionality. It should allow applications of that type to grow and shrink as needed with demand, as well as provide a stable platform where upgrades are not a constant headache. For "massive server deployments", CoreOS, or something with many of the same characteristics, looks like the future.

See also

  • Application virtualization – software technology that encapsulates application software from the operating system on which it is executed
  • Comparison of application virtualization software – various portable and scripting language virtual machines
  • Comparison of platform virtualization software – various emulators and hypervisors, which emulate the whole physical computers
  • LXC (Linux Containers) – an environment for running multiple isolated Linux systems (containers) on a single Linux control host
  • Operating-system-level virtualization implementations – based on operating system kernel's support for multiple isolated userspace instances
  • Software as a service (SaaS) – a software licensing and delivery model that hosts the software centrally and licenses it on a subscription basis
  • Virtualization – a general concept of providing virtual versions of computer hardware platforms, operating systems, storage devices, etc.

References

  1. "coreos/manifest: Release v94.0.0 (Container Linux v94.0.0)". October 3, 2013. https://github.com/coreos/manifest/releases/tag/v94.0.0. Retrieved September 22, 2014. 
  2. "CoreOS Container Linux Release Notes # Stable channel". August 16, 2018. https://coreos.com/releases/#stable. Retrieved August 27, 2018. 
  3. "CoreOS Container Linux Release Notes # Alpha channel". August 16, 2018. https://coreos.com/releases/#alpha. Retrieved August 27, 2018. 
  4. 4.0 4.1 4.2 4.3 Timothy Prickett Morgan (February 15, 2015). "CoreOS Hyperscales Linux By Making It Invisible". http://www.nextplatform.com/2015/02/25/coreos-hyperscales-linux-by-making-it-invisible/. Retrieved June 14, 2015. 
  5. "CoreOS Pilot Agreement". Archived from the original on September 12, 2014. https://web.archive.org/web/20140912161231/https://coreos.com/legal/pilot/. 
  6. 6.0 6.1 "coreos/etcd: etcd/LICENSE at master". July 31, 2013. https://github.com/coreos/etcd/blob/master/LICENSE. Retrieved March 26, 2014. 
  7. "CoreOS Linux is now Container Linux". https://coreos.com/blog/tectonic-self-driving.html#coreos-linux-is-now-container-linux. 
  8. 8.0 8.1 8.2 8.3 8.4 8.5 Libby Clark (September 9, 2013). "Brandon Philips: How the CoreOS Linux Distro Uses Cgroups". Linux.com. http://www.linux.com/news/featured-blogs/200-libby-clark/737364-brandon-philips-how-the-coreos-linux-distro-uses-cgroups. Retrieved February 13, 2014. 
  9. 9.0 9.1 9.2 Cade Metz (August 21, 2013). "Linux Hackers Rebuild Internet From Silicon Valley Garage". Wired. https://www.wired.com/wiredenterprise/2013/08/coreos-the-new-linux/. Retrieved February 13, 2014. 
  10. 10.0 10.1 "CoreOS – a new approach to Linux-based server systems". August 22, 2013. http://itnews2day.com/2013/08/22/coreos-linux-based-server-systems/. Retrieved March 26, 2014. 
  11. 11.0 11.1 11.2 11.3 11.4 "CoreOS documentation: Using CoreOS". https://coreos.com/using-coreos/. 
  12. 12.0 12.1 "Building development images: Updating portage-stable ebuilds from Gentoo". https://coreos.com/os/docs/latest/sdk-building-development-images.html#updating-portage-stable-ebuilds-from-gentoo. 
  13. 13.0 13.1 "Distributions based on Gentoo". March 25, 2016. https://wiki.gentoo.org/wiki/Distributions_based_on_Gentoo. Retrieved May 24, 2016. 
  14. Brian Harrington (July 8, 2014). "CoreOS: Anatomy of a CoreOS update". Rackspace. https://www.youtube.com/watch?v=JeICd9XyXfY&t=422. Retrieved July 25, 2014. 
  15. Alex Polvi (July 25, 2014). "CoreOS Stable Release". https://coreos.com/blog/stable-release/. Retrieved August 28, 2014. 
  16. "CoreOS Release Notes". https://coreos.com/releases/. 
  17. Brandon Philips (January 28, 2015). "etcd 2.0 Release – First Major Stable Release". https://coreos.com/blog/etcd-2.0-release-first-major-stable-release/. Retrieved June 14, 2015. 
  18. Jonathan Corbet (October 29, 2007). "Notes from a container". LWN.net. https://lwn.net/Articles/256389/. Retrieved July 3, 2016. 
  19. Jake Edge (November 19, 2014). "Control group namespaces". LWN.net. https://lwn.net/Articles/621006/. Retrieved July 3, 2016. 
  20. 20.0 20.1 "CoreOS documentation: Using Docker with CoreOS". https://coreos.com/using-coreos/containers/. 
