Running Flatcar Container Linux on AWS EC2

The current AMIs for all Flatcar Container Linux channels and EC2 regions are listed below and updated frequently. Using CloudFormation is the easiest way to launch a cluster, but it is also possible to follow the manual steps at the end of the article. Questions can be directed to the Flatcar Container Linux IRC channel or user mailing list .

Release retention time

After publishing, releases will remain available as public AMIs on AWS for 9 months. AMIs older than 9 months will be un-published in regular garbage collection sweeps. Please note that this will not impact existing AWS instances that use those releases. However, deploying new instances (e.g. in autoscaling groups pinned to a specific AMI) will not be possible after the AMI was un-published.

Choosing a channel

Flatcar Container Linux is designed to be updated automatically with different schedules per channel. You can disable this feature , although we don’t recommend it. Read the release notes for specific features and bug fixes.

The Alpha channel closely tracks master and is released frequently. The newest versions of system libraries and utilities will be available for testing. The current version is Flatcar Container Linux 3115.0.0.

View as json feed: amd64 arm64

EC2 Region	AMI Type	AMI ID
ap-east-1	HVM (amd64)	ami-056ee356f6a16cdc7
ap-east-1	HVM (arm64)	ami-06179fd0818608470
ap-northeast-1	HVM (amd64)	ami-0c3efb721ec40e0fa
ap-northeast-1	HVM (arm64)	ami-09f439d29f43fe8ba
ap-northeast-2	HVM (amd64)	ami-0b5c9fe699bacbe53
ap-northeast-2	HVM (arm64)	ami-0c5788be3b7d76e71
ap-south-1	HVM (amd64)	ami-0b2281b44c282ea38
ap-south-1	HVM (arm64)	ami-0e9aa2743e85aa33e
ap-southeast-1	HVM (amd64)	ami-0f912343973bb167a
ap-southeast-1	HVM (arm64)	ami-0087f949186554cfd
ap-southeast-2	HVM (amd64)	ami-025fdc32829db96ef
ap-southeast-2	HVM (arm64)	ami-0055ec317773dc2a1
ca-central-1	HVM (amd64)	ami-0f25c535bc7ee7914
ca-central-1	HVM (arm64)	ami-05507999ae45d39f2
eu-central-1	HVM (amd64)	ami-0b6d58ff990603b68
eu-central-1	HVM (arm64)	ami-011e0ef94566384b3
eu-north-1	HVM (amd64)	ami-09805c75c87e4ec50
eu-north-1	HVM (arm64)	ami-02d0b3cc1438531fe
eu-west-1	HVM (amd64)	ami-02e4090fa1a6924ae
eu-west-1	HVM (arm64)	ami-0b565b3c832090f6d
eu-west-2	HVM (amd64)	ami-01e46174db5cee8a5
eu-west-2	HVM (arm64)	ami-05204e26a9841b983
eu-west-3	HVM (amd64)	ami-053101f6a2b67cc98
eu-west-3	HVM (arm64)	ami-0eba0d5f2bcdaba07
me-south-1	HVM (amd64)	ami-0efef6f13eba91ceb
me-south-1	HVM (arm64)	ami-01a43ca79e7f8f4b2
sa-east-1	HVM (amd64)	ami-04c0afd4de5cd9f90
sa-east-1	HVM (arm64)	ami-00366f7d95c9a97f0
us-east-1	HVM (amd64)	ami-057aa647d274a00f6
us-east-1	HVM (arm64)	ami-06d0cadb86ce03d10
us-east-2	HVM (amd64)	ami-008ce905fc922b699
us-east-2	HVM (arm64)	ami-0bce156c8b2ea9490
us-west-1	HVM (amd64)	ami-0900b54645a79d4e1
us-west-1	HVM (arm64)	ami-0efcb2c7b265dd5ee
us-west-2	HVM (amd64)	ami-08744429ecc8d8e4c
us-west-2	HVM (arm64)	ami-08f2ab6a9c504e9eb

The Beta channel consists of promoted Alpha releases. The current version is Flatcar Container Linux 3066.1.0.

