Azure Linux 4.0 Launches with New Container Variant
Introduction to Azure Linux 4.0
Microsoft has unveiled Azure Linux 4.0 as a Public Preview, a significant update to its proprietary Linux distribution. This new version incorporates a modernized software foundation featuring Kernel 6.18 LTS, dnf5, glibc 2.42, OpenSSL 3.5, and Python 3.14. Initially, it is available for Azure Virtual Machines and VM Scale Sets, with plans for support on Azure Kubernetes Service (AKS) and the Windows Subsystem for Linux (WSL) in the future.
A Comprehensive Overview of Azure Linux
Azure Linux is built on Fedora and specifically tailored for cloud and server workloads. It aims to provide a unified Linux base for virtual machines, Kubernetes nodes, and containers. This reduces the need for companies to manage and secure multiple Linux distributions. Microsoft has already been utilizing Azure Linux internally since 2023 for services like AKS, Azure SQL, and Azure Cosmos DB.
Modernized Platform for Azure
At the core of Azure Linux 4.0 lies a significantly updated system foundation. The new Linux Kernel 6.18 LTS enhances Hyper-V integration and includes support for the latest GPUs and AI accelerators. The introduction of dnf5 as the package manager marks a shift towards a more efficient system. This new version, largely written in C++, offers faster package resolution and reduced dependencies compared to its Python-based predecessor.
Additionally, glibc 2.42 brings improvements in memory management and threading, while systemd 258 accelerates the boot process and enhances service management. OpenSSL 3.5 is another important addition, offering support for emerging Post-Quantum cryptographic techniques.
Introducing Azure Container Linux (ACL)
A noteworthy feature of Azure Linux 4.0 is the introduction of Azure Container Linux (ACL). This immutable variant of the operating system is designed for Kubernetes environments that demand high security and compliance standards. Unlike the general version of Azure Linux, ACL systems are not updated on a per-package basis. Instead, they are replaced with complete images, reducing the attack surface since there’s no package manager or scope for post-installation modifications.
ACL adheres to security best practices, with SELinux activated by default in Enforcing mode. This approach shares similarities with specialized container operating systems like Flatcar Linux and Fedora CoreOS.
Dual-Track System Management
Traditional workloads will continue to use the standard Azure Linux version, which includes complete package management through dnf5. Both editions utilize the same kernel and receive the same security updates along with Azure integration.
Focus on Security and Unified Management
Microsoft emphasizes security within Azure Linux, asserting that it supports Secure Boot, Trusted Launch, SELinux, and a cryptographically secure supply chain with signed packages and Software Bill of Materials (SBOM). Certification under FIPS 140-3 is in progress and is expected to be completed by the time the platform reaches general availability.
Furthermore, Microsoft promises a predictable maintenance cycle. Security updates will occur monthly, while new hardware support will be incorporated through annual updates to the Hardware Enablement Kernel (HWE). Between regular update windows, only critical and highly prioritized security patches will be backported.
Availability and Future Prospects
Azure Linux 4.0 is now available as a Public Preview for Azure Virtual Machines, VM Scale Sets, and container base images. Support for AKS, WSL integration, and runtime containers specific to Python, Node.js, Java, and .NET will be rolled out shortly. Importantly, Azure Linux itself incurs no additional licensing costs; users will only be charged for the underlying Azure resources.
In conclusion, Azure Linux 4.0 and Azure Container Linux present a robust framework for enterprises looking to streamline operations while enhancing security. This latest release not only simplifies management but also positions companies for future advancements in cloud and container technologies.

