Container Linux by CoreOS, originally named CoreOS Linux, is an open source operating system (OS) that provides the functionality required to deploy and manage applications within containers. Based on the Linux kernel, Container Linux by CoreOS is designed for massive scale, with management features to ensure minimal operational overhead.
Container Linux by CoreOS relies on included technologies to create and deploy containers, as well as create or join a container cluster, orchestrated by a container orchestration manager. The OS enables containers to run atop a distributed system, which can benefit application performance and protect workload uptime during failover. CoreOS is also lightweight: The ISO images require 263.2 megabytes of space. This leaves more resources free for the workload to consume than with a heavier, general-purpose OS.
Important features for security and cluster management
Container Linux uses the etcd daemon, which is installed across all servers in the cluster to provide a common registry for cluster nodes to share configuration data. It reinforces server abstraction for consistent configuration across cluster hosts. The etcd daemon also provides service discovery capabilities, which offer visibility into applications. The OS supports Docker as the abstraction layer and includes the Docker container system. It also includes CoreOS Rkt, which is the company's container virtualization engine and a Docker competitor.
CoreOS uses systemd -- another central daemon in the OS package -- for initialization and process management. CoreOS recommends that the user rely on Rkt or on open source Kubernetes for cluster management.
CoreOS uses isolated user space instances for security. These instances are based on the Linux kernel's control groups -- called cgroups -- feature, rather than using hypervisors and creating virtual machines (VMs). This offers namespace isolation and manages resource usage, such as processor, memory and disk I/O, for every process. Although they share the underlying Linux kernel, each container acts as a separate Linux machine. Container Linux also offers an auto update capability, CoreUpdate, for secure operations. CoreUpdate pushes updates to the kernel and system-level components, rather than waiting for the administrator to request an update. It helps keep the OS patched and consistent with kernel changes.
The OS works with x86 and x64 processors. A software developer or administrator can use the OS on bare-metal systems or run the platform as a VM. It also runs on public cloud instances, such as those from Amazon Web Services Elastic Compute Cloud (AWS EC2), Microsoft Azure and Google Compute Engine (GCE), as well as on OpenStack and other cloud frameworks. CoreOS estimates that users create 1 million unique instances of the OS each month.