View as json feed: amd64 arm64

EC2 Region	AMI Type	AMI ID
ap-east-1	HVM (amd64)	ami-0b92a7cf120aaaca4
ap-east-1	HVM (arm64)	ami-0fd1939e90b8c3786
ap-northeast-1	HVM (amd64)	ami-0dfc026c23a09f8bb
ap-northeast-1	HVM (arm64)	ami-035ec97956295dd24
ap-northeast-2	HVM (amd64)	ami-0abb822ea77f224de
ap-northeast-2	HVM (arm64)	ami-0010368cece86702e
ap-south-1	HVM (amd64)	ami-021eb215db475220c
ap-south-1	HVM (arm64)	ami-0356a2c2b56b8e5a9
ap-southeast-1	HVM (amd64)	ami-0c4785e88661a7bc1
ap-southeast-1	HVM (arm64)	ami-08a620c0ac2330205
ap-southeast-2	HVM (amd64)	ami-0c0a64208fcfb8b73
ap-southeast-2	HVM (arm64)	ami-040d9fade047e81bd
ca-central-1	HVM (amd64)	ami-0ed67923b5b7685a0
ca-central-1	HVM (arm64)	ami-0556a90ecb5e88a04
eu-central-1	HVM (amd64)	ami-0cd9d87d72a4c5f2d
eu-central-1	HVM (arm64)	ami-05d06ad3e6ae9a294
eu-north-1	HVM (amd64)	ami-094d8d20e74e183e3
eu-north-1	HVM (arm64)	ami-06c14a39772a3a22f
eu-west-1	HVM (amd64)	ami-0b4081d926ebb56bb
eu-west-1	HVM (arm64)	ami-0f47271e23109f891
eu-west-2	HVM (amd64)	ami-01480eed84e32f526
eu-west-2	HVM (arm64)	ami-036fb64cea4adb5a7
eu-west-3	HVM (amd64)	ami-00a6411383a4dafbc
eu-west-3	HVM (arm64)	ami-0da93497797b6a575
me-south-1	HVM (amd64)	ami-05b97c73ad552e018
me-south-1	HVM (arm64)	ami-0e6659c3936d20bce
sa-east-1	HVM (amd64)	ami-0333cbf61bd98085a
sa-east-1	HVM (arm64)	ami-0ec4977003c22e308
us-east-1	HVM (amd64)	ami-056ac8b540a87a5bf
us-east-1	HVM (arm64)	ami-0537457491ec581e0
us-east-2	HVM (amd64)	ami-0e2cdc0eb13771931
us-east-2	HVM (arm64)	ami-011530786a344cbbb
us-west-1	HVM (amd64)	ami-06a5d41ad3dd5938a
us-west-1	HVM (arm64)	ami-0cfae85a2f0f0b9fa
us-west-2	HVM (amd64)	ami-06ab96b41044cd06f
us-west-2	HVM (arm64)	ami-09b8b41150cfd9e23

The Edge channel includes bleeding-edge features with the newest versions of the Linux kernel, systemd and other core packages. Can be highly unstable. The current version is Flatcar Container Linux 2466.99.0.

