Explore hands-on examples that show how to deploy Kairos clusters using K3s, bundles, VPNs, airgapped environments, and more.| kairos.io
Kairos is an open-source Linux-based operating system designed for securely running Kubernetes at the edge. It provides immutable, declarative infrastructure with features like P2P clustering, trusted boot, and A/B upgrades.| kairos.io
The Kairos operator is the recommended way to manage upgrades and operations on Kairos nodes in a Kubernetes cluster. It provides a more integrated and Kairos-specific approach compared to the system-upgrade-controller which was used in the past. Overview The Kairos operator provides two custom resources: NodeOp: For generic operations on Kubernetes nodes (Kairos or not). It allows mounting the host’s root filesystem to perform operations or run scripts. NodeOpUpgrade: A Kairos-specific cus...| Kairos
Info This tutorial is based on Opensuse Leap. Kdump configs vary over distributions and we are not able to test them all but they should be easily adaptable from this tutorial. Introduction kdump is a feature of the Linux kernel that creates crash dumps in the event of a kernel crash. When triggered, kdump exports a memory image (also known as vmcore) that can be analyzed for the purposes of debugging and determining the cause of a crash.| Examples on Kairos
If Kairos is installed on a device with an Intel AMT device, the device can be automatically registered with an MPS server. The registration will only run during installation. Devices with Kairos already installed will not be affected. Configuration To configure this bundle, it must be referenced in the install bundles section. Additional configuration can be included under the amt section. To see all configuration options see the openamt repository.| Examples on Kairos
Most of the steps are already covered in the Keylime documentation. Here we will cover the steps that are specific to Kairos. We provide the keylime agent as a luet package for ease of installation. For it to be installeed you need to create your own derivative of the Kairos image and add the keylime-agent package to it. FROM quay.io/kairos/ubuntu:24.04-core-amd64-generic-v3.2.1 AS base RUN luet install -y --relax utils/keylime-agent Updated Luet repository As the keylime-agent package is not...| Examples on Kairos
Warning This tutorial will download an AI model which is around 4Gib. Keep in mind that AI models are performance hungry. Performance on a VM can be poor depending on your host CPU. To get the best performance, use a bare-metal machine. Welcome to the guide on using LocalAI with Kairos and K3s on your nodes! But first, what is LocalAI? LocalAI is a self-hosted, community-driven simple local OpenAI-compatible API written in go.| Examples on Kairos
In the example below we will use a bare metal host to provision a Kairos cluster in the local network using one master node and one worker node. Installation For this example we will use a standard image which contains a Kubernetes distribution. You can choose between k0s and k3s as the distribution to use. Follow the Installation documentation with the configurations provided on this page. Make sure to choose the one that matches the image you are using.| Examples on Kairos
K3s Please refer to the k3s HA documentation. K0s Please refer to the k0s multi-node manual install documentation. Production Considerations This example is for learning purposes. In production environments, it’s recommended to use a load balancer in front of the highly available control plane nodes rather than exposing all control plane nodes directly. For a production-ready setup with a load balancer, see our Self-coordinating P2P Multi-Node Cluster with High Availability and KubeVIP exam...| Examples on Kairos
In the example below we will use a bare metal host to provision a Kairos node in the local network using a single machine. Installation For this example we will use a standard image which contains a Kubernetes distribution. You can choose between k0s and k3s as the distribution to use. Follow the Installation documentation with the configurations provided on this page. Make sure to choose the one that matches the image you are using.| Examples on Kairos
Welcome to the guide on using MetalLB with Kairos and K3s on a bare metal host! In this tutorial, we’ll walk through the steps of setting up a Kairos node on your local network using the 192.168.1.10-192.168.1.20 IP range, with MetalLB and K3s. But first, let’s talk a little bit about what MetalLB and K3s are. MetalLB is a load balancer implementation for bare metal Kubernetes clusters that uses standard routing protocols.| Examples on Kairos
