Tom qab ob xyoos ntawm txoj kev loj hlob, qhov kev tso tawm ntawm Kata Containers 3.0 qhov project tau tshaj tawm, tsim ib pawg rau kev teeb tsa kev tua cov ntim khoom siv kev sib cais raws li cov txheej txheem virtualization tag nrho. Qhov project tau tsim los ntawm Intel thiab Hyper los ntawm kev sib txuas Cov Thawv Ntshiab thiab runV technologies. Txoj haujlwm code yog sau rau hauv Go thiab Rust, thiab muab faib raws li Apache 2.0 daim ntawv tso cai. Kev txhim kho ntawm txoj haujlwm yog saib xyuas los ntawm ib pab pawg ua haujlwm tsim los ntawm kev txhawb nqa ntawm lub koom haum ywj pheej OpenStack Foundation, uas suav nrog cov tuam txhab xws li Canonical, China Mobile, Dell/EMC, EasyStack, Google, Huawei, NetApp, Red Hat, SUSE thiab ZTE. .
Hauv plawv ntawm Kata yog lub sijhawm ua haujlwm, uas muab lub peev xwm los tsim cov tshuab virtual uas siv lub tshuab ua kom tag nrho, es tsis txhob siv cov thawv ntim ib txwm siv uas siv cov Linux kernel thiab raug cais siv cov npe thiab cgroups. Kev siv cov tshuab virtual tso cai rau koj kom ua tiav qib siab dua ntawm kev ruaj ntseg uas tiv thaiv kev tawm tsam los ntawm kev siv cov kev tsis zoo hauv Linux kernel.
Kata Containers yog tsom rau kev sib koom ua ke rau hauv cov thawv ntim khoom uas twb muaj lawm nrog kev muaj peev xwm siv cov tshuab virtual zoo sib xws los txhim kho kev tiv thaiv cov thawv ntim ib txwm muaj. Lub phiaj xwm muab cov txheej txheem los xyuas kom meej kev sib raug zoo ntawm lub teeb yuag virtual tshuab nrog ntau lub thawv cais tawm cov txheej txheem, thawv orchestration platforms thiab specifications xws li OCI (Open Container Initiative), CRI (Container Runtime Interface) thiab CNI (Container Networking Interface). Cov cuab yeej muaj rau kev koom ua ke nrog Docker, Kubernetes, QEMU thiab OpenStack.
Kev koom ua ke nrog cov txheej txheem tswj lub thawv tau ua tiav siv cov txheej txheem uas simulates kev tswj lub thawv, uas nkag mus rau tus neeg saib xyuas hauv lub tshuab virtual los ntawm gRPC interface thiab lub npe tshwj xeeb. Nyob rau hauv lub virtual ib puag ncig, uas yog launched los ntawm lub hypervisor, ib tug tshwj xeeb optimized Linux kernel yog siv, muaj tsuas yog qhov tsawg kawg nkaus txheej ntawm tsim nyog muaj peev xwm.
Raws li tus neeg saib xyuas hypervisor, nws txhawb kev siv Dragonball Sandbox (ib tsab ntawm KVM optimized rau ntim) nrog QEMU cov cuab yeej, nrog rau Firecracker thiab Huab Hypervisor. Lub kaw lus ib puag ncig suav nrog kev pib daemon thiab tus neeg sawv cev. Tus neeg sawv cev muab kev ua tiav ntawm cov neeg siv lub thawv ntim cov duab hauv OCI hom rau Docker thiab CRI rau Kubernetes. Thaum siv nrog Docker, lub tshuab virtual cais tau tsim rau txhua lub thawv, piv txwv li. Ib puag ncig khiav rau saum lub hypervisor yog siv rau nested launching ntim.
Txhawm rau txo kev siv lub cim xeeb, DAX mechanism yog siv (kev nkag ncaj qha rau hauv cov ntaub ntawv kaw lus, hla cov nplooj ntawv cache yam tsis siv cov cuab yeej thaiv qib), thiab kom tshem tawm cov chaw nco zoo ib yam, KSM (Kernel Samepage Merging) thev naus laus zis yog siv, uas tso cai rau koj. los npaj kev sib koom ntawm tus tswv tsev cov peev txheej thiab txuas rau cov qhua sib txawv sib koom ua ke ib puag ncig tus qauv.
Hauv qhov tshiab version:
- Ib qho kev xaiv lwm txoj haujlwm (runtime-rs) tau thov, uas ua cov ntim ntim, sau ua lus Rust (lub sijhawm ua haujlwm yav dhau los tau sau ua lus Go). Runtime tau sib xws nrog OCI, CRI-O thiab Thawv, tso cai rau nws siv nrog Docker thiab Kubernetes.
- Tus tshiab dragonball hypervisor raws li KVM thiab xeb-vmm tau raug npaj.
- Ntxiv kev txhawb nqa rau kev xa mus rau GPU siv VFIO.
- Ntxiv kev txhawb nqa rau cgroup v2.
- Kev them nyiaj yug rau kev hloov chaw yam tsis hloov cov ntaub ntawv teeb tsa tseem ceeb tau ua los ntawm kev hloov cov blocks hauv cov ntaub ntawv cais nyob hauv "config.d/" directory.
- Rust Cheebtsam suav nrog lub tsev qiv ntawv tshiab rau kev ua haujlwm ruaj ntseg nrog cov ntaub ntawv taug kev.
- Cov khoom siv virtiofsd (sau hauv C) tau hloov nrog virtiofsd-rs (sau hauv Rust).
- Ntxiv kev txhawb nqa rau sandboxing QEMU Cheebtsam.
- QEMU siv io_uring API rau asynchronous I/O.
- Kev them nyiaj yug rau Intel TDX (Trusted Domain Extensions) txuas ntxiv tau siv rau QEMU thiab Huab-hypervisor.
- Cheebtsam hloov kho: QEMU 6.2.0, Cloud-hypervisor 26.0, Firecracker 1.1.0, Linux ntsiav 5.19.2.
Tau qhov twg los: opennet.ru