SUSE tau luam tawm tus qauv thib peb ntawm ALP platform "Piz Bernina" (Adaptable Linux Platform), tau ua haujlwm txuas ntxiv ntawm kev txhim kho ntawm SUSE Linux Enterprise faib. Qhov sib txawv tseem ceeb ntawm ALP yog kev faib cov tub ntxhais faib ua ob ntu: kev tshem tawm "tus tswv OS" rau kev khiav ntawm cov khoom siv sab saum toj thiab txheej txheej rau kev txhawb nqa cov ntawv thov, tsom rau kev khiav hauv ntim thiab tshuab virtual. ALP yog thawj zaug tsim los siv cov txheej txheem qhib kev txhim kho, uas qhov nruab nrab ntawm kev tsim thiab kev xeem tau raug tshaj tawm rau txhua tus.
Tus qauv thib peb suav nrog ob ceg sib cais, uas nyob rau hauv lawv daim ntawv tam sim no zoo sib xws hauv cov ntsiab lus, tab sis yav tom ntej lawv yuav txhim kho nyob rau hauv kev coj ntawm ntau qhov chaw ntawm daim ntawv thov thiab yuav txawv ntawm cov kev pabcuam uas lawv muab. Bedrock ceg, taw qhia rau kev siv hauv cov tshuab server, thiab Micro ceg, tsim los rau kev tsim huab-native systems thiab khiav microservices, muaj rau kev sim. Cov rooj sib txoos npaj tau npaj rau x86_64 architecture (Bedrock, Micro). Tsis tas li ntawd, cov ntawv sau ua ke muaj (Bedrock, Micro) rau Aarch64, PPC64le thiab s390x architectures.
ALP architecture yog raws li kev txhim kho hauv "tus tswv OS" ntawm ib puag ncig uas tsim nyog tsawg los txhawb thiab tswj cov khoom siv. Nws tau thov kom khiav txhua daim ntawv thov thiab cov neeg siv qhov chaw tsis nyob hauv ib puag ncig sib xyaw, tab sis nyob rau hauv cov thawv cais lossis cov tshuab virtual khiav rau saum "tus tswv OS" thiab cais tawm ntawm ib leeg. Lub koom haum no yuav tso cai rau cov neeg siv tsom mus rau cov ntawv thov thiab kev ua haujlwm tsis pom kev deb ntawm lub hauv paus system ib puag ncig thiab kho vajtse.
SLE Micro cov khoom, raws li kev txhim kho ntawm MicroOS project, yog siv los ua lub hauv paus rau "tus tswv OS". Rau kev tswj hwm hauv nruab nrab, cov txheej txheem tswj xyuas cov ntsev (ua ntej-ntsia) thiab Ansible (yeem) muaj. Podman thiab K3s (Kubernetes) cov cuab yeej muaj los khiav cov thawv cais. Ntawm cov khoom siv hauv lub thawv yog yast2, podman, k3s, cockpit, GDM (GNOME Display Manager) thiab KVM.
Ntawm cov yam ntxwv ntawm qhov system ib puag ncig, lub neej ntawd siv disk encryption (FDE, Full Disk Encryption) nrog lub peev xwm khaws cov yuam sij hauv TPM tau hais. Lub hauv paus muab faib yog mounted nyob rau hauv hom nyeem nkaus xwb thiab tsis hloov thaum lub sij hawm ua hauj lwm. Ib puag ncig siv atomic hloov tshiab installation mechanism. Tsis zoo li atomic hloov tshiab raws li ostree thiab snap siv hauv Fedora thiab Ubuntu, ALP siv tus txheej txheem pob tus thawj tswj hwm thiab snapshot mechanism hauv Btrfs cov ntaub ntawv es tsis txhob tsim cov duab atomic cais thiab xa cov khoom xa tuaj ntxiv.
Muaj hom kev teeb tsa rau kev teeb tsa tsis siv neeg hloov tshiab (piv txwv li, koj tuaj yeem ua kom tsis siv neeg nruab ntawm tsuas yog thaj ua rau thaj tsam tseem ceeb lossis rov qab mus rau manually lees paub lub installation ntawm kev hloov tshiab). Nyob thaj ua rau thaj tau txais kev txhawb nqa los hloov kho Linux ntsiav yam tsis tau rov pib dua lossis tso tseg ua haujlwm. Txhawm rau tswj hwm txoj kev muaj sia nyob (kev kho tus kheej), lub xeev ruaj khov kawg tau sau tseg siv Btrfs snapshots (yog tias pom qhov tsis txaus ntseeg tom qab thov hloov kho lossis hloov chaw, lub kaw lus yuav cia li hloov mus rau lub xeev dhau los).
Lub platform siv ntau hom software pawg - ua tsaug rau kev siv cov ntim khoom, koj tuaj yeem siv ib txhij siv cov cuab yeej sib txawv thiab kev siv. Piv txwv li, koj tuaj yeem khiav cov ntawv thov siv sib txawv ntawm Python, Java, thiab Node.js ua kev vam khom, sib cais tsis sib haum xeeb. Lub hauv paus kev cia siab yog muab rau hauv daim ntawv ntawm BCI (Base Container Images) teev. Tus neeg siv tuaj yeem tsim, hloov kho thiab tshem tawm software pawg yam tsis muaj kev cuam tshuam rau lwm qhov chaw.
Rau kev teeb tsa, D-Installer installer yog siv, nyob rau hauv uas tus neeg siv interface tau sib cais los ntawm cov khoom sab hauv ntawm YaST thiab nws tuaj yeem siv ntau yam frontends, suav nrog rau pem hauv ntej rau kev tswj hwm kev teeb tsa ntawm lub web interface. Kev ua tiav ntawm YaST cov neeg siv khoom (bootloader, iSCSIClient, Kdump, firewall, thiab lwm yam) hauv cov thawv cais tau txais kev txhawb nqa.
Cov kev hloov loj hauv peb ALP qauv:
- Muab qhov Trusted Execution Ib puag ncig rau kev suav tsis pub lwm tus paub, tso cai rau kev ruaj ntseg ntawm cov ntaub ntawv siv kev sib cais, encryption thiab cov tshuab virtual.
- Kev siv cov ntawv pov thawj kho vajtse thiab lub sijhawm ua haujlwm los xyuas qhov tseeb ntawm cov haujlwm uas tau ua.
- Lub hauv paus rau kev txhawb nqa cov tshuab virtual tsis pub leej twg paub (CVM, Tsis pub twg paub Virtual Machine).
- Kev koom ua ke ntawm kev txhawb nqa rau NeuVector platform los txheeb xyuas qhov kev ruaj ntseg ntawm cov ntim khoom, txiav txim siab qhov muaj cov khoom tsis zoo thiab txheeb xyuas cov kev ua phem.
- Kev them nyiaj yug rau s390x architecture ntxiv rau x86_64 thiab aarch64.
- Lub peev xwm los ua kom tag nrho-disk encryption (FDE, Full Disk Encryption) nyob rau theem kev teeb tsa nrog cov yuam sij khaws cia hauv TPMv2 thiab tsis tas yuav nkag mus rau tus lej hla thaum thawj khau raj. Kev txhawb nqa sib npaug rau ob qho tib si encryption ntawm cov kev faib tsis tu ncua thiab LVM (Logical Volume Manager) muab faib.
Tau qhov twg los: opennet.ru