Network This feature is experimental and has only been tested on local setups. Run in production servers at your own risk. Feedback and bug reports are welcome, as we are improving the p2p aspects of Kairos. Deploying Kubernetes at the Edge can be a complex and time-consuming process, especially when it comes to setting up and managing multiple clusters. To make this process easier, Kairos leverages peer-to-peer technology to automatically coordinate and create Kubernetes clusters without the...| Examples on Kairos
Info This tutorial is based on Debian Bookworm. Unit file configurations vary across distributions, and we are not able to test them all, but they should be easily adaptable from this tutorial. Introduction Some use cases require a stage to run after the K3s servers are up, such as applying manifests to the Kubernetes cluster, sending health checks, or any other use case. Using systemd units, we are able to run a stage once a service is started, which can be used for K3s and K3s-server to run...| Examples on Kairos
Network This feature is experimental and has only been tested on local setups. Run in production servers at your own risk. Feedback and bug reports are welcome, as we are improving the p2p aspects of Kairos. Join an EdgeVPN network Make sure that you join an existing EdgeVPN network with other machines (not necessarily Kubernetes nodes) otherwise the single-node cluster will never get an EdgeVPN IP and therefore won’t be configurable.| Examples on Kairos
Network This feature is experimental and has only been tested on local setups. Run in production servers at your own risk. Feedback and bug reports are welcome, as we are improving the p2p aspects of Kairos. A multi-node scenario with non-HA is the default peer-to-peer (P2P) configuration in Kairos. To set this up, you will need to configure the network_token under the p2p configuration in your cloud-config file. Once you have set this, Kairos will handle the configuration of each node.| Examples on Kairos
Network This feature is experimental and has only been tested on local setups. Run in production servers at your own risk. Feedback and bug reports are welcome, as we are improving the p2p aspects of Kairos. Production Considerations This example is for learning purposes. In production environments, it’s recommended to use a load balancer in front of the highly available control plane nodes rather than exposing all control plane nodes directly.| Examples on Kairos
Network This feature is experimental and has only been tested on local setups. Run in production servers at your own risk. Feedback and bug reports are welcome, as we are improving the p2p aspects of Kairos. K8s Distribution This feature is only working with the k3s distribution. K3s is a lightweight Kubernetes distribution that is easy to install and operate. It’s a great choice for small and edge deployments, but it can also be used to create a high-availability (HA) cluster with the help...| Examples on Kairos
To install Kairos in “Trusted Boot Mode” the machine needs to meet the following requirements: Must have a tpm v2.0 chip Must be able to boot in EFI mode (not “legacy BIOS”) Must have 1Gb of RAM or more Must have 40Gb of disk or more The following steps describe how to create a virtual machine suitable for Kairos trusted boot setup, using VirtualBox. As an example workload, LocalAI will be used.| Examples on Kairos
Kairos is a powerful, open-source meta-distribution that allows you to easily deploy and manage nodes on your Immutable infrastructure. One key feature of Kairos is the use of its core images, which are released as part of the kairos-io/kairos repository and can be found in the releases section. These core images serve as the foundation for creating downstream images or as an installer for deploying other images during the installation process.| Examples on Kairos
Here you can find development notes intended for maintainers and guidance for new contributors. Repository structure Kairos uses Docker as a build system instead of Makefiles. This ensures that despite the environment you should be able to build Kairos seamlessly. To track specific packages, like Immucore or the Kairos’ Agent which follow their own versioning and cadence, the Kairos Framework is used. Using luet, the Framework includes a snapshot of multiple versions built for Kairos.| Kairos
Kairos adopts an immutable layout and derivatives created with its toolkit, inherit the same immutability attributes. An immutable OS is a carefully engineered system which boots in a restricted, permissionless mode, where certain paths of the system are not writable. For instance, after installation it’s not possible to add additional packages to the system, and any configuration change is discarded after reboot. A running Linux-based OS system will have the following paths:| Kairos
