ProHoster > Blog > Utongi > Vaka, Goverana, Batirana

Vaka, Goverana, Batirana

Containers ishanduro yakareruka yenzvimbo yevashandisi yeLinux inoshanda sisitimu - kutaura zvazviri, ihwo hushoma hushoma. Nekudaro, ichiri yakazara-yakazara sisitimu yekushandisa, uye saka mhando yemudziyo uyu pachayo yakakosha senge yakazara-yakazara inoshanda sisitimu. Ndosaka takapa kwenguva yakareba Red Hat Enterprise Linux (RHEL) mifananidzo, kuitira kuti vashandisi vagone kuve nemidziyo yakasimbiswa, yemazuva ano, uye yemazuva ano. Launch mifananidzo yemudziyo (mapikicha emifananidzo) RHEL pamudziyo anotambira RHEL inopa kuenderana uye kutakurika pakati penzvimbo, tisingataure chokwadi chekuti aya atove maturusi anozivikanwa. Zvisinei, paiva nedambudziko rimwe chete. Iwe haugone kungopa chifananidzo ichocho kune mumwe munhu, kunyangwe anga ari mutengi kana mudiwa anoshandisa Red Hat Enterprise Linux.

Vaka, Goverana, Batirana

Asi iye zvino zvinhu zvose zvachinja

Nekuburitswa kweRed Hat Universal Base Image (UBI), iwe unogona ikozvino kuwana kuvimbika, kuchengetedzeka, uye kuita kwawaunotarisira kubva kune zviri pamutemo Red Hat mudziyo mifananidzo, ungave uine kunyoreswa kana kwete. Izvi zvinoreva kuti iwe unogona kuvaka application ine midziyo paUBI, woiisa mune registry yemidziyo yesarudzo yako, uye woigovera nenyika. Red Hat Universal Base Image inoita kuti iwe uvake, ugovane, uye ubatane pane ine mudziyo application mune chero nharaunda- kwaunoda.

Vaka, Goverana, Batirana

NeUBI, unogona kuburitsa nekumhanyisa maapplication ako pane chero zvivakwa. Asi kana ukaamhanyisa paRed Hat mapuratifomu akadai seRed Hat OpenShift uye Red Hat Enterprise Linux, unogona kuwana mamwe mabhenefiti (imwe goridhe!). Uye tisati taenda kune tsananguro yakadzama yeUBI, regai ndipe pfupi FAQ yekuti sei RHEL Kunyoreswa kuchidiwa. Saka, chii chinoitika kana uchimhanyisa mufananidzo weUBI paRHEL/OpenShift chikuva?

Vaka, Goverana, Batirana

Uye zvino zvatiri kufara nekushambadzira, ngatitaure zvakadzama nezve UBI

Zvikonzero zvekushandisa UBI

Iwe unofanirwa kunzwa sei kuziva kuti UBI ichakubatsira iwe:

  • Zvangu vatambi kuda kushandisa mifananidzo yemidziyo inogona kugoverwa uye kumhanya mune chero nharaunda
  • Chikwata changu Kushanda inoda inotsigirwa base image ine bhizinesi-giredhi lifecycle
  • Zvangu Architects kuda kupa Kubernetes Operator kune vatengi vangu / vashandisi vekupedzisira
  • Zvangu vatengi havadi kuridza ndangariro dzavo nerutsigiro rwemabhizinesi-chikamu chenzvimbo yavo yese yeRed Hat
  • Wangu munharaunda inoda kugovera, kumhanyisa, kushambadza zvikumbiro zvemukati chaiko kwese kwese

Kana chimwe chezviitiko chichikukodzera, saka unofanira kunyatsotarisa UBI.

Zvinopfuura mufananidzo chaiwo

UBI idiki pane yakazara-yakazara OS, asi UBI ine zvinhu zvitatu zvakakosha:

  1. Seti yemifananidzo mitatu yepasi (ubi, ubi-shoma, ubi-init)
  2. Mifananidzo ine yakagadzirira-yakagadzirwa nguva yekumhanya nharaunda yeakasiyana programming mitauro (nodejs, ruby, python, php, perl, nezvimwewo)
  3. Seti yemapakeji ane hukama muYUM repository ine zvinonyanya kutsamira

Vaka, Goverana, Batirana

UBI yakagadzirwa sehwaro hwegore rekuzvarwa uye webhu maapplication akagadzirwa uye akaunzwa mumidziyo. Zvese zvirimo muUBI chikamu cheRHEL. Ese mapakeji muUBI anounzwa kuburikidza neRHEL chiteshi uye anotsigirwa akafanana neRHEL kana achimhanya paRed Hat anotsigirwa mapuratifomu akadai seOpenShift uye RHEL.

Vaka, Goverana, Batirana

Kuve nerutsigiro rwemhando yepamusoro rwemidziyo inoda kushanda nesimba kubva kune mainjiniya, nyanzvi dzekuchengetedza uye zvimwe zviwanikwa. Izvi zvinoda kwete kungoyedza mifananidzo yekutanga, asiwo kuongorora maitiro avo pane chero anotsigirwa anotambira.

Kubatsira kurerutsa mutoro wekuvandudza, Red Hat iri kusimudzira uye kutsigira kuitira kuti UBI 7 ikwanise kumhanya paRHEL 8 mauto, semuenzaniso, uye UBI 8 inogona kumhanya paRHEL 7. Izvi zvinopa vashandisi kuchinjika, kuvimba, uye runyararo rwe. pfungwa dzavanoda panguva yekuita. , semuenzaniso, zvigadziriso zvepuratifomu mumifananidzo yemidziyo kana mauto anoshandiswa. Iye zvino zvese izvi zvinogona kukamurwa kuita mapurojekiti maviri akazvimirira.

Mifananidzo mitatu yakakosha

Vaka, Goverana, Batirana

Zvidiki - zvakagadzirirwa maapplication ane zvese zvinotsamira (Python, Node.js, .NET, nezvimwewo)

  • Minimumu seti yezvakafanoiswa
  • Hapana suid executables
  • Minimal package maneja maturusi (kumisikidza, kugadzirisa uye kubvisa)

Platform - kune chero zvikumbiro zvinomhanya paRHEL

  • OpenSSL Yakabatana Cryptographic Stack
  • Yakazara YUM stack
  • Zvishandiso zvakakosha zveOS zvinosanganisirwa (tar, gzip, vi, nezvimwewo)

Multi-Service - inoita kuti zvive nyore kumhanya akawanda masevhisi mumudziyo mumwe

  • Yakagadzirirwa kuti iite systemd pane yekutanga
  • Kugona kugonesa masevhisi padanho rekuvaka

Container mifananidzo ine yakagadzirira-yakagadzirwa programming mutauro runtime nharaunda

Pamusoro pemifananidzo yepasi inokubvumira kuti uise tsigiro yemutauro weprogramming, maUBI anosanganisira mifananidzo yakafanovakwa ine yakagadzirira-yakagadzirwa nharaunda yenguva yekuverengera mitauro yepurogiramu. Vazhinji vanogadzira vanogona kungobata mufananidzo uye kutanga kushanda pachishandiswa chavari kugadzira.

Nekuparurwa kweUBI, Red Hat iri kupa seti mbiri dzemifananidzo - zvichibva paRHEL 7 uye zvichibva paRHEL 8. Dzakanga dzichibva paRed Hat Software Collections (RHEL 7) uye Application Streams (RHEL 8), zvichiteerana. Idzