logo

What is an Immutable Linux Distro?

An immutable distro ensures that the OS's core remains unchanged.

The root file system for an immutable distro remains read-only: once installed, the system files and directories cannot be modified. Changes made to the system are temporary and lost when the system is rebooted.

Immutable OS is not new, it is how both iOS and Android work. Users do not get admin accounts, or write access to the OS partition. It's effectively a sealed unit.

Benefits and use cases:

  • easier testing and container-based software development.
  • better security and reliable updates, which is important in cloud computing, embedded systems, kiosks, and container execution.
  • easier to scale.
  • easier maintenance: they do not require regular updates or patches at the atomic package level.

Upgrade:

  • mutable OS: use package managers (e.g. apt or yum) to upgrade software packages in place.
  • immutable OS: upgrades are typically handled by creating a new, updated image of the OS and replacing the existing image, in an atomic operation.

Examples:

  • carbonOS: Flatpak-first and container-first
  • Fedora Silverblue: same UI and experience as a normal Fedora.
  • Fedora Coreos: https://fedoraproject.org/coreos/
  • Flatcar Container Linux
  • Ubuntu Core: uses snap packages exclusively to create a confined and transaction-based system. Primarily for embedded devices. Much like a vanilla Ubuntu server environment managed remotely via SSH.
  • RancherOS: uses Docker for all system processes, and its file system is mounted read-only, making it immutable.
  • NixOS
  • openSUSE MicroOS
  • Photon OS: A Linux-based operating system developed by VMware, which is designed to run containerized workloads.
  • Vanilla OS
  • Bottlerocket is a Linux-based open-source OS built by Amazon Web Services to run containers on its platform. its usage is limited to AWS.
  • Talos Linux: The OS runs in memory from a SquashFS, which leaves the entire primary disk to Kubernetes. Designed for Kubernetes (secure, immutable, and minimal).
  • Endless OS is a Linux distribution based on Debian.

Squashfs is a compressed read-only filesystem for Linux.

logo
PRIVACY POLICYABOUT中文