CoreOS Container Linux Logo

A container-focused OS that's designed for painless management in large clusters

Container Linux quick start

If you don't have a Container Linux machine running, check out the guides on running Container Linux on most cloud providers (EC2, Rackspace, GCE), virtualization platforms (Vagrant, VMware, OpenStack, QEMU/KVM) and bare metal servers (PXE, iPXE, ISO, Installer). With any of these guides you will have machines up and running in a few minutes.

It's highly recommended that you set up a cluster of at least 3 machines — it's not as much fun on a single machine. If you don't want to break the bank, Vagrant allows you to run an entire cluster on your laptop. For a cluster to be properly bootstrapped, you have to provide ideally an Ignition config (generated from a Container Linux Config), or possibly a cloud-config, via user-data, which is covered in each platform's guide.

Container Linux gives you three essential tools: service discovery, container management and process management. Let's try each of them out.

First, on the client start your user agent by typing:

eval $(ssh-agent)

Then, add your private key to the agent by typing:


Connect to a Container Linux machine via SSH as the user core. For example, on Amazon, use:

$ ssh
CoreOS (beta)

If you're using Vagrant, you'll need to connect a bit differently:

$ ssh-add ~/.vagrant.d/insecure_private_key
Identity added: /Users/core/.vagrant.d/insecure_private_key (/Users/core/.vagrant.d/insecure_private_key)
$ vagrant ssh core-01
CoreOS (beta)

Service discovery with etcd

The first building block of Container Linux is service discovery with etcd (docs). Data stored in etcd is distributed across all of your machines running Container Linux. For example, each of your app containers can announce itself to a proxy container, which would automatically know which machines should receive traffic. Building service discovery into your application allows you to add more machines and scale your services seamlessly.

If you used an example Container Linux Config or cloud-config from a guide linked in the first paragraph, etcd is automatically started on boot.

A good starting point for a Container Linux Config would be something like:

This is the human-readable config file. This should not be immediately passed to Container Linux. Learn more.
# This config is meant to be consumed by the config transpiler, which will
# generate the corresponding Ignition config. Do not pass this config directly
# to instances of Container Linux.

    - name: core
        - ssh-rsa AAAA...
This is the raw machine configuration, which is not intended for editing. Learn more. Validate the config here.
  "ignition": {
    "config": {},
    "timeouts": {},
    "version": "2.1.0"
  "networkd": {},
  "passwd": {
    "users": [
        "name": "core",
        "sshAuthorizedKeys": [
          "ssh-rsa AAAA..."
  "storage": {},
  "systemd": {
    "units": [
        "dropins": [
            "contents": "[Service]\nExecStart=\nExecStart=/usr/lib/coreos/etcd-wrapper $ETCD_OPTS \\\n  --discovery=\"\u003ctoken\u003e\"",
            "name": "20-clct-etcd-member.conf"
        "enable": true,
        "name": "etcd-member.service"

In order to get the discovery token, visit and you will receive a URL including your token. Paste the whole thing into your Container Linux Config file.

etcdctl is a command line interface to etcd that is preinstalled on Container Linux. To set and retrieve a key from etcd you can use the following examples:

Set a key message with value Hello world:

etcdctl set /message "Hello world"

Read the value of message back:

etcdctl get /message

You can also use simple curl. These examples correspond to previous ones:

Set the value:

curl -L -XPUT -d value="Hello world"

Read the value:

curl -L

If you followed a guide to set up more than one Container Linux machine, you can SSH into another machine and can retrieve this same value.

More detailed information

View Complete Guide Read etcd API Docs

Container management with Docker

The second building block, Docker (docs), is where your applications and code run. It is installed on each Container Linux machine. You should make each of your services (web server, caching, database) into a container and connect them together by reading and writing to etcd. You can quickly try out a minimal busybox container in two different ways:

Run a command in the container and then stop it:

docker run busybox /bin/echo hello world

Open a shell prompt inside the container:

docker run -i -t busybox /bin/sh

More detailed information

View Complete Guide Read Docker Docs