Upgrades can be run manually from the terminal. Kairos images are released on quay.io. Note Looking to upgrade from a private registry OCI image? Check the Private registry auth page. Listing available versions Using the agent, you can list all the available versions to upgrade to. $ sudo kairos-agent upgrade list-releases v0.57.0 v0.57.0-rc2 v0.57.0-rc1 v0.57.0-alpha2 v0.57.0-alpha1 Upgrading the active system To specify an image, use the --source flag: sudo kairos-agent upgrade --source <ty...| Kairos
Kairos upgrades can be performed either manually or via Kubernetes if the cluster is composed of Kairos nodes. In order to trigger upgrades, it is required to apply a Plan spec to the target cluster for the upgrade. Prerequisites system-upgrade-controller needs to be deployed on the target cluster. Read the instructions here Upgrading from version X to version Y with Kubernetes To trigger an upgrade, create a plan for system-upgrade-controller which refers to the image version that we want to...| Kairos
Objective This guide will teach you the basics about immutability and configuration in Kairos. We will achieve this by configuring the hostname of your Kairos node. Prerequisites A single node Kairos cluster as the one deployed in the Getting Started guide. Do you prefer to watch a video? How is Kairos immutable? An immutable OS is an operating system that limits the amounts of changes you can do after it is deployed.| Kairos
Kairos is a cloud-native Linux meta-distribution for running Kubernetes. It brings the power of the public cloud to your on-premises environment. With Kairos, you can build your own cloud with complete control and no vendor lock-in. Note Kairos is a Cloud Native Computing Foundation (CNCF) sandbox project. Here are a few reasons why you should try Kairos: Build your own cloud on-premises with complete control and no vendor lock-in Provision nodes with your own image or use Kairos releases for...| Kairos
SecureBoot support implementation Currently Kairos supports SecureBoot based on the upstream artifacts. We piggyback on the upstream artifacts to be properly signed in order to support SecureBoot. Before this was supported, we shipped a single set of artifacts that were signed by one of the upstream distros. That meant that only that distro was supported under SecureBoot as we needed all artifacts in the chain to be signed with the same key.| Kairos
Kairos supports the standard cloud-init syntax and its own extended syntax to allow to configure a system declaratively with a cloud-config centric approach. If you are not familiar with the concepts of cloud-init, official cloud-init is a recommended read. Configuration persistency Kairos is an Immutable OS and the only configuration that is persistent across reboots is the cloud-init configuration. Multiple cloud-init files can be present in the system and Kairos will read them and process ...| Kairos
Objective This guide will walk you through the steps to build a new Kairos container image and add additional packages. You will then use the newly built image to upgrade a Kairos node manually. Prerequisites A single node Kairos cluster as the one deployed in the Getting Started guide. Access to Docker or a different container engine on your machine Do you prefer to watch a video? Containers As we saw in the previous section on how to configure Kairos, it is not possible to add packages on a...| Kairos
To upgrade Kairos with Kubernetes, it is necessary to have system-upgrade-controller deployed on the target cluster. The upstream documentation on how to install the system-upgrade-controller, is this command: kubectl apply -k github.com/rancher/system-upgrade-controller This command requires the git command to be available in order to clone the remote repository. Kairos images, generally, don’t include git. You will need to run this command from a machine which has git available and access...| Kairos
When developing or troubleshooting Kairos, it can be useful to share a local cluster with another peer. This section illustrates how to use Entangle to achieve that. We call this setup debugging-station. Configuration Note This section describes the configuration step by step. If you are in a hurry, you can skip this section and directly go to Deploy with AuroraBoot. When deploying a new cluster, we can use Bundles to install the entangle and cert-manager chart automatically.| Kairos
We like to define Kairos as a meta-Linux Distribution, as its goal is to convert other distros to an immutable layout with Kubernetes Native components. Kairos Kairos is a software stack is composed of the following: A core OS image release for each flavor in ISO, qcow2, and other similar formats (see the list of supported distributions) provided for user convenience A release with K3s embedded (optional). An agent installed into the nodes to manage the node lifecycle.| Kairos
