openSUSE MicroOS

Micro Service OS providing Transactional (Atomic) Updates upon a read-only btrfs root filesystem

Designed to host container workloads with automated administration & patching. Installing openSUSE MicroOS you get a quick, small environment for deploying Containers, or any other workload that benefits from Transactional Updates. As rolling release distribution the software is always up-to-date.

MicroOS offers an offline image. The main difference between the offline and self-install/raw images are that the offline image has an installer. Raw and self-install allows for customization via combustion or manually in the image after it is written to the disk. There is an option for a real-time kernel.

Try MicroOS in VMs running on either Xen or KVM. Using a Raspberry Pi or other System on Chip hardware may use the preconfigured image together with the Combustion functionality for the boot process. Both preconfigured and self-installed images are intended to be used with Combustion written to a USB, which is driven to allow configuration on any first boot, with the option for default password protected changes.

Download

Philosophy

Is predictable

  • Is not altered during runtime
  • Will run the same artifacts consistently on every boot

Is scalable

  • Eliminates efforts in configuring individual instances during runtime
  • Can be rolled out easily repeatedly with predictable outcome

Is reliable

  • Automated recovery from faulty updates

Atomic Updates

Transactional Updates

Unique

By using btrfs with snapshots MicroOS uses a very space efficient way to store the file system’s history. All the configuration files in /etc are part of the snapshot and the rollback.

Flexible

  • No new package format is needed, use standard openSUSE RPMs
  • No size limitation, neither for partitions nor the operating system
  • Easy to enhance

Rollback

MicroOS is an Immutable OS, rollback is simple

  • Immutable: No changes on disk
  • Rollback by rebooting to an old BTRFS snapshot

Secure Updates

  • Get your updates via HTTPS
  • Packages and repositories are signed by our build system
  • Packages are verified
  • No updates are done in case of dependency conflicts
  • No waste of space: Filesystem snapshots get deleted in case of unsuccessful updates

Workloads

Applications are installed in containers rather than the root filesystem:

  • Isolated from the core filesystem
  • Reduced ability for malicious applications to compromise the system
  • New installation without reboot
  • Update in atomic way possible (create new, kill old)
  • Easy rollback

Debugging

Debugging Toolbox Container

  • Launches privileged container
  • Root filesystem available below /media/root
  • zypper to install the necessary tools, available without reboot
  • Persistent between usages
Intel or AMD 64-bit desktops, laptops, and servers (x86_64)
Self Installing Container Host (1.3 GiB)
UEFI Arm 64-bit servers, desktops, laptops and boards (aarch64)
PowerPC servers, little-endian (ppc64le)
We also have Virtual Machine, Cloud, Hardware images. Check out Alternative Downloads!

Minimum

  • Memory: 1GB physical RAM + additional memory for your workload
  • Storage:
    • / (root) partition: 5GB available disk space
    • /var partition: 5GB available disk space

Recommended

  • Memory: 2GB physical RAM + additional memory for your workload
  • Storage:
    • / (root) partition: 20GB available disk space
    • /var partition: 40GB available disk space

Verify Your Download Before Use

Many applications can verify the checksum of a download. To verify your download can be important as it verifies you really have got the ISO file you wanted to download and not some broken version.

For each ISO, we offer a checksum file with the corresponding SHA256 sum.

For extra security, you can use sha256sum to verify who signed those .sha256 files.

It should be AD48 5664 E901 B867 051A B15F 35A2 F86E 29B7 00A4

For more help verifying your download please read Checksums Help