Amazon tuam txhab
Qhov kev faib tawm muab Linux ntsiav thiab ib puag ncig tsawg kawg nkaus, suav nrog tsuas yog cov khoom tsim nyog los khiav cov thawv. Ntawm cov pob khoom koom nrog hauv qhov project yog tus tswj hwm qhov systemd, lub tsev qiv ntawv Glibc, thiab cov cuab yeej sib dhos
Buildroot, GRUB bootloader, network configurator
Kev faib tawm yog hloov kho atomically thiab xa tuaj rau hauv daim ntawv ntawm cov duab tsis pom kev. Ob lub disk faib tau faib rau lub kaw lus, ib qho ntawm cov uas muaj cov kab ke nquag, thiab qhov hloov tshiab tau theej rau qhov thib ob. Tom qab qhov hloov tshiab tau xa mus, qhov kev faib thib ob tau ua haujlwm, thiab thawj zaug, kom txog rau thaum qhov hloov tshiab tom ntej tuaj txog, cov txheej txheem dhau los tau txais kev cawmdim, uas koj tuaj yeem thim rov qab yog tias muaj teeb meem tshwm sim. Kev hloov kho tshiab raug teeb tsa tsis muaj kev cuam tshuam rau tus thawj tswj hwm.
Qhov sib txawv tseem ceeb los ntawm cov khoom sib xws xws li Fedora CoreOS, CentOS / Red Hat Atomic Host yog qhov tseem ceeb ntawm kev muab
Lub hauv paus muab faib yog mounted nyeem nkaus xwb, thiab /etc chaw muab faib yog mounted nyob rau hauv tmpfs thiab rov qab mus rau nws thawj lub xeev tom qab ib tug restart. Kev hloov pauv ncaj qha ntawm cov ntaub ntawv hauv /etc directory, xws li /etc/resolv.conf thiab /etc/containerd/config.toml, tsis txaus siab - txhawm rau txuag chaw mus tas li, koj yuav tsum siv API lossis txav cov haujlwm mus rau hauv cov thawv cais.
Feem ntau cov khoom siv hauv lub cev tau sau rau hauv Rust, uas muab cov yam ntxwv muaj kev nyab xeeb kom tsis txhob muaj qhov tsis zoo tshwm sim los ntawm kev nkag mus tsis tau tom qab lub cim xeeb, tsis muaj qhov taw qhia tsis zoo, thiab tsis muaj kev cuam tshuam. Thaum tsim los ntawm lub neej ntawd, cov "--enable-default-pie" thiab "--enable-default-ssp" compilation hom yog siv los pab kom randomization ntawm qhov chaw nyob ntawm cov ntaub ntawv executable (
Rau cov pob ntawv sau hauv C / C ++, cov chij ntxiv suav nrog
"-Wall", "-Werror=format-security", "-Wp,-D_FORTIFY_SOURCE=2", "-Wp,-D_GLIBCXX_ASSERTIONS" thiab "-fstack-clash-protection".
Thawv orchestration cuab yeej muab cais
Tau qhov twg los: opennet.ru