Immutable Infrastructure with Flatcar Container Linux
2022-02-05, 15:00–15:45, d.InfraMgt

Flatcar Container Linux is a minimal base OS to run containers.
As a friendly fork of CoreOS Container Linux it continues the project under a new name.
The main features are the A/B partitions for automatic updates and rollbacks, and the integration of Ignition for declarative configuration on first boot.
Declarative configuration is a key element for managing machines following the principle of Immutable Infrastructure, but causes friction if it means that the whole machine has to be reprovisioned for configuration changes.
With Ansible instead of Ignition for the configuration management we can find a compromise by giving up on avoiding configuration drift due to leftovers of old configurations and their side effects.
Out of this experience the idea was born to rerun Ignition on configuration changes.
While the big hammer method is to reformat the filesystem and losing application data, a more fine-grained solution could exist by clearing only parts of the filesystem.
This talk shows how to use Flatcar Container Linux with Terraform, Ignition, and Ansible, and ends with a proof-of-concept demo for Flatcar Container Linux to allow configuration changes through Ignition while avoiding configuration drift.


The talk presents what Flatcar Container Linux is and how provisioning is done with Terraform, Ignition, and Ansible.
The principle of Immutable Infrastructure is introduced and the pitfalls of it are explained when a machine can't be easily reprovisioned because the application data must be preserved.
To address this problem without resorting to Ansible and accepting configuration drift, the talk presents a proof-of-concept work on how Ignition could be rerun safely to achieve declarative configuration without full reprovisioning.

Kai works on Flatcar Container Linux, formerly as employee of Kinvolk, now Microsoft. While not an original CoreOS Container Linux user he now knows most parts of the stack quite well.