Incus-OS: Immutable Linux OS to run Incus as a hypervisor
18 days ago
- #Incus
- #Secure Boot
- #Immutable OS
- IncusOS is an immutable OS designed for safely running Incus with modern security features like UEFI Secure Boot and TPM.
- Updates are applied atomically using an A/B scheme for easy reverts, and the system is locked down with only an authenticated REST API for management.
- Core features include boot safety, full disk encryption, immutable design, and being locked down for API-only management.
- Storage features include automatic local ZFS pool, support for complex ZFS pool creation, Fiber Channel & Multipath, NVME-over-TCP, iSCSI, and Ceph support.
- Network features include automatic VLAN-aware bridging, link aggregation, LLDP, enterprise proxy support, robust NTP, remote logging, and OVS/OVN support.
- Management features include central management through Operations Center, backup/restore, factory reset, and flexible update management.
- IncusOS is built on Debian 13 with custom Incus and kernel builds, supporting Operations Center and Migration Manager for VMware migrations.
- Two update channels are maintained: stable (weekly updates) and testing (daily builds), with default automatic updates every 6 hours.
- Development is done on GitHub, using mkosi for image building and Go for the OS management daemon, all under Apache 2.0 license.