https://www.flatcar.org/ Skip to content Join our Office Hours, every second Tuesday of each month at 15:30 GMT. Kinvolk * Blog * Releases * Docs * FAQ * Security Flatcar Container Linux A community Linux distribution designed for container workloads, with high security and low maintenance Made possible by project sponsors including Cisco Cloudhouse Equinix Metal Giant Swarm LogDNA New Relic Spinoco Wipro 1. 2. [cisco-logo] [cloudhouse] [equinix-me] [giantswarm] [logdna_hud] [new-relic_] [spinoco_hu] [wipro-logo] Supported wherever you run your containers Amazon Web Services Microsoft Azure CloudScale Digital Ocean Equinix Metal Google Cloud PLatform Hashicorp Vagrant VMware 1. 2. [aws-logo] [azure-logo] [cloudscale] [digitaloce] [equinix-me] [gcp-logo_h] [vagrant-lo] [vmware-log] What is a Container Linux? The introduction of container-based infrastructure was a paradigm shift. A Container-optimized Linux distribution is the best foundation for cloud native infrastructure. container A minimal OS image only includes the tools needed to run containers. No package manager, no configuration drift. filesystem Delivering the OS on an immutable filesystem eliminates a whole category of security vulnerabilities. update Automated atomic updates mean you get the latest security updates and open source technologies. [container-] The Container Infrastructure OS Flatcar Container Linux is designed from the ground up for running container workloads. It fully embraces the container paradigm, including only what is required to run containers. [icon-flatc] Immutable infrastructure Your immutable infrastructure deserves an immutable Linux OS. With Flatcar Container Linux, you manage your infrastructure, not your configuration. [icon-flatc] Designed to scale Flatcar Container Linux includes tools to manage large-scale, global infrastructure. You can manage update polices, versions and group instances with ease. [icon-flatc] Reduced complexity With containers, dependencies are packaged and delivered in container images. This makes package managers unnecessary and simplifies the OS. 1. 2. 3. [icon-flatc] Immutable infrastructure Your immutable infrastructure deserves an immutable Linux OS. With Flatcar Container Linux, you manage your infrastructure, not your configuration. [icon-flatc] Designed to scale Flatcar Container Linux includes tools to manage large-scale, global infrastructure. You can manage update polices, versions and group instances with ease. [icon-flatc] Reduced complexity With containers, dependencies are packaged and delivered in container images. This makes package managers unnecessary and simplifies the OS. [secure-fea] Secure by Design Flatcar Container Linux's built-in security features, minimal design and automated updates provide a strong foundation for your infrastructure's security strategy. [icon-flatc] Security patch automation Running the latest security patches is crucial to removing potential vulnerabilities. Flatcar Container Linux's automated updates does this for you. [icon-flatc] Immutable filesystem By making the system partition read-only, Flatcar Container Linux eliminates a whole class of high-impact security vulnerabilities. [icon-flatc] Minimal attack surface Flatcar Container Linux includes only what is required to run containers. By minimizing the size and complexity of the OS, the attack surface is also reduced. 1. 2. 3. [icon-flatc] Security patch automation Running the latest security patches is crucial to removing potential vulnerabilities. Flatcar Container Linux's automated updates does this for you. [icon-flatc] Immutable filesystem By making the system partition read-only, Flatcar Container Linux eliminates a whole class of high-impact security vulnerabilities. [icon-flatc] Minimal attack surface Flatcar Container Linux includes only what is required to run containers. By minimizing the size and complexity of the OS, the attack surface is also reduced. [update-fea] Automated Updates With Flatcar Container Linux, you'll always be running the most stable, secure and up-to-date Flatcar version by taking advantage of the automated, atomic update feature. [icon-flatc] Self-driving updates Flatcar Container Linux uses the same reliable update mechanism as Google's ChromeOS to provide safe, secure and automated system updates. [icon-flatc] Always up-to-date With Flatcar Container Linux's automated updates, you'll benefit from always running the most stable, secure and feature-rich version of the OS. [icon-flatc] Managed updates The Kinvolk Update Service allows for defining instance groups, assigning update channels and controlling the frequency, time of day and rate of updates. 1. 2. 3. [icon-flatc] Self-driving updates Flatcar Container Linux uses the same reliable update mechanism as Google's ChromeOS to provide safe, secure and automated system updates. [icon-flatc] Always up-to-date With Flatcar Container Linux's automated updates, you'll benefit from always running the most stable, secure and feature-rich version of the OS. [icon-flatc] Managed updates The Kinvolk Update Service allows for defining instance groups, assigning update channels and controlling the frequency, time of day and rate of updates. Migrating from CoreOS Container Linux Drop-in replacement for CoreOS Flatcar Container Linux is directly derived from CoreOS, enabling seamless in-place migration. Learn more >> Migrating from CoreOS Container Linux Upgrading to Flatcar Container Linux is the same as a CoreOS update. CoreOS to Flatcar migration demo Latest Posts post image Nov 7, 2022 About the handling of embargoed security issues post image Sep 13, 2022 FrOSCon 2022 - Summary of an Open-Source week-end with some Flatcar team members Kinvolk * * Copyright the Flatcar Project Contributors