  21. "Docker 0.9: Introducing execution drivers and libcontainer". March 10, 2014. http://blog.docker.com/2014/03/docker-0-9-introducing-execution-drivers-and-libcontainer/. Retrieved January 20, 2015. 
  22. Libby Clark (January 30, 2015). "CoreOS Co-Founder Alex Polvi Talks Containers, Rocket vs. Docker, and More". Linux.com. https://www.linux.com/news/featured-blogs/200-libby-clark/806347-collaboration-summit-keynote-alex-polvi-coreos. Retrieved June 14, 2015. 
  23. Charles Babcock (February 20, 2015). "Rocket Containers: How CoreOS Plans To Challenge Docker". http://www.informationweek.com/cloud/infrastructure-as-a-service/rocket-containers-how-coreos-plans-to-challenge-docker/d/d-id/1319167. Retrieved June 14, 2015. 
  24. Alex Polvi (December 1, 2014). "CoreOS is building a container runtime, rkt". https://coreos.com/blog/rocket/. Retrieved June 14, 2015. 
  25. 25.0 25.1 Josh Berkus (February 4, 2015). "New etcd, appc, and Rocket releases from CoreOS". LWN.net. https://lwn.net/Articles/631630/. Retrieved June 22, 2015. 
  26. 26.0 26.1 26.2 Josh Berkus (May 13, 2015). "CoreOS Fest and the world of containers, part 1". LWN.net. https://lwn.net/Articles/644089/. Retrieved June 22, 2015. 
  27. Nathan Willis (December 3, 2014). "The Rocket containerization system". LWN.net. https://lwn.net/Articles/624349/. Retrieved June 22, 2015. 
  28. McAllister, Neil (2015-06-22). "Docker and chums unveil standards org for software containers". The Register. https://www.theregister.co.uk/2015/06/22/open_container_project/. "Announced at the DockerCon conference in San Francisco on Monday, the Open Container Project (OCP) will maintain and develop a common container runtime and image format based in part on code and specs donated by Docker." 
  29. Frederic Lardinois (June 22, 2015). "Docker, CoreOS, Google, Microsoft, Amazon and others come together to develop common container standard". TechCrunch. https://techcrunch.com/2015/06/22/docker-coreos-google-microsoft-amazon-and-others-agree-to-develop-common-container-standard/. Retrieved June 24, 2015. 
  30. "Industry Leaders Unite to Create Project for Open Container Standards". Archived from the original on August 13, 2015. https://web.archive.org/web/20150813223334/https://www.opencontainers.org/pressrelease/. 
  31. Neil McAllister (July 22, 2015). "Open Container Project renames, says standard is just weeks away: Linux Foundation, Docker and friends opt for Open Container Initiative". The Register. https://www.theregister.co.uk/2015/07/22/open_container_status_update/. Retrieved January 29, 2016. 
  32. "CoreOS documentation: Using systemd with CoreOS". Archived from the original on February 14, 2014. https://web.archive.org/web/20140214143636/https://coreos.com/using-coreos/systemd/. 
  33. 33.0 33.1 "CoreOS documentation: Updates & patches". https://coreos.com/using-coreos/updates/. 
  34. 34.0 34.1 Phil Whelan (August 28, 2013). "Alex Polvi Explains CoreOS". http://www.activestate.com/blog/2013/08/alex-polvi-explains-coreos. Retrieved May 7, 2015. 
  35. "CoreOS documentation: Adding disk space to your CoreOS machine". https://coreos.com/docs/cluster-management/scaling/adding-disk-space/. 
  36. Alex Polvi (March 27, 2014). "Major Update: btrfs, Docker 0.9, add users, writable /etc, and more!". https://coreos.com/blog/new-filesystem-btrfs-cloud-config/. Retrieved February 27, 2015. 
  37. "Simple Introduction to CoreOS with CEO Alex Polvi and CTO Brandon Philips". June 6, 2014. http://www.centurylinklabs.com/interviews/simple-introduction-to-coreos-with-ceo-alex-polvi-and-cto-brandon-philips/. Retrieved June 22, 2015. 
  38. "CoreOS documentation: Update strategies". https://coreos.com/docs/cluster-management/setup/update-strategies/. 
  39. "coreos/locksmith: locksmith/README.md at master". February 1, 2015. https://github.com/coreos/locksmith/blob/master/README.md. Retrieved April 17, 2015. 
  40. "coreos/locksmith: locksmith/LICENSE at master". January 19, 2014. https://github.com/coreos/locksmith/blob/master/LICENSE. Retrieved April 17, 2015. 
  41. "Omaha – software installer and auto-updater for Windows". https://code.google.com/p/omaha/. 
  42. "Omaha Overview". September 23, 2009. http://omaha.googlecode.com/svn/wiki/OmahaOverview.html. Retrieved October 11, 2014. 
  43. "Package omaha". June 24, 2014. https://godoc.org/github.com/coreos/go-omaha/omaha. Retrieved July 4, 2014. 
  44. "CoreOS documentation: CoreUpdate". https://coreos.com/products/coreupdate/. 