EC2 Region	AMI Type	AMI ID
ap-east-1	HVM (amd64)	ami-0029ed2c00b284a95
ap-east-1	HVM (arm64)	ami-0cde7033fa6bcee17
ap-northeast-1	HVM (amd64)	ami-03de4455102b2a92e
ap-northeast-1	HVM (arm64)	ami-0a9ea66ee2b271587
ap-northeast-2	HVM (amd64)	ami-0fa29269023d95001
ap-northeast-2	HVM (arm64)	ami-074cb3948a34017a0
ap-south-1	HVM (amd64)	ami-0fb46b600f2aca4e1
ap-south-1	HVM (arm64)	ami-0ceaed7c9d0f87d45
ap-southeast-1	HVM (amd64)	ami-0a6b32f389401c177
ap-southeast-1	HVM (arm64)	ami-0518d47f3b8b44d5b
ap-southeast-2	HVM (amd64)	ami-0412490cf5c6a15d3
ap-southeast-2	HVM (arm64)	ami-041e3a6cbb758958a
ca-central-1	HVM (amd64)	ami-076025e2f28c65607
ca-central-1	HVM (arm64)	ami-07fdb592799a132cf
eu-central-1	HVM (amd64)	ami-009f30f06e90a2962
eu-central-1	HVM (arm64)	ami-05fc26d5d73ca1f6b
eu-north-1	HVM (amd64)	ami-093a034857b0e19ae
eu-north-1	HVM (arm64)	ami-0fd671b8a15ca5e0f
eu-west-1	HVM (amd64)	ami-0acd84e3d8e79c595
eu-west-1	HVM (arm64)	ami-00fca33bcd7f93826
eu-west-2	HVM (amd64)	ami-0a844c6e6ed7e8591
eu-west-2	HVM (arm64)	ami-0ff13ff8623ef93f4
eu-west-3	HVM (amd64)	ami-09bb22740c97e5fb0
eu-west-3	HVM (arm64)	ami-02b8b9c099f9868f9
me-south-1	HVM (amd64)	ami-066ef9a0660b99958
me-south-1	HVM (arm64)	ami-0d7a8f9f15c1e5234
sa-east-1	HVM (amd64)	ami-0f1401074345667c6
sa-east-1	HVM (arm64)	ami-0de4279896aa46920
us-east-1	HVM (amd64)	ami-0157dca117b3d3e5d
us-east-1	HVM (arm64)	ami-0422302ecc961671f
us-east-2	HVM (amd64)	ami-06f0a4868bcdfd485
us-east-2	HVM (arm64)	ami-0a2b7312228a58f6c
us-west-1	HVM (amd64)	ami-081652cd66d10f632
us-west-1	HVM (arm64)	ami-02bd3609d5a2b957a
us-west-2	HVM (amd64)	ami-053930c06131d49ad
us-west-2	HVM (arm64)	ami-0d8325578a3100869

The Stable channel should be used by production clusters. Versions of Flatcar Container Linux are battle-tested within the Beta and Alpha channels before being promoted. The current version is Flatcar Container Linux 3033.2.0.

View as json feed: amd64 arm64

EC2 Region	AMI Type	AMI ID
ap-east-1	HVM (amd64)	ami-09a727bd86aaf81e7
ap-east-1	HVM (arm64)	ami-07929f0b01d898a36
ap-northeast-1	HVM (amd64)	ami-00eda317c829fa0ee
ap-northeast-1	HVM (arm64)	ami-0e28229bde0a31ee1
ap-northeast-2	HVM (amd64)	ami-079e8ce5bcfdd8ce2
ap-northeast-2	HVM (arm64)	ami-0b8913ae1bbad9451
ap-south-1	HVM (amd64)	ami-00dc59f1d07a54f8b
ap-south-1	HVM (arm64)	ami-0ba5bdc51ce7bdf66
ap-southeast-1	HVM (amd64)	ami-066fae5e145bc8c46
ap-southeast-1	HVM (arm64)	ami-04f4c90e29756e3ac
ap-southeast-2	HVM (amd64)	ami-08a3357be43aaca70
ap-southeast-2	HVM (arm64)	ami-09348aecf6f92aed1
ca-central-1	HVM (amd64)	ami-08ad93a2a5e3b231c
ca-central-1	HVM (arm64)	ami-098e9e7571f48d468
eu-central-1	HVM (amd64)	ami-08726a91c83c64aa4
eu-central-1	HVM (arm64)	ami-069dac7da0283d62e
eu-north-1	HVM (amd64)	ami-0ac8544baf999dd55
eu-north-1	HVM (arm64)	ami-0fff9617f76aa86ab
eu-west-1	HVM (amd64)	ami-0f69fcfa67a7f8109
eu-west-1	HVM (arm64)	ami-0a3dfcc2416720abf
eu-west-2	HVM (amd64)	ami-0197c8a39214a4dee
eu-west-2	HVM (arm64)	ami-081fc4d5302df6b95
eu-west-3	HVM (amd64)	ami-0413156e677bb99eb
eu-west-3	HVM (arm64)	ami-0fdbdc17f99314e48
me-south-1	HVM (amd64)	ami-0ab8957392fa7aa5b
me-south-1	HVM (arm64)	ami-04f9dc025d813fb09
sa-east-1	HVM (amd64)	ami-006a0f141d5500258
sa-east-1	HVM (arm64)	ami-0318ded6bf36b1633
us-east-1	HVM (amd64)	ami-073c78dc7bd201ca0
us-east-1	HVM (arm64)	ami-088bcfbdc864c1af8
us-east-2	HVM (amd64)	ami-046ef1bed5fb2c026
us-east-2	HVM (arm64)	ami-07e08433d3ef22acb
us-west-1	HVM (amd64)	ami-0be07b5caf2acaf80
us-west-1	HVM (arm64)	ami-051369f394c25a7cb
us-west-2	HVM (amd64)	ami-0e7e21b47b0e90b22
us-west-2	HVM (arm64)	ami-08fb137af4f0855f3

AWS China AMIs maintained by Giant Swarm

The following AMIs are not part of the official Flatcar Container Linux release process and may lag behind (query version).

View as json feed: amd64

EC2 Region	AMI Type	AMI ID	CloudFormation

CloudFormation will launch a cluster of Flatcar Container Linux machines with a security and autoscaling group.

Container Linux Configs

Flatcar Container Linux allows you to configure machine parameters, configure networking, launch systemd units on startup, and more via Container Linux Configs. These configs are then transpiled into Ignition configs and given to booting machines. Head over to the docs to learn about the supported features .

You can provide a raw Ignition config to Flatcar Container Linux via the Amazon web console or via the EC2 API .

As an example, this Container Linux Config will configure and start etcd:

etcd:
  # All options get passed as command line flags to etcd.
  # Any information inside curly braces comes from the machine at boot time.

  # multi_region and multi_cloud deployments need to use {PUBLIC_IPV4}
  advertise_client_urls:       "http://{PRIVATE_IPV4}:2379"
  initial_advertise_peer_urls: "http://{PRIVATE_IPV4}:2380"
  # listen on both the official ports and the legacy ports
  # legacy ports can be omitted if your application doesn't depend on them
  listen_client_urls:          "http://0.0.0.0:2379"
  listen_peer_urls:            "http://{PRIVATE_IPV4}:2380"
  # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3
  # specify the initial size of your cluster with ?size=X
  discovery:                   "https://discovery.etcd.io/<token>"

Instance storage

Ephemeral disks and additional EBS volumes attached to instances can be mounted with a .mount unit. Amazon’s block storage devices are attached differently depending on the instance type . Here’s the Container Linux Config to format and mount the first ephemeral disk, xvdb, on most instance types:

storage:
  filesystems:
    - mount:
        device: /dev/xvdb
        format: ext4
        wipe_filesystem: true

systemd:
  units:
    - name: media-ephemeral.mount
      enable: true
      contents: |
        [Mount]
        What=/dev/xvdb
        Where=/media/ephemeral
        Type=ext4

        [Install]
        RequiredBy=local-fs.target

For more information about mounting storage, Amazon’s own documentation is the best source. You can also read about mounting storage on Flatcar Container Linux .

Adding more machines

To add more instances to the cluster, just launch more with the same Container Linux Config, the appropriate security group and the AMI for that region. New instances will join the cluster regardless of region if the security groups are configured correctly.

