It’s been a while since I’ve written anything here. I’ve been busy with life and work and stuff. While I normally wait until my projects are finished before I post about them, I’ve decided to take a slightly different approach this time with the aim of inviting feedback and being slightly more social.
This change also encourages me to see my projects through to the end as it allows me to spread the load instead of trying to tackle everything on my own – a novel concept for me. I’m committed to posting updates at least once a month and aim to make the process interactive. (You’ll see why further down.)
After mulling it over for quite a while, I’ve decided to take the technical plunge into making my own Linux distro. It’s the most technically ambitious thing I’ve done in a while and it’s been 10 years since I last did any O.S. development (Mutiny). Why? I’ve been feeling a bit adrift of late and feel like this might just be the type of in-over my head type of challenge that is a fun and learning journey.
With that out of the way, there are also some practical considerations where it will make my current workflow a bit more efficient including resource utilization. So I began by laying out what I was looking for in an O.S., I use a mix of Debian, Windows (Tower of Power), MacOS (main dev laptop), Ubuntu, RHEL, Rocky Linux and PopOS (ultra-portable) throughout the week and will continue using them regardless of this project as my goal is quite granular.
Okay, so what’s the goal?
I design and build platforms for the most part, both for a job and a hobby and I wanted something that allowed me more flexibility to underpin them than a simple base image would allow, while taking a security-first approach which for me begins with using what you need and nothing more, KISS… Keep It Simple, Stupid. Essentially a Platform 4 Platforms in the same concept as IT for IT, something I will be needing for a different type of project if all goes well in a few months.
My requirements and guiding principles are laid out below and in the lead up to me beginning to build, you can feel free to make suggestions to refine my requirements or something I left out. Seeing as I began by saying it’s quite granular, I’m willing to consider anything that I believe will truly make this more valuable to me but you’re more than welcome to contribute as it’s a completely Open Source project.
What:
- A open source, lightweight, security-hardened operating system that is purpose built for Edge Applications and Cloud Services.
- Serve as a base os for my platforms and projects with primarily dockerized workloads.
- Using the latest Linux kernel.
- Reduce attack surface by having minimal dependencies, packages and services.
- Additional security specific repository.
- Tuned for remote/cloud storage transfers via rclone.
- Storage failure redundancy for MyEQ, edge compute use case.
- Automated CVE scanning for installed packages and nuisance alerts for critical remediations.
- Simplified network management with more robust dns.
- Auto-deployed/selectable XDR. (I use Defender so bit niche for an open source build)
- Include (optional) tools for system administration which can be used for diagnosing and dealing with faults or failures of an installed system and its components. Alerting agent built in.
- Integration with CloudTrail/Application Insights.
- Optional web based ui. (cockpit/like).
- Rolling release until an LTS based on a frozen build that just works.
- No Systemd! (goal is fine tuned control)
As you can see it’s not the longest list of requirements and while I am strongly leaning towards a from scratch build, I’ll be taking a few days to look at using a base OS such as PhotonOS which seems closest to my vision or good and trusty Debian.
If you’ve read this far, you may have noticed this is modelled a lot on the original Debian announcement from our dearly departed Ian Murdock and it’s with that spirit I approach this, ‘if you can’t find it, make it’. Including posting it to a newsgroup first :).
The name at this point is K-Linux/KNux (Kay-Linux) and it’s mainly because my minions and partner names begin with K or it could be some weird way to say Cloud. It may change but it feels right especially seeing as Trash Linux was on the table on account of my name.
I’ll provide more specifics as I receive feedback and go through some initial design and test. I’ll provide another update within a month and hopefully sooner. The Github repo, I’ll post as an update to this. Until then you can use the Google Groups until I move to something actually opensource and self-hosted.
Regards,
Gyarbij
This article is mirrored at: