\"_). Track progress and tick off checklist items in that issue — do **not** edit the checkboxes in this file. This document remains the canonical template for all future onboardings.\n>\n> **Improving this template:**\n> If you find that this document does not reflect the realities of onboarding (missing steps, outdated information, etc.), please open a pull request to update it.\n\nThe checklist is split into two parts:\n\n- **[For the onboarding coordinator](#for-the-onboarding-coordinator)** — actions that an existing maintainer or project coordinator must perform on behalf of the new maintainer.\n- **[For the new maintainer](#for-the-new-maintainer)** — actions the new maintainer should complete themselves.\n\nOnce onboarding is complete, both parties should confirm each item is ticked off in the tracking issue.\n\n---\n\n## For the Onboarding Coordinator\n\nThese steps require elevated access and must be completed by an existing maintainer or project coordinator.\n\n### GitHub Access\n\n- [ ] Add the new maintainer to the [flatcar-maintainers](https://github.com/orgs/flatcar/teams/flatcar-maintainers) GitHub team.\n- [ ] Verify the new maintainer has appropriate permissions on all relevant repositories (see [MAINTAINERS.md](./MAINTAINERS.md) for the list of repositories).\n- [ ] Assign the new maintainer to the relevant PR review groups based on their area of focus, for example:\n - `flatcar-ci`\n - `nebraska-maintainers`\n - Other repository-specific teams as applicable.\n- [ ] If the new maintainer will be involved in release management, add them to the Nebraska read-only (`ro`) or read-write (`rw`) groups in the Nebraska release process as appropriate. See [RELEASES.md](./RELEASES.md) for the full release guide.\n\n### CNCF Registration\n\n- [ ] Add the new maintainer to the [CNCF project maintainers list](https://github.com/cncf/foundation/blob/main/project-maintainers.csv) by opening a pull request against the [cncf/foundation](https://github.com/cncf/foundation/) repository (see [example PR](https://github.com/cncf/foundation/pull/1075)).\n- [ ] Ensure the new maintainer has access to CNCF accounts and services used by the project (e.g. CNCF service desk, CNCF Slack).\n\n### Mailing Lists\n\nAdd the new maintainer to the following mailing lists:\n\n**Private lists** (maintainer-only):\n- [ ] `maintainers@flatcar-linux.org` — maintainer coordination and voting\n- [ ] Infra mailing list — infrastructure and operational discussions\n- [ ] Security mailing list — undisclosed security issue handling\n\n**Public lists** (community-facing):\n- [ ] [Flatcar Users](https://groups.google.com/g/flatcar-linux-user)\n\n### Infrastructure Access\n\nGrant the new maintainer access to the following infrastructure systems (at minimum read/user level; escalate as required by their role):\n\n- [ ] Jenkins (CI)\n\n### Communication and Collaboration Tools\n\n- [ ] Grant access to the shared Flatcar events Google Calendar.\n- [ ] Grant access to the Flatcar YouTube channel.\n- [ ] Grant access to the [HackMD](https://hackmd.io) workspace used for collaborative documents.\n\n### Linux Foundation\n\n- [ ] Ensure the new maintainer has a Linux Foundation account.\n- [ ] Grant access to the Linux Foundation Jira project used for tracking Flatcar work items.\n\n---\n\n## For the New Maintainer\n\nThese are steps you should complete yourself after your coordinator has provisioned your access.\n\n### GitHub\n\n- [ ] Accept the invitation to the [flatcar GitHub organisation](https://github.com/flatcar) and the `flatcar-maintainers` team.\n- [ ] Review the list of repositories you have been added to and familiarise yourself with their purpose (see [MAINTAINERS.md](./MAINTAINERS.md)).\n- [ ] Review the [Governance document](./governance.md) to understand the project's decision-making process, voting, and maintainer responsibilities.\n\n### Calendar and Meetings\n\n- [ ] Add the Flatcar community calendar to your calendar app using the iCal link:\n `https://calendar.google.com/calendar/ical/c_ii991mqrpta9en8o7ofd4v19g4%40group.calendar.google.com/public/basic.ics`\n- [ ] Alternatively, subscribe via the [Google Calendar link](https://calendar.google.com/calendar/u/0/embed?src=c_ii991mqrpta9en8o7ofd4v19g4@group.calendar.google.com).\n- [ ] Attend your first [Flatcar Developer Sync](https://meet.flatcar.org/OfficeHours) — check the community calendar for the current schedule.\n- [ ] Attend your first [Flatcar Office Hours](https://meet.flatcar.org/OfficeHours) — check the community calendar for the current schedule.\n\n### Mailing Lists\n\n- [ ] Confirm you have been added to the private maintainer, infra, and security mailing lists and that you can send and receive messages.\n- [ ] Confirm you have been subscribed to the [Flatcar Users](https://groups.google.com/g/flatcar-linux-user) public mailing list.\n\n### Community Channels\n\n- [ ] Join the Flatcar Discord server: [discord.gg/PMYjFUsJyq](https://discord.gg/PMYjFUsJyq)\n- [ ] Join the Flatcar Matrix room: [#flatcar:matrix.org](https://app.element.io/#/room/#flatcar:matrix.org)\n- [ ] Join the [#flatcar channel](https://kubernetes.slack.com/archives/C03GQ8B5XNJ) in the Kubernetes Slack workspace.\n\n### Infrastructure and Tooling\n\n- [ ] Verify your access to Jenkins\n- [ ] Log in to HackMD and confirm access to shared Flatcar documents.\n- [ ] Log in to the Linux Foundation Jira and confirm access to the Flatcar project board.\n- [ ] Verify CNCF account access.\n\n### Knowledge Sharing\n\n- [ ] Schedule onboarding knowledge-sharing sessions with existing maintainers to cover key areas of the project. Suggested topics include:\n - Overview of the Flatcar build system and SDK\n - CI/CD pipeline and infrastructure\n - Release management process (see [RELEASES.md](./RELEASES.md))\n - Security response process\n - Governance and decision-making\n- [ ] Read through the [Flatcar developer guides](https://www.flatcar.org/docs/latest/reference/developer-guides/) and the [SDK how-to](https://www.flatcar.org/docs/latest/reference/developer-guides/sdk-modifying-flatcar/).\n- [ ] Review the [CONTRIBUTING.md](./CONTRIBUTING.md) guide.\n- [ ] Review the [SECURITY.md](./SECURITY.md) policy.\n- [ ] Review the [CODE_OF_CONDUCT.md](./CODE_OF_CONDUCT.md).\n\n---\n\n## Questions and Support\n\nIf you have any questions during onboarding, please reach out to the maintainer team via:\n\n- Discord: [discord.gg/PMYjFUsJyq](https://discord.gg/PMYjFUsJyq)\n- Matrix: [#flatcar:matrix.org](https://app.element.io/#/room/#flatcar:matrix.org)\n- Slack: [#flatcar](https://kubernetes.slack.com/archives/C03GQ8B5XNJ) in the Kubernetes Slack org\n- Private maintainer mailing list: `maintainers@flatcar-linux.org`\n"
},
{
"path": "README.md",
"content": "\n\n[](https://www.flatcar.org/)\n[](https://discord.gg/PMYjFUsJyq)\n[](https://app.element.io/#/room/#flatcar:matrix.org)\n[](https://kubernetes.slack.com/archives/C03GQ8B5XNJ)\n[](https://x.com/flatcar)\n[](https://hachyderm.io/@flatcar)\n[](https://bsky.app/profile/flatcar.org)\n[](https://www.bestpractices.dev/projects/10926)\n\n\n> **Note:** To file an issue for any Flatcar repository, please use the [central Flatcar issue tracker](https://github.com/flatcar/Flatcar/issues).\n
\n\n# Flatcar Container Linux\n\nWelcome to the Flatcar community! Whether you're a user, contributor, or just curious — we're glad you're here! 👋\n\n_Flatcar Container Linux is a fully open source, minimal-footprint, secure by default and always up-to-date Linux distribution for running containers at scale._\n\nFlatcar ships only the essentials needed to run containers — no package manager, no configuration drift. Its immutable, read-only filesystem minimizes attack surfaces, and atomic, automated updates keep your system secure and up-to-date without manual intervention.\n\nDon't forget to check out [flatcar.org](https://www.flatcar.org/) for documentation, guides, and other useful resources!\n\n## Table of Contents\n\n- [Flatcar Container Linux](#flatcar-container-linux)\n - [Table of Contents](#table-of-contents)\n - [Install and Operate Flatcar](#install-and-operate-flatcar)\n - [Communication Channels](#communication-channels)\n - [Social Media](#social-media)\n - [Community Meetings](#community-meetings)\n - [Office Hours](#office-hours)\n - [Developer Syncs](#developer-syncs)\n - [Report Bugs and Request Features](#report-bugs-and-request-features)\n - [Participate and Contribute](#participate-and-contribute)\n - [Becoming a Maintainer](#becoming-a-maintainer)\n - [Project Status and Roadmap](#project-status-and-roadmap)\n - [Release Process](#release-process)\n - [LTS](#lts)\n - [Project Governance](#project-governance)\n - [Code of Conduct](#code-of-conduct)\n - [Reference](#reference)\n\n---\n\n## Install and Operate Flatcar\n\nFlatcar Container Linux has a dedicated [documentation site](https://www.flatcar.org/docs/latest/). Start here:\n\n- [Getting Started](https://www.flatcar.org/docs/latest/installing/) — covers Ignition, local testing with QEMU, automatic updates, and cloud providers\n\n| Resource | Link |\n| --------------------------- | -------------------------------------------------------- |\n| **Current Releases** | [flatcar.org/releases](https://www.flatcar.org/releases) |\n| **Interoperability Matrix** | [interop-matrix.md](interop-matrix.md) |\n| **CIS Benchmarks** | [CIS reports](CIS/README.md) |\n\n---\n\n## Communication Channels\n\nWe're a friendly bunch and always excited to chat! Here's where you can find us:\n\n| Channel | Link |\n| ------------------------ | -------------------------------------------------------------------------------------------------------------- |\n| **Discord** (preferred) | [discord.gg/PMYjFUsJyq](https://discord.gg/PMYjFUsJyq) — text, voice & video with contributors and maintainers |\n| **Matrix** | [#flatcar:matrix.org](https://app.element.io/#/room/#flatcar:matrix.org) |\n| **Slack** | [#flatcar](https://kubernetes.slack.com/archives/C03GQ8B5XNJ) (Kubernetes Slack) |\n| **GitHub Discussions** | [flatcar/Flatcar/discussions](https://github.com/flatcar/Flatcar/discussions) |\n| **Mailing List (Users)** | [flatcar-linux-user](https://groups.google.com/g/flatcar-linux-user) |\n\n> 💡 Want to report a bug or request a feature? [File an issue](https://github.com/flatcar/Flatcar/issues/new/choose). Have a question or not sure where to start? Jump into one of our chats and ask — we're happy to help!\n\n#### Social Media\n\n| Platform | Link |\n| ------------ | ------------------------------------------------------ |\n| **Mastodon** | [@flatcar@hachyderm.io](https://hachyderm.io/@flatcar) |\n| **Bluesky** | [@flatcar.org](https://bsky.app/profile/flatcar.org) |\n| **X** | [@flatcar](https://x.com/flatcar) |\n\n### Community Meetings\n\nCome say hi! Check our [Google Calendar](https://calendar.google.com/calendar/u/0/embed?src=c_ii991mqrpta9en8o7ofd4v19g4@group.calendar.google.com) ([iCal](https://calendar.google.com/calendar/ical/c_ii991mqrpta9en8o7ofd4v19g4%40group.calendar.google.com/public/basic.ics)) for all meeting times.\n\n#### Office Hours\n\n| | |\n| ---------- | ------------------------------------------------------------------------------------------------------------------------------------ |\n| **When** | 2nd Wednesday of every month at 2:30pm UTC (double check calendar) |\n| **Where** | [meet.flatcar.org/OfficeHours](https://meet.flatcar.org/OfficeHours) (all you need is a browser, no installations/accounts required) |\n| **Agenda** | [Office Hours Discussions](https://github.com/flatcar/Flatcar/discussions/categories/flatcar-office-hours) |\n\nEngage with the Flatcar community, learn about project directions, discuss contributions, and catch occasional demos of image-based Linux technologies. Each call includes a brief Release Planning update.\n\n#### Developer Syncs\n\n| | |\n| ---------- | ------------------------------------------------------------------------------------------------------------------------------------ |\n| **When** | 4th Wednesday of every month at 2:30pm UTC (check calendar) |\n| **Where** | [meet.flatcar.org/OfficeHours](https://meet.flatcar.org/OfficeHours) (all you need is a browser, no installations/accounts required) |\n| **Agenda** | [Developer Sync Discussions](https://github.com/flatcar/Flatcar/discussions/categories/flatcar-developer-sync) |\n\nBacklog grooming, task planning, roadmap discussions, and day-to-day issues. If you want to get hands-on with development, this is the call for you!\n\n> 🎥 All meetings are live-streamed on YouTube — recordings are linked in each meeting's agenda.\n\n---\n\n## Report Bugs and Request Features\n\nFound a bug or have a feature request? [File an issue](https://github.com/flatcar/Flatcar/issues/new/choose) — please select the appropriate issue type to help us triage.\n\n> 💡 **Tip:** Want a new package in the base image? Use the \"New Package Request\" issue type and check out the [package addition guidelines](adding-new-packages.md).\n\n---\n\n## Participate and Contribute\n\nThinking of making a contribution? Engage with the project early — comment on an existing issue or create a new one. Making your intent visible is often the key to getting your work accepted!\n\nFor full details, check out our [Contributing Guide](CONTRIBUTING.md) which covers:\n\n| Topic | What you'll find |\n| ---------------------- | ------------------------------------------------------------------------------------------------------- |\n| **Ways to Contribute** | Code, docs, community, outreach, and more |\n| **Finding Issues** | Labels like `good first issue` and `help wanted` |\n| **Development Setup** | SDK walkthrough and [developer guides](https://www.flatcar.org/docs/latest/reference/developer-guides/) |\n| **PR Lifecycle** | From filing to merge |\n| **Commit Guidelines** | Format, style, and best practices |\n\n> 🌟 **New to Flatcar?** Consider building a [Flatcar App](https://github.com/flatcar/Flatcar/issues/2029) — a great hands-on way to learn!\n\n### Becoming a Maintainer\n\nThe Flatcar maintainer path is laid out in our [governance document](governance.md).\n\n---\n\n## Project Status and Roadmap\n\n| Board | Description |\n| ------------------------------------------------------------------------ | ---------------------------------------------------------- |\n| [**Issue Tracker**](https://github.com/flatcar/Flatcar/issues) | Short-term concerns — bugs and minor enhancements |\n| [**Tactical Board**](https://github.com/orgs/flatcar/projects/7/views/1) | What maintainers and contributors are currently working on |\n| [**Release Board**](https://github.com/orgs/flatcar/projects/7/views/8) | Completed items assigned to upcoming releases |\n| [**Releases Tracker**](https://github.com/orgs/flatcar/projects/7/views/24) | Track the status of each release across all channels |\n| [**Roadmap Board**](https://github.com/orgs/flatcar/projects/7/views/9) | Epics, major features, and long-term items |\n\n---\n\n## Release Process\n\nFlatcar Container Linux follows an **Alpha → Beta → Stable** release process:\n\n- **New features** and major version upgrades enter Alpha, transition to Beta, then land in Stable.\n- **Bug fixes** are released directly to the affected channel (Alpha fixes go to Alpha, Beta to Beta, Stable to Stable).\n\nWithin each channel, updates are planned on a **14-day cadence**. Major releases follow a broader rhythm:\n\n| Promotion | Target cadence |\n|-----------|----------------|\n| New major **Alpha** | Monthly |\n| Alpha → **Beta** | Every 2 months |\n| Beta → **Stable** | Every 3–4 months |\n| New **LTS** | Yearly |\n\nUp-to-date planning status is reflected in our [release planning board](https://github.com/orgs/flatcar/projects/7). For the full release process documentation, see the [Release Guide](RELEASES.md).\n\n### LTS\n\nSome users prefer to avoid frequent version upgrades. The Flatcar **LTS channel** provides a longer support window:\n\n| Detail | Value |\n| ---------------------- | ------------------------- |\n| **Based on** | A \"golden Stable\" release |\n| **Maintenance period** | 18 months |\n| **New LTS frequency** | Every 12 months |\n| **Upgrade window** | 6 months overlap |\n\n---\n\n## Project Governance\n\nFlatcar is a community-driven project. Every participant — bug reporter, feature requester, code contributor — is considered a contributor. Maintainers have commit access and help govern the project, driving it forward and maintaining its scope and vision.\n\nFor full details see our [governance document](governance.md).\n\n| Resource | Link |\n| ------------------- | -------------------------------- |\n| **Governance** | [governance.md](governance.md) |\n| **Maintainers** | [MAINTAINERS.md](MAINTAINERS.md) |\n| **Security Policy** | [SECURITY.md](SECURITY.md) |\n\n---\n\n## Code of Conduct\n\nWe follow the [CNCF Code of Conduct](https://github.com/cncf/foundation/blob/main/code-of-conduct.md).\n\nPlease contact the [private Maintainer mailing list](mailto:maintainers@flatcar-linux.org) or the Linux Foundation mediator, Mishi Choudhary ([mishi@linux.com](mailto:mishi@linux.com)), to report an issue.\n\n---\n\n## Reference\n\n| Document | Description |\n| -------------------------------------------------- | -------------------------------------------------------------------------------------- |\n| [CONTRIBUTING.md](CONTRIBUTING.md) | How to contribute — finding issues, development setup, PR lifecycle, commit guidelines |\n| [RELEASES.md](RELEASES.md) | Release channels, downloads, and the release process |\n| [governance.md](governance.md) | Project governance model, maintainer roles, and decision-making |\n| [MAINTAINERS.md](MAINTAINERS.md) | Current list of project maintainers |\n| [EMERITUS_MAINTAINERS.md](EMERITUS_MAINTAINERS.md) | Former maintainers who have stepped down |\n| [ONBOARDING.md](ONBOARDING.md) | Checklist for onboarding new maintainers |\n| [SECURITY.md](SECURITY.md) | Security policy and vulnerability reporting |\n| [CODE_OF_CONDUCT.md](CODE_OF_CONDUCT.md) | CNCF Code of Conduct |\n| [adding-new-packages.md](adding-new-packages.md) | Guidelines for requesting and adding new packages to Flatcar |\n| [interop-matrix.md](interop-matrix.md) | Platform and provider interoperability matrix |\n| [CODEOWNERS](CODEOWNERS) | Code ownership and review assignments |\n| [LICENSE](LICENSE) | Project license (Apache 2.0) |\n"