Boot Assessment in Kairos: Introduction and Extensions Kairos provides a robust mechanism for assessing the success or failure of boot entries through integration with systemd-boot. This document is divided into two parts: Kairos Default Boot Assessment Strategy: Explains how boot assessment is managed in a standard Kairos installation. Extending the Default Boot Assessment: Shows how to customize and extend Kairos boot assessment by integrating additional systemd services and adding automati...| Kairos
Introduction As more organizations seek to take advantage of the benefits of Kubernetes for their edge applications, the difficulties of managing large-scale clusters become apparent. Managing, configuring, and coordinating multiple clusters can be a complex and time-consuming process. We need solutions that offer zero-touch configuration and self-coordination. To address these challenges, Kairos provides an easy and robust solution for deploying Kubernetes workloads at the edge. By utilizing...| Kairos
Warning Despite the Flavor you may have selected to look into the docs. The Nvidia AGX Orin only works with Ubuntu 20.04 Note Please note that the following page contains only development reference. At the time of writing, we have tried porting Kairos to Jetson Nano eMMC without success. This is due to the old kernel supported (4.9), not properly working with EFISTUB and U-boot (you can see the issue here).| Kairos
Warning This section is still a work in progress and only available in Kairos v3.x releases and alphas. This section covers how to upgrade a Kairos node with Trusted Boot enabled. See the Trusted Boot Installation and Trusted Boot Architecture pages for more references. Upgrades In order to upgrade a node to a new version of the OS, you need to generate again the installable medium with the same keys used in the steps before.| Kairos
Kairos upgrades are atomic in the sense that the new version of the OS fully replaces the old one or it doesn’t replace it at all. This allows users to test the upgrade in the lab, before they upgrade any of their nodes and be sure that the upgrade will work the same way in production. While this is very useful strategy, failed upgrades cannot be completely avoided. Some difference in hardware, a network hick-up or even a human error, can result in a failed upgrade.| Kairos
If you want to create an airgap K3s installation, Kairos provides a convenient way to do so using AuroraBoot. In this guide, we will go through the process of creating a custom ISO of Kairos that contains a configuration file and a bundle that executes preparatory steps after installation. The bundle will overlay new files in the system and prepare the node for having an airgapped K3s installation. Note If you already have a Kubernetes cluster, you can use the osbuilder controller to generate...| Kairos
This section describe examples on how to use a Kairos bundle to deploy MetalLB on top of K3s| kairos.io
Trusted boot is a combination of technologies that allows us to enhance the security posture of a running system. It is composed by FDE, Secure Boot and Measured Boot. Trusted boot is an architectural requirement of SENA (Secure Edge Native Architecture) and is a key component of Kairos. You can read more about Trusted Boot in https://0pointer.de/blog/brave-new-trusted-boot-world.html and about SENA here: https://kairos.io/blog/2023/04/18/kairos-is-now-part-of-the-secure-edge-native-architect...| kairos.io
Discover how Kairos delivers its entire OS as a container image, enabling predictable upgrades and simple version control.| kairos.io
Kairos configuration mechanism is based on the cloud-config file given during installation, however, it’s possible to extend the configuration by providing additional cloud-configs in either /oem or /usr/local/cloud-config. By default, kairos reads in lexicographic order YAML cloud-config files in the directories above, indeed, after installation you should be able to see the configuration generated by the interactive-installer as /oem/99_custom.yaml in the system. This mechanism can be use...| Advanced on Kairos
Kairos configuration mechanism for partitions is based on the cloud-config file given during installation to override the default values set by the installer. We allow certain flexibility in the sizes and filesystems used for the default install and allow to create extra partitions as well. For example, the following cloud-config will make the oem partition have a size of 512Mb and an ext4 filesystem, recovery with a size of 10000Mb and a ext4 filesystem, while leaving the rest of the partiti...| Advanced on Kairos
As the source for install or upgrade can be an OCI image and sometimes those are behind a private container registry, Kairos implements the default basic authentication used by docker for private registries. To install/upgrade with a container image behind a registry with authentication, Kairos reads the following files in order to find about registry auth: ${XDG_CONFIG_HOME}/.docker/config.json If set, DOCKER_CONFIG environment variable which points to a directory as per the docs.| Advanced on Kairos
