Ebipụtala ntọhapụ nke ọrụ 3.2 nke Kata Containers, na-emepụta nchịkọta maka ịhazi ogbugbu nke arịa site na iji ikewapụ dabere na usoro nhụsianya zuru oke. Ọ bụ Intel na Hyper mepụtara ọrụ a site na ijikọta Clear Containers na teknụzụ runV. Edere koodu ọrụ ahụ na Go na Rust, ma kesaa ya n'okpuru ikike Apache 2.0. A na-ahụ maka mmepe nke ọrụ a site n'aka otu ndị na-arụ ọrụ nke e kere n'okpuru nkwado nke ụlọ ọrụ OpenStack Foundation, nke gụnyere ụlọ ọrụ dịka Canonical, China Mobile, Dell/EMC, EasyStack, Google, Huawei, NetApp, Red Hat, SUSE na ZTE .
Основу Kata составляет runtime, позволяющий создавать компактные виртуальные машины, выполняемые с использованием полноценного гипервизора, вместо применения традиционных контейнеров, использующих общее ядро Linux ma kewapụ ya site na iji oghere aha na cgroups. igwe mebere na-enye ohere maka nchekwa dị elu nke na-echebe megide mwakpo sitere na iji adịghị ike kernel eme ihe Linux.
Kata Containers lekwasịrị anya na ntinye n'ime akụrụngwa kewapụ akpa dị ugbu a nwere ikike iji igwe mebere ụdị ahụ iji kwalite nchekwa nke arịa ọdịnala. Ọrụ a na-enye usoro iji hụ na ndakọrịta nke igwe mebere dị fechaa nwere akụrụngwa iche iche akpa dị iche iche, nyiwe akụrụngwa akpa na nkọwapụta dịka OCI (Open Container Initiative), CRI (Container Runtime Interface) na CNI (Container Networking Interface). Ngwa dị maka njikọta na Docker, Kubernetes, QEMU na OpenStack.
A na-eji usoro njikwa akpa eme ihe site na iji akwa njikwa akpa nke na-agwa onye na-ahụ maka njikwa okwu na igwe mebere eme ihe site na njikọ gRPC na proxy raara onwe ya nye. A na-eji kernel emelitere nke ọma n'ime gburugburu mebere eme ihe, nke onye na-ahụ maka hypervisor na-amalite. Linux, nke nwere naanị obere atụmatụ dị mkpa.
Ihe na-akwado ya bụ Dragonball Sandbox (mbipụta KVM nke e mere ka ọ dị mma) nke nwere QEMU, yana Firecracker na Cloud Hypervisor. Gburugburu sistemụ ahụ gụnyere init daemon na ihe nnọchi anya. Ihe nnọchi anya ahụ na-enye ohere ka e mee ihe onyonyo akpa nke onye ọrụ kọwara na usoro OCI maka usoro Docker na CRI maka Kubernetes. Mgbe ejiri ya na Docker, a na-emepụta ihe atụ dị iche maka akpa ọ bụla. igwe mebere, ya bụ, a na-eji gburugburu ebe a na-agba n'elu hypervisor eme ihe maka mwepụta nke akpa ndị a kpọchiri akpọchi.
Iji belata oriri ebe nchekwa, a na-eji usoro DAX (nweta ozugbo na sistemụ faịlụ, na-agafe cache ibe na-ejighi ọkwa ngwaọrụ ngọngọ), yana wepụta mpaghara ebe nchekwa yiri ya, a na-eji teknụzụ KSM (Kernel Samepage Merging), nke na-enye gị ohere. iji hazie nkesa nke nnabata usoro akụrụngwa na jikọọ dị iche iche ọbịa usoro na-ekekọrịta a nkịtị usoro gburugburu template.
Na ụdị ọhụrụ:
- Na mgbakwunye na nkwado maka ụkpụrụ ụlọ AMD64 (x86_64), ewepụtara ntọhapụ maka ụlọ ọrụ ARM64 (Aarch64) na s390 (IBM Z). Nkwado maka ppc64le architecture (IBM Ike) nọ na mmepe.
- Iji hazie ohere ịnweta onyonyo akpa, a na-eji sistemu faịlụ Nydus 2.2.0, nke na-eji okwu ọdịnaya maka imekọ ihe nke ọma na onyonyo ọkọlọtọ. Nydus na-akwado nbudata onyonyo na-efe efe (nbudata naanị mgbe achọrọ ya), na-enye mwepu nke data oyiri, ma nwee ike iji azụ azụ dị iche iche maka nchekwa n'ezie. Enyere ndakọrịta POSIX (dị ka Composefs, mmejuputa Nydus na-ejikọta ike nke OverlayFS na EROFS ma ọ bụ FUSE modul).
- Ejikọtala onye njikwa igwe dragọnball mebere n'ime usoro ọrụ Kata Containers, nke a ga-emepụta ugbu a na ebe nchekwa.
- Agbakwunyela ọrụ nbipu na kata-ctl maka ijikọ na igwe mebere site na gburugburu ebe obibi.
- A gbasaala ikike njikwa GPU yana agbakwunyere nkwado maka ibuga GPU na arịa maka mgbakọ nzuzo (Confidential Container), nke na-enye ezoro ezo nke data, ebe nchekwa na ọnọdụ igbu egbu maka nchebe ma ọ bụrụ na e mebie gburugburu ebe obibi ma ọ bụ hypervisor.
- Agbakwunyela sistemu maka ijikwa ngwaọrụ eji n'ime akpa ma ọ bụ gburugburu sandbox na Runtime-rs. Na-akwado na-arụ ọrụ na vfio, ngọngọ, netwọk na ụdị ngwaọrụ ndị ọzọ.
- Enyere ndakọrịta na OCI Runtime 1.0.2 na Kubernetes 1.23.1.
- В качестве ядра Linux рекомендовано использовать выпуск 6.1.38 с патчами.
- Ewepụla mmepe site na iji usoro njikọta Jenkins na-aga n'ihu na GitHub Actions.
isi: opennet.ru