},
{
"path": "RELEASES.md",
"content": "# Flatcar Releases\n\nFlatcar Container Linux uses **automatic, atomic updates** to keep your system secure and up-to-date without manual intervention. Each Flatcar instance receives updates from one of four release channels:\n\n- **Alpha** — the bleeding edge. New features, major version upgrades, and experimental changes land here first. Expect frequent updates and occasional rough edges.\n- **Beta** — a stabilization step. Changes that have proven themselves in Alpha are promoted here for broader testing before reaching production.\n- **Stable** — the default and recommended channel for production workloads. Only thoroughly tested releases make it here.\n- **LTS** — the gold standard for stability. An LTS release is cut from a battle-tested Stable version that has proven itself exceptionally reliable across the community. It receives only critical security and bug fix updates for **18 months**, with a new LTS published every 12 months and a 6-month overlap between consecutive LTS releases so you have plenty of time to upgrade. Ideal for environments where predictability and minimal change are paramount.\n\nEach channel always points to its latest version as the `current` release. Every release has its own version number and dedicated release notes. Bug fixes are shipped directly to the affected channel — an Alpha fix goes to Alpha, a Beta fix to Beta, a Stable fix to Stable, and an LTS fix to LTS.\n\nWithin each channel, updates are planned on a **14-day cadence**. Major releases follow a broader rhythm:\n\n| Promotion | Target cadence |\n|-----------|----------------|\n| New major **Alpha** | Monthly |\n| Alpha → **Beta** | Every 2 months |\n| Beta → **Stable** | Every 3–4 months |\n| New **LTS** | Yearly |\n\nYou can learn more about switching between channels and configuring update behavior in the [channel docs](https://www.flatcar.org/docs/latest/setup/releases/switching-channels/).\n\n## Download Images\n\nBrowse all available releases at [flatcar.org/releases](https://www.flatcar.org/releases/). Click `amd64` or `arm64` on the channel overview to download images for the `current` release, or navigate to a specific version's release notes to grab that particular build. You'll be able to choose from images for many platforms and cloud providers. The [installation docs](https://www.flatcar.org/docs/latest/installing/) have a quick start guide and information about public images directly available at each cloud provider.\n\n## Track Releases\n\n| Resource | Link |\n|----------|------|\n| **Releases Tracker** | [Project board](https://github.com/orgs/flatcar/projects/7/views/24) — status of each release across all channels |\n| **Release issues** | [kind/release](https://github.com/flatcar/Flatcar/issues?q=is%3Aissue+state%3Aopen+label%3Akind%2Frelease) — upcoming and in-progress releases that populate the tracker |\n\n## Release Process\n\nFor the full release process documentation — how releases are built, tested, signed, and published — see the [Release Guide](https://www.flatcar.org/docs/latest/reference/developer-guides/release-guide/) on the Flatcar documentation site.\n\nHave questions about releases or updates? Join one of our [chats or community calls](https://github.com/flatcar/Flatcar/blob/main/README.md#communication-channels) — we're always happy to help!\n"
},
{
"path": "SECURITY.md",
"content": "# Flatcar Security\nTo keep Flatcar secure, the maintainers put a strong focus on tracking new and existing security issues.\nDealing with Security concerns is owned by the [Flatcar Security team](https://github.com/orgs/flatcar/teams/flatcar-security-team), a subset of the Maintainers team, and elected by the Maintainers (see [governance.md](./governance.md)).\n\nWhile the team actively researches and tracks new and existing security issues, it may also be notified of issues via [security@flatcar-linux.org](mailto:security@flatcar-linux.org).\n\nThe Security team meets on a fortnightly cadence, in a private video call.\nThe team maintains an internal list of security Primaries and Secondaries, which are rotated on a weekly basis. \nThe Primary and Secondary are expected to actively engage in security work each day, including executing the Runbook (see below) and working on fixing ongoing security issues.\n\nUndisclosed security issues are tracked in a private repository only accessible by members of the security team.\nPublic issues are tracked publicly in the project's main issue tracker.\n\nSecurity issues are addressed by releasing an updated OS image. Releases may be expedited depending on the issues' severity. For each release, release notes contain a concise list of security issues fixed. Also, a separate, detailed report on each of the issues addressed is part of every release.\n\n## Daily security runbook for Security team primaries and secondaries\n\nThe runbook below discusses steps for identifying new potential security issues and for making the issues known to the Flatcar project's maintainers and/or the other members of the Security team.\n\nPrimaries are expected to execute the runbook at least once per day, optionally assisted or off-loaded by Secondaries.\n\nEvery day look into upstream security trackers like below:\n- Gentoo security vulnerabilities. It might be useful to use gorss + RSS feed for this.\n- oss-security mailing list\n- Golang announce mailing list\n- Rust security announcements\n- (optional) issue trackers of other distros\n- Whenever we discover any new CVE, we add it to an internal database, and use automation tools to create a new issue about the CVE in [Flatcar GitHub issues](https://github.com/Flatcar/Flatcar/issues) with labels `security` and `advisory`.\n- If an issue for updating the specific package affected by the new CVE is already open in [Flatcar GitHub issues](https://github.com/Flatcar/Flatcar/issues), then unfortunately we need to manually edit the existing issue to add the new CVE.\n"
},
{
"path": "adding-new-packages.md",
"content": "# Proposing new packages for inclusion into Flatcar Container Linux\n\nFlatcar Container Linux is a modern Linux distribution for running container workloads.\nTo stay modern, the packages included need to be kept up-to-date, and sometimes new packages introduced.\nThis documents explains the process for the latter.\n\n## Project definition\n\nWhen proposing new packages for inclusion into Flatcar Container Linux, it's important to keep in mind how the project defines itself: \n_Flatcar Container Linux is a fully open source, minimal-footprint, secure by default and always up-to-date Linux distribution for running containers at scale._\n\n## New package criteria\n\nAs a minimal Linux distribution, the tools and applications included in Flatcar Container Linux are to be kept to a minimum.\nThis is to reduce both the image size and attack surface.\nPackage addition requests are evaluated with this in mind.\nOther criteria that are weighed are the following.\n\n- ***Secure by default***: Does the package increase the security of Flatcar?\n- ***Always up-to-date***: Is the package actively maintained?\n- ***Running containers***: Does the package make Flatcar more relevant for container environments?\n- ***At scale***: Does the package improve automation of or telemetry served by Flatcar and/or ease operational burden?\n\n## How to propose a package for inclusion\n\nIn order to propose a new package for inclusion, [open an issue using the \"New Package Request\" template](https://github.com/flatcar/Flatcar/issues/new?assignees=&labels=kind%2Fnew-package&template=new-package-request.md&title=New+Package+Request%3A+%5Bpackage-name%5D).\n"
},
{
"path": "attic/community-meetings/2021-05-11.md",
"content": "# Flatcar community call Tuesday, 11th of May, 17:30 CEST\n\n- [Slide deck](2021-05-11-slides.pdf)\n- Youtube recording: [https://youtu.be/YBfq2fcjp8E](https://youtu.be/YBfq2fcjp8E)\n\n# Call Agenda\n\n## Welcome\n- Introduction to the new community meetings\n- Meet the team\n- Review agenda\n- Introduction: Brief intro of the team and community members participating in the call\n\n## Flatcar Interoperability\nReview of our work on interoperability and how we plan to track/report\n\n ## Upcoming releases\nWe give a brief overview of upcoming releases and the features included.\n\n## Spotlight: CAPI\nDetails on our ClusterAPI work so far and future plans\n\n## Community Q&A\nOpen Q&A / discussion\n\n\n# Call Minutes\n\nThe meeting largely followed the [slide deck](2021-05-11-slides.pdf). After the presentation, community participants raised a total of 3 questions.\n\n1. The Flatcar team, Thilo, Sayan, Marga, Dongsu, Mathieu, Andy, Kai, and Iago introduce themselves.\n2. Andy briefly addresses the future of Flatcar following Kinvolk's acquisition by Microsoft.\n - “[...] we want to assure the Flatcar community that Microsoft and the Kinvolk team will continue to collaborate with the larger Flatcar community on the evolution of Flatcar Container Linux.” - Brendan Burns, Microsoft\n - “This will not be a replay of the movie you’ve seen before. In fact, we and Microsoft are committed to doubling down on the Flatcar community: we want to expand the universe of partners, contributors, and users, to ensure a vibrant, successful and sustainable long-term future for Flatcar as a truly open, community-driven project.” - Chris Kühl, Kinvolk\n3. Thilo introduces monthly community calls and the new community focus of the Flatcar project, overcoming and leaving behind its single vendor past.\n4. Marga introduces the [interop matrix](../interop-matrix.md) as a means to track Flatcar's support of runtime environments (clouds, on premise, etc.).\n - Some environments, while supported, do not currently have an owner.\n - The project aims to have community owners who operate workloads / clusters in the respective environments, in the long term.\n5. Andy elaborates on Flatcar's core philosophy and shares details on stabilisation process and on release cadence.\n - Alpha introduces new major versions, which then transition to Beta and Stable. Not every Alpha is promoted to Beta, not every Beta becomes Stable.\n - Frequent Alpha releases, every 2 weeks on average.\n - Beta release for (typically) every second Alpha, with patch releases in between.\n - Stable releases roughly every 2 months.\n - \"golden\" Stable to become LTS once a year.\n6. Sayan summarises the last round of releases, and provides an outlook of upcoming releases.\n - April 28th round shipped new major Alpha (2857.0.0) and Beta (2823.1.0) versions, and patch level updates to Stable (2765.2.3) and to LTS (2605.15.1).\n - Alpha release removes `rkt` and `kubelet-wrapper`. The changes will transition to Beta in June, and to Stable in July.\n - Upcoming May 19th releases will ship a new major Alpha (2879.0.0) and patch level updates to Beta, Stable, and LTS.\n7. Dongsu provide an overview of ClusterAPI, and elaborates on our work to add Flatcar support to CAPI.\n - CAPI utilises a management cluster to deploy workload clusters on a variety of inrastructure providers.\n - Adding OS support for providers requires a separate implementation for each; there is no unified standard for OS config.\n - OS images are provided via the ClusterAPI Image Builder project.\n - Workload clusters are provisioned via the ClusterAPI Bootstrap provider.\n - Current Flatcar status:\n - QEmu and AWS OS images supported for Flatcar in Image builder.\n - Bootstrap (kubeadm) Ignition support added to enable Flatcar OS config.\n - AWS provider Ignition support added to enable Flatcar OS config.\n - Future plans:\n - support other cloud providers (Metal3, Azure, vSphere, Tinkerbell, Equinix Metal)\n8. Thilo shares call for action to the community to join the project\n\n## Q&A\n\n- Q: **What's the relationship between ClusterAPI and Lokomotive?**\n- Iago: Currently, no direct relation. We plan to investigate using parts of CAPI in the future, e.g. provisioning, but we do not plan to support the full-blown management / workload clusters pattern at this time.\n\n- Q: **here seems to be a lack of bare metal deployments / supported platforms in the compatibility matrix - is this intentional? Do we exepct Flatcar to \"just work\" since it's using Linux? Is there potential to add bare metal platforms (we use / plan to use Flatcar primarily on bare metal)?**\n- Thilo: It's Linux, as long as it PXE boots, you should be fine.\n- Andy: Are we discussing a hardware compatibility list?\n- Jannik: Not quite, however since we'll be running on bare metal we'll also test our bare metal. We're willing to support the community for our use cases.\n- Vincent: Currently, if you run into issues it's best to just open a ticket. If you'd like to expose your work to the community (test results etc.) you're of course welcome to do so!\n- Kai: We cover bare metal PXE boot / ignition config implicitly by our Equinix Metal workloads / CI / release tests. Lokomotive also maintains a bare metal CI test which covers PXE boots and deployments.\n- Marga: It's a good point that our interop matrix currently does not discuss hardware support at all. For instance, it's tribal knowledge that Flatcar boots on Rasperry Pi (with some tweaks), but that's not documented anywhere.\n- Andy: This might be something we should involve the larger community with, e.g. establishing a hardware interop list for users' existing deployments. Individual users then could volunteer to keep that list up to date for new releases since they'd be testing the release on their hardware anyway.\n- Jannik: We could use the hardware interop doc to also share tweaks / notes for specific environments more easily.\n\n- Q: **Can you talk about ARM64 support? There's Alpha support, but what's the path to Beta and Stable?**\n- Thilo: It's work in progress, we staffed / resourced this concern very recently. Some plumbing level and package upgrades are necessary to make things work for Stable, these are being worked on as we speak.\n- Kai: A number of system components' tests are currently failing. We're also interested in hardware enablement, i.e. getting feedback on our ARM64 kernel config / modules on different ARM64 platforms. Other than that, it's about ensuring our release tests pass.\n- Thilo: We need to discuss this in terms of support levels - you could go ahead and use Alpha ARM64 support today, there are no deal breakers we know of - it will support your workload. \n It just won't support the entire range of Flatcar features, and some boot-up units might fail (SELinux in particular).\n We're working on bringing up these components on ARM64.\n"
},
{
"path": "attic/community-meetings/2021-06-08.md",
"content": "# Flatcar community call Tuesday, 8th of June, 17:30 CEST\n\n- [Slide deck](2021-06-08-slides.pdf)\n- Youtube recording: [https://www.youtube.com/watch?v=cZ4o-ZD6r10&t=235s](https://www.youtube.com/watch?v=cZ4o-ZD6r10&t=235s)\n\n## Welcome\n- Brief intro / check-in of all participants in the Zoom call. Please introduce yourself and share what brings you here today.\n- Review the meeting agenda.\n\n## Spotlight: Nebraska update server\n- Brief presentation of Flatcar’s open source update server.\n\n## Spotlight: Nightlies, Tests, and Releases\n- Brief presentation of Flatcar’s test and releases process.\n\n## Status update: ARM64\n- What’s done, what’s missing, and how to help.\n\n## Releases review & planning\n- We share details of the May 19th release, some bumps encountered.\n- We plan the next releases, including new features, bug fixes, and related PRs.\n\n## Q&A\n- Questions from community participants, answered by the Flatcar maintainers.\n\n\n# Call Minutes\n\nAs usual, the meeting minutes will be added here after the call.\n[tbd.]\n\n## Q&A\n\nNo questions this time.\n"
},
{
"path": "attic/community-meetings/2021-07-13.md",
"content": "# Agenda for the Flatcar community call on Tuesday, 13th of July, 17:30 CEST\n\n## Links for participants\n- [Slide deck](2021-07-13-slides.pdf)\n- Youtube live stream link (for passively watching): [http://www.youtube.com/watch?v=jcwH4ZTrXnk](http://www.youtube.com/watch?v=jcwH4ZTrXnk)\n\n## Welcome\n- Brief intro / check-in of all participants in the Zoom call. Please introduce yourself and share what brings you here today.\n- Review the meeting agenda.\n\n## Spotlight: Flatcar Release Process\n- We will be talking about the Flatcar Release Process and Planning.\n\n## Status update: ARM64\n- List of release tests that fail\n- Deep dive into selected test failures\n\n## NEW: Release planning\n- Introducing our public release planning board\n- Items to be in the release of the week of July 21st\n- Community input wanted for upcoming releases!\n\n## Q&A\n- Questions from community participants, answered by the Flatcar maintainers.\n\n# Call Minutes\n\n1. Sayan introduces agenda for today: \n - Flatcar releases \n - Arm updates \n - Flatcar release planning \n - QA \n2. Flatcar team introduce themselves: Sayan, Jeremi, Kai, Marga, William, Danielle (program manager for ARM support for Flatcar)\n3. Kai talks about Flatcar Release Process \n - In contrast to regular distros, releases are not just bi-yearly but more frequent \n - Update granularity is whole image, not single packages \n - Releases are based on package updates, open PRs that are ready, and critical security fixes \n - Build is performed on private Jenkins instance, from scratch \n - Flatcar test suite runs on PRs\n - Big test run right before a release may uncover issues not found during development \n - Each release is signed and gets uploaded to our website and all supported cloud providers \n - Release planning happens every two weeks: review pending PRs and see if they can be fast tracked into the release \n - Release planning board has been made public today (https://github.com/orgs/kinvolk/projects/15) 😊 Community input is welcome! \n - Build/Test:\n - New SDK is produced on alpha release \n - Update signature is always cryptographically verified \n - Nightlies: packages from nightly builds can be consumed by SDK\n - Planned improvements to the CI process\n - Setting up a community accessible CI system (Concourse maybe) \n - Setting up automatic CI for PRs \n - Making release scripts independent of Jenkins and making it possible to build releases on dev machines \n4. William talks about state of ARM64:\n - William lists failing test cases \n - A lot of test cases seem to be failing due to similar root causes, we hope the community can help investigate \n - Ongoing work in the ARM64 stream: \n - Polkit depends on spidermonkey, but spidermonkey is complex for cross-compilation and ARM64 \n - We are going to replace spidermonkey with duktape like others in open source community have done \n - Help welcome! Find us on Matrix/IRC \"wrl\" \n5. Sayan talks about recent releases: \n - Alpha 2920.0.0, Beta 2905.1.0 \n - There will be monthly community call for release planning and a smaller bi-weekly to check progress\n - Sayan introduces the planning board (https://github.com/orgs/kinvolk/projects/15) \n - Columns for planned/in-progress/ready-for-review and items-completed for the closest update of alpha (and bumps of the other release channels). \n\n## Q&A\n\n* Q (Adam): migrated from CoreOS to Flatcar for hosting bioinformatics workloads on Kubernetes. Hitting limits on ignition file sizes on AWS (16K), wondering about possibility of using compression to buy some more time (ignition v3). Is ignition the right thing to use, plans for upgrade (flatcar is currently on v2)? \n * A (Kai): Probably will upgrade to v3 at some point, but keep v2 support unlike upstream. For the AWS issue, recommend fetching bigger ignition payloads from S3, is secured by IAM. \n\n* Q (Adam): what's the practical difference between cloud-config vs. Ignition. If cloud-config works for us, should we still migrate? \n * A (Kai): differences: ignition runs during initramfs, before systemd from rootfs starts, allowing more customization and potentially sparing users from a reboot. Also ignition runs once and not on every boot. Coreos-cloudconfig is an independent Go implementation of the Python cloudconfig found in Ubuntu. It’s not actively developed but will stick around. \n"
},
{
"path": "attic/community-meetings/2021-07-26.md",
"content": "# Agenda for the Flatcar Release Planning call on Monday, 26th of July, 17:30 CEST\n\n## Links for participants\n- Call (for actively participating): [https://zoom.us/j/99741357880](https://zoom.us/j/99741357880)\n- Youtube live stream link (for passively watching): https://www.youtube.com/watch?v=SM4lfaITzsI\n- Release Planning Board: [https://github.com/orgs/kinvolk/projects/15](https://github.com/orgs/kinvolk/projects/15)\n\n## Welcome\n- Brief introduction of new participants or attendees\n- Status of the previous Flatcar Release\n- Planning for the upcoming release for the week of August 2nd.\n\n## Q&A\n- Questions from community participants, answered by the Flatcar maintainers.\n\n# Call Minutes\nAs usual, the meeting minutes will be added here after the call.\n"
},
{
"path": "attic/community-meetings/2021-08-10.md",
"content": "# Flatcar community call Tuesday, 10th of August, 5:30 pm CEST\n\n- [Slide deck](2021-08-10-slides.pdf)\n- Youtube recording: [https://www.youtube.com/watch?v=Hy34rw7kax8](https://www.youtube.com/watch?v=Hy34rw7kax8)\n\n## Welcome\n- Brief intro / check-in of all participants in the Zoom call. Please introduce yourself and share what brings you here today.\n- Review the meeting agenda.\n\n## News\n- New section! We will discuss news and happenings in the Flatcar world, including how the team handled issues recently with Cilium interoperability and an image availability failure.\n\n## Spotlight: Docker 20.10 / cgroups v2 update\n- Docker 20 and CGroups v2 (unified mode) are coming to Flatcar Linux! We'll give an overview of the challenges and the implications, as well as discuss the timeline.\n\n## Spotlight community committer: contributing to Flatcar\n- What it took Aniruddha to contribute to Flatcar and solve the locksmith reboot issue.\n\n## Status update: ARM64\n- What’s done, what’s missing, and how to help.\n\n## Releases review & planning\n- Update from our planning for the next releases, including new features, bug fixes, and related PRs.\n\n## Q&A\n- Questions from community participants, answered by the Flatcar maintainers.\n"
},
{
"path": "attic/community-meetings/2021-08-23.md",
"content": "# Agenda for the Flatcar Release Planning call on Monday, August of 23rd, 17:30 CEST\n\n## Links for participants\n- Call (for actively participating): [https://us06web.zoom.us/j/85781192057](https://us06web.zoom.us/j/85781192057)\n- Youtube live stream link (for passively watching): http://www.youtube.com/watch?v=TfmiNy5020g\n- Release Planning Board: [https://github.com/orgs/kinvolk/projects/15](https://github.com/orgs/kinvolk/projects/15)\n\n## Welcome\n- Brief introduction of new participants or attendees\n- Status of the previous Flatcar Release\n- Planning for the upcoming release for the week of August 30th.\n\n## Q&A\n- Questions from community participants, answered by the Flatcar maintainers.\n"
},
{
"path": "attic/community-meetings/2021-09-14.md",
"content": "# Flatcar community call Tuesday, 14th of September, 5:30pm CEST / 9pm IST / 3:30pm GMT / 11:30am EDT / 8:30am PST\n\n- [Slide deck](2021-09-14-slides.pdf)\n- Youtube recording: http://www.youtube.com/watch?v=9YxsZYyQrkA\n\n## Welcome\n- Brief intro / check-in of all participants in the Zoom call. Please introduce yourself and share what brings you here today.\n\n## News\n- We will discuss news and happenings in the Flatcar world, including our move out of the Kinvolk github org / website back into our own, features coming to the Flatcar community release images, and the results of our recent user survey.\n\n## Spotlight: Equinix Metal's use of Flatcar Container Linux\n- Andy Holtzmann [@andy-v-h](https://github.com/andy-v-h) gives an introduction on EM's use of Flatcar.\n\n## Status update: ARM64\n- Progress made, remaining items, and next steps.\n- Ed Vielmetti [@vielmetti](https://github.com/vielmetti) shares information on the \"Works on ARM\" project at Equinix Metal, inclunding hardware available today and in the near future.\n\n## Releases review & planning (updated section!)\n- We'll wrap up changes for the upcoming release (week of September 20) and will plan items we aim to integrate for the release after that (week of October 4th).\n\n## Q&A\n- Questions from community participants, answered by the Flatcar maintainers.\n"
},
{
"path": "attic/community-meetings/2021-09-28.md",
"content": "# Agenda for the Flatcar Release Team call on Tuesday, September 28th, 5:30pm CEST / 9pm IST / 3:30pm GMT / 11:30am EDT / 8:30am PST\n\n## Links for participants\n* Zoom link: [https://us06web.zoom.us/j/82054240491](https://us06web.zoom.us/j/82054240491)\n * Meeting ID: 843 3611 6610\n * Passcode: 444888\n- Youtube live stream / recording: [https://www.youtube.com/watch?v=XbkHZMJlC8g](https://www.youtube.com/watch?v=XbkHZMJlC8g)\n- Release Planning Board: [https://github.com/orgs/flatcar-linux/projects/5](https://github.com/orgs/flatcar-linux/projects/5)\n\n## Welcome\n- Brief introduction of new participants or attendees\n- Status of the previous Flatcar Release\n- Status/Planning for the release for the week of October 4th\n- Planning for the release for the week of October 18th\n\n## Q&A\n- Questions from community participants, answered by the Flatcar maintainers.\n"
},
{
"path": "attic/community-meetings/2021-10-19.md",
"content": "# Flatcar community call Tuesday, 19th of October, 5:30pm CEST / 9pm IST / 3:30pm GMT / 11:30am EDT / 8:30am PST\n\n- [Slide deck](2021-10-11-slides.pdf)\n- Youtube recording: [https://www.youtube.com/watch?v=YP9HnYxepVo](https://www.youtube.com/watch?v=YP9HnYxepVo)\n\n## Welcome\n- Brief intro / check-in of all participants in the Zoom call. Please introduce yourself and share what brings you here today.\n\n## News\n- We will discuss news and happenings in the Flatcar world.\n - We will elaborate on recent issues with our CI infrastructure, and repercussions for people using the SDK or the developer container.\n - Today's call won't have a release planning section (there's a dedicated release planning coming up right next week).\n- We're participating in [Hacktoberfest](https://hacktoberfest.digitalocean.com/), your contribution to a Flatcar repo will count!\n\n## Spotlight: Flatcar dev mini-projects\n- Support for Ignition v3\n- Flog, the automated changelog generator\n- SDK container\n\n## Status update: ARM64\n- Progress made, remaining items, and next steps.\n\n## Q&A\n- Questions from community participants, answered by the Flatcar maintainers.\n"
