SUSE yasindikiza chithunzi chachitatu cha ALP "Piz Bernina" (Zosinthika Linux Platform), yomwe ili ngati kupitiliza kwa kugawa kwa SUSE Linux Enterprise. Kusiyana kwakukulu pakati pa ALP ndikugawika kwa maziko oyambira magawo awiri: "OS yolandirira" yovumbulutsidwa yothamangira pamwamba pa zida ndi gawo lothandizira lothandizira lomwe limayang'ana kuthamanga m'mitsuko ndi makina enieni. ALP imapangidwa poyambilira pogwiritsa ntchito njira yotseguka, momwe zomanga zapakatikati ndi zotsatira zoyesa zimapezeka kwa aliyense.
Chitsanzo chachitatu chimaphatikizapo nthambi ziwiri zosiyana, zomwe mu fomu yamakono zili pafupi ndi kudzazidwa, koma m'tsogolomu zidzakula kumadera osiyanasiyana ogwiritsira ntchito ndipo zidzasiyana ndi ntchito zomwe zaperekedwa. Poyesa, nthambi ya Bedrock ilipo, yomwe imayang'ana pakugwiritsa ntchito machitidwe a seva, ndi nthambi ya Micro, yopangidwira kumanga machitidwe amtambo (mtambo-native) ndikuyendetsa ma microservices. Misonkhano yokonzeka imakonzedwa pazithunzi za x86_64 (Bedrock, Micro). Kuphatikiza apo, zolemba zomanga zilipo (Bedrock, Micro) za Aarch64, PPC64le ndi s390x zomanga.
Zomangamanga za ALP zimachokera ku chitukuko cha "host OS" ya chilengedwe, zofunikira zochepa zothandizira ndi kulamulira zida. Mapulogalamu onse ndi magawo a malo ogwiritsira ntchito akulangizidwa kuti asamayendetsedwe m'malo osakanikirana, koma m'mitsuko yosiyana kapena m'makina enieni omwe akuyenda pamwamba pa "host OS" ndikupatulana wina ndi mzake. Bungweli lilola ogwiritsa ntchito kuyang'ana pazogwiritsa ntchito ndi kusuntha kosamveka kuchokera kumadera otsika adongosolo ndi zida.
Chogulitsa cha SLE Micro, chotengera momwe polojekiti ya MicroOS ikuyendera, imagwiritsidwa ntchito ngati maziko a "host OS". Kwa kasamalidwe kapakati, njira zowongolera za mchere (zoyikiratu) ndi Ansible (posankha) zimaperekedwa. Zida za Podman ndi K3s (Kubernetes) zilipo poyendetsa zotengera zakutali. Zida zamakina ophatikizidwa ndi yast2, podman, k3s, cockpit, GDM (GNOME Display Manager), ndi KVM.
Pazinthu zamakina adongosolo, kugwiritsa ntchito kosasintha kwa disk encryption (FDE, Full Disk Encryption) kumatchulidwa ndikutha kusunga makiyi mu TPM. Kugawa kwa mizu kumayikidwa mumayendedwe owerengera-okha ndipo sikusintha pakamagwira ntchito. Chilengedwe chimagwiritsa ntchito makina opangira ma atomiki. Mosiyana ndi zosintha za atomiki zochokera ku ostree ndi chithunzithunzi chomwe chimagwiritsidwa ntchito ku Fedora ndi Ubuntu, ALP imagwiritsa ntchito woyang'anira phukusi lanthawi zonse ndi makina ojambulira pamafayilo a Btrfs m'malo momanga zithunzi zosiyana za atomiki ndikuyika zowonjezera zowonjezera.
Njira yosinthika yokhazikitsira zosintha zokha imaperekedwa (mwachitsanzo, mutha kuyika zosintha zokha pazovuta zazikulu kapena kubwereranso ku chitsimikizo chamanja chokhazikitsa zosintha). Zigamba zamoyo zimathandizidwa kuti zisinthe kernel ya Linux popanda kuyambitsanso kapena kuyimitsa ntchito. Kusunga kupulumuka kwa dongosolo (kudzichiritsa nokha), dziko lokhazikika lomaliza limakhazikitsidwa pogwiritsa ntchito zithunzi za Btrfs (ngati zosokoneza zizindikirika mutagwiritsa ntchito zosintha kapena kusintha makonda, dongosololi limasamutsidwa ku dziko lakale).
Pulatifomuyi imagwiritsa ntchito pulogalamu yamitundu yambiri, yomwe imakupatsani mwayi wogwiritsa ntchito zida ndi mapulogalamu osiyanasiyana nthawi imodzi pogwiritsa ntchito zida. Mwachitsanzo, mutha kuyendetsa mapulogalamu omwe amadalira mitundu yosiyanasiyana ya Python, Java, ndi Node.js polekanitsa zodalira zosagwirizana. Kudalira koyambira kumabwera ngati mawonekedwe a BCI (Base Container Images). Wogwiritsa ntchito amatha kupanga, kusintha ndikuchotsa ma stacks a mapulogalamu popanda kukhudza malo ena.
Kuyika, D-Installer installer imagwiritsidwa ntchito, momwe mawonekedwe ogwiritsira ntchito amasiyanitsidwa ndi zigawo zamkati za YaST ndipo n'zotheka kugwiritsa ntchito kutsogolo kosiyanasiyana, kuphatikizapo kutsogolo kwa kuyang'anira kukhazikitsa kudzera pa intaneti. Imathandizidwa kuyendetsa makasitomala a YaST (bootloader, iSCSIClient, Kdump, firewall, etc.) muzotengera zosiyana.
Zosintha zazikulu mu mtundu wachitatu wa ALP:
- Kupereka malo odalirika (Trusted Execution Environment) pakompyuta yachinsinsi, kukulolani kuti muthe kukonza deta mosamala pogwiritsa ntchito makina odzipatula, kubisala ndi makina enieni.
- Kugwiritsa ntchito maumboni a hardware ndi nthawi yothamanga kuti atsimikizire kukhulupirika kwa ntchito zomwe zikuyenda.
- Maziko othandizira makina achinsinsi (CVM, Confidential Virtual Machine).
- Phatikizani chithandizo cha nsanja ya NeuVector kuti muwone chitetezo chazotengera, kudziwa kukhalapo kwa zigawo zomwe zili pachiwopsezo ndikuwona zochitika zoyipa.
- Thandizo la zomangamanga za s390x kuwonjezera pa x86_64 ndi aarch64.
- Kutha kuloleza kubisa kwathunthu kwa disk (FDE, Full Disk Encryption) pamalo oyika ndi makiyi osungira mu TPMv2 ndipo popanda kufunikira kolowetsa mawu achinsinsi pa boot yoyamba. Thandizo lofanana la kubisa kwa magawo okhazikika ndi magawo a LVM (Logical Volume Manager).
Source: opennet.ru