Talos Linux:
The Kubernetes Operating System


The confidence of a platform that only changes when you want it to

Talos Linux is Linux reimagined. It’s immutable – made to not change — so everything can change around it.

It’s API managed- there’s no shell or SSH access, reducing errors and outages.

No matter where you run, you get the same stable environment, the same stable experience.

  • Talos Linux is managed by a powerful API, making operations easily automated, scalable and simple.
  • Deployments are fast. Create, upgrade, or redeploy an entire cluster in minutes.
  • No SSH, no patching, no package manager. No configuration management tools.
  • Upgrades are atomic and automated, using a dual disk image scheme. If an upgrade fails, Talos will roll back to the previous version.


Easier management from a single, consistent, API-driven platform

Talos Linux is made to solve a fundamental problem with Kubernetes: manageability.

Easier updates, better sight across systems, simpler scale. Manage hundreds of systems like you’re managing one, whether you run on a public cloud, virtualized platform, bare metal or at the edge. The same API-driven tools, all the way to the OS.

Talos Linux becomes an extension of your team—helping you leverage the Kubernetes skills you have, and leveling up where you don’t.

A Single platform. Simpler management.

  • Talos Linux automatically installs Kubernetes, securely.
  • Automates common time consuming and error prone management tasks.
  • Supports all platforms: major public cloud providers, virtualization platforms, and bare metal, including ARM technology.
  • Kubernetes on the edge: Talos Linux supports kubernetes on Raspberry Pi and other Single Board Computers.
  • Development-to-Production Workflow: ideal for developer workstations, supporting QEMU, Firecracker micro VMs and Docker containers. This allows the same OS through the entire app lifecycle from dev to prod.


IT infrastructure designed with security at the core

We built Talos Linux with security from the bottom up, and enabled by default. It’s ideal for highly regulated environments where compliance is critical.

Talos is hardened by design and configuration. Everything not needed to support Kubernetes is removed, resulting in a smaller, secure, more stable operating system:

  • Built with the Kernel Self Protection Project configuration recommendations.
  • The API is secured with Mutual TLS, and supports RBAC.
  • No console, shell or SSH reduces attack surface.
  • CIS guidelines applied by default.
  • Includes the latest stable versions of Kubernetes and Linux, ensuring stability and security issues are addressed.
  • Runs from a read-only SquashFS filesystem running from RAM. This prevents bad actors from tampering with your hosts, even if they gain access.
  • Support for disk encryption.


Open source ethos and expertise, powered by community

Open source both in our code, and an immutable part of our DNA.

We believe in community. We engage with our community because our community has done the same in return.

We started Sidero because we faced the same problems you do in operations. We wanted teams to have everything they love about Kubernetes and modern infrastructure—and a lot less of everything they don’t.

And we believed we could all work to solve those problems together.


Open Source Code, Enterprise grade support

Talos Linux is 100% open source code. Use it for free, work with an engaged community, and contribute back if you wish. However, if you want the assurance of expert Kubernetes support, 24 x 7 response, professional services or training, Sidero’s team of professionals can help.

A Kubernetes support contract from Sidero Labs lets you focus on building value for your business, with confidence in your Kubernetes infrastructure.

Talos takes the complexity out of running a k8s cluster so I can spend more time building software and less time operating it
John Simon
Application Developer