Note This guide focuses on customizing Kairos images. For a complete guide on creating custom cloud images from scratch, including when and how to apply these customizations, see Creating Custom Cloud Images. Kairos is an open source, container-based operating system. To modify Kairos and add a package, you’ll need to build a container image from the Kairos images. Here’s an example with Docker which adds figlet: FROM quay.io/kairos/@flavor:@flavorRelease-standard-amd64-generic-master-k3s...| Advanced on Kairos
By default, Kairos ISOs are configured to automatically get an IP from the network interface. However, depending on the base system you have chosen, there are different way to configure networking. This section collects information on setting network configuration depending on the base that is being chosen (openSUSE, Alpine, Ubuntu). There are different network managers depending on the distro: connman is available on Alpine-based distribution. By default is enabled on Kairos Alpine flavored ...| Advanced on Kairos
Whether you need to add custom logic, install extra packages, or make other modifications to your system, bundles simplify the process. They can be applied after installation or before bootstrapping a node. Bundles are container images containing only files (and not full OS) that can be used to install new software or extend the cloud-init syntax. You can find community-supported bundles in the community-bundles repository. Consuming Bundles To use a bundle in your Kairos configuration, you w...| Advanced on Kairos
Kairos offers the ability to encrypt user data partitions with LUKS. User-data partitions are dedicated to persist data for a running system, stored separately from the OS images. This encryption mechanism can also be used to encrypt additional partitions created during the installation process. Kairos supports the following encryption scenarios: Offline mode - Encryption key for partitions is stored on the machine inside the TPM chip. Online mode (Automated) - Keypair used to encrypt the par...| Advanced on Kairos
Warning This page describes features that are still experimental in Kairos. There are a lot of things that can be improved and might be more streamlined in the future. Confidential computing is a type of secure computing that allows users to encrypt and decrypt data on a secure, isolated computing environment. It works by encrypting the data before it is sent to the cloud or other computing resources. This allows users to keep their data private and secure, even if it is accessed by unauthori...| Advanced on Kairos
This guide provides a complete walkthrough for creating custom cloud images with Kairos. It covers the entire process from start to finish, using the latest tools like kairos-init and AuroraBoot. Overview Kairos provides several tools to create custom cloud images: kairos-init: A tool for creating base container images AuroraBoot: A tool for generating bootable images (ISOs, cloud images, etc.) Customization tools: Various methods to customize the images Prerequisites Before starting, ensure ...| Kairos
This page describes how to install Kairos on Microsoft Azure after you have created a disk image. Since release v3.3.5, Kairos pipeline is pushing a public OS image to Azure which you can use. If you want to build a custom image, you can follow the instructions in the Build Kairos appliances page. Prerequisites An Azure account with permissions to create VMs. An Azure compatible image of Kairos. You can use the public image provided by Kairos (see below) or build your own image (for Azure, th...| Kairos
This page describes how to install Kairos on Google Cloud after you have created a disk image. Since release v3.3.1, Kairos pipeline is pushing a public OS image to Google Cloud which you can use. If you want to build a custom image, you can follow the instructions in the Build Kairos appliances page. Prerequisites A Google Cloud account with permissions to create VMs. A Google Cloud compatible image of Kairos.| Kairos
This article shows how to bring your own image with Kairos, and build a Kairos derivative from scratch using base container images from popular distributions such as Ubuntu, Fedora, openSUSE, etc.| kairos.io
For each stage in the cloud-init file, various modules are available that implement different functionality each. This page describes what each one does and how to use it. The order in this document is also the order in which they are executed. dns A way to configure the /etc/resolv.conf file. #cloud-config stages: boot: - name: "Setup dns" dns: nameservers: - 8.8.8.8 - 1.1.1.1 search: - foo.bar options: - .. path: "/etc/resolv.| Kairos
