When we started the RancherOS project, we set out to build a minimalist Linux distribution that was perfect for running Docker containers. We wanted to run Docker directly on top of the Linux Kernel, and have all user-space Linux services be distributed as Docker containers. By doing this, there would be no need to use a separate software package distribution mechanism for RancherOS itself.

Basically RancherOS is an OS made of Containers. It runs the Docker daemon as PID 1 which means that the Docker daemon is the first process that gets started by the kernel. Now another interesting fact is that RancherOS runs 2 Docker daemons, one for the system (System Docker) and one for the user (User Docker) which of course runs within the System Docker. The System Docker is responsible for initiating all system services like udev, DHCP and the console. So instead of systemd, sysvinit or upstart RancherOS uses Docker as an init system and manages all system services as Docker containers.

One of the reasons why RancherOS comes with two Docker daemons is that when you accidentally stop/delete all containers from the user Docker your system still works.

As you run everything in Docker containers you always get latest Docker version with RancherOS. You can easily extend RancherOS by running additional system containers, e.g. you can run your own console container to access your favorite console. Resulting from the small footprint you have to monitor less for security vulnerabilities which means less patches and increased stability.

Since all system services are delivered as Docker containers you don’t need any package management tools such as apt-get or yum. As the kernel and initrd are not Docker containers RancherOS uses Docker packaging and distribution to deliver kernel and initrd updates as well.

RancherOS can also be considered a solution for embedded systems and IOT devices.