},
{
"path": "attic/community-meetings/2021-10-26.md",
"content": "# Agenda for the Flatcar Release Team call on Tuesday, October 26th, 5:30pm CEST / 9pm IST / 3:30pm GMT / 11:30am EDT / 8:30am PST\n\n## Links for participants\n- Zoom link: [https://us06web.zoom.us/j/82054240491](https://us06web.zoom.us/j/82054240491)\n - Meeting ID: 820 5424 0491\n - Passcode: 444888\n- Youtube live stream / recording: [https://www.youtube.com/watch?v=xh-MkIoZvVw](https://www.youtube.com/watch?v=xh-MkIoZvVw)\n- Release Planning Board: [https://github.com/orgs/flatcar-linux/projects/5](https://github.com/orgs/flatcar-linux/projects/5)\n\n## Welcome\n- Brief introduction of new participants or attendees\n- Status of the previous Flatcar Release\n- Status/Planning for the release for the week of November 1st\n- Planning for the release for the week of November 15th\n\n## Q&A\n- Questions from community participants, answered by the Flatcar maintainers.\n"
},
{
"path": "attic/community-meetings/2021-11-09.md",
"content": "# Flatcar community call Tuesday, 9th of November, 5:30pm CET / 10pm IST / 4:30pm GMT / 11:30am EST / 8:30am PST\n\n- Zoom link: [https://us06web.zoom.us/j/84336116610](https://us06web.zoom.us/j/84336116610)\n - Meeting ID: 843 3611 6610\n - Passcode: 444888\n- Youtube live stream / recording: https://www.youtube.com/watch?v=5XCgOByOSeQ\n\n- Community Calls calendar (all future calls): [link](https://calendar.google.com/calendar/u/0/embed?src=c_ii991mqrpta9en8o7ofd4v19g4@group.calendar.google.com)\n - iCal version: [link](https://calendar.google.com/calendar/ical/c_ii991mqrpta9en8o7ofd4v19g4%40group.calendar.google.com/public/basic.ics)\n\n## Welcome\n- Brief intro / check-in of all participants in the Zoom call. Please introduce yourself and share what brings you here today.\n\n## News\n- We will discuss news and happenings in the Flatcar world.\n - CGroups V2 are coming to stable\n - ARM64 goes beta\n\n## Spotlight: Flatcar dev mini-projects\n- OpenSSL 3.0 in Alpha-3046.0.0 FIPS provider showcase\n- ignition-as-a-service: online ignition transpiler\n- Flatcar on Firecracker hack + demo\n\n## Status update: ARM64\n- Progress made, next steps, and path to stable.\n\n## Release planning\n- Status/Planning for the release for the week of November 15th\n- Planning for the release for the week of November 29th\n\n## Q&A\n- Questions from community participants, answered by the Flatcar maintainers - e.g. feedback on the new Stable release w/ cgroups v2.\n"
},
{
"path": "attic/community-meetings/2021-11-23.md",
"content": "# Agenda for the Flatcar Release Team call on Tuesday, 23rd of November 5:30pm CET / 10pm IST / 4:30pm GMT / 11:30am EST / 8:30am PST\n\n## Links for participants\n- Zoom link: [https://us06web.zoom.us/j/82054240491](https://us06web.zoom.us/j/82054240491)\n - Meeting ID: 820 5424 0491\n - Passcode: 444888\n- Youtube live stream / recording: [https://www.youtube.com/watch?v=VUzMuZgFQfY](https://www.youtube.com/watch?v=VUzMuZgFQfY)\n- Release Planning Board: [https://github.com/orgs/flatcar-linux/projects/5](https://github.com/orgs/flatcar-linux/projects/5)\n\n## Welcome\n- Brief introduction of new participants or attendees\n- Status of the previous Flatcar Release\n- Status/Planning for the release for the week of November 29th\n- Planning for the release for the week of December 13th\n\n## Q&A\n- Questions from community participants, answered by the Flatcar maintainers.\n"
},
{
"path": "attic/community-meetings/2021-12-17.md",
"content": "# Agenda for the Flatcar community call on Friday, 17th of December 5:30pm CET / 10pm IST / 4:30pm GMT / 11:30am EST / 8:30am PST\n\n- [Slide deck](2021-12-17-slides.pdf)\n- Youtube recording: [https://www.youtube.com/watch?v=1YsY9XEtF7Q](https://www.youtube.com/watch?v=1YsY9XEtF7Q)\n\n## Welcome\n- Brief intro / check-in of all participants in the Zoom call. Please introduce yourself and share what brings you here today.\n\n## News\n- We will discuss news and happenings in the Flatcar world.\n - ARM64 goes stable\n - Flatcar CAPI support with CAPI release 1.1\n\n## Q&A\n- Questions from community participants, answered by the Flatcar maintainers \n"
},
{
"path": "attic/community-meetings/2022-01-11.md",
"content": "# Agenda for the Flatcar community call on Tuesday, 11th of January 5:30pm CET / 10pm IST / 4:30pm GMT / 11:30am EST / 8:30am PST\n\n- Zoom link: [https://us06web.zoom.us/j/84336116610](https://us06web.zoom.us/j/84336116610)\n - Meeting ID: 843 3611 6610\n - Passcode: 444888\n- Youtube live stream / recording: [link](https://www.youtube.com/watch?v=X_nqgXLOmLk)\n- [Slide deck](2022-01-11-slides.pdf)\n- Community Calls calendar (all future calls): [link](https://calendar.google.com/calendar/u/0/embed?src=c_ii991mqrpta9en8o7ofd4v19g4@group.calendar.google.com)\n - iCal version: [link](https://calendar.google.com/calendar/ical/c_ii991mqrpta9en8o7ofd4v19g4%40group.calendar.google.com/public/basic.ics)\n\n\n## Welcome\n- Brief intro / check-in of all participants in the Zoom call. Please introduce yourself and share what brings you here today.\n\n## News\n- 5.15 Kernel in Alpha \n- upcoming FOSDEM devroom talks overview\n\n## Spotlight\n- 2021 recap - cgroupsv2, systemd updates, docker 20, ARM64 \n- Flatcar on Raspberry Pi blog\n- Fleetlock (@aniruddha2000, @tormath1 )\n\n## Release planning\n- Ongoing and upcoming releases (https://github.com/orgs/flatcar-linux/projects/5)\n\n## Q&A\n- Questions from community participants, answered by the Flatcar maintainers \n\n"
},
{
"path": "attic/community-meetings/README.md",
"content": "# Old-style community meeting agendas and presentation slides\n\nCommunity meeting planning / agendas has moved to [Github discussions](../../../../discussions/categories/community-meeting-agenda)\n\nThis section in the attic contains agenda markdown files of \"old style\" Flatcar community calls where the agenda was agreed on in a PR instead of a github discussion.\nAlso archived here are slide decks used in these meetings.\n\n"
},
{
"path": "governance.md",
"content": "# Flatcar Project Governance\n\n\nFlatcar is a community based project, anyone who wants to participate is welcomed.\nWe adopted the [CNCF code of Conduct](./CODE_OF_CONDUCT.md) as we pledge to be an opening and welcoming community for anyone who want to participate in it.\n\nThe project is governed by a flat hierarchy - a group of people sharing a common vision of Flatcar in accordance to its mission statement.\n\nThis goverance explains how the project is run.\n\n- [Values](#values)\n- [Maintainers](#maintainers)\n- [Becoming a Maintainer](#becoming-a-maintainer)\n- [Meetings](#meetings)\n- [CNCF Resources](#cncf-resources)\n- [Code of Conduct Enforcement](#code-of-conduct)\n- [Security Response Team](#security-response-team)\n- [Voting](#voting)\n- [Modifications](#modifying-this-charter)\n\n## Values\n\nThe Flatcar project, its leadership, and its maintainers embrace the following values:\n\n* Openness: Communication and decision-making happens in the open and is discoverable for future\n reference. As much as possible, all discussions and work take place in public\n forums and open repositories.\n\n* Fairness: All stakeholders have the opportunity to provide feedback and submit\n contributions, which will be considered on their merits.\n\n* Community over Product or Company: Sustaining and growing our community takes\n priority over shipping code or sponsors' organizational goals. Each\n contributor participates in the project as an individual.\n\n* Inclusivity: We innovate through different perspectives and skill sets, which\n can only be accomplished in a welcoming and respectful environment.\n\n* Participation: Responsibilities within the project are earned through\n participation, and there is a clear path up the contributor ladder into leadership\n positions.\n\n## Maintainers\n\nFlatcar Maintainers have full access to most of the repositories in the [Flatcar project](https://github.com/orgs/flatcar/), except for very few repositories that contain sensitive information, e.g. for with undisclosed security issues (see [SECURITY.md](./SECURITY.md) for more information).\nMaintainers can merge PRs, approve PR builds+tests, and create and publish releases.\nMaintainers collectively manage the project's resources, interact with contributors, elect new maintainers, and remove inactive ones.\nThe current list of maintainers can be found in [MAINTAINERS.md](./MAINTAINERS.md). Most maintainer access privileges are granted via membership of the Flatcar Github organisation's [Flatcar Maintainers team](https://github.com/orgs/flatcar/teams/flatcar-maintainers).\n\nThis privilege is granted with some expectation of responsibility: maintainers\nare people who care about the Flatcar project and want to help it grow and\nimprove. A maintainer is not just someone who can make changes, but someone who\nhas demonstrated their ability to collaborate with the team, get the most\nknowledgeable people to review code and docs, contribute high-quality code, and\nfollow through to fix issues (in code or tests).