Check the Signatures Optional Step This is an optional but strongly encouraged step for security reasons. Our ISO releases have sha256 files to checksum the validity of the artifacts. At the same time, our sha256 files are signed automatically in the CI during the release workflow to verify that they haven’t been tampered with, adding an extra step to the supply chain. It is recommended that before starting any installation the whole security chain is validated by verifying our sha256 signa...| Kairos
Installation media Download the Kairos ISO of your choice. See the Getting Started guide for more information. When deploying on a bare metal server, directly flash the image into a USB stick. There are multiple ways to do this: From the CLI dd if=/path/to/iso of=/path/to/dev bs=4MB From the GUI For example using an application like balenaEtcher but can be any other application which allows you to write bootable USBs. Warning If you’re booting in UEFI mode, make sure that your storage devic...| Kairos
There are many different artifacts that Kairos produces. In this page we try to summarize them all and have a clear naming convention for them. Info Architecture names are based on the Go architecture names, so amd64 is used instead of x86_64, 386 instead of i386 and arm64 instead of aarch64. Images OS images are stored in GitHub Releases, so the name of the artifact includes all the information about the image.| Kairos - The immutable Linux meta-distribution for edge Kubernetes
This section contains refrences to how Kairos works internally. Setup process kairos node at first boot will start the kairos-agent service, you can always check what’s happening by running journalctl -fu kairos-agent. This service will setup k3s and edgevpn dynamically on first-boot, once it configures the machine it does not run on boot anymore, unless /usr/local/.kairos/deployed is removed.. Those are the steps executed in sequence by the kairos-agent service: Will create a edgevpn@kairo...| Kairos - The immutable Linux meta-distribution for edge Kubernetes
To install manually, follow the quickstart. When the QR code is prompted at the screen, you will be able to log in via SSH to the box with the password kairos as kairos user. Note Note: After the installation, the password login is disabled, users, and SSH keys to log in must be configured via cloud-init. Installation To start the installation, run the following command from the console: sudo kairos-agent manual-install --device "auto" $CONFIG Where the configuration can be a cloud-init file ...| Kairos - The immutable Linux meta-distribution for edge Kubernetes
Warning You will need a Standard Kairos OS image in order to use QR Code feature. By default Kairos will display a QR code after booting the ISO to install the machine: The QR Code is a base64 encoded string which is an edgevpn token. For example, you can scan the following QR Code from the video Introduction to Kairos - timestamp 4:16. The base64 encoded string from the QR Code looks like this:| Kairos - The immutable Linux meta-distribution for edge Kubernetes
Note This feature will be available in Kairos version 1.5.0 and in all future releases. By default when running the LiveCD, or during installation, Kairos will start a WebUI in the background, listening by default on the 8080 port: The WebUI has an input form that accepts the YAML config file, features a syntax highlighter and a YAML syntax checker. You can find a full example in our documentation or navigate to our examples section.| Kairos - The immutable Linux meta-distribution for edge Kubernetes
Welcome to the Kairos configuration reference page. This page provides details on the fields available in the YAML file used for installing Kairos, a Linux distribution focused on running Kubernetes. This file, written in cloud-config format, allows you to enable Kairos features, configure k3s, and set various other options. The structure of the configuration file is as follows: #cloud-config # Additional system users users: - name: "kairos" passwd: "kairos" lock_passwd: true groups: "admin" ...| Kairos - The immutable Linux meta-distribution for edge Kubernetes
The interactive installation can be accessed from the LiveCD ISO and guides the user into the installation process. It generates a configuration file, which is later accessible after installation in the /oem/90_custom.yaml file. From the boot menu When loading any Kairos ISOs, a GRUB menu, like the following will be displayed. To access the interactive installation, select the third entry (kairos (interactive install)). Manually The interactive installer can be also started manually with kair...| Kairos - The immutable Linux meta-distribution for edge Kubernetes
To automate Kairos installation, you can configure a specific portion of the installation configuration file. The configuration file can then be supplied in a few different ways, such as creating an additional ISO to mount, specifying a URL, or even creating an ISO from a container image with an embedded configuration file. Here’s an example of how you might customize the install block: install: # Device for automated installs device: "/dev/sda" # Reboot after installation reboot: true # Po...| Kairos - The immutable Linux meta-distribution for edge Kubernetes
