Skip to content

Container OS

Install Flatcar-Part 2

This is in continuation of our first blog where we introduced Flatcar Linux. In part 2, we will show how you can install a Flatcar Container Linux instance locally on your laptop so that you can learn more about it. This guide will take you through the steps to install it, boot the instance, SSH into it. Finally, we will explore and validate some of Flatcar's critical features that we reviewed in the first blog.

Boot Flatcar Instance Locally

Follow the steps below to download, set up, and run a Flatcar instance locally. In our example, we are installing this on a M1 MacBook Pro.

Step 1: Install QEMU

First, install QEMU on your system. Follow the instructions provided here.

Step 2: Download the QEMU Script and Flatcar Image

Get the QEMU helper script and the latest stable Flatcar image 

wget https://stable.release.flatcar-linux.net/amd64-usr/current/flatcar_production_qemu.sh
wget https://stable.release.flatcar-linux.net/amd64-usr/current/flatcar_production_qemu_image.img.bz2

Step 3: Extract the Image

Decompress the downloaded image 

bzip2 --decompress --keep flatcar_production_qemu_image.img.bz2

Step 4: Make the Script Executable

Set execution permissions for the QEMU helper script:

chmod +x flatcar_production_qemu.sh

Step 5: Create/Start the Flatcar Instance

Use the following command to start the Flatcar instance with 4 CPUs and 4GB memory in console mode:

./flatcar_production_qemu.sh -M 4096 -- -smp 4 -display curses

Access Flatcar Instance via SSH

Once the Flatcar instance is running, set up your SSH configuration to connect to it. Update your SSH config file as follows:

# ~/.ssh/config
Host flatcar
        User core
        StrictHostKeyChecking no
        UserKnownHostsFile /dev/null
        HostName 127.0.0.1
        Port 2222

You can then SSH into the instance using the following command

ssh flatcar

After you successfully SSH into the instance, you can run the following command to verify the system's firmware and kernel details:

hostnamectl

You should see something like the image below.

hostnamectl

Flatcar Versioning

In the image above, notice that the Flatcar version is 4081.2.1. Here’s how the versioning system works for Flatcar Linux.

  • 4081: The number of days since the first CoreOS release. (Flatcar is a fork of CoreOS)

  • 2: Minor number representing the promotion level:

    • 0 = Alpha
    • 1 = Beta
    • 2 = Stable
    • 3 = LTS

  • 1: Patch level, indicating small updates like kernel or software fixes.

In our version (4081.2.1), 2 represents a stable release on its first patch.

Explore Flatcar's Key Features

Now that we have installed Flatcar Linux, let us test and validate some of the interesting features of Flatcar.

1. No Package Manager and Immutable File System

In Linux, the /usr directory is used to store user system resources. It contains the majority of the system’s software and programs i.e. binaries, libraries, documentation, and other files shared by all users of the system. Flatcar Linux makes the /usr directory read-only as part of its design philosophy to ensure system immutability and reliability. By focusing on immutability and containerization, Flatcar Linux achieves a stable, predictable, and secure platform, which is why /usr is deliberately set to read-only.

Let's test whether Flatcar Linux's /usr folder is immutable

  • SSH into your Flatcar instance
  • Run commands like apt, yum, or dnf

You will notice they are unavailable. Additionally, any attempt to write to the /usr/ directory to see that the file system is immutable. For example, let's try to create a new file in the /usr directory using the "touch" command. 

sudo touch /usr/test

Below is an example screenshot showing this behavior:

no pkg manager

2. Automatic Updates

Flatcar includes a auto update system by default. By default, the Flatcar instance will check for updates every hour, download them if available, and automatically reboot to apply updates to ensure that your instance is always current and up to date. Organizations can always self host their own update server ensuring that they can control how/when their Flatcar instances are kept current.

To view the update configuration, run the following command inside the Flatcar instance:

cat /usr/share/flatcar/update.conf

The output will look like this:

SERVER=https://public.update.flatcar-linux.net/v1/update/
GROUP=stable
  • SERVER: This is the update server Flatcar uses to check for new releases.
  • GROUP: Refers to the promotion level (e.g., stable).

update config

Info

Administrators can customize the default behavior by configuring the upgrade strategy. For example, a common configuration is for administrators to specify a "maintenance windows" for reboots.

Other Installation Methods

If you’re not using QEMU, you can install Flatcar Container Linux on other platforms like VirtualBox, Vagrant, and others. You can find detailed installation instructions for these platforms here. Flatcar also provides prebuilt images for cloud providers like AWS, Azure, Google Cloud, and others. These cloud platforms offer Flatcar-based AMIs or images to streamline deployment. Check out the cloud-specific installation steps here.

Conclusion

In this blog, we:

  • Walked through the steps to install and run a Flatcar Container Linux instance locally.
  • Validated some unique characteristics of Flatcar, such as its lack of a package manager and its auto-update system.
  • Explored Flatcar versioning.

In the upcoming Part 3 of the blog series on Flatcar Linux, we will cover how to install Rafay's Kubernetes Distribution (Rafay MKS) on Flatcar and manage it centrally using the Rafay Platform.

Flatcar Linux: A Great Fit for Kubernetes

In the fast-evolving landscape of containerized applications and cloud-native technologies, choosing the right operating system for your Kubernetes cluster can sometimes make a very big difference. Enter Flatcar Container Linux, an open-source, minimal, and immutable Linux distribution tailored specifically for running containers.

Flatcar is an excellent choice for Kubernetes and modern cloud-native environments. In Aug 2024, Flatcar Linux was accepted as a CNCF project.

This is a 3-part blog series. In this blog, we'll explore what Flatcar Linux is, why it’s uniquely suited for Kubernetes, and the benefits it brings relative to generic Linux.

Flatcar Logo

What Is Flatcar Linux?

Flatcar Linux is a lightweight and container-optimized Linux distribution designed to provide a secure, consistent, and low-maintenance platform for containerized applications. Originally forked from CoreOS after its deprecation, Flatcar has carried forward the same principles of immutability, simplicity, and reliability, making it a preferred choice for cloud-native deployments.

The most interesting capabilities of Flatcar are:

Immutable Infrastructure

The root file system is read-only and immutable, preventing accidental or malicious changes.

Atomic Updates

Updates are applied atomically, ensuring consistency and eliminating the risk of partial updates.

Container-Native Design

It is optimized for running containers specifically with Kubernetes in mind.

Reduced Attack Surface

The minimalist design reduces the attack surface, and security features like SELinux and secure defaults are enabled out of the box.

Why Flatcar Linux Is a Good Fit for Kubernetes

Kubernetes, as a container orchestration platform, relies on the underlying operating system to provide a stable, efficient, and secure foundation. Here are some reasons why Flatcar Linux is an excellent fit for Kubernetes clusters: s

1.Minimal and Lightweight

Flatcar Linux is stripped down to the essentials required for container workloads. This minimalism reduces complexity and resource consumption, ensuring Kubernetes nodes are efficient and responsive.

2.Immutable

In a Kubernetes cluster, consistency across nodes is crucial. Flatcar’s immutable infrastructure ensures that all nodes run the same configuration, eliminating configuration drift and making it easier to manage large-scale deployments.

3.Automatic and Atomic Updates

Flatcar’s update mechanism is built with atomicity in mind. Updates are applied as a single transaction and can be rolled back if necessary. This is invaluable in a Kubernetes environment where uptime and reliability are critical.

4.Security First

Flatcar provides a minimal attack surface, coupled with features like read-only file systems and SELinux. This ensures that Kubernetes nodes are resilient against vulnerabilities and exploits.

5. Container-Optimized Kernel

Flatcar comes with a kernel optimized for running containers. It integrates seamlessly with Docker, Kubernetes, and other container runtimes, ensuring smooth performance and compatibility.

Conclusion

Flatcar Linux is an excellent operating system for Kubernetes and modern containerized workloads. Its immutable design, security features, and minimal footprint align perfectly with the needs of cloud-native environments. By adopting Flatcar Linux, organizations can achieve greater operational efficiency, enhanced security, and improved reliability for their Kubernetes clusters.

If you’re looking for a secure, reliable, and easy-to-manage operating system for your Kubernetes environment, Flatcar Linux is well worth considering. Its purpose-built nature ensures that your infrastructure is optimized for the demands of modern, containerized workloads. Visit flatcar.org to learn more and get started!

In the 2nd blog, we will demonstrate how you can configure, install and operate Flatcar Linux. In the 3rd and final blog in the series, we will describe how you can provision and operate Rafay MKS Kubernetes Clusters on Flatcar Linux based nodes. Support for Flatcar Linux with Rafay MKS is coming in a few weeks.