Flatcar Container Linux: The Ideal OS for Running Kubernetes at the Edge
I have been researching the optimized infrastructure stack to run Kubernetes at the edge. While K3s from Rancher comes across as the best Kubernetes distribution for the edge, the quest for an edge-optimized operating system (OS) continues.
During the holidays, I got a chance to explore Flatcar Container Linux, an OS that started as a fork from CoreOS Container Linux when Red Hat purchased CoreOS.
Since its introduction in 2014, I have been a fan of the projects from CoreOS, Inc. Container Linux, rkt, etcd, Fleet, and Flannel were some of the products from the CoreOS staple. While etcd became the foundation of Kubernetes and a part of CNCF, other projects ceased to exist after Red Hat acquired CoreOS.
Last year, Red Hat announced the company would no longer develop or support Container Linux. Though Fedora CoreOS is positioned as an alternative, it’s not a drop-in replacement to CoreOS Container Linux.
Flatcar Linux is now officially maintained by Berlin startup Kinvolk, as a container-native, lightweight OS that continues to deliver on original Container Linux’s promise. The folks at Kinvolk worked closely with the developers of Container Linux at CoreOS until the Red Hat acquisition.
CoreOS offered the Container Linux stack as an alternative to Docker Swarm, then also in its infancy. Container Linux, rkt, Fleet, and etcd from CoreOS were all created much before Kubernetes was launched. Container Linux was the foundation of the stack, and many thought rkt was a better alternative to Docker Daemon. etcd acted as the distributed in-memory database coordinating the communication between multiple nodes of the Container Linux cluster — it still serves in most Kubernetes deployments. Fleet was the orchestrator that could deploy, scale, and manage systemd unit files with embedded container images. Each unit files roughly translated to a Pod definition in Kubernetes.
Fast forward to 2021, and you see a lot of changes in the cloud native ecosystem. But, the original promise of an immutable, idempotent, lightweight, container-optimized OS is still attractive.
Flatcar Container Linux breathes new life into CoreOS Container Linux by delivering regular security updates and patches. It essentially makes the old OS relevant in the ever-changing, dynamic cloud native ecosystem.
For example, the upcoming version of Flatcar Container Linux will have native support for containerd as an alternative to Docker Engine. This makes it possible to let kubelet directly talk to the container runtime.
It’s easy to install Flatcar Container Linux at the edge running on bare metal servers. The smaller footprint, atomic updates, and remote management capabilities make it an ideal choice for the edge.
Flatcar Linux doesn’t have a package manager. The systemd unit files form the building block of the operating system. Every process, even if it is short-lived, is packaged and deployed as a unit. These unit files can be configured and deployed as a part of the installation process. Once deployed, they can be managed through the standard
What I like the best is the declarative nature of the OS. Based on Ignition — a tool that uses JSON-format definitions for the configuration and unit files — processes can be launched at the boot time. Even the SSH configuration, including the username and the keys, is a part of the Ignition file used during the installation.
With the help of an iPXE server and the FQDN/IP address of the nodes, you can remotely install Flatcar Container Linux. Upgrading to the new version is as simple as rebooting the nodes. With the help of Ignition, it’s possible to seamlessly upgrade the Kubernetes cluster with minimal disruption to workloads.
Since Fleet, the original orchestrator built by CoreOS, is deprecated, there is no hard and fast rule to deploy etcd on Flatcar Container Linux. You can let distributions such as K3s and Microk8s use in-built etcd to run a highly available cluster.
Flatcar Container Linux is officially available in IaaS environments, including AWS, Azure, Google Cloud, and Equinix Metal. You can launch a VM either in the cloud or on your local workstation through Vagrant.
Kinvolk offers commercial support and custom engineering services around Flatcar Container Linux. There is also an LTS channel where a release is maintained for an extended lifetime of 18 months.
I configured a PXE boot server that hosts the Flatcar kernel image and the
initramfs file in my lab environment. I could install Flatcar Container Linux on three nodes running on the Odyssey Mini PC powered by an Intel Celeron CPU, 8GB RAM, and 128GB SSD through Ignition.
During the first boot, I installed K3s in a multi-master configuration for high availability (HA). The best thing is that I could do all of this without ever SSHing into any node. This remote management capability of Flatcar Container Linux makes it one of the best OS for the edge.
In future installments of this series, you will learn how to configure a PXE boot server, use Ignition to install the OS on the disk, deploy a HA K3s cluster, and upgrading it. Stay tuned!
Janakiram MSV’s Webinar series, “Machine Intelligence and Modern Infrastructure (MI2)” offers informative and insightful sessions covering cutting-edge technologies. Sign up for the upcoming MI2 webinar at http://mi2.live.