Core features of IncusOS

bybhawanraj
0
IncusOS is an immutable OS solely designed around safely and reliably running Incus. It uses modern security features like UEFI Secure Boot and TPM to provide a safe boot experience and seamless full disk encryption. 


Updates are applied atomically using an A/B scheme allowing for an easy revert in case of problems. The system itself is completely locked down with no local or remote shell, only an authenticated REST API to access Incus and manage the OS through it. IncusOS is ideal for anyone who’s focused on building and running infrastructure on top of Incus and wants the underlying infrastructure to be reliable and easy to update. All IncusOS servers are guaranteed to be running bit for bit the same software, eliminating any deployment variance and making it trivial to scale or re-deploy even large number of servers.

Core features

Main design features:

  • Boot safety (UEFI Secure Boot and TPM 2.0 measurements)
  • Full disk encryption (TPM backed LUKS and ZFS encryption)
  • Immutable (A/B partition scheme, all OS partitions read-only and signed)
  • Locked down (API only management)
  • Designed for modern Intel/AMD or ARM systems
Storage features:
  • Automatic local ZFS pool
  • Support for complex ZFS pool creation on additional disks
  • Fiber Channel & Multipath support
  • NVME-over-TCP support
  • iSCSI support
  • Clustered LVM support (on top of Fiber Channel, NVME-over-TCP or iSCSI)
  • Ceph and Linstor support for software defined storage
Network features:
  • Automatic VLAN-aware bridging making it easy to attach instances to any interface
  • Link aggregation support (both passive and negotiated)
  • LLDP support
  • Support for enterprise proxy servers (including Kerberos authentication)
  • Robust NTP support
  • Remote logging support through syslog (UDP, TCP, TLS)
  • OVS/OVN support for software defined networking
  • Native support for Tailscale (Netbird coming soon)
Management features:
  • Central management through Operations Center
  • Backup/Restore of both the main OS configuration and individual application data
  • Factory reset of either the whole OS or individual applications
  • Flexible update management
Tags:

Post a Comment

If you have any doubt, Questions and query please leave your comments

Previous Post Next Post