| your Linux construction kit
Source
Features

One ISO. Every distro. Every platform.

  • 2 minutes, not 20 — no Anaconda, no curses UI from 1998
  • One USB, four distros — CentOS, Debian, RHEL, Rocky — pick at install time
  • ZFS on root out of the box — no manual DKMS dance, no initramfs prayer
  • Boot environments — roll back any upgrade in 30 seconds
  • Offline — 3,600 packages baked in, zero internet required
  • Web UI — click, don't type
  • Same tools on Debian and CentOSkpkg install nginx works everywhere
  • Automatic safety net — every package operation takes a ZFS snapshot first
  • Export anywhere — qcow2, VHD, VMDK, OVA, raw — build once, run anywhere
  • Three profiles — Desktop, Server, or Core (just ZFS, nothing else, for advanced users)

kldload is a distro build tool that produces a single bootable ISO with everything baked in. No internet. No post-install configuration. No praying the initramfs is correct.

What you didn’t know Linux could do

30-second OS rollback

Boot environments let you undo an entire OS upgrade at the bootloader. Pick the pre-upgrade snapshot, reboot, done. No rescue USB. No reinstall. 30 seconds.

No other Linux distro ships this. Solaris had it. macOS has it. Now Linux does.

Self-healing storage

Every block is checksummed. If a bit flips — silent data corruption that ext4 will never detect — ZFS catches it and auto-repairs from the mirror or parity. Your data is intact, always.

Your filesystem on ext4 is lying to you right now. You just don’t know it yet.

Compression makes you faster

lz4 compression writes less data to disk. Less I/O = faster performance. You get more usable space and better throughput. It’s not a trade-off — it’s free.

Most people think compression = slower. With ZFS it’s the opposite.

Clone 500GB in 0.1 seconds

kclone /srv/database /srv/database-test — instant copy-on-write clone. Zero additional space until data diverges. Production database cloned for testing in milliseconds.

Try that with cp.

Per-directory encryption

Not full-disk LUKS. Per-dataset AES-256-GCM with independent keys. Home dir, database, logs — each locked separately. Compromise one key, the rest stay sealed.

LUKS is a front door lock. ZFS encryption is a lock on every room, each with a different key.

Atomic package management

kpkg install nginx snapshots the filesystem first. If the install breaks something, ksnap rollback undoes everything — the package, its config files, the state changes. All of it.

Your package manager and your filesystem finally talk to each other.

Block-level replication

zfs send | ssh remote zfs recv — not file copying. Block-level replication. Build one system, replicate it to 100 nodes. Only changed blocks travel. It’s Git for your entire OS.

500GB dataset, 2GB of daily changes? The incremental sync takes seconds.

GPU sharing without passthrough

NVIDIA drivers on the host, containers on top. Every container shares the GPU simultaneously. Jellyfin transcoding + AI inference + monitoring — one GPU, no vGPU license.

PCIe passthrough locks the GPU to one VM. Containers share it natively.

Air-gapped deployment

3,600+ packages across two distro families, baked into one USB. Install a full Linux desktop with ZFS on root in a facility with zero internet. Military, classified, remote — it just works.

Nobody else ships complete offline mirrors for two distro families on one stick.

USB to production fleet

Boot USB → install → export VMDK → upload to cloud → Terraform deploys 100 instances. One pipeline from bare metal to production. 4 distros × 3 profiles × 6 export formats = 72 unique configurations from one ISO.

One USB stick. Every platform on earth.

Multi-Distro Installer

CentOS Stream 9

RHEL upstream. Enterprise-grade. dnf --installroot from the baked-in RPM darksite. ~900 packages offline. Desktop, server, or core profile.

Debian 13 (Trixie)

Stable. Proven. debootstrap from the embedded APT darksite on localhost:3142. ~2,700 packages offline. Desktop, server, or core profile.

RHEL 9

Red Hat Enterprise Linux. Enter your activation key and org ID in the web UI. Pulls from Red Hat CDN. The only path that needs internet.

