Operating System Baseline for HybridOps.Studio

Status

Accepted — HybridOps.Studio standardises on a small, curated set of operating systems for infrastructure, control plane and endpoint simulation, with details captured in the OS Baseline Rationale whitepaper.

1. Context

HybridOps.Studio needs a realistic but manageable OS matrix that:

• Mirrors what assessors see in real enterprise estates (RHEL-family, Ubuntu, Windows).
• Works consistently across Proxmox, public cloud and nested labs.
• Avoids “OS sprawl” that would bloat Packer, Terraform and Ansible work.

The detailed analysis lives in
OS Baseline Rationale.

2. Decision

HybridOps.Studio adopts the following OS baseline:

• Primary enterprise base: Rocky Linux 9 (future Rocky 10) for core infra and automation.
• Control / CI layer: Ubuntu 24.04 LTS for ctrl-01, CI/CD and dev-aligned tooling.
• RHEL-compatible alternative: AlmaLinux 9 as an interchangeable RHEL-compatible option.
• Windows infrastructure: Windows Server 2022 / 2025 for hybrid identity and infra roles.
• Endpoint simulation: Windows 11 Pro and optional Android emulation for endpoint/MDM tests.

This baseline is implemented via:

• Packer templates under infra/packer-multi-os/.
• Terraform/Ansible vars and roles keyed on os_family.
• OS selection in blueprints and runbooks based on role, not personal preference.

3. Rationale

• Enterprise realism: RHEL-compatible + Ubuntu + Windows is a recognisable mix.
• Lifecycle clarity: Long-lived Rocky/Alma + LTS Ubuntu + LTSC Windows maps cleanly to real support cycles.
• Tooling fit: HashiCorp stack, Ansible and Kubernetes tooling are well supported on these OSes.
• Portfolio focus: Keeping the matrix tight avoids wasting time on exotic or niche OS combinations.

The whitepaper OS Baseline Rationale captures:

• Version choices and support windows.
• Comparison tables (governance, lifecycle, compliance).
• How each OS maps to specific platform layers.

4. Consequences

Positive

• Clear, documented OS story for assessors and students.
• Lower cognitive load when writing Packer/Ansible roles.
• Easier evidence capture (you can show “one of each” in a coherent way).

Negative / trade-offs

• Some interesting OSes (Debian, Fedora, etc.) are deliberately excluded.
• You must keep templates and roles in sync when OS major versions roll (Rocky 10, next Ubuntu LTS, next Windows LTSC).

5. Implementation notes

• Packer templates exist per OS under infra/packer-multi-os/.
• ADR-0016 covers Packer + cloud-init as the template standard.
• Terraform modules accept an os_family or similar variable to select Rocky/Ubuntu/Windows at plan time.
• Ansible roles branch on ansible_os_family but share as much logic as possible.

6. References

• OS Baseline Rationale
• ADR-0012 – Control Node Runs as a VM
• ADR-0016 – Packer + Cloud-Init for VM Template Standardization
• ADR-0204 – RKE2 Runs on Rocky VMs on Enterprise Hypervisors
• ADR-0608 – Docker Engine baseline