openSUSE MicroOS
Micro Service OS providing Transactional (Atomic) Updates upon a read-only btrfs root filesystem
Designed to host container workloads with automated administration & patching. Installing openSUSE MicroOS you get a quick, small environment for deploying Containers, or any other workload that benefits from Transactional Updates. As rolling release distribution the software is always up-to-date.
MicroOS offers an offline image. The main difference between the offline and self-install/raw images are that the offline image has an installer. Raw and self-install allows for customization via combustion or manually in the image after it is written to the disk. There is an option for a real-time kernel.
Try MicroOS in VMs running on either Xen or KVM. Using a Raspberry Pi or other System on Chip hardware may use the preconfigured image together with the Combustion functionality for the boot process. Both preconfigured and self-installed images are intended to be used with Combustion written to a USB, which is driven to allow configuration on any first boot, with the option for default password protected changes.
DownloadPhilosophy
Is predictable
- Is not altered during runtime
- Will run the same artifacts consistently on every boot
Is scalable
- Eliminates efforts in configuring individual instances during runtime
- Can be rolled out easily repeatedly with predictable outcome
Is reliable
- Automated recovery from faulty updates
Atomic Updates
Transactional Updates
Unique
By using btrfs with snapshots MicroOS uses a very space
efficient way to store the file system’s history. All the configuration
files in /etc
are part of the snapshot and the rollback.
Flexible
- No new package format is needed, use standard openSUSE RPMs
- No size limitation, neither for partitions nor the operating system
- Easy to enhance
Rollback
MicroOS is an Immutable OS, rollback is simple
- Immutable: No changes on disk
- Rollback by rebooting to an old BTRFS snapshot
Secure Updates
- Get your updates via HTTPS
- Packages and repositories are signed by our build system
- Packages are verified
- No updates are done in case of dependency conflicts
- No waste of space: Filesystem snapshots get deleted in case of unsuccessful updates
Workloads
Applications are installed in containers rather than the root filesystem:
- Isolated from the core filesystem
- Reduced ability for malicious applications to compromise the system
- New installation without reboot
- Update in atomic way possible (create new, kill old)
- Easy rollback
Debugging
Debugging Toolbox Container
- Launches privileged container
- Root filesystem available below
/media/root
- zypper to install the necessary tools, available without reboot
- Persistent between usages
System Requirements
Minimum
- Memory: 1GB physical RAM + additional memory for your workload
- Storage:
- / (root) partition: 5GB available disk space
- /var partition: 5GB available disk space
Recommended
- Memory: 2GB physical RAM + additional memory for your workload
- Storage:
- / (root) partition: 20GB available disk space
- /var partition: 40GB available disk space
Verify Your Download Before Use
Many applications can verify the checksum of a download. To verify your download can be important as it verifies you really have got the ISO file you wanted to download and not some broken version.
For each ISO, we offer a checksum file with the corresponding SHA256 sum, and a signature file with a cryptographic signature.
To ensure integrity of the downloaded file you can use sha256sum to verify the checksum, and gpgv to verify the cryptographic signature.
It should be AD48 5664 E901 B867 051A B15F 35A2 F86E 29B7 00A4
For more help verifying your download please read Checksums Help