You are viewing documentation for the Kairos release v3.2.4. For the latest release, click here.
Meta-Distribution
We like to define Kairos as a meta-Linux Distribution, as its goal is to convert other distros to an immutable layout with Kubernetes Native components.
Kairos
Kairos is a software stack is composed of the following:
- A core OS image release for each flavor in ISO, qcow2, and other similar formats (see the list of supported distributions) provided for user convenience
- A release with K3s embedded (optional).
- An agent installed into the nodes to manage the node lifecycle.
Every component is extensible and modular such as it can be customized and replaced in the stack and built off either locally or with Kubernetes.
Requirements
In order to convert a Linux Distribution to Kairos, the distribution must meet the following requirements:
- Trusted Boot Images- Use a recent enough version of systemd(256+) as init system
- Use systemd-bootas bootloader
 
- Use a recent enough version of 
- Secure Boot Only Images- Either use systemdoropenrcinit system
- Use grubas bootloader
 
- Either use 
- All- If the system is meant to be used with EFI, the kernel needs to have enabled the CONFIG_EFI_STUBoption ( see: https://docs.kernel.org/admin-guide/efi-stub.html)
 
- If the system is meant to be used with EFI, the kernel needs to have enabled the 
To build Kairos from scratch, see the documentation section.
Internal components
The Kairos artifacts are composed by a base OS (an upstream Linux distribution, like Ubuntu, Alpine, …) and a set of components that are installed on top of it. The components are:
Internal:
- kairos is the main repository, building the kairos-agentand containing the image definitions which runs on our CI pipelines.
- immucore is the immutability management interface.
- kairos-agent manages the installation, reset, and upgrade of the Kairos nodes.
- system packages contains additional packages, cross-distro, partly used in framework images
- kcrypt is the component responsible for encryption and decryption of data at rest
- kcrypt-challenger is the kairosplugin that works with the TPM chip to unlock LUKS partitions
Optional/External:
- K3s as a Kubernetes distribution
- edgevpn (optional) as fabric for the distributed network, node coordination and bootstrap. Provides also embedded DNS capabilities for the cluster. Internally uses libp2p for the P2P mesh capabilities.
- nohang A sophisticated low memory handler for Linux.
- entangle a CRD to interconnect Kubernetes clusters
- entangle-proxy a CRD to control interconnetted clusters
- osbuilder is used to build bootable artifacts from container images
- AuroraBoot is the Kairos Node bootstrapper