Linux has come a long way since Linus Torvalds released it to the community. Until now, when the time has come for containers to be fully accepted, it has served many legendary adventures and developments. Traditional Linux distributions come bundled with many software, which makes it an excellent universal tool. This was never a problem until the concept of containers was accepted.
The large amount of software in traditional Linux cases has the following disadvantages: it increases bloat, increases the threat surface, and expands the test matrix required to certify new versions. Container-driven microservices require fewer dependencies and use the smallest container operating system, so you can easily make your application larger.
We will unveil the mystery of the smallest container operating system that shows great promise in this article.
1. CoreOS / Container Linux
Container Linux, Commonly known as CoreOS, is a pioneer in container-based Linux distribution business. It is a very lightweight Linux operating system, designed for cluster deployments, to provide automation, security and scalability for your most critical applications. As you might guess, the application runs in a container, giving developers a friendly tool for deploying software. True, CoreOS Container Linux is a leading container operating system designed to be managed and run at scale with minimal operational overhead.
CoreOS internal working principle
be adapted from CoreOS website“Container Linux compresses the boundaries of the distribution and includes only the basics: the operating system and basic user utilities are stripped to a bare minimum and delivered as a whole unit. All other applications and dependencies run inside the container and can Manage, update, and distribute consistently in it. As a user of Container Linux, you have a consistent, secure foundation for running applications. CoreOS engineers continuously deliver patches to the OS to keep container engines up-to-date and ensure your containers safe operation.”
- Container Linux can run on almost any platform, whether physical, virtual or private / public cloud.
- All applications are separate from the core operating system and dependencies run inside the container
2. Photonic Operating System
Photon OS Introduction
VMWare makes a minimalist Linux operating system and improves it to fit cloud computing platforms, VMware vSphere deployments and cloud-native applications, and calls it Photon operating system.
As a Linux container host, Photon OS has been optimized for vSphere and cloud computing platforms such as Amazon Elastic Compute and Google Compute Engine. It works with the most common container formats, including Docker, Rocket, and Garden. In addition, Photon OS includes a yum-compatible package-based lifecycle management system called tdnf.
One amazing feature of Photon OS is that you can use it with development tools and environments (e.g. VMware Fusion, VMware Workstation). In the process, it allows you to seamlessly migrate container-based applications from development to production.
Features of Photon OS
The most prominent features of Photon OS are as follows
I. Photon OS has a small footprint and short startup and runtime.
This makes Photon OS highly optimized for cloud computing and cloud applications.
ii. It uses systemd to manage services.
By using systemd, Photon OS uses modern Linux standards to manage system services. Photon OS bootstrap userspace and simultaneously start services using systemd. The systemctl utility controls services on Photon OS. For example, instead of running the /etc/init.d/ssh script on an init.d-based Linux system to stop and start the OpenSSH server, you can run the following systemctl command on the following systems: Photon operating system:
- systemctl stop sshd
- systemctl start sshd
It uses an open source compatible package manager called yum to manage packages tdnf Suitable for Tiny DNF.
Tdnf keeps the operating system as small as possible while maintaining yum’s powerful package management capabilities. On Photon OS, tdnf is the default package manager for installing new packages. It is a C implementation of the DNF package manager.
If you want no fuss or hassle when running Docker, consider using RancherOS. This is the smallest and easiest way to run workloads in production using Docker. Since it seems that the container approach will be adopted in the future, the Rancher team makes each process in RancherOS run as a container managed by Docker. This architecture is completely different from that in Linux distributions, because even system services (such as udev and syslog) run as containers.
Because RancherOS contains only the services needed to run Docker, it is much smaller than most traditional operating systems. By removing unnecessary libraries and services, the requirements for security patches and other maintenance are also reduced. This is possible because with Docker, users typically package all required libraries into their containers.
Features of RancherOS
I. Everything in RancherOS is a container
All elements and functionally related containers have been studied and implemented to ensure that RancherOS is technically sound. For example, RancherOS is designed to run the latest version of Docker, allowing users to take advantage of the latest Docker features and bug fixes. As you can see, you no longer have to worry about upgrades and updates on the terminal, you just focus on your core business.
ii. RancherOS is as fast as Flash
In terms of startup time, nothing is better than a minimalist Linux distribution. RancherOS, which likes this league, starts very fast. Also, starting a Docker container is very fast, similar to starting any other process. If you are an organization adopting microservices, these features are perfect for you.
RancherOS requires very low hardware resources to run. This removes the constraints of your hardware costs on your project.
How RancherOS works
Who would want to know how an OS running on a container only does it in the background. Rancher achieved this by launching two Docker instances. They refer to an instance as system Docker, which represents the first process on the system, just like init in a normal Linux distribution. All other system services (such as terminal, syslog and ntpd) run in Docker containers. System Docker replaces traditional initialization systems such as systemd and is used to start other system services.
Source: RancherOS website
So, how to avoid deleting all containers running in user space as well as containers of System? RancherOS handles this problem brilliantly. That’s it, System Docker runs and manages a special container called Docker, which is another Docker daemon that manages containers for all users. Any container you launch as a user from the console will run in this Docker. This can be isolated from the System Docker container and ensure that ordinary user commands will not affect system services (Rancher).
4. Red Hat CoreOS (RHCOS)
Red Hat Enterprise Linux CoreOS was created by the same development team that created Red Hat Enterprise Linux Atomic Host and CoreOS Container Linux. Its main goal is to combine the best quality standards of Red Hat Enterprise Linux (RHEL) with the automated remote upgrade capabilities of Container Linux.
Main functions of RHCOS
I. The base operating system is mainly composed of RHEL components.
The short meaning is that you will get the same quality, security and control measures implemented on RHEL as RHCOS strictly supports.
ii. RHCOS uses the rpm-ostree system for transactional upgrades.
Updates are passed through the container image and are part of the OpenShift update process. After deployment, extract the container image, extract and write to disk, and modify the boot loader to boot to the new version.
iii. RHCOS uses the Podman CLI to perform tasks such as building, copying, and managing containers.
This will replace the Docker CLI tools with a compatible set of container tools found in the podman CLI.
iv. RHCOS incorporates the CRI-O container engine instead of the Docker container engine.
Compared to container engines that provide a larger feature set, CRI-O provides specific compatibility with different Kubernetes versions, and has a smaller footprint and smaller attack surface.
5. Fedora CoreOS
From reading Fedora documentationFedora CoreOS is an automatically updated, minimal, holistic, container-centric operating system that is not only suitable for clusters, but also runs independently, optimized for Kubernetes, but it would be great without it. It aims to combine the advantages of CoreOS Container Linux and Fedora Atomic Host, and integrate Ignition of Container Linux with technologies such as rpm-ostree and SELinux enhancement of Project Atomic. The goal is to provide the best container hosts to run containerized workloads securely and at scale.
To get started with Fedora CoreOS (FCOS), it is not configured during installation. Every FCOS system starts with a universal disk image. For each deployment mechanism (cloud VM, local VM, bare metal), configuration can be provided at first startup. FCOS uses Ignition to read and apply configuration files. For cloud deployments, Ignition collects configurations through the cloud’s user data mechanism. For bare metal, Ignition injects configuration during installation.
To get started, check:
How to run Fedora CoreOS on KVM / OpenStack
As microservices gain more and more attention over time, partnerships with these industry leaders have laid a good foundation to ensure that future applications and workloads enjoy a better experience than today. The advantages of bringing the container to the table cannot be overemphasized.
The lack of portability, capabilities, and ease of deployment under microservices is a loss of efficiency, and it is now. The smallest container operating system will be a key building block for very large-scale Kubernetes clusters, as their structure is tightly integrated with Kubernetes.
If you are interested in related materials for Kubernetes, don’t miss the following guides:
Installing a production Kubernetes cluster with Rancher RKE
Install Minikube Kubernetes on CentOS 8 / CentOS 7 using KVM
Kubernetes cluster deployment on CentOS 7 / CentOS 8 using Ansible and Calico CNI
Adding new Kubernetes Worker nodes to an existing cluster
How to deploy Metrics Server to a Kubernetes cluster
Install and use Helm 3 on a Kubernetes cluster
How to configure Kubernetes dynamic volume configuration with Heketi and GlusterFS
How to use K3 to deploy a lightweight Kubernetes cluster in 5 minutes