SSH to your instances

Flatcar Container Linux is set up to be a little more secure than other cloud images. By default, it uses the core user instead of root and doesn’t use a password for authentication. You’ll need to add an SSH key(s) via the AWS console or add keys/passwords via your Container Linux Config in order to log in.

To connect to an instance after it’s created, run:

ssh [email protected]<ip address>

Multiple clusters

If you would like to create multiple clusters you will need to change the “Stack Name”. You can find the direct template file on S3 .

Manual setup

TL;DR: launch three instances of ami-057aa647d274a00f6 (amd64) in us-east-1 with a security group that has open port 22, 2379, 2380, 4001, and 7001 and the same “User Data” of each host. SSH uses the core user and you have etcd and Docker to play with.

Creating the security group

You need open port 2379, 2380, 7001 and 4001 between servers in the etcd cluster. Step by step instructions below.

Note: This step is only needed once

First we need to create a security group to allow Flatcar Container Linux instances to communicate with one another.

Go to the security group page in the EC2 console.
Click “Create Security Group”
- Name: flatcar-testing
- Description: Flatcar Container Linux instances
- VPC: No VPC
- Click: “Yes, Create”
In the details of the security group, click the Inbound tab
First, create a security group rule for SSH
- Create a new rule: SSH
- Source: 0.0.0.0/0
- Click: “Add Rule”
Add two security group rules for etcd communication
- Create a new rule: Custom TCP rule
- Port range: 2379
- Source: type “flatcar-testing” until your security group auto-completes. Should be something like “sg-8d4feabc”
- Click: “Add Rule”
- Repeat this process for port range 2380, 4001 and 7001 as well
Click “Apply Rule Changes”

Launching a test cluster

We will be launching three instances, with a few parameters in the User Data, and selecting our security group.

{% for region in site.data.alpha_channel.amis %} {% if region.name == 'us-east-1' %} Open the quick launch wizard to boot {{region.hvm}} (amd64). {% endif %} {% endfor %}
On the second page of the wizard, launch 3 servers to test our clustering
- Number of instances: 3
- Click "Continue"
Next, we need to specify a discovery URL, which contains a unique token that allows us to find other hosts in our cluster. If you're launching your first machine, generate one at https://discovery.etcd.io/new?size=3, configure the `?size=` to your initial cluster size and add it to the metadata. You should re-use this key for each machine in the cluster.

Use ct to convert the following configuration into an Ignition config, and back in the EC2 dashboard, paste it into the "User Data" field. ```yaml etcd: # All options get passed as command line flags to etcd. # Any information inside curly braces comes from the machine at boot time.

