openSUSE MicroOS

Micro Service OS providing Transactional (Atomic) Updates upon a read-only btrfs root filesystem

Designed to host container workloads with automated administration & patching. Installing openSUSE MicroOS you get a quick, small environment for deploying Containers, or any other workload that benefits from Transactional Updates. As rolling release distribution the software is always up-to-date.

MicroOS offers an offline image. The main difference between the offline and self-install/raw images are that the offline image has an installer. Raw and self-install allows for customization via combustion or manually in the image after it is written to the disk. There is an option for a real-time kernel.

Try MicroOS in VMs running on either Xen or KVM. Using a Raspberry Pi or other System on Chip hardware may use the preconfigured image together with the Combustion functionality for the boot process. Both preconfigured and self-installed images are intended to be used with Combustion written to a USB, which is driven to allow configuration on any first boot, with the option for default password protected changes.

Download

Philosophy

Is predictable

  • Is not altered during runtime
  • Will run the same artifacts consistently on every boot

Is scalable

  • Eliminates efforts in configuring individual instances during runtime
  • Can be rolled out easily repeatedly with predictable outcome

Is reliable

  • Automated recovery from faulty updates

Atomic Updates

Transactional Updates

Unique

By using btrfs with snapshots MicroOS uses a very space efficient way to store the file system’s history. All the configuration files in /etc are part of the snapshot and the rollback.

Flexible

  • No new package format is needed, use standard openSUSE RPMs
  • No size limitation, neither for partitions nor the operating system
  • Easy to enhance

Rollback

MicroOS is an Immutable OS, rollback is simple

  • Immutable: No changes on disk
  • Rollback by rebooting to an old BTRFS snapshot

Secure Updates

  • Get your updates via HTTPS
  • Packages and repositories are signed by our build system
  • Packages are verified
  • No updates are done in case of dependency conflicts
  • No waste of space: Filesystem snapshots get deleted in case of unsuccessful updates

Workloads

Applications are installed in containers rather than the root filesystem:

  • Isolated from the core filesystem
  • Reduced ability for malicious applications to compromise the system
  • New installation without reboot
  • Update in atomic way possible (create new, kill old)
  • Easy rollback

Debugging

Debugging Toolbox Container

  • Launches privileged container
  • Root filesystem available below /media/root
  • zypper to install the necessary tools, available without reboot
  • Persistent between usages
Intel or AMD 64-bit desktops, laptops, and servers (x86_64)
ISO image (2.5 GiB)
Self Installing Container Host (1.4 GiB)
UEFI Arm 64-bit servers, desktops, laptops and boards (aarch64)
ISO image (2.6 GiB)
PowerPC servers, little-endian (ppc64le)
ISO image (2.7 GiB)
We also have Virtual Machine, Cloud, Hardware images. Check out Alternative Downloads!

Minimum

  • 2 GB 記億體: 1GB physical RAM + additional memory for your workload
  • Storage:
    • / (root) partition: 5GB available disk space
    • /var partition: 5GB available disk space

Recommended

  • 2 GB 記億體: 2GB physical RAM + additional memory for your workload
  • Storage:
    • / (root) partition: 20GB available disk space
    • /var partition: 40GB available disk space

使用前請驗證你的下載

有很多程式可以驗證下載文件的 checksum。驗證你的下載是很重要,因為可以確保你的下載沒有任何錯誤。你可以在下載的過程中驗證文件。例如當你選擇以上的 Metalink 及使用火狐瀏覽器 (Firefox) 的插件 DownThemAll!,checksum (SHA256) 會被自動使用。

對於每一個光碟映像,我們提供了一個 checksum 文件來進行 SHA256 對應。

你可以用 GPG 驗證 .sha256 文件來加強保安

它應該是 AD48 5664 E901 B867 051A B15F 35A2 F86E 29B7 00A4

如果需要協助驗證你的下載,請參閱 Checksum 幫助