← back to knowledge-hub

Azure Linux: Microsoft's Own Cloud-Optimized Distribution

If you’ve deployed a recent Azure Kubernetes Service cluster, there’s a good chance you’ve already run Microsoft’s own Linux distribution without noticing. Azure Linux is an open-source, cloud-optimized OS that Microsoft builds, ships, and runs across its own fleet — and you can run it too.

What It Is

Azure Linux is a general-purpose Linux distribution maintained by Microsoft and developed in the open on GitHub. It’s designed as a lightweight, security-hardened base for VMs, containers, and bare-metal workloads on Azure. Microsoft uses it internally as the host OS for a growing number of Azure services and edge appliances, which means the distro is battle-tested on Microsoft’s own infrastructure before it reaches you.

The design philosophy is deliberately minimal: a small core with only the packages you actually need, which keeps the attack surface — and the image size — down.

From CBL-Mariner to Azure Linux

If the name sounds new, the project isn’t. Azure Linux started life as CBL-Mariner (Common Base Linux Mariner). Microsoft rebranded it to Azure Linux with the 2.0 release line, but the lineage is the same. The current lines are:

  • Azure Linux 3 — the stable, available branch
  • Azure Linux 4 — in active development

Under the Hood

A few technical details worth knowing:

  • RPM-based. Azure Linux uses the RPM package format. Every component is built from source to produce a full set of installable RPM packages, rather than repackaging binaries from elsewhere.
  • Declarative builds. The distribution is defined through TOML configuration files and the open-source azldev tooling, which applies declarative overlays on top of upstream packaging sources. That makes the whole build reproducible and auditable.
  • Azure-optimized kernel. The kernel is tuned for cloud workloads and Azure’s hardware.
  • Supply-chain security. A hardened default posture, predictable lifecycle, and native Azure compliance capabilities are core selling points rather than afterthoughts.

Using It in Containers and AKS

The most common way to encounter Azure Linux is as a container base image or an AKS node OS.

For containers, pull the base image directly from the Microsoft Container Registry:

1
docker pull mcr.microsoft.com/azurelinux/base/core:4.0

On AKS, Azure Linux is available as a node OS SKU — you select it when creating a cluster or node pool instead of the default Ubuntu-based image:

1
2
3
4
5
az aks create \
  --resource-group myResourceGroup \
  --name myCluster \
  --os-sku AzureLinux \
  --generate-ssh-keys

That single --os-sku AzureLinux flag swaps your worker nodes over to the Microsoft-maintained OS.

Trying It Yourself

You don’t need an Azure subscription to kick the tires:

  1. ISO installer — download the x86_64 or ARM64 ISO from the project and boot it in a local VM.
  2. Azure Marketplace — deploy an Azure Linux VM directly if you’re already in the cloud.
  3. Documentation — the canonical docs live at aka.ms/azurelinux.

Why It Matters

Azure Linux is Microsoft betting on Linux at the deepest layer of its cloud — not as a guest, but as the host. For teams already invested in Azure, it offers a first-party OS with a tight security story and a lifecycle that lines up with the rest of the platform. And because the whole thing is developed in the open, you can read the build definitions, file issues, and even contribute packages yourself.

If you run workloads on AKS, switching a node pool to Azure Linux is a low-risk experiment worth running.

graph cloud