\n\nA maintainer is a contributor to the project's success and a citizen helping\nthe project succeed.\n\nThe collective team of all Maintainers is known as the Maintainer Council, which\nis the governing body for the project.\n\n### Becoming a Maintainer\n\nMaintainers are active community members who are responsible for the overall quality and stewardship of the project, and are expected to remain actively involved in the project and participate in voting and discussing of proposed project level changes.\n\nAnyone with an established track record of contributions to the project can become a maintainer.\nThe contributions are expected to be substantial, and must demonstrate a commitment to the long-term success of the project.\nMaintainership is not limited to engineering / development merits; all contributions - e.g. working with issues, providing guidance and feedback to users, reviewing PRs, contributing to docs, evangelising Flatcar - count.\nBecoming a maintainer is about building trust with the current maintainers of the project and being a person that they can depend on to make decisions in the best interest of the project in a consistent manner.\n\nMaintainer candidates should have demonstrated they:\n- Collaborate well.\n- Have a deep and comprehensive understanding of the Flatcar code base, technical goals, and directions.\n- Actively engage with major Flatcar feature proposals and implementations.\n\nThe Flatcar project welcomes both development as well as community-focuses contributions.\nTo gain maintainership, the following is expected:\n * commitment to the project's continued success:\n * participate in discussions, contributions, code and documentation reviews for 6 months or more,\n * actively evangelise Flatcar in at least 20 talks/presentations at 10 different conferences or meetups\n * organise and chair at least 15 maintainer events, e.g. bug fixing or doc writing days, with at least 5 maintainers participating each event\n * Contribute to the project's development\n * perform reviews for 30 non-trivial pull requests,\n * contribute 10 non-trivial pull requests and have them merged,\n * ability to write quality code and/or documentation,\n * ability to collaborate with the team,\n * demonstrated understanding of how the team works (policies, processes for testing and code review, etc),\n * understanding of the project's code base and coding and / or documentation style.\n\nPeriodically, the existing maintainers curate a list of contributors that have shown regular activity on the project over the prior months.\nThe nominating maintainer will create a PR to update the Maintainers List.\nIt is recommended to describe the reasons for the nomination and the contribution of the nominee in the PR.\nUpon consensus of incumbent maintainers, the PR will be approved and the new maintainer becomes active.\n\nMaintainers who are selected will be granted the necessary GitHub rights.\n\n\n### Removing a Maintainer\n\nLife priorities, interests, and passions can change.\nIf you're a maintainer but feel you must remove yourself from the list, inform other maintainers that you intend to step down, and if possible, help find someone to pick up your work. \nAt the very least, ensure your work can be continued where you left off.\nAfter you've informed other maintainers, create a pull request to remove yourself from the [MAINTAINERS](MAINTAINERS.md) file.\nIf applicable, include a change to [EMERITUS_MAINTAINERS](EMERITUS_MAINTAINERS.md) to add yourself to the list of emeritus maintainers.\nThis will ease your return to active maintainership in the future.\n\nMaintainers may also be removed after being inactive, failure to fulfill their \nMaintainer responsibilities, violating the Code of Conduct, or other reasons.\nInactivity is defined as a period of very low or no activity in the project \nfor a year or more, with no definite schedule to return to full Maintainer \nactivity.\n\nA Maintainer may be removed at any time by a 2/3 vote of the remaining maintainers.\n\nDepending on the reason for removal, a Maintainer may be converted to Emeritus\nstatus. Emeritus Maintainers will still be consulted on some project matters,\nand can be rapidly returned to Maintainer status if their availability changes.\n\n\n## Meetings\n\nTime zones permitting, Maintainers are expected to participate in the Flatcar Developer Syncs meeting every 4th Wednesday of a month.\nThe meeting time observes the Universal Coordinated time. It occurs at 2:30pm UTC.\nDepending on your local timezone, the slot might be subject to summer time changes.\n* During daylight saving time, the meeting occurs at 8pm IST (IST does not observe daylight saving time) / 4:30pm CEST / 10:30am EDT / 7:30am PST.\n* Outside of daylight saving time, the meeting occurs at 8pm IST / 3:30pm CET / 9:30am EST / 6:30am PST.\n\nA calendar is available to ease planning. The calendar contains Developer syncs, project office hours, and one-off events like bug fixing or doc writing days.\n* Google calendar link: https://calendar.google.com/calendar/u/0/embed?src=c_ii991mqrpta9en8o7ofd4v19g4@group.calendar.google.com\n* iCal link (for importing): https://calendar.google.com/calendar/ical/c_ii991mqrpta9en8o7ofd4v19g4%40group.calendar.google.com/public/basic.ics\n\nMaintainers will also have closed meetings in order to discuss security reports\nor Code of Conduct violations. Such meetings should be scheduled by any\nMaintainer on receipt of a security issue or CoC report. All current Maintainers\nmust be invited to such closed meetings, except for any Maintainer who is\naccused of a CoC violation.\n\n## CNCF Resources\n\nAny Maintainer may suggest a request for CNCF resources during a\nmeeting. A simple majority of Maintainers approves the request. The Maintainers\nmay also choose to delegate working with the CNCF to non-Maintainer community\nmembers, who will then be added to the [CNCF's Maintainer List](https://github.com/cncf/foundation/blob/main/project-maintainers.csv)\nfor that purpose.\n\n## Code of Conduct\n\n[Code of Conduct](./code-of-conduct.md)\nviolations by community members will be discussed and resolved\non the [private Maintainer mailing list](maintainers@flatcar-linux.org). If a Maintainer is directly involved\nin the report, the Maintainers will instead designate two Maintainers to work\nwith the CNCF Code of Conduct Committee in resolving it.\n\n## Security Response Team\n\nThe Maintainers will appoint a Security Response Team to handle security reports.\nThis committee is a sub-set of the Maintainer Council with full access to undisclosed security issues tracked by the project.\nMembers of the Security Response team as well as respective access permissions to sensitive data are administrated via membership in the [Flatcar Github organisation's Security team](https://github.com/orgs/flatcar/teams/flatcar-security-team).\nThe Maintainers will review who is assigned to this at least once a year.\n\nThe Security Response Team is responsible for handling all reports of security\nissues and breaches according to the [security policy](./SECURITY.md).\n\n## Voting\n\nWhile most business in Flatcar is conducted by \"[lazy consensus](https://community.apache.org/committers/lazyConsensus.html)\", \nperiodically the Maintainers may need to vote on specific actions or changes.\nA vote can be taken on \n[the private Maintainer mailing list](maintainers@flatcar-linux.org) for security or conduct matters. \nVotes may also be taken at [Flatcar Developer Syncs meetings](https://meet.flatcar.org/OfficeHours). Any Maintainer may\ndemand a vote be taken.\n\nMost votes require a simple majority of all Maintainers to succeed, except where\notherwise noted. Two-thirds majority votes mean at least two-thirds of all \nexisting maintainers.\n\n## Modifying this Charter\n\nChanges to this Governance and its supporting documents may be approved by \na 2/3 vote of the Maintainers.\n"
},
{
"path": "interop-matrix.md",
