What is LinuxKit
● Toolkit for building secure, portable & lean operating system for containers.
● Built with containers, for running containers.
● All Operating system services are containers.
● Operating system services are pluggable.
● Operating system is built using Moby tool.
Purpose of LinuxKit
● Creates Immutable Operating Systems.
● Provides Declarative way for creating Operating Systems.
● Build the whole system in CI pipeline which guarantees reproducible builds &
● Suitable for Cloud, VMs and Bare-Metals.
LinuxKit YAML config file
● Kernel - Specifies Kernel Image version and parameters
● Init - Components which will be part of initrd
● Onboot - One-off containers executed during boot. They get terminated after
● Services - Long running process which will serve the incoming requests.
● Files - Copy local files to Operating System
● Trust - Components which are required to be cryptographically verified with
Docker Content Trust.
● Include only components which are required.
● Provides Ability to use latest Kernel.
● Containerized Operating System services, hence minimal privileges.
● Smaller attack surface.
● Immutable Infrastructure, only namespaced container data and stateful
partitions can be modified.
● Hyperkit, VMware(Pro), Qemu/KVM
● GCE, Packet.net
● AWS, Azure, Windows, BlueMix
● Rewrite in type safe languages such as Rust.
● Blueprints/Samples for different platforms.
● Improve APIs.
● Integration with Infrakit to run cluster of instances running Kubernetes/Swarm.
● Integration with other orchestration tools like VMware VCloud Director,