        # multi_region and multi_cloud deployments need to use {PUBLIC_IPV4}
        advertise_client_urls:       "http://{PRIVATE_IPV4}:2379"
        initial_advertise_peer_urls: "http://{PRIVATE_IPV4}:2380"
        # listen on both the official ports and the legacy ports
        # legacy ports can be omitted if your application doesn't depend on them
        listen_client_urls:          "http://0.0.0.0:2379"
        listen_peer_urls:            "http://{PRIVATE_IPV4}:2380"
        # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3
        # specify the initial size of your cluster with ?size=X
        discovery:                   "https://discovery.etcd.io/<token>"
      ```
      <ul>
        <li>Paste configuration into "User Data"</li>
        <li>"Continue"</li>
      </ul>
    </li>
    <li>
      Storage Configuration
      <ul>
        <li>"Continue"</li>
      </ul>
    </li>
    <li>
      Tags
      <ul>
        <li>"Continue"</li>
      </ul>
    </li>
    <li>
      Create Key Pair
      <ul>
        <li>Choose a key of your choice, it will be added in addition to the one in the gist.</li>
        <li>"Continue"</li>
      </ul>
    </li>
    <li>
      Choose one or more of your existing Security Groups
      <ul>
        <li>"flatcar-testing" as above.</li>
        <li>"Continue"</li>
      </ul>
    </li>
    <li>
      Launch!
    </li>
  </ol>
</div>
<div class="tab-pane" id="beta-manual">
  <p>We will be launching three instances, with a few parameters in the User Data, and selecting our security group.</p>
  <ol>
    <li>
    {% for region in site.data.beta_channel.amis %}
      {% if region.name == 'us-east-1' %}
        Open the <a href="https://console.aws.amazon.com/ec2/home?region={{region.name}}#launchAmi={{region.hvm}}" target="_blank">quick launch wizard</a> to boot {{region.hvm}} (amd64).
      {% endif %}
    {% endfor %}
    </li>
    <li>
      On the second page of the wizard, launch 3 servers to test our clustering
      <ul>
        <li>Number of instances: 3</li>
        <li>Click "Continue"</li>
      </ul>
    </li>
    <li>
      Next, we need to specify a discovery URL, which contains a unique token that allows us to find other hosts in our cluster. If you're launching your first machine, generate one at <a href="https://discovery.etcd.io/new?size=3">https://discovery.etcd.io/new?size=3</a>, configure the `?size=` to your initial cluster size and add it to the metadata. You should re-use this key for each machine in the cluster.
    </li>
    <li>
      Use <a href="provisioning">ct</a> to convert the following configuration into an Ignition config, and back in the EC2 dashboard, paste it into the "User Data" field.
      ```yaml
      etcd:
        # All options get passed as command line flags to etcd.
        # Any information inside curly braces comes from the machine at boot time.

        # multi_region and multi_cloud deployments need to use {PUBLIC_IPV4}
        advertise_client_urls:       "http://{PRIVATE_IPV4}:2379"
        initial_advertise_peer_urls: "http://{PRIVATE_IPV4}:2380"
        # listen on both the official ports and the legacy ports
        # legacy ports can be omitted if your application doesn't depend on them
        listen_client_urls:          "http://0.0.0.0:2379"
        listen_peer_urls:            "http://{PRIVATE_IPV4}:2380"
        # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3
        # specify the initial size of your cluster with ?size=X
        discovery:                   "https://discovery.etcd.io/<token>"
      ```
      <ul>
        <li>Paste configuration into "User Data"</li>
        <li>"Continue"</li>
      </ul>
    </li>
    <li>
      Storage Configuration
      <ul>
        <li>"Continue"</li>
      </ul>
    </li>
    <li>
      Tags
      <ul>
        <li>"Continue"</li>
      </ul>
    </li>
    <li>
      Create Key Pair
      <ul>
        <li>Choose a key of your choice, it will be added in addition to the one in the gist.</li>
        <li>"Continue"</li>
      </ul>
    </li>
    <li>
      Choose one or more of your existing Security Groups
      <ul>
        <li>"flatcar-testing" as above.</li>
        <li>"Continue"</li>
      </ul>
    </li>
    <li>
      Launch!
    </li>
  </ol>
</div>
<div class="tab-pane active" id="stable-manual">
  <p>We will be launching three instances, with a few parameters in the User Data, and selecting our security group.</p>
  <ol>
    <li>
    {% for region in site.data.stable_channel.amis %}
      {% if region.name == 'us-east-1' %}
        Open the <a href="https://console.aws.amazon.com/ec2/home?region={{region.name}}#launchAmi={{region.hvm}}" target="_blank">quick launch wizard</a> to boot {{region.hvm}} (amd64).
      {% endif %}
    {% endfor %}
    </li>
    <li>
      On the second page of the wizard, launch 3 servers to test our clustering
      <ul>
        <li>Number of instances: 3</li>
        <li>Click "Continue"</li>
      </ul>
    </li>
    <li>
      Next, we need to specify a discovery URL, which contains a unique token that allows us to find other hosts in our cluster. If you're launching your first machine, generate one at <a href="https://discovery.etcd.io/new?size=3">https://discovery.etcd.io/new?size=3</a>, configure the `?size=` to your initial cluster size and add it to the metadata. You should re-use this key for each machine in the cluster.
    </li>
    <li>
      Use <a href="https://docs.flatcar-linux.org/os/provisioning/#config-transpiler">ct</a> to convert the following configuration into an Ignition config, and back in the EC2 dashboard, paste it into the "User Data" field.
      ```yaml
      etcd:
        # All options get passed as command line flags to etcd.
        # Any information inside curly braces comes from the machine at boot time.

        # multi_region and multi_cloud deployments need to use {PUBLIC_IPV4}
        advertise_client_urls:       "http://{PRIVATE_IPV4}:2379"
        initial_advertise_peer_urls: "http://{PRIVATE_IPV4}:2380"
        # listen on both the official ports and the legacy ports
        # legacy ports can be omitted if your application doesn't depend on them
        listen_client_urls:          "http://0.0.0.0:2379"
        listen_peer_urls:            "http://{PRIVATE_IPV4}:2380"
        # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3
        # specify the initial size of your cluster with ?size=X
        discovery:                   "https://discovery.etcd.io/<token>"
      ```
      <ul>
        <li>Paste configuration into "User Data"</li>
        <li>"Continue"</li>
      </ul>
    </li>
    <li>
      Storage Configuration
      <ul>
        <li>"Continue"</li>
      </ul>
    </li>
    <li>
      Tags
      <ul>
        <li>"Continue"</li>
      </ul>
    </li>
    <li>
      Create Key Pair
      <ul>
        <li>Choose a key of your choice, it will be added in addition to the one in the gist.</li>
        <li>"Continue"</li>
      </ul>
    </li>
    <li>
      Choose one or more of your existing Security Groups
      <ul>
        <li>"flatcar-testing" as above.</li>
        <li>"Continue"</li>
      </ul>
    </li>
    <li>
      Launch!
    </li>
  </ol>
</div>

Installation from a VMDK image

One of the possible ways of installation is to import the generated VMDK Flatcar image as a snapshot. The image file will be in https://${CHANNEL}.release.flatcar-linux.net/${ARCH}-usr/${VERSION}/flatcar_production_ami_vmdk_image.vmdk.bz2. Make sure you download the signature (it’s available in https://${CHANNEL}.release.flatcar-linux.net/${ARCH}-usr/${VERSION}/flatcar_production_ami_vmdk_image.vmdk.bz2.sig) and check it before proceeding.

$ wget https://alpha.release.flatcar-linux.net/amd64-usr/current/flatcar_production_ami_vmdk_image.vmdk.bz2
$ wget https://alpha.release.flatcar-linux.net/amd64-usr/current/flatcar_production_ami_vmdk_image.vmdk.bz2.sig
$ gpg --verify flatcar_production_ami_vmdk_image.vmdk.bz2.sig
gpg: assuming signed data in 'flatcar_production_ami_vmdk_image.vmdk.bz2'
gpg: Signature made Thu 15 Mar 2018 10:27:57 AM CET
gpg:                using RSA key A621F1DA96C93C639506832D603443A1D0FC498C
gpg: Good signature from "Flatcar Buildbot (Official Builds) <[email protected]>" [ultimate]

Then, follow the instructions in Importing a Disk as a Snapshot Using VM Import/Export . You’ll need to upload the uncompressed vmdk file to S3.

After the snapshot is imported, you can go to “Snapshots” in the EC2 dashboard, and generate an AMI image from it. To make it work, use /dev/sda2 as the “Root device name” and you probably want to select “Hardware-assisted virtualization” as “Virtualization type”.

Using Flatcar Container Linux

Now that you have a machine booted it is time to play around. Check out the Flatcar Container Linux Quickstart guide or dig into more specific topics .

Known issues

aws/amazon-ecs-agent does not support cgroupsv2: Flatcar issue , AWS issue .