"content": "# Flatcar inter-operation matrix\n\nThis document tracks Flatcar inter-operability across environments.\n\nOwnership of an item implies ensuring test coverage in release tests of official Flatcar releases (L2 and above) as well as handling bugs and feature requests that affect the respective environment specifically.\nPlease propose ownership by filing a PR for this document.\n\n## Public cloud (machines)\n\n| Environment | Full-Feature (release blocker) | Works | Tested (CI) | Owner | Reference (e.g. GH issue) | Notes |\n|-------------|--------------------------------|-------|-------------|-------|---------------------------|-------|\n| EC2 | Partial | X | X | @flatcar/flatcar-maintainers | | IAM 2.0 support missing |\n| Azure | X | X | X | @flatcar/flatcar-maintainers | | |\n| GCE | X | X | X | @flatcar/flatcar-maintainers | | |\n| Digital Ocean (VMs) | X | X | X | @flatcar/flatcar-maintainers | | |\n| Equinix Metal | X | X | X | @flatcar/flatcar-maintainers | | |\n| ESXi / vSphere | X | X | X | @flatcar/flatcar-maintainers | | |\n| Hetzner Cloud | | X | | [no owner] | | |\n| Vultr VPS | | X | | [no owner] | | |\n| Cloudscale | | X | | [no owner] | | |\n| Oracle Cloud | | X | | [no owner] | | Bring-your-own-image on OCI VMs; install via Ubuntu on OCI bare metal |\n| Tencent | | | | [no owner] | | |\n| AliCloud | | | | [no owner] | | |\n| Yandex | | | | [no owner] | | |\n| Brightbox | X | X | X | @flatcar/flatcar-maintainers | | |\n\n## Private Cloud (machines)\n\n| Environment | Full-Feature (release blocker) | Works | Tested (CI) | Owner | Reference (e.g. GH issue) | Notes |\n|-------------|--------------------------------|-------|-------------|-------|---------------------------|-------|\n| Azure Stack | | w/ caveat | | [no owner] | | controller node not supported on Flatcar (cloud-init feature missing) |\n| Tinkerbell | | X | | [no owner] | | |\n| Rancher (VMs) | | X | | [no owner] | | |\n| QEmu / KVM backed | X | X | X | @flatcar/flatcar-maintainers | | |\n| OpenStack | X | X | X | @flatcar/flatcar-maintainers | | |\n| VirtualBox | | X | | [no owner] | | |\n| Vagrant | | X | | [no owner] | | Isn't this plain qemu/kvm? |\n\n## Managed Kubernetes\n\n| Environment | Full-Feature (release blocker) | Works | Tested (CI) | Owner | Reference (e.g. GH issue) | Notes |\n|-------------|--------------------------------|-------|-------------|-------|---------------------------|-------|\n| EKS | | X | | [no owner] | | |\n| GiantSwarm | | X | | Provider | | |\n\n## Cluster API\n\n| Environment | Full-Feature (release blocker) | Works | Tested (CI) | Owner | Reference (e.g. GH issue) | Notes |\n|-------------|--------------------------------|-------|-------------|-------|---------------------------|-------|\n| CAPB | X | X | X (upstream) | Upstream | | Covered by CAPB release tests |\n| CAPA | X | X | X (upstream) | Upstream | | Covered by CAPA release tests |\n| CAPA EKS | | | | [no owner] | | |\n| CAPZ | | w/ caveat | | @flatcar/flatcar-maintainers | | WIP Prototype |\n| CAPV | | [no owner] | | | |\n| CAPM3 | | [no owner] | | | |\n| CAPG | | [no owner] | | | |\n| CAPO | | X | X (upstream) | Upstream | | |\n\n## Kubernetes Distros\n\n| Environment | Full-Feature (release blocker) | Works | Tested (CI) | Owner | Reference (e.g. GH issue) | Notes |\n|-------------|--------------------------------|-------|-------------|-------|---------------------------|-------|\n| AKS Engine | | X | | [no owner] | | https://kinvolk.io/blog/2020/12/supercharging-aks-engine-with-flatcar-container-linux/ |\n| Rancher (rke) | | X | | [no owner] | | |\n| Rancher (rke2) | | | | [no owner] | | |\n| Lokomotive | X | X | X | @kinvolk/lokomotive-developers | | |\n| Tanzu KG | | X | | [no owner] | | |\n| K3s | | X | | [no owner] | | |\n| EKS-Distro | | X | | [no owner] | | |\n| KOPS | | X | | upstream | | |\n| Kubematic | | X | | [no owner] | | |\n| Gardener | | X | | [no owner] | | |\n\n## Other\n\nPlease add below what does not fit into any of the categories above.\n\n| Environment | Full-Feature (release blocker) | Works | Tested (CI) | Owner | Reference (e.g. GH issue) | Notes |\n|-------------|--------------------------------|-------|-------------|-------|---------------------------|-------|\n| | | | | | | |\n"
},
{
"path": "sync-maintainers/README",
"content": "A personal access token with public_repo scope is needed.\nUsage:\n\n```\npython3 -m venv venv\n. venv/bin/activate\npip install -r requirements.txt\n./sync-maintainers.py list\n./sync-maintainers.py repo --repo=REPONAME\nGITHUB_TOKEN=... ./sync-maintainers github --repo=REPONAME\n```\n"
},
{
"path": "sync-maintainers/requirements.txt",
"content": "requests\nblack\n"
},
{
"path": "sync-maintainers/sync-maintainers.py",
"content": "#!/usr/bin/env python3\nimport requests\nimport json\nimport subprocess\nimport os\nimport sys\nimport argparse\n\n\ndef parse(m):\n para = []\n repos = []\n while len(m):\n line = m.pop(0)\n if line == \"# Maintainers\":\n line = m.pop(0)\n while not line.startswith(\"#\"):\n para.append(line)\n line = m.pop(0)\n if line.startswith(\"###\"):\n repo = line.split(\"### \")[1].strip()\n maint = []\n m.pop(0) # maintainers:\n line = m.pop(0)\n while line.startswith(\"* \"):\n maint.append(line)\n line = m.pop(0) if len(m) else \"\"\n if repo != \"Flatcar\":\n repos.append((repo, maint))\n return para, repos\n\n\nMAINTAINERS_TEMPLATE = \"\"\"# Maintainers\n\n{maintainers}\n\n{paragraph}\n\nThe contents of this file are synchronized from [Flatcar/MAINTAINERS.md](https://github.com/flatcar/Flatcar/blob/main/MAINTAINERS.md).\n\"\"\"\n\n\ndef write_maintainers_file(repo_name, paragraph, maintainers):\n maintainers_entry = \"\\n\".join(maintainers)\n maintainers_content = MAINTAINERS_TEMPLATE.format(\n maintainers=maintainers_entry, paragraph=paragraph\n )\n repo_filename = f\"{repo_name}/MAINTAINERS.md\"\n with open(repo_filename, \"w\") as f:\n f.write(maintainers_content)\n\n\nBRANCH_NAME = \"sync-maintainers\"\n\n\ndef checkout_branch(repo_name):\n return subprocess.run(\n [\"git\", \"-C\", repo_name, \"checkout\", \"-B\", BRANCH_NAME, \"origin/HEAD\"],\n check=True,\n )\n\n\ndef commit(repo_name):\n subprocess.run([\"git\", \"-C\", repo_name, \"add\", \"MAINTAINERS.md\"], check=True)\n subprocess.run(\n [\n \"git\",\n \"-C\",\n repo_name,\n \"commit\",\n \"-m\",\n \"Sync maintainers file from flatcar/flatcar repository\",\n ],\n check=True,\n )\n\n\ndef push(repo_name):\n subprocess.run(\n [\"git\", \"-C\", repo_name, \"push\", \"--force\", \"origin\", BRANCH_NAME], check=True\n )\n\n\ndef parse_maintainers(repo=None):\n maint_file = \"../MAINTAINERS.md\"\n with open(maint_file) as f:\n m = f.read().splitlines()\n para, repos = parse(m)\n paragraph = \"\\n\".join(para).strip()\n if repo:\n repos = [r for r in repos if r[0] == repo]\n return repos, paragraph\n\n\ndef main_repo(args):\n repos, paragraph = parse_maintainers(args.repo)\n for (repo_name, maintainers) in repos:\n repo_url = f\"git@github.com:flatcar/{repo_name}\"\n subprocess.run([\"git\", \"clone\", \"--depth=1\", repo_url])\n checkout_branch(repo_name)\n write_maintainers_file(repo_name, paragraph, maintainers)\n commit(repo_name)\n push(repo_name)\n\n\ndef prepare_req(repo, token, api):\n api = \"/\" + api if api else \"\"\n url = f\"https://api.github.com/repos/flatcar/{repo}{api}\"\n headers = {\n \"Accept\": \"application/vnd.github+json\",\n f\"Authorization\": \"Bearer {token}\",\n }\n return url, headers\n\n\ndef get_pr(repo, token):\n url, headers = prepare_req(repo, token, \"pulls\")\n params = {\"state\": \"open\", \"head\": f\"flatcar:{BRANCH_NAME}\"}\n return requests.get(url, headers=headers, params=params)\n\n\ndef get_default_branch(repo, token):\n url, headers = prepare_req(repo, token, \"\")\n resp = requests.get(url, headers=headers).json()\n return resp[\"default_branch\"]\n\n\ndef create_pr(repo, token, base):\n url, headers = prepare_req(repo, token, \"pulls\")\n data = {\n \"title\": \"Sync MAINTAINERS.md\",\n \"head\": f\"flatcar:{BRANCH_NAME}\",\n \"base\": base,\n }\n return requests.post(url, headers=headers, json=data)\n\n\ndef update_assignees(repo, token, pr, assignees):\n url, headers = prepare_req(repo, token, f\"pulls/{pr}/requested_reviewers\")\n data = {\"reviewers\": assignees}\n return requests.post(url, headers=headers, json=data)\n\n\ndef get_assignees(maintainers):\n assignees = [e.split(\"@\")[1] for e in maintainers]\n return assignees\n\n\ndef main_github(args):\n token = os.getenv(\"GITHUB_TOKEN\")\n if not token:\n raise Exception(\"Missing GITHUB_TOKEN env variable\")\n repos, _ = parse_maintainers(args.repo)\n for (repo_name, maintainers) in repos:\n pr = get_pr(repo_name, token).json()\n if not pr:\n print(f\"{repo_name} creating pr\")\n base = get_default_branch(repo_name, token)\n pr = [create_pr(repo_name, token, base).json()]\n prnum = pr[0][\"number\"]\n assignees = get_assignees(maintainers)\n resp = update_assignees(repo_name, token, prnum, assignees)\n if resp.status_code != 201:\n print(resp.json())\n else:\n print(\"{repo_name} ok\")\n\n\ndef main_list(args):\n repos, _ = parse_maintainers()\n for (repo_name, _) in repos:\n print(repo_name)\n\n\nparser = argparse.ArgumentParser(prog=\"sync-maintainers.py\")\nsubparser = parser.add_subparsers(required=True, dest=\"cmd\")\nparser_repo = subparser.add_parser(\"repo\", help=\"perform git repository operations\")\nparser_repo.add_argument(\"--repo\", help=\"Repository to operate on; default all\")\nparser_repo.set_defaults(func=main_repo)\nparser_github = subparser.add_parser(\n \"github\", help=\"perform github pull request operations\"\n)\nparser_github.add_argument(\"--repo\", help=\"Repository to operate on; default all\")\nparser_github.set_defaults(func=main_github)\nparser_list = subparser.add_parser(\"list\", help=\"list all repositories with entries\")\nparser_list.set_defaults(func=main_list)\n\nif __name__ == \"__main__\":\n args = parser.parse_args()\n args.func(args)\n"
}
]