Community Contributions
Edition 2026
What Image-Based Systems Taught Us About Linux Distributions: Lessons From Kairos and Why We Built Hadron
Over the last several years, the Kairos project has built image-based, immutable systems on top of multiple Linux distributions like Ubuntu, Debian, Alpine and others. This experience has revealed a recurring set of engineering constraints shared across traditional distros: assumptions about package managers, filesystem layout, dependency chains, downstream patches, boot tooling, or init system behavior that work well for classic installations, but create friction in image-based, cloud-native and edge-focused environments. This talk presents the design principles that emerged from this work: minimal bases, upstream-first components, predictable boot paths, trusted boot chains, reproducibility, and clear separation between the immutable system image and extensible runtime layers. We will discuss both the technical challenges and the architectural conclusions that followed. These lessons ultimately led us to build Hadron, a new minimal Linux distribution developed by the Kairos team: musl-based, systemd-powered, upstream-aligned, and designed specifically for image-based systems. Hadron is not intended to replace any existing distribution; rather, it is a small, focused reference implementation of what an OS optimized for this model can look like. The goal of this talk is to share practical insights with the wider distribution community and contribute to the ongoing evolution of image-based Linux. Links: - https://github.com/kairos-io/hadron - https://github.com/kairos-io/kairos - https://kairos.io/
What Should a Cloud-Native OS Look Like? Rethinking the Foundation of Modern Platforms
Cloud-Native platforms are built around declarative APIs, reconciliation, and rapid change, yet the operating systems underneath them are often still upgraded in place, mutated over time, and treated as infrastructure details rather than part of the platform contract. In this talk, we'll look at the operating system through a cloud-native platform lens: not as a Linux distribution to manage, but as a foundational component that directly impacts platform velocity, safety, and ownership boundaries. We'll explore what changes when cloud-native principles are applied all the way down to the OS. Rather than diving into OS internals, the talk focuses on the contracts and guarantees the OS provides and how they translate into platform outcomes: safer upgrades with smaller blast radius, clearer separation of responsibilities between infra and platform teams, faster adoption of upstream features, and fewer surprises for teams building and evolving platforms on top. We'll share lessons learned from building Hadron, a Cloud-Native OS designed around these ideas, and discuss where this model helps, and where it challenges existing assumptions.
Edition 2025
Pok8s: The Art of Curated Kubernetes OS Images
In the age of containers and abstraction, we’re told the operating system no longer matters. That you can run anything on anything. But the reality is more nuanced — your organization might have deep expertise in a specific distro, licensing constraints, or compliance requirements that shape your stack from the kernel up. And the same applies to your Kubernetes flavor of choice. But setting up your Kubernetes infrastructure shouldn’t feel like you’re out at sea — catching the fish, cleaning it, and prepping every ingredient from scratch. Instead, it should feel like walking into your favorite poke spot: the freshest options already hand-picked for you, curated with care, and ready for you to assemble exactly the way you like it. That’s the experience Kairos Factory brings to infrastructure — letting you focus on what matters, while still getting a stack tailored to your exact taste. In this talk, we introduce Kairos Factory, a web-based builder that lets you assemble secure, immutable Kubernetes-ready OS images tailored to your needs. Think of it as Pok8s — your build-your-own Kubernetes Poke Bowl. Choose your base OS (Ubuntu, Alpine, etc.), pick your Kubernetes distribution (k3s, k0s), toss in your configuration toppings (VPNs, CRDs, mesh configs), and layer on your favorite sauces — TPM-backed boot, full-disk encryption, and other security features. Unlike opinionated open-source stacks that lock you into their tooling or upgrade paths, Kairos is truly composable — you can swap any layer without rebuilding your world. It’s designed for flexibility without compromise, giving you a declarative, production-grade OS image with full control from kernel to kubelet. Through live demos and real-world scenarios, we’ll explore how Kairos enables teams to take control of their infrastructure without abandoning existing know-how or processes. Whether you’re deploying to edge devices, bare metal, or cloud instances, you’ll walk away with a new model for curated infrastructure — not just composed systems. And maybe, just maybe, a craving for sushi.
Scalable Kubernetes with Hosted Control Planes and Immutable Nodes
In this workshop, you'll learn how to deploy Kubernetes clusters using the Hosted Control Plane (HCP) architecture combined with immutable worker nodes, a powerful approach that enhances scalability, reduces control plane resource usage, and strengthens your platform's security posture. We'll explore how to achieve this architecture using two CNCF projects: - Kamaji, to manage lightweight, multi-tenant hosted control planes. - Kairos, to build and manage secure, immutable nodes that are GitOps-ready by design. Through hands-on work, you'll learn how to generate Kairos artifacts using a web-based UI, configure them to automatically join tenant clusters managed by Kamaji, and lay the foundation for scalable, reproducible Kubernetes infrastructure — from core to edge.