SUSE has released the first prototype of the ALP (Adaptable Platform) platform. Linux Platform), positioned as a continuation of the development of the SUSE distribution Linux Enterprise. The key difference of the new system is the division of the distribution's core into two parts: a stripped-down "host OS" for running on hardware and an application support layer designed for running in containers and virtual machines. Builds are designed for the x86_64 architecture.
The idea is to develop a minimal environment in the “host OS” that is necessary to support and manage the hardware, and to run all applications and user space components not in a mixed environment, but in separate containers or in virtual machines, running on top of the host OS and isolated from each other. This organization allows users to focus on applications and abstract workflows, separating them from the low-level system environment and hardware.
The SLE Micro product, based on the developments of the MicroOS project, is used as the basis for the "host OS". For centralized management, Salt (preinstalled) and Ansible (optional) configuration management systems are offered. Podman and K3s (Kubernetes) toolkits are available for running isolated containers. Containerized system components include yast2, podman, k3s, cockpit, GDM (GNOME Display Manager), and KVM.
Among the system environment's features, mention is made of the default use of disk encryption (FDE, Full Disk Encryption) with the option to store keys in the TPM. The root partition is mounted in read-only mode and does not change during operation. The environment uses an atomic update mechanism. Unlike the atomic updates based on ostree and snap, used in Fedora and Ubuntu, in ALP, instead of building separate atomic images and deploying additional delivery infrastructure, the standard package manager and snapshot mechanism in the Btrfs FS are used.
Basic concepts of ALP:
- Minimization of user intervention (zero-touch), which implies the automation of the main processes of maintenance, deployment and configuration.
- Automatically maintains security and keeps the system up-to-date (self-updating). A configurable automatic update installation mode is provided (for example, you can enable automatic installation of only critical vulnerability patches or revert to manual confirmation of update installation). For kernel updates Linux Live patches are supported without restarting or stopping work.
- Automatic application of optimizations (self-tuning) and maintenance of system survivability (self-healing). The system captures the last stable state and after applying updates or changing settings in case of detection of anomalies, problems or violations of behavior, it is automatically transferred to the previous state using Btrfs snapshots.
- Multiversion software stack. Isolating components in containers allows you to use different versions of tools and applications at the same time. For example, you can run applications that depend on different versions of Python, Java, and Node.js by separating incompatible dependencies. Base dependencies come in the form of BCI (Base Container Images) sets. The user can create, update and remove software stacks without affecting other environments.
Unlike SUSE Linux Enterprise development of ALP is initially conducted using an open development process, with intermediate builds and test results publicly available to anyone interested, allowing interested parties to monitor progress and participate in development.
Source: opennet.ru
