Mangani, Gawani, Gwirizanani

Zotengera ndi mtundu wopepuka wa malo ogwiritsa ntchito a Linux - kwenikweni, ndiwocheperako. Komabe, akadali makina ogwiritsira ntchito, choncho khalidwe la chidebe ichi palokha ndilofunika kwambiri ngati makina ogwiritsira ntchito athunthu. Ichi ndichifukwa chake kwa nthawi yayitali timapereka Zithunzi za Red Hat Enterprise Linux (RHEL)., kuti ogwiritsa ntchito athe kukhala ndi zotengera zovomerezeka, zamakono, komanso zamakono zamabizinesi. Launch zithunzi zotengera (Zithunzi zamkati) RHEL pa zotengera zokhala ndi RHEL imapereka kulumikizana ndi kusuntha pakati pa malo, osanenapo kuti izi ndi zida zodziwika kale. Koma panali vuto limodzi. Simungangopereka chithunzicho kwa wina, ngakhale atakhala kasitomala kapena mnzanu pogwiritsa ntchito Red Hat Enterprise Linux.

Koma tsopano zonse zasintha

Ndi kutulutsidwa kwa Red Hat Universal Base Image (UBI), tsopano mutha kupeza kudalirika, chitetezo, ndi magwiridwe antchito omwe mumayembekezera kuchokera pazithunzi zovomerezeka za Red Hat, kaya mwalembetsa kapena ayi. Izi zikutanthauza kuti mutha kupanga pulogalamu yokhala ndi zotengera pa UBI, ndikuyiyika mu registry yachidebe yomwe mukufuna, ndikugawana ndi dziko lapansi. Chithunzi cha Red Hat Universal Base chimakupatsani mwayi womanga, kugawana, ndikuthandizana nawo pa pulogalamu yomwe ili ndi zida zilizonse - komwe mungafune.

Ndi UBI, mutha kusindikiza ndikuyendetsa mapulogalamu anu pamtundu uliwonse. Koma ngati muwathamangitsa pamapulatifomu a Red Hat monga Red Hat OpenShift ndi Red Hat Enterprise Linux, mutha kupeza zina zowonjezera (golide wochulukirapo!). Ndipo tisanapitirire kukufotokozera mwatsatanetsatane za UBI, ndiroleni ndipereke FAQ yaifupi chifukwa chake Kulembetsa kwa RHEL kumafunikira. Ndiye, chimachitika ndi chiyani mukayendetsa chithunzi cha UBI pa nsanja ya RHEL/OpenShift?

Ndipo tsopano kuti ndife okondwa ndi malonda, tiyeni tikambirane mwatsatanetsatane za UBI

Zifukwa zogwiritsira ntchito UBI

Mukuyenera kumva bwanji kudziwa kuti UBI ikuthandizani:

• Mai opanga ndikufuna kugwiritsa ntchito zithunzi zotengera zomwe zitha kugawidwa ndikuyendetsedwa m'malo aliwonse
• Gulu langa Ntchito akufuna chithunzi chothandizira chokhala ndi moyo wamabizinesi
• Mai okonza mapulani ndikufuna kupereka Wothandizira Kubernetes kwa makasitomala anga / ogwiritsa ntchito kumapeto
• Mai makasitomala sakufuna kuwomba malingaliro awo ndi chithandizo chamagulu amalonda kumalo awo onse a Red Hat
• Wanga mudzi akufuna kugawana, kuyendetsa, kufalitsa mapulogalamu omwe ali ndi zida kulikonse

Ngati chimodzi mwazochitikazo chikuyenerani, ndiye kuti muyenera kuyang'ana UBI.

Zoposa chithunzi chokhazikika

UBI ndi yaying'ono kuposa OS yodzaza, koma UBI ili ndi zinthu zitatu zofunika:

1. Seti ya zithunzi zitatu zoyambira (ubi, ubi-chochepa, ubi-init)
2. Zithunzi zokhala ndi nthawi yokonzekera yokonzekera zilankhulo zosiyanasiyana zamapulogalamu (nodejs, ruby, python, php, perl, etc.)
3. Mapaketi ogwirizana nawo munkhokwe ya YUM yokhala ndi zodalira kwambiri

UBI idapangidwa ngati maziko oyambira pamtambo komanso mawebusayiti omwe amapangidwa ndikuperekedwa m'mitsuko. Zonse zomwe zili mu UBI ndi kagawo kakang'ono ka RHEL. Maphukusi onse mu UBI amaperekedwa kudzera mu njira za RHEL ndipo amathandizidwa mofanana ndi RHEL pamene akuyenda pa nsanja zothandizira Red Hat monga OpenShift ndi RHEL.

Kuwonetsetsa kuti chithandizo chapamwamba cha zotengera kumafuna khama lalikulu kuchokera kwa mainjiniya, akatswiri achitetezo ndi zina zowonjezera. Izi sizingofunika kuyesa zithunzi zoyambira, komanso kusanthula machitidwe awo pagulu lililonse lothandizira.

Pofuna kuchepetsa kulemedwa kwa kukweza, Red Hat ikupanga mwachangu ndikuthandizira kuti UBI 7 ikhoza kuthamanga pa makamu a RHEL 8, mwachitsanzo, ndipo UBI 8 ikhoza kuthamanga pa makamu a RHEL 7. Izi zimapereka ogwiritsa ntchito kusinthasintha, chidaliro, ndi mtendere wa malingaliro omwe amafunikira panthawiyi. , mwachitsanzo, zosintha zapapulatifomu pazithunzi zotengera kapena zogwiritsa ntchito. Tsopano zonsezi zikhoza kugawidwa m'magulu awiri odziimira okha.

Zithunzi zitatu zoyambira

Zochepa - zopangidwira mapulogalamu omwe ali ndi zodalira zonse (Python, Node.js, .NET, etc.)

• Zochepa zomwe zidayikidwatu
• Palibe zoyeserera za suid
• Zida zowongolera phukusi locheperako (kukhazikitsa, kusintha ndi kuchotsa)

Platform - pamapulogalamu aliwonse omwe akuyenda pa RHEL

• OpenSSL Unified Cryptographic Stack
• Mtengo wathunthu wa YUM
• Zothandiza zoyambira za OS zophatikizidwa (tar, gzip, vi, etc.)

Multi-Service - zimapangitsa kuti zikhale zosavuta kuyendetsa mautumiki angapo mumtsuko umodzi

• Zokonzedwa kuti ziyendetse systemd poyambira
• Kutha kuloleza mautumiki panthawi yomanga

Khazikitsani zithunzi zokhala ndi malo okonzekera chilankhulo chokonzekera

Kuphatikiza pa zithunzi zoyambira zomwe zimakupatsani mwayi woyika chithandizo cha chilankhulo cha pulogalamu, ma UBI amaphatikiza zithunzi zomwe zidapangidwa kale zokhala ndi nthawi yokhazikika yokonzekera zilankhulo zingapo zamapulogalamu. Madivelopa ambiri amatha kungotenga chithunzicho ndikuyamba kugwira ntchito yomwe akupanga.

Ndi kukhazikitsidwa kwa UBI, Red Hat ikupereka zithunzi ziwiri - zochokera ku RHEL 7 komanso zochokera ku RHEL 8. Zinachokera ku Red Hat Software Collections (RHEL 7) ndi Application Streams (RHEL 8), motsatira. Nthawi zoyendetsera izi zimasungidwa mpaka pano ndipo zimalandira zosintha zinayi pachaka monga zokhazikika, kotero mumangotulutsa zaposachedwa komanso zokhazikika.

Nawu mndandanda wazithunzi zotengera UBI 7:

Nawu mndandanda wazithunzi zotengera UBI 8:

Phukusi logwirizana

Kugwiritsa ntchito zithunzi zopangidwa kale ndikosavuta kwambiri. Red Hat imawapangitsa kukhala amakono ndikuwasintha ndi kutulutsidwa kwa mtundu watsopano wa RHEL, komanso pomwe zosintha zovuta za CVE zikupezeka molingana ndi ndondomeko yosinthira. Ndondomeko ya zithunzi za RHEL kotero kuti mutha kutenga chimodzi mwazithunzizi ndikuyamba kugwiritsa ntchito pulogalamuyi.

Koma nthawi zina, popanga pulogalamu, mungafunike phukusi lowonjezera mwadzidzidzi. Kapena, nthawi zina, kuti pulogalamuyo igwire ntchito, muyenera kusintha phukusi limodzi kapena lina. Ichi ndichifukwa chake zithunzi za UBI zimabwera ndi ma RPM omwe amapezeka kudzera mu yum, ndipo amagawidwa pogwiritsa ntchito netiweki yotumizira zinthu mwachangu komanso yopezeka kwambiri (muli ndi phukusi!). Mukayendetsa yum update pa CI/CD yanu pamalo ovuta kwambiri, mungakhale otsimikiza kuti idzagwira ntchito.

RHEL ndiye maziko

Sititopa kubwereza kuti RHEL ndiye maziko a chilichonse. Kodi mukudziwa kuti ndi magulu ati ku Red Hat omwe amagwira ntchito popanga zithunzi zoyambira? Mwachitsanzo izi:

• Gulu la ainjiniya omwe ali ndi udindo wowonetsetsa kuti malaibulale akuluakulu monga glibc ndi OpenSSL, komanso nthawi yoyendetsera zilankhulo monga Python ndi Ruby, amapereka magwiridwe antchito mosasinthasintha komanso kuyendetsa bwino ntchito zikagwiritsidwa ntchito m'makontena.
• Gulu lachitetezo chazinthu limayang'anira kuwongolera nthawi yake zolakwika ndi zovuta zachitetezo m'ma library ndi malo azilankhulo, mphamvu ya ntchito yawo imawunikidwa pogwiritsa ntchito index yapadera. Container Health Index grade.
• Gulu la oyang'anira zinthu ndi mainjiniya adzipereka kuti awonjezere zatsopano ndikuwonetsetsa kuti zinthu zizikhala ndi moyo wautali, kukupatsani chidaliro muzogulitsa zanu kuti muwonjezere.

Red Hat Enterprise Linux imapanga malo abwino kwambiri okhalamo komanso chithunzi chazotengera, koma opanga ambiri amayamikira kuthekera kogwira ntchito ndi dongosololi m'mawonekedwe osiyanasiyana, ena omwe angakhale kunja kwa machitidwe ogwiritsiridwa ntchito a Linux. Apa ndipamene zithunzi za UBI zapadziko lonse lapansi zimathandizira.

Tinene pompano, pakadali pano, mukungoyang'ana chithunzi choyambira kuti muyambe kugwiritsa ntchito pulogalamu yosavuta. Kapena kodi muli pafupi ndi mtsogolo ndipo mukuchoka kuzinthu zoyima zomwe zikuyenda pa injini ya chidebe kupita ku mbiri yakale yamtambo pogwiritsa ntchito zomangamanga ndi zotsimikizira Operators omwe akuyenda pa OpenShift. Mulimonsemo, UBI ipereka maziko abwino kwambiri a izi.

Zotengera zimakhala ndi mtundu wopepuka wa malo ogwiritsira ntchito mumtundu watsopano wapaketi. Kutulutsidwa kwa zithunzi za UBI kumakhazikitsa mulingo watsopano wamakampani otukuka, kupangitsa kuti zotengera zamabizinesi zizipezeka kwa aliyense wogwiritsa ntchito, opanga mapulogalamu odziyimira pawokha, komanso madera otseguka. Makamaka, opanga mapulogalamu amatha kuyimitsa malonda awo pogwiritsa ntchito maziko amodzi, otsimikiziridwa pazogwiritsa ntchito zonse zomwe zili m'mitsuko, kuphatikiza Kubernetes Operators. Makampani achitukuko omwe amagwiritsa ntchito UBI alinso ndi mwayi wopeza Red Hat Container Certification ndi Red Hat OpenShift Operator Certification, zomwe zimalolanso kutsimikizika kosalekeza kwa mapulogalamu omwe akuyenda pamapulatifomu a Red Hat monga OpenShift.

Momwe mungayambire kugwira ntchito ndi chithunzi

Mwachidule, ndizosavuta. Podman imapezeka osati pa RHEL, komanso pa Fedora, CentOS ndi magawo ena angapo a Linux. Zomwe muyenera kuchita ndikutsitsa chithunzicho kuchokera kumodzi mwazosungira zotsatirazi ndipo mwakonzeka kupita.

Kwa UBI 8:

podman pull registry.access.redhat.com/ubi8/ubi
podman pull registry.access.redhat.com/ubi8/ubi-minimal
podman pull registry.access.redhat.com/ubi8/ubi-init

Kwa UBI 7:

podman pull registry.access.redhat.com/ubi7/ubi
podman pull registry.access.redhat.com/ubi7/ubi-minimal
podman pull registry.access.redhat.com/ubi7/ubi-init

Chabwino, onani Universal Base Image Guide

• RHEL 8 Momwe Mungachitire
• RHEL 7 Momwe Mungachitire

Source: www.habr.com