Microsoft releases Linux distribution 'Azure Linux' optimized for cloud service 'Azure'

`` Azure Linux '', which was once developed as Microsoft's internal Linux distribution, has finally been officially released after the public preview from October 2022. Azure Linux is optimized for Microsoft's cloud service 'Azure' and is characterized by being lightweight, safe and highly reliable.

Introducing the Azure Linux container host for AKS
https://techcommunity.microsoft.com/t5/azure-infrastructure-blog/introducing-the-azure-linux-container-host-for-aks/ba-p/3824101

Azure Linux released at Build – where Microsoft revealed why it did not fork Fedora • DEVCLASS
https://devclass.com/2023/05/25/azure-linux-released-at-build-where-microsoft-revealed-why-it-did-not-fork-fedora/

Microsoft's Azure Linux distro is now generally available • The Register
https://www.theregister.com/2023/05/26/microsoft_azure_linux_container/

Azure Linux is an open source container host OS for Azure Kubernetes Service (AKS). It is not derived from other Linux distributions, but developed completely by Microsoft, and by reducing the number of installed packages as much as possible, it is said that vulnerability and error rate are reduced. About. In 2021, it was revealed that it was being developed as Microsoft's internal Linux distribution.

What is the in-house Linux distribution used by Microsoft? -GIGAZINE

The specific strengths of Azure Linux are:

・Supply chain safety
All packages included in Azure Linux are built, signed and verified from source by Microsoft and hosted on a secure platform. This makes it possible to prevent supply chain attacks in which the libraries used by the package are hijacked and malicious programs are mixed in.

There have already been reported cases where popular libraries were hijacked and developed into large-scale supply chain attacks, but Azure Linux can reduce the risk of attacks.

A popular JavaScript library that is downloaded millions of times in a week is hijacked, Windows devices are also afraid of password theft - GIGAZINE

・Compact and lightweight
Azure Linux has only the minimum necessary packages, so it consumes less disk and memory and requires less maintenance.

・ Emphasis on security
Azure Linux follows the secure-by-default principle of ``keeping system defaults as safe as possible''. Security is also enhanced by incorporating flags and optimizations for Azure in the Linux kernel. In addition, since the number of packages installed is small, the attack surface is relatively small, and security patches can be applied quickly.

・Wide range of verification
The AKS team and the Azure Linux team will perform regression tests before releasing new patches to ensure that there are no problems anywhere in the system as a whole. This enables early detection and mitigation of problems.

The source code of Azure Linux is published at the following link.

GitHub - microsoft/CBL-Mariner: Linux OS for Azure 1P services and edge appliances
https://github.com/microsoft/CBL-Mariner