Ok, so it’s not named MS-Linux or Lindows, but Microsoft now has its very own, honest-to-goodness general-purpose Linux distribution: Common Base Linux, (CBL)-Mariner. And, just like any Linux distro, you can download it and run it yourself. Amazing isn’t it? Why the next thing you know Microsoft will let you run Windows applications on Linux! Oh, wait it has!
One more time with feeling, listen to yours truly and Linus Torvalds, Microsoft is no longer Linux’s enemy. The enemy of AWS and Google? You bet. But, Linux no.
Take, for example, CBL-Mariner. Microsoft didn’t make a big fuss about releasing CBL-Mariner. It quietly released the code on GitHub and anyone can use it. Indeed, Juan Manuel Rey, a Microsoft Senior Program Manager for Azure VMware, recently published a guide on how to build an ISO CBL-Mariner image. Before this, if you were a Linux expert, with a spot of work you could run it, but now, thanks to Rey, anyone with a bit of Linux skill can do it.
CBL-Mariner is not a Linux desktop. Like Azure Sphere, Microsoft’s first specialized Linux distro, which is used for securing edge computing services, it’s a server-side Linux.
This Microsoft-branded Linux is an internal Linux distribution. It’s meant for Microsoft’s cloud infrastructure and edge products and services. Its main job is to provide a consistent Linux platform for these devices and services. Just like Fedora is to Red Hat, it keeps Microsoft on Linux’s cutting edge.
CBL-Mariner is built around the idea that you only need a small common core set of packages to address the needs of cloud and edge services. If you need more, CBL-Mariner also makes it easy to layer on additional packages on top of its common core. Once that’s done, its simple build system easily enables you to create RPM packages from SPEC and source files. Or, you can also use it to create ISOs or Virtual hard disk (VHD) images.
As you’d expect the basic CBL-Mariner is a very lightweight Linux. You can use it as a container or a container host. With its limited size also comes a minimal attack surface. This also makes it easy to deploy security patches to it via RPM. Its designers make a particular point of delivering the latest security patches and fixes to its users. For more about its security features see CBL-Mariner’s GitHub security features list.
Like any other Linux distro, CBL-Mariner is built on the shoulders of giants. Microsoft credits VMware’s Photon OS Project, a secure Linux, The Fedora Project, Linux from Scratch — a guide to building Linux from source, the OpenMamba distro, and, yes, even GNU and the Free Software Foundation (FSF). I know it galls some of you that Microsoft acknowledges the FSF, but this is not the ’90s and Steve “Linux is a cancer” Ballmer hasn’t been Microsoft’s CEO since 2014.
To try it for yourself, you’ll build it on Ubuntu 18.04. Frankly, I’d be surprised if you couldn’t build it on any Ubuntu Linux distro from 18.04 on up. I did it on my Ubuntu 20.04.2 desktop. You’ll also need the latest version of the Go language and Docker.
Even though the default build system is Ubuntu, CBL-Mariner itself owes a large debt to Fedora. For example, it uses Tiny DNF as its DNF RPM package manager. For its atomic image-based update mechanism it uses RPM-OSTree.
So, if you want a secure, stable Linux for your edge computing or container needs, I suggest — in all seriousness — you give CBL-Mariner a try. While I continue to have my doubts about Windows as a serious operating system, Microsoft did a fine job of creating a solid Linux. Who would have guessed!