kldload 1.0.0 — Initial Release
5 Linux distros. One USB. ZFS on root. Fully offline. Free.
kldload 1.0 installs CentOS Stream 9, Debian 13, Rocky Linux 9, Ubuntu 24.04, or RHEL 9 with ZFS on root from a single USB stick. CentOS, Debian, and Ubuntu install completely offline from embedded darksites. RHEL requires internet (Red Hat CDN). Optional built-in AI assistant with local LLM.
Tested platforms
| OS | Profile | Platform | Status |
|---|---|---|---|
| CentOS Stream 9 | Server | KVM (libvirt) | Tested — installs, boots, firstboot completes |
| CentOS Stream 9 | Server + AI | KVM (libvirt) | Tested — kai, whisper.cpp, model pull working |
| CentOS Stream 9 | Desktop | KVM (libvirt) | Tested — GNOME boots, web UI functional |
| CentOS Stream 9 | Server | Proxmox (QEMU/KVM) | Tested — q35, OVMF, TPM 2.0 |
| Debian 13 (Trixie) | Server | KVM (libvirt) | Tested — debootstrap from darksite, ZFS DKMS builds |
| Debian 13 (Trixie) | Desktop | KVM (libvirt) | Partial — installs, needs more QC on GNOME |
| Ubuntu 24.04 | Desktop | KVM (libvirt) | Tested — offline darksite, GNOME, NetworkManager |
| Rocky Linux 9 | Server | KVM (libvirt) | Tested — shares CentOS RPM darksite and install path |
| RHEL 9 | Server | KVM (libvirt) | Tested — requires Red Hat CDN credentials, subscription-manager |
Hardware tested
| Platform | Configuration | Notes |
|---|---|---|
| KVM (libvirt) | 16GB RAM, 4 vCPU, 80GB virtio, UEFI (OVMF), no Secure Boot | Primary test platform. CentOS + Debian verified. |
| Proxmox VE | q35, cpu host, OVMF, TPM 2.0, virtio-scsi, 16GB RAM | CentOS Server verified. Serial console + VNC. |
| Bare metal USB | Various x86_64 hardware | ISO boots and installer runs. Install results vary by hardware. |
What's in 1.0
5 distros, one USB
CentOS Stream 9, Debian 13, Rocky Linux 9, Ubuntu 24.04, RHEL 9. RPM and APT darksites baked into the ~5.2 GB ISO. CentOS, Debian, and Ubuntu install fully offline. RHEL requires internet.
ZFS on root
Automatic pool creation, dataset hierarchy, boot environments via ZFSBootMenu. Sanoid for automated snapshots. Per-dataset AES-256-GCM encryption. lz4 compression. Self-healing checksummed storage.
AI assistant
Ollama with llama3.1:8b, auto-installed on firstboot. kldload-ai custom model trained on 100+ pages of documentation. kai (text), kai-voice (speech), kai-do (command execution), kai-remote (SSH management). All local, all offline.
Kernel-level networking
WireGuard DKMS module available at second zero. Encrypted mesh networking before any userspace process starts.
eBPF observability
Optional: bpftrace, execsnoop, tcplife, opensnoop, biolatency. Kernel-level tracing without agents or SaaS.
Image factory
kexport: qcow2, VMDK, VHD, OVA, raw. kimage: build golden image, snapshot, export, stamp out cloud-init copies. One install, any platform.
30+ CLI tools
kst, ksnap, kclone, kdf, kdir, kpkg, kexport, kimage, kbe, krecovery, kupgrade, kldload-help, kst-dashboard. Plus fzf, btop, eza, ripgrep, zoxide, fastfetch.
Fully auditable
One Python file (web UI). Zero compiled binaries. cat any file and read what it does. BSD-3-Clause. Free forever.
Known issues
| Issue | Severity | Workaround |
|---|---|---|
| Image export fails during install | High | qemu-img cannot read the block device while ZFS pools are mounted. Run kexport /dev/vda qcow2 after rebooting into the installed system. |
| Ubuntu GNOME first boot may hang | Low | GDM login spinner can hang on first boot while services start. Second boot works. Not a data issue. |
| AI model pull needs internet | Medium | Ollama pulls llama3.1:8b on firstboot. Requires internet + 16GB RAM. If pull fails: ollama pull llama3.1:8b |
| NVIDIA on VMs without GPU | Low | NVIDIA checkbox installs drivers but modprobe nvidia fails if no GPU hardware. Harmless — system works fine without GPU. |
| Pool export timeout on install completion | Low | Live system holds the pool. Export times out after 5s. Pool imports cleanly on reboot. No data loss. |
| Secure Boot MOK enrollment | Low | MOK keys are generated and modules are signed. Automatic MOK enrollment on first boot is not yet fully automated on all hardware. |
Component versions
| Component | CentOS (RPM darksite) | Debian (APT darksite) | Ubuntu (APT darksite) |
|---|---|---|---|
| Kernel | 5.14.0-687.el9 | 6.12.74 | 6.8.x (noble) |
| ZFS | 2.2.9 | 2.3.2 | 2.2.x (noble) |
| ZFSBootMenu | Latest EFI binary (embedded or downloaded) | ||
| Ollama | Latest (downloaded on firstboot) | ||
| whisper.cpp | Latest (built from source on firstboot) | ||
| WireGuard | DKMS (kernel module) | DKMS (kernel module) | In-tree (kernel built-in) |
Roadmap — 1.1
- Ubuntu offline darksite in default ISO
- FreeBSD and OpenBSD install QC
- Windows WIM extraction QC
- Image export during install (snapshot-based)
- TPM-2 measured boot
- ARM64 build pipeline
- Smaller AI model option for 8GB systems
- Kubernetes admission webhook for boot attestation
- Voice command auto-execute mode
Built by one person who just knows the primitives.
Learn the primitives — they'll outlast any product.