MKEx is an integrated container orchestration platform that is powered by an immutable Rocky Linux operating system, offering next-level security and reliability.


An immutable Linux operating system is designed to be unchangeable following installation, with system files that are read-only, and limited only to those packages that are required to run the applications. Such an OS is more resistant to tampering and malwares, and is well protected from accidental or malicious modification. Also, as updates or changes can only be made to an immutable OS by creating a new instance, such an OS is easier to maintain and troubleshoot.

Mirantis, in conjunction with our partner CIQ, worked to preassemble ostree-based Rocky Linux with Mirantis Container Runtime (MCR) and Mirantis Kubernetes Engine (MKE), to provide users with an immutable, atomic upgrade/rollback, versioning stack that offers a high degree of predictability and resiliency.

rpm-ostree is a hybrid image/package system for managing and deploying Linux-based operating systems. It combines the concepts of Git and traditional package management to provide a version-controlled approach to system updates and rollbacks. As with Git, rpm-ostree treats the operating system as an immutable tree of files, which enables you to atomically update or roll back the entire system.