Mangos

Mangos is an experimental container-optimized Linux platform designed to reduce operational risk while preserving enterprise compatibility.

Mangos combines the broad industry compatibility of a garden-variety Linux distribution like Ubuntu, the immutability model popularized by CoreOS, and the customizability mindset of Gentoo — without inheriting the operational fragility of any one of them.

The system is intentionally minimal and immutable (read-only root with verified integrity), using blue/green partitioning and atomic updates to make rollouts predictable and rollbacks automatic. Core services are decoupled from the base OS to reduce reboot pressure and shrink the CVE blast radius.

Security concepts typically found on Android devices — verified system images, signed configuration extensions, strict separation of mutable and immutable state, and measured boot — are adapted for data center environments.

The architecture assumes deployment not only in internal datacenters, but also in 3rd party facilities treated as untrusted environments from an operational security perspective. Mangos is designed to preserve confidentiality, integrity, and authenticity even under scenarios involving physical compromise or device theft, establishing strong guarantees about what software was running and what state could be trusted.

The external invariant is simple: it runs your containers. The broader objective is to align operating system design, update strategy, and trust architecture into a cohesive platform model — built to be safe to update, safe to recover, and safe to lose, without relying on perfect environments or perfect operators.