Developers of the Clear Linux distribution about changing the project development strategy. The primary areas of development are server and cloud systems, which will now receive the main attention. The components of the edition for workstations will be supported on a residual basis.
Delivery of packages with desktops will continue, but in these packages original versions of user environments, without Clear Linux-specific add-ons and changes. Including the formation of packages with GNOME, the composition and settings of the desktop will correspond to the reference view, what is offered by default by the GNOME project.
Previously offered own separate , pre-installed third-party add-ons for GNOME Shell (, , , ) and the changed GNOME settings at the first stage will be in a separate package "". Next week, the desktop packages are scheduled to be updated to GNOME 3.36, which will match the GNOME reference environment, after which the "desktop-assets-extras" package will be deprecated.
Let us recall that the Clear Linux distribution is developed by Intel and provides strict isolation of applications using containers separated using full virtualization. The base part of the distribution contains only a minimal set of tools for running containers and is updated atomically. All applications are designed as Flatpak packages or Bundles that run in separate containers. In addition to customized desktops, the developer edition was notable for its expanded hardware support, integration of a FUSE-based debugging system, the addition of a new installer, and the presence , which offered kits for deploying development environments using various languages ββand technologies.
ClearLinux Features:
- Binary distribution delivery model. Updating the system can be done in two modes: applying fixes to a running system and completely updating the system by installing a new image in a separate Btrfs snapshot and replacing the active snapshot with a new one;
- Aggregating packages into sets () that form a finished functionality, regardless of how many software components form them. Bundle and system environment image are formed on the basis of the RPM package repository, but are delivered without separation into packages. Inside the containers, a specially optimized copy of Clear Linux is executed, containing the bundles necessary to run the target application;
- Efficient update installation system, built into the base part of the distribution and providing accelerated delivery of updates with fixes for critical issues and vulnerabilities. An update in Clear Linux includes only directly changed data, so typical vulnerability and bug fixes take only a few kilobytes and are installed almost instantly;
- Unified versioning system - The version of a distribution represents the state and versions of all its components, which is useful for creating reproducible configurations and tracking changes to the distribution's components at the file level. Changing / updating any part of the system always leads to a change in the overall version of the entire distribution (if in ordinary distributions only the version number of a certain package increases, then in Clear Linux the version of the distribution itself increases);
- Stateless approach to configuration definition, which implies that different classes of settings are separated (OS, user and system settings are stored separately), the system does not save its state (stateless) and after installation does not contain any settings in the /etc directory, but generates settings on the fly based on the templates specified at startup. To reset system settings to default, you can simply remove /etc and /var;
- full-fledged virtualization (KVM) for running containers, which allows for a high level of security. Container startup time is slightly behind traditional container isolation systems (namespaces, cgroups) and is acceptable for launching application containers on demand (virtual environment startup time is about 200ms, and additional memory consumption is 18-20 MB per container). To reduce memory consumption, a mechanism is used (direct access to the FS bypassing the page cache without using the block device level), and technology is used to dedupe identical memory areas (Kernel Shared Memory), which allows you to organize the sharing of host system resources and connect a common system environment template to different guest systems.
Source: opennet.ru