Follow ZDNET: Add us as a preferred source on Google.
ZDNET’s key takeaways
- Microsoft released its first full Linux distro: Azure Linux 4.0
- Azure Linux has split into Azure Container Linux and the new virtual machine edition: Azure Linux.
- Microsoft effectively admits that it’s a de facto Linux-based company.
Minneapolis – So, there I was at Open Source Summit North America, listening to Brendan Burns, co-founder of Kubernetes and today Microsoft’s Corporate VP of Azure Cloud Native and Management Platform, and Open Source, talk about the evolution from open-source to agentic AI. Then, in the middle of his presentation, he said, “When I started in Azure 10 years ago, it was not the majority operating system running on the Azure cloud. It has become the majority operating system running on the Azure cloud in the past 10 years. And today, I think we’re really excited to announce that we’re going to be having Microsoft’s open-source Linux distribution, a supported version of Linux supported by Microsoft, available on Azure, out for anybody to use.”
I blinked. Backstage, Jim Zemlin, the Linux Foundation’s CEO, blinked, and all the Linux-savvy people in the crowd went “Huh?”
Also: The 4th Linux kernel flaw this month can lead to stolen SSH host keys
Microsoft has released Linux-based programs before. The first was the Azure Sphere edge computing device. This was followed by CBL-Marnier, a Linux-based container software platform, which was later renamed Azure Linux. Never, however, had Microsoft released a general-purpose Linux distro… until now.
That was it. That was all he said. Zemlin called him back onstage and asked if he’d really just announced a Microsoft Linux distro. Burns replied that yes, he had. Zemlin continued, “When Microsoft joined the Linux Foundation, there was this big conspiracy theory that somehow the Linux Foundation was undermining open source in partnership with Microsoft, and now you announce that you’re shipping a Linux distribution. That’s amazing.”
He’s right. It is. We’ve come a long way from the days when former Microsoft CEO Steve Ballmer called Linux a cancer. Now, Burns said, “It’s been a really great journey, and it’s been awesome to see everybody within the company rally around it.”
So why did the news catch us all by surprise? It was because the news was originally meant to be announced at Microsoft Techcon in two weeks. But, at the last minute, they decided to let the news out now.
Also: Cloud attacks are getting faster and deadlier – 4 ways to secure your business
Burns left the conference before I could get further details, but the Linux Foundation’s crack PR team arranged for me to meet Lachlan Everson, Microsoft’s Principal Program Manager on Azure’s open-source team. He told me Microsoft is turning Azure Linux into a full-fledged general-purpose cloud distribution with Azure Linux 4.0 while simultaneously productizing Flatcar Container Linux as a hardened, immutable container host called Azure Container Linux (ACL).
The former is a general-purpose virtual machine (VM) image for all Azure customers, not just Azure Kubernetes Service (AKS) users. Until now, Everson noted, “we had Azure Linux only available to third-party customers through AKS specifically, and that was Azure Linux 3.0.” Going forward, this will be ACL.
Everson emphasized that Azure Linux 4.0 is the culmination of years of internal usage and the evolution of the earlier Mariner distribution. “So we’ve been running Azure Linux for many years internally, and we got through to 3.0, and we only allowed it on as a container host on AKS. What we’ve done is make it a general-purpose, so this is all the learnings that we’ve had in the heritage of Mariner.”
Fedora-based, open source, Azure-tuned
Under the hood, Azure Linux 4.0 is based on Fedora Linux and is delivered as an open distribution on GitHub. This code is available now. Yes, Red Hat knows that Microsoft has done this. Everson continued, “So, we made a decision to use Fedora as an upstream, so it’s using RPMs in the Fedora ecosystem. Microsoft curates the packages and the supply chain to fit Azure’s cloud platform.” Microsoft also created “it to be purpose-built for Azure, which integrates vertically into all of our infrastructure to give you the best Azure Linux experience on Azure.”
While Azure Linux will ship as a VM image, Microsoft is already preparing a developer-friendly path onto Windows desktops: “And as of today, we have it as a VM image for your VM host on Azure. We’re going to announce WSL images as well.”
Also: How to check your Windows PC for expiring security certificates – a big one ends in June
While developers will be able to run Azure Linux locally through WSL, Microsoft is not positioning it as a traditional desktop Linux. Asked whether he could run it on his laptop, Everson said: “I will be able to run it on my laptop, or what have you. Yes, on Windows 11.” However, when pressed about a desktop experience, Everson was clear that there are “no plans” for a graphical environment.