Rocky Linux 9

RHEL binary-compatible. Community-driven. Uses the same RPM darksite and dnf --installroot path as CentOS. ~900 packages offline. Desktop, server, or core profile.

ZFS on Root

128-bit Copy-on-Write

Never overwrites data in place. Every change goes to a new location. Old versions stay intact for snapshots. Checksums on every block. Self-healing on mirrors.

Boot Environments

ZFSBootMenu presents every OS state as a boot option. Upgrade broke something? Pick the pre-upgrade snapshot at boot. 15-second rollback. No rescue USB.

Automatic Snapshots

Before every package change. Every 15 minutes for /srv. Configurable retention. Factory reset snapshot on install. Managed by sanoid.

Native Encryption

Per-dataset AES-256-GCM. Each directory can have its own key. Lock and unlock datasets independently. Send encrypted snapshots to untrusted storage.

Kernel Modules

ZFS (DKMS)

Built against the target kernel at install time. Auto-signed for Secure Boot via MOK. Rebuilds automatically on kernel upgrades. The entire point of kldload.

WireGuard

Kernel-level encrypted networking. Available on first boot for VPNs, site-to-site links, or mesh overlays. No userland daemon.

NVIDIA (optional)

GPU drivers baked into the image. CUDA-ready on first boot. Select in the web UI. No post-install driver dance. No nouveau conflicts.

eBPF tools (optional)

BCC tracing tools and bpftrace. Observe syscalls, network flows, disk I/O in real time. Select in the web UI.

Web UI Installer

Browser-based

GNOME desktop boots, Firefox opens to the installer on port 8080. Pick distro, profile, disk, hostname, password. Real-time install log streaming via WebSocket.

Unattended mode

Pass an answers file: kldload-install-target --config answers.env. Same installer, no UI. Automate fleet deployments with identical configs.

Pool Designer

Visual ZFS pool topology calculator. Select disks, pick a layout (mirror, RAIDZ1/2/3, stripe), see usable space and the exact zpool create command.

Profile summary

Live status line during install: CentOS Stream 9 · Desktop  +WireGuard +eBPF → QCOW2. Know exactly what's being built.

Image Factory

kexport

Standalone tool. Export any installed disk to any format, any time, as many times as you want. Install once, produce every image you need.

kexport /dev/sda qcow2  ·  kexport /dev/sda all

qcow2

Compressed, copy-on-write. KVM, Proxmox, OpenStack.

raw

Sparse dd-ready image. Cloud import, dd to another disk.

VHD / VMDK / OVA

Azure, Hyper-V, VMware ESXi, vSphere, VirtualBox. One install produces every format.

Air-Gap & Offline

Dual darksite mirrors

RPM mirror (~900 packages) for CentOS/RHEL. APT mirror (~2,700 packages) for Debian. Both baked into the ISO. Full transitive dependency closure. Nothing downloaded at deploy time.

ZFSBootMenu EFI

Pre-built UEFI binary included in the ISO. No network fetch for the bootloader. Works on any UEFI system.

30+ CLI Tools

Short names. No flags to memorize. Work identically on Debian and CentOS.

kst — system status
ksnap — snapshot management
kbe — boot environments
kclone — instant CoW clones
kdf — ZFS-aware disk usage
kdir — create dataset, not directory
kpkg — universal package manager
kupgrade — upgrade with auto-snapshot
krecovery — emergency pool repair
kexport — disk image export

Fully Auditable

100% bash. One Python file. Zero compiled binaries.

The installer, the firstboot scripts, the snapshot system, the boot environment manager, the darksite builder, the image exporter — all plain bash. The web UI is one Python file. No Go. No Rust. No node_modules. No vendor SDKs.

cat any file and read what it does. Fork the repo and modify it. That's the point.

BSD-3-Clause. Free forever. You don't trust kldload — you trust your own eyes.
← Start Here ↑ Top