SUSE has published the first prototype of the ALP (Adaptable Linux Platform), positioned as a continuation of the development of the SUSE Linux Enterprise distribution. The key difference of the new system is the division of the distribution's core framework into two parts: a stripped-down "host OS" for running on top of the hardware and an application support layer focused on running in containers and virtual machines. The assemblies are prepared for the x86_64 architecture.
The idea is to develop in the "host OS" the minimum environment necessary to support and manage the equipment, and run all applications and user-space components not in a mixed environment, but in separate containers or in virtual machines running on top of the "host OS" and isolated from each other. This organization will allow users to focus on applications and abstract workflows from the low-level system environment and hardware.
The SLE Micro product, based on the developments of the MicroOS project, is used as the basis for the "host OS". For centralized management, Salt (preinstalled) and Ansible (optional) configuration management systems are offered. Podman and K3s (Kubernetes) toolkits are available for running isolated containers. Containerized system components include yast2, podman, k3s, cockpit, GDM (GNOME Display Manager), and KVM.
Of the features of the system environment, the default use of disk encryption (FDE, Full Disk Encryption) is mentioned with the ability to store keys in the TPM. The root partition is mounted in read-only mode and does not change during operation. The environment uses the mechanism of atomic update installation. Unlike the atomic updates based on ostree and snap used in Fedora and Ubuntu, ALP uses a regular package manager and the snapshot mechanism in the Btrfs file system instead of building separate atomic images and deploying additional delivery infrastructure.
Basic concepts of ALP:
- Minimization of user intervention (zero-touch), which implies the automation of the main processes of maintenance, deployment and configuration.
- Automatic maintenance of security and finding the system up to date (self-updating). A configurable mode for automatic installation of updates is provided (for example, you can enable automatic installation of only fixes for critical vulnerabilities or return to manual confirmation of installation of updates). Live patches are supported to update the Linux kernel without restarting or suspending work.
- Automatic application of optimizations (self-tuning) and maintenance of system survivability (self-healing). The system captures the last stable state and after applying updates or changing settings in case of detection of anomalies, problems or violations of behavior, it is automatically transferred to the previous state using Btrfs snapshots.
- Multiversion software stack. Isolating components in containers allows you to use different versions of tools and applications at the same time. For example, you can run applications that depend on different versions of Python, Java, and Node.js by separating incompatible dependencies. Base dependencies come in the form of BCI (Base Container Images) sets. The user can create, update and remove software stacks without affecting other environments.
Unlike SUSE Linux Enterprise, development of ALP is initially conducted using an open development process, in which intermediate builds and test results are publicly available to everyone, which allows interested parties to track ongoing work and participate in development.
Source: opennet.ru