SUSE ta buga samfuri na uku na dandalin ALP “Piz Bernina” (Mai daidaita Linux Platform), wanda aka sanya shi a matsayin ci gaba na ci gaban rarrabawar SUSE Linux Enterprise. Babban bambanci tsakanin ALP shine rarrabuwa na ainihin rarraba zuwa sassa biyu: wani tsiri-saukar "host OS" don gudana a saman kayan aiki da Layer don aikace-aikacen tallafi, da nufin gudana a cikin kwantena da injuna masu kama-da-wane. An fara haɓaka ALP ta amfani da tsarin ci gaba mai buɗewa, wanda tsaka-tsakin gini da sakamakon gwaji ke samuwa ga kowa.
Nau'in samfur na uku ya ƙunshi rassa daban-daban guda biyu, waɗanda a cikin nau'ikan su na yanzu suna kama da abun ciki, amma a nan gaba za su haɓaka ta hanyar fannoni daban-daban na aikace-aikacen kuma za su bambanta a cikin ayyukan da suke bayarwa. Reshen Bedrock, wanda ya keɓe don amfani a cikin tsarin uwar garken, da kuma reshen Micro, wanda aka ƙera don gina tsarin tushen gajimare da gudanar da ƙananan ayyuka, suna samuwa don gwaji. An shirya taron da aka shirya don gine-ginen x86_64 (Bedrock, Micro). Bugu da ƙari, ana samun rubutun taro (Bedrock, Micro) don gine-ginen Aarch64, PPC64le da s390x.
Gine-ginen ALP ya dogara ne akan haɓakawa a cikin "OS mai masaukin baki" na mahallin da ke da mahimmanci don tallafawa da sarrafa kayan aiki. An ba da shawara don gudanar da duk aikace-aikacen da abubuwan sararin samaniya na mai amfani ba a cikin mahalli mai gauraya ba, amma a cikin kwantena daban ko injunan kama-da-wane da ke gudana a saman "OS OS" da keɓe da juna. Wannan ƙungiyar za ta ba da damar masu amfani su mai da hankali kan aikace-aikace da ƙayyadaddun ayyukan aiki nesa da yanayin tsarin da kayan masarufi.
Ana amfani da samfurin SLE Micro, bisa ga ci gaban aikin MicroOS, a matsayin tushen tushen "OS mai masaukin baki". Don gudanarwa na tsakiya, ana ba da tsarin sarrafa sanyi Gishiri (wanda aka riga aka shigar) da Mai yiwuwa (na zaɓi). Podman da K3s (Kubernetes) kayan aikin suna samuwa don gudanar da keɓaɓɓun kwantena. Daga cikin sassan tsarin da aka sanya a cikin kwantena sun hada da yast2, podman, k3s, cockpit, GDM (GNOME Display Manager) da KVM.
Daga cikin fasalulluka na yanayin tsarin, an ambaci tsohuwar amfani da ɓoyayyen faifai (FDE, Encryption Full Disk) tare da ikon adana maɓalli a cikin TPM. An ɗora ɓangaren tushen a cikin yanayin karanta kawai kuma baya canzawa yayin aiki. Yanayin yana amfani da injin sabunta atomatik. Ba kamar sabuntawar atomatik ba dangane da ostree da karye da aka yi amfani da su a Fedora da Ubuntu, ALP maimakon gina hotunan atomic daban-daban da tura ƙarin kayan aikin isar da saƙo yana amfani da daidaitaccen mai sarrafa fakiti da tsarin hoto a cikin tsarin fayil ɗin Btrfs.
Akwai yanayin daidaitacce don shigarwa ta atomatik na sabuntawa (misali, zaku iya kunna shigarwa ta atomatik na faci kawai don raunin rauni ko komawa ga tabbatar da shigar da sabuntawa da hannu). Ana tallafawa faci kai tsaye don sabunta kwaya ta Linux ba tare da sake farawa ko dakatar da aiki ba. Don kiyaye tsarin tsira (warkar da kai), ana yin rikodin yanayin kwanciyar hankali na ƙarshe ta amfani da hotunan Btrfs (idan an gano abubuwan da ba su da kyau bayan amfani da sabuntawa ko canza saituna, ana canza tsarin ta atomatik zuwa jihar da ta gabata).
Dandalin yana amfani da tarin software iri-iri - godiya ga amfani da kwantena, zaku iya amfani da nau'ikan kayan aiki da aikace-aikace a lokaci guda. Misali, zaku iya gudanar da aikace-aikacen da ke amfani da nau'ikan Python, Java, da Node.js daban-daban azaman abin dogaro, suna raba abubuwan dogaro da ba su dace ba. Ana ba da abubuwan dogaro na tushe ta hanyar BCI (Hotunan Kwantenan Tushen). Mai amfani zai iya ƙirƙira, ɗaukakawa da share tarin software ba tare da ya shafi wasu mahalli ba.
Don shigarwa, ana amfani da mai sakawa D-Installer, a cikin abin da keɓaɓɓen keɓancewar mai amfani daga abubuwan ciki na YaST kuma yana yiwuwa a yi amfani da gabaɗaya daban-daban, gami da gaba don sarrafa shigarwa ta hanyar haɗin yanar gizo. Kisa na abokan cinikin YaST (bootloader, iSCSIClient, Kdump, Firewall, da sauransu) a cikin kwantena daban ana tallafawa.
Manyan canje-canje a cikin samfurin ALP na uku:
- Samar da Amintaccen Muhalli na Kisa don ƙididdigewa na sirri, ba da izinin sarrafa bayanai ta hanyar keɓewa, ɓoyewa da injunan kama-da-wane.
- Amfani da kayan aiki da takaddun shaida na lokacin aiki don tabbatar da amincin ayyukan da ake yi.
- Tushen don tallafawa injunan kama-da-wane na sirri (CVM, Na'urar Sirri na Sirri).
- Haɗuwa da tallafi don dandamali na NeuVector don tabbatar da tsaro na kwantena, ƙayyade kasancewar abubuwan da ba su da haɗari da kuma gano ayyukan mugunta.
- Taimako don gine-ginen s390x ban da x86_64 da aarch64.
- Ikon ba da damar ɓoye ɓoyayyen diski (FDE, Cikakken Encryption) a matakin shigarwa tare da maɓallan da aka adana a cikin TPMv2 kuma ba tare da buƙatar shigar da kalmar wucewa ba yayin taya ta farko. Madaidaicin tallafi don ɓoyayyen ɓoyayyen ɓangarori na yau da kullun da ɓangarori na LVM (Mai sarrafa ƙarar ma'ana).
source: budenet.ru