The kairosctl binary is provided as part of releases associated to each Kairos version. It can be used from an external machine to generate network tokens and pair nodes on first-boot. curl -L https://github.com/kairos-io/provider-kairos/releases/download/v2.7.1/kairosctl-.v2.7.1-.linux-.amd64.tar.gz -o - | tar -xvzf - -C . # optionally, install the CLI locally mv kairosctl /usr/local/bin/kairosctl chmod +x /usr/local/bin/kairosctl ./kairosctl --help NAME: kairosctl - A new cli application US...| Kairos - The immutable Linux meta-distribution for edge Kubernetes
Warning This feature is in preview state and only available in Kairos v3.4.x releases and alphas. Please check the section “Known issues” at the bottom for more information. Signing keys for system extensions under Trusted Boot Sysexts need to be signed with the same key/cert as the ones used to sign the EFI files. As those are part of the system and available in the EFI firmware, we can extract the public part and verify the sysexts locally.| kairos.io
This page describes how to install Kairos on Nvidia AGX Orin in the eMMC. Prerequisites Nvidia AGX Orin An USB type-C cable A Linux host used to flash the Nvidia AGX Orin board Jetson linux SDK download You can find debugging information here: https://developer.ridgerun.com/wiki/index.php/NVIDIA_Jetson_Orin/In_Board/Getting_in_Board/Serial_Console Flashing We are going to write the partitions in the eMMC. In order to do this we will use the Nvidia SDK configured with a custom partitioning lay...| Kairos - The immutable Linux meta-distribution for edge Kubernetes
Kairos supports Raspberry Pi model 3 and 4 with 64bit architecture. If you are not familiar with the process, it is suggested to follow the quickstart first to see how Kairos works. Prerequisites An SD card which size is at least 16 GB Etcher or dd A Linux host where to flash the device Download Extract the img file from a container image as described in this page Flash the image Plug the SD card to your system.| Kairos - The immutable Linux meta-distribution for edge Kubernetes
Kairos has a recovery mechanism built-in which can be leveraged to restore the system to a known point. At installation time, the recovery partition is created from the installation medium and can be used to restore the system from scratch, leaving configuration intact and cleaning any persistent data accumulated by usage in the host (e.g. Kubernetes images, persistent volumes, etc. ). The reset action will regenerate the bootloader configuration and the images in the state partition (labeled...| Kairos - The immutable Linux meta-distribution for edge Kubernetes
Ongoing Project The Kairos factory is an ongoing project. Things might change, and we are working on improving the documentation and the process. If you encounter any issues, please feel free to open up issues and help us improve the Documentation! For further info check out #1914 Kairos is not just an OS, it’s also a way to turn an existing OS into a Kairos-ready image. This process is called “Kairosification” and it’s done by the Kairos Factory.| Kairos - The immutable Linux meta-distribution for edge Kubernetes
Kairos offers several pre-built images for user convenience based on popular Linux distributions such as openSUSE, Alpine Linux, and Ubuntu. The Kairos core team does its best to test these images, but those that are based on systemd (e.g. openSUSE, Ubuntu) are more thoroughly tested due to their homogenous settings. Support for other non-systemd based flavors (e.g. Alpine) may be limited due to team bandwidth. However, as Kairos is an open source community-driven project, we welcome any cont...| Kairos - The immutable Linux meta-distribution for edge Kubernetes
Note By default, Core and Standard Kairos images are pre-configured, optimized and maintained by the Kairos team, meeting most use cases. However, if you’re an advanced user interested in creating your own derivative or building new flavors for Kairos core images, this section is reserved just for you. While the process of building these images is still a work in progress, it’s already usable for general consumption. You can follow our development efforts in the factory epic.| Kairos - The immutable Linux meta-distribution for edge Kubernetes
Most hardware these days, supports booting an operating system from the network. The technology behind this is called Preboot Execution Environment. Kairos releases include artifacts to allow booting from the network. In general, the following files are needed: The initrd image: It’s the system that loads first. It’s responsible to load the kernel. The kernel: This is the kernel of the operating system that will boot. The squashfs: The filesystem of the operating system that will boot.| Kairos - The immutable Linux meta-distribution for edge Kubernetes
Note This feature is crazy and experimental! Do not run in production servers. Feedback and bug reports are welcome, as we are improving the p2p aspects of Kairos. Deploying Kubernetes at the Edge can be a complex and time-consuming process, especially when it comes to setting up and managing multiple clusters. To make this process easier, Kairos leverages peer-to-peer technology to automatically coordinate and create Kubernetes clusters without the need of a control management interface.| Kairos - The immutable Linux meta-distribution for edge Kubernetes
Things can go wrong. This section tries to give guidelines in helping out identify potential issues. It is important first to check out if your issue was already submitted in the issue tracker. Kairos Kairos UKI Gathering logs To gather useful logs and help developers spot right away issues, it’s suggested to boot with console=tty0 rd.debug enabled for example: To edit the boot commands, type ’e’ in the boot menu. To boot with the changes press ‘CTRL+X’.| Kairos - The immutable Linux meta-distribution for edge Kubernetes
Warning This section is still a work in progress and only available in Kairos v3.x releases and alphas. “Trusted Boot” is a combination of technologies that allows us to guarantee that a system was not tampered with, and the user-data is protected by cold attacks, it is composed by FDE, Secure Boot and Measured Boot. If you want to learn more on what Trusted Boot is and how it works, see the Trusted Boot Architecture page.| Kairos - The immutable Linux meta-distribution for edge Kubernetes
The Kairos recovery mode can be used to recover a damaged system or to regain access remotely (with assistance) to a machine which has been lost access to. The recovery mode is accessible only from the GRUB menu, from both the LiveCD, and an installed system. Note On installed system, there are two recovery modes available during boot. Below describes only how the Kairos remote recovery works. It can be used to reset the A/B partitions (with the user/pass used during setup) and perform any ot...| Kairos - The immutable Linux meta-distribution for edge Kubernetes
Kairos supports takeover installations. Here are a few summarized steps: From the dedicated control panel (OVH, Hetzner, etc.), boot in rescue mode Install docker and run for example: export DEVICE=/dev/sda export IMAGE=quay.io/kairos/opensuse:leap-15.6-core-amd64-generic-v3.1.0 cat <<'EOF' > config.yaml #cloud-config users: - name: "kairos" passwd: "kairos" ssh_authorized_keys: - github:mudler EOF export CONFIG_FILE=config.yaml docker run --privileged -v $PWD:/data -v /dev:/dev -ti $IMAGE ka...| Kairos - The immutable Linux meta-distribution for edge Kubernetes
AuroraBoot is a tool designed to make the process of bootstrapping Kairos machines quick, simple and efficient. It is specifically designed for the Kairos operating system and provides a comprehensive solution for downloading required artifacts and provisioning a machine, both from network or manually via flashing to USB stick. With AuroraBoot, you can prepare the environment for network-based bootstrapping, download the necessary release assets, and also customize the installation media for ...| Kairos - The immutable Linux meta-distribution for edge Kubernetes
Note This feature is crazy and experimental! Do not run in production servers. Feedback and bug reports are welcome, as we are improving the p2p aspects of Kairos. Kairos has two Kubernetes Native extensions ( entangle and entangle-proxy ) that allows to interconnect services between different clusters via P2P with a shared secret. The clusters won’t need to do any specific setting in order to establish a connection, as it uses libp2p to establish a connection between the nodes.| Kairos - The immutable Linux meta-distribution for edge Kubernetes
What is the difference between Kairos compared to Talos/Sidero Metal and Flatcar? Kairos is distro-agnostic by design. Currently, you can pick among a list from the supported matrix, but we are working on CRDs to let assemble OSes from other bases in a Kubernetes native way. The key difference, is that the OS is distributed as a standard container, similar to how apps are distributed with container registries. You can also use docker run locally and inspect the OS, and similarly, push customi...| Kairos - The immutable Linux meta-distribution for edge Kubernetes
We’ve added a new media section so it’s easy to find the different videos and articles about Kairos. To access it, go to the Documentation and at the bottom of the left menu, you will find a link called Media. You can also click here to go check it out.| Kairos - The immutable Linux meta-distribution for edge Kubernetes