  45. Mark Moudy (May 16, 2014). "CoreOS + Docker Development Environment Demo". https://github.com/MarkMoudy/coreos-docker-CI-demo. Retrieved April 16, 2015. 
  46. 46.0 46.1 Jonathan Corbet (October 22, 2014). "Etcd and fleet". LWN.net. https://lwn.net/Articles/617452/. Retrieved June 22, 2015. 
  47. "CoreOS documentation: Using etcd with CoreOS". https://coreos.com/using-coreos/etcd/. 
  48. "CoreOS documentation: Getting started with etcd". https://coreos.com/docs/cluster-management/setup/getting-started-with-etcd/. 
  49. Brandon Philips (January 15, 2014). "etcd @ GoSF". https://speakerdeck.com/philips/etcd-at-gosf. Retrieved February 13, 2014. 
  50. Wood, Josh. "Container orchestration: Moving from fleet to Kubernetes". CoreOS. https://coreos.com/blog/migrating-from-fleet-to-kubernetes.html. 
  51. Justin Ellingwood (September 12, 2014). "How To Use Fleet and Fleetctl to Manage your CoreOS Cluster". https://www.digitalocean.com/community/tutorials/how-to-use-fleet-and-fleetctl-to-manage-your-coreos-cluster. Retrieved June 22, 2015. 
  52. "CoreOS documentation: Launching containers with fleet". https://coreos.com/docs/launching-containers/launching/launching-containers-fleet/. 
  53. "CoreOS documentation: Using the client". https://coreos.com/docs/launching-containers/launching/fleet-using-the-client/. 
  54. "coreos/fleet: fleet/README.md at master". February 18, 2014. https://github.com/coreos/fleet/blob/master/README.md. Retrieved April 3, 2014. 
  55. "coreos/fleet: fleet/Documentation/deployment-and-configuration.md at master (Deploying fleet)". April 14, 2015. https://github.com/coreos/fleet/blob/master/Documentation/deployment-and-configuration.md. Retrieved April 17, 2015. 
  56. "coreos/fleet: fleet/Documentation/api-v1.md (fleet API v1)". October 29, 2014. https://github.com/coreos/fleet/blob/master/Documentation/api-v1.md. Retrieved April 17, 2015. 
  57. "coreos/fleet: fleet/LICENSE at master". February 6, 2014. https://github.com/coreos/fleet/blob/master/LICENSE. Retrieved April 3, 2014. 
  58. "CoreOS documentation: Installing CoreOS to disk". https://coreos.com/docs/running-coreos/bare-metal/installing-to-disk/. 
  59. "CoreOS documentation: Booting CoreOS via PXE". https://coreos.com/docs/running-coreos/bare-metal/booting-with-pxe/. 
  60. "CoreOS documentation: Booting CoreOS via iPXE". https://coreos.com/docs/running-coreos/bare-metal/booting-with-ipxe/. 
  61. Alex Crawford (September 5, 2014). "CoreOS Image Now Available On DigitalOcean". https://coreos.com/blog/digital-ocean-supports-coreos/. Retrieved September 5, 2014. 
  62. Jack Clark (May 23, 2014). "Google brings futuristic Linux software CoreOS onto its cloud". The Register. https://www.theregister.co.uk/2014/05/23/google_loads_coreos_onto_its_cloud/. Retrieved May 26, 2014. 
  63. Alex Crawford (October 20, 2014). "CoreOS Now Available On Microsoft Azure". https://coreos.com/blog/coreos-available-on-azure/. Retrieved October 22, 2014. 
  64. Steven J. Vaughan-Nichols (April 6, 2015). "CoreOS is bringing Google's Kubernetes to the enterprise". ZDNet. http://www.zdnet.com/article/coreos-is-bringing-googles-kubernetes-to-the-enterprise/. Retrieved April 29, 2015. 
  65. Ben Kepes (April 6, 2015). "CoreOS And Google Make Their Defensive Plays, Is Docker The Victim?". Forbes . https://www.forbes.com/sites/benkepes/2015/04/06/coreos-and-google-make-their-defensive-plays-is-docker-the-victim/. Retrieved April 29, 2015. 
  66. Eugene Yakubovich (August 28, 2014). "Introducing flannel: An etcd-backed overlay network for containers". https://coreos.com/blog/introducing-rudder/. Retrieved June 22, 2015. 
  67. "Tutorial on using CoreOS Flannel for Docker". November 2014. http://www.slideshare.net/lorispack/using-coreos-flannel-for-docker-networking. Retrieved June 22, 2015. 
  68. https://coreos.com/rkt/
  69. "CoreOS provides Container Linux, Tectonic for Kubernetes and the Quay image registry". https://coreos.com. 
  70. https://www.redhat.com/en/about/press-releases/red-hat-acquire-coreos-expanding-its-kubernetes-and-containers-leadership
  71. Larabel, Michael (30 January 2018). "Red Hat Is Acquiring CoreOS". Phoronix. https://www.phoronix.com/scan.php?page=news_item&px=Red-Hat-Acquiring-CoreOS. Retrieved 30 January 2018. 
  72. CoreOS: A different kind of Linux distribution [LWN.net]

External links




Retrieved from "https://handwiki.org/wiki/index.php?title=Software:Container_Linux_by_CoreOS&oldid=3450285"