ProHoster > Блог > ozi ịntanetị > Ntọhapụ ngwaọrụ njikwa akpa LXC na LXD 4.0

Ntọhapụ ngwaọrụ njikwa akpa LXC na LXD 4.0

Canonical bipụtara ntọhapụ nke ngwaọrụ maka ịhazi ọrụ nke arịa dịpụrụ adịpụ LXC 4.0, onye njikwa akpa LXD 4.0 na mebere FS LXCFS 4.0 maka ịme anwansị na / proc, / sys containers na ihe nnọchi anya cgroupfs nke ọma maka nkesa na-enweghị nkwado maka oghere aha otu. A na-ekewa alaka 4.0 dị ka ntọhapụ nkwado ogologo oge, mmelite nke ewepụtara n'ime oge afọ 5.

LXC bụ oge ịgba ọsọ maka arịa sistemu na arịa OCI. LXC gụnyere ọba akwụkwọ liblxc, ihe eji arụ ọrụ (lxc-create, lxc-start, lxc-stop, lxc-ls, wdg), ndebiri maka imepụta ihe na ihe ejikọtara maka asụsụ mmemme dị iche iche. A na-eme ikewapụ site na iji usoro kernel Linux ọkọlọtọ. Iji kewapụ usoro, nchịkọta netwọk ipc, uts, NJ onye ọrụ na ebe ugwu, a na-eji usoro aha oghere. a na-eji otu dị iche iche na-amachi akụrụngwa. Iji wedata ihe ùgwù na ịmachi ohere, a na-eji njirimara kernel dị ka profaịlụ Apparmor na SELinux, amụma Seccomp, Chroots (pivot_root) na ike. Koodu mpaghara:: LXC dere site na n'asụsụ C ma kesaa n'okpuru ikike GPLv2.

LXD bụ mgbakwunye na LXC, CRIU na QEMU nke a na-eji na-ahazi arịa na igwe mebere na otu sava ma ọ bụ karịa. Ọ bụrụ na LXC bụ ngwa ọrụ dị ala maka ịmegharị n'ọkwa nke arịa nke ọ bụla, mgbe ahụ, a na-emejuputa LXD dị ka usoro ndabere nke na-anabata arịrịọ n'elu netwọk site na REST API ma na-enye gị ohere ịmepụta nhazi nhazi nke etinyere na ụyọkọ nke ọtụtụ sava.
A na-akwado nkwado ndabere dị iche iche (osisi ndekọ aha, ZFS, Btrfs, LVM), snapshots nwere mpempe steeti, ịkwaga ndụ nke arịa na-agba ọsọ site n'otu igwe gaa na nke ọzọ, yana ngwaọrụ maka ịhazi nchekwa onyonyo. Koodu LXD dere site na na Go wee kesaa n'okpuru ikike Apache 2.0.

Igodo ndozi na LXC 4.0:

  • Edeghachila onye ọkwọ ụgbọ ala kpamkpam ka ya na otu otu rụọ ọrụ. Nkwado agbakwunyere maka ndị isi otu jikọtara ọnụ (cgroup2). Ọrụ njikwa friza agbakwunyere, nke ị nwere ike ịkwụsị ọrụ n'ime otu ma wepụta ihe ụfọdụ nwa oge (CPU, I/O, na enwere ike ọbụna ebe nchekwa) iji rụọ ọrụ ndị ọzọ;
  • Akụrụngwa arụrụ arụ ọrụ maka igbochi oku usoro;
  • Nkwado agbakwunyere maka sistemụ kernel "pidfd", nke emebere iji dozie ọnọdụ nke imegharị PID (pidfd jikọtara ya na usoro akọwapụtara na ọ naghị agbanwe, ebe enwere ike ijikọ PID na usoro ọzọ mgbe usoro ugbu a jikọtara ya na PID ahụ kwụsịrị) ;
  • Mmelite nke ọma na ihichapụ ngwaọrụ netwọkụ, yana mmegharị ha n'etiti oghere aha netwọkụ subsystem;
  • Emejuputala ikike ibugharị ngwaọrụ netwọk ikuku (nl80211) n'ime akpa.

Igodo ndozi na LXD 4.0:

  • Nkwado agbakwunyere maka ịmalite ọ bụghị naanị arịa, kamakwa igwe mebere;
  • Iji kewaa sava LXD, atụpụtala echiche ngo nke na-eme ka njikwa nke otu akpa na igwe mebere dị mfe. Ọrụ ọ bụla nwere ike ịgụnye arịa nke ya, igwe mebere, onyonyo, profaịlụ na akụkụ nchekwa. N'ihe gbasara oru ngo, ị nwere ike ịtọ ihe mgbochi gị ma gbanwee ntọala;
  • Nkwado agbakwunyere maka usoro nkwụsịtụ na-akpọ maka arịa;
  • Emebere imepụta nnomi ndabere nke gburugburu yana mweghachi site na ha;
  • Emebere akpaghị aka nke onyonyo gburugburu na ngalaba nchekwa na ikike ịtọ oge ndụ nke onyonyo ahụ;
  • API agbakwunyere maka nlekota ọkwa netwọkụ (ozi netwọk lxc);
  • nkwado agbakwunyere mgbanwe, mebere FS maka maping mount point to usernames;
  • Ụdị ihe nkwụnye netwọk ọhụrụ "ipvlan" na "kpọgharịa" ka atụpụtara;
  • agbakwunyere azụ maka iji nchekwa dabere na CephFS;
  • Emebela nkwado maka ntugharị onyonyo na nhazi ọtụtụ ihe maka ụyọkọ;
  • Njikwa ohere dabere na ọrụ agbakwunyere (RBAC);
  • Nkwado agbakwunyere maka CGroup2;
  • Agbakwunyere ikike ịhazi adreesị MAC wee chọpụta adreesị isi mmalite maka NAT;
  • API agbakwunyere maka ijikwa njikọ DHCP ( mgbazinye);
  • Nkwado agbakwunyere maka Nftables.

isi: opennet.ru

Tinye a comment