“It’s optimized for server-side in the cloud,” he said, adding that even on a developer machine, users should expect a lean environment. “Minimal packages, yeah. The idea is that we offer you a consistent experience to do your development on your machine, and that you can take your workloads as you develop them on your machine and run them with VS Code. You can run your applications on that, and know that the platform is the same that you’re running on the cloud, so that you have that kind of consistency between environments.”
Azure Container Linux
Flatcar itself remains the upstream project, but Microsoft is packaging it for Azure customers. Everson described Flatcar as “purpose-built, immutable, secure by default, production-ready operating system, and Azure Container Linux is the productization of that, but we’re still investing in the upstream Flatcar ecosystem and pulling that downstream into a productized exterior experience just for container workloads, so it’s a container hosting in AKS.”
To underscore the immutable model, he added that “Everything’s baked in, so there is no package manager. We bake the bits into the immutable, and they’re in the immutable version. So Azure Container Linux is the immutable version. So you shouldn’t be changing any system packages or any application packages. Anything that you need to change is customer workloads run in containers.”
Lifecycle, support, and upgrades
For existing Azure Linux 3.x users, Microsoft is promising a straightforward path forward rather than a disruptive migration. In response to a question about moving from “Azure Linux free,” Everson said simply, “Yes,” when asked if users could “just upgrade” without a migration. He then outlined a defined support window: “We have two years of support.”
Also: Red Hat Desktop vs. Fedora Hummingbird: Which AI development Linux path is right for you?
Within that window, Microsoft aims to keep kernel choices stable while providing upgrades. “So what we try to do is pick specific kernel versions that we’re using for over the lifetime of the two years of support for that specific version, and then we offer an upgrade pathway for customers as well, so it’s fully supported and then upgradable in the two years.” This is paired with a predictable monthly security update rhythm.
That said, security is central to the Azure Linux story, especially amid a surge of kernel issues in the AI era. Everson framed Microsoft’s value proposition around owning the entire supply chain: “So, part of the value proposition is that because we are taking care of the supply chain of all the pieces to build the distribution, we have minimal surface area of the packages, curated kernel, and customizations for running on Azure to support all the hardware, and we also have best in class security.”
Microsoft is committing to monthly patches for Azure Linux — just don’t call it Patch Tuesday. However, if a serious Common Vulnerabilities and Exposures (CVE) appears, Microsoft promises to offer a patched image “as soon as those patches come out.”
Also: Microsoft finally open sources DOS 1.0 – and it’s so much more than the code
The new Azure Linux is also designed to let customers offload much of the update management if they choose. When asked whether users would need to intervene to stay current, Everson pointed to built-in automation: “Whether they’re VMs or AKs, we have the ability to opt in to automatic upgrades based on security.” In larger, scaled-out deployments, those updates are handled gradually to avoid disruption.
For customers with fragile or highly customized applications, opting out remains an option. “So if you opt into that, you will always be up to date and secure with the latest versions,” Everson said, before acknowledging the other camp: “You can definitely opt out of it.”
He tied this approach back to a philosophy of staying ahead of public disclosure: “As Jim said, we’ve got to make sure that our customers can keep up to date with the rate of change and the rate of disclosures and patches, so we’ve really breaked that into the core of the operating system, that we can take those updates really quickly, so that you’re not waiting,”
Positioning in the AI-native era and with partners
Everson cast Azure Linux as a response to the “AI native explosion” and the dominance of Linux as the substrate for modern AI applications. “All AI applications are running on the Linux stack,” he said. Microsoft, he argued, has “learned to build very hard on Linux images, and we want to give that to our customers, so that they can be successful in the AI native era.”
At the same time, he stressed that Azure Linux is meant to complement, not replace, other distributions in Azure’s catalog. Asked whether Red Hat knew about the new offering, the answer was unequivocal: “Actually, yes.” Everson added, “We still have a great ecosystem of partners, right? This changes nothing with those relationships. If you want to run Red Hat, if you want to run Ubuntu, that’s absolutely okay. What we saw was an opportunity to give you a battery-included experience on Azure. We have eight endorsed distros on our platform, and we will continue to work with those.”
Also: Canonical’s approach to AI is refreshingly thoughtful – Microsoft should take note
As Microsoft announced in a blog post, “Today, more than two-thirds of customer cores in Azure run Linux, and the platforms running Microsoft 365, GitHub, and OpenAI’s ChatGPT all sit on Linux foundations. When ChatGPT scales across more than 10 million compute cores worldwide and serves a billion queries a day, Linux and Kubernetes are what make that possible.”
So here we are. Microsoft is running its most important services on Linux. Thus, it only makes sense that Microsoft is finally shipping a complete, albeit server-centric Linux distro, while continuing to support multiple other Linux distros. Today, Microsoft has finally admitted that it is, outside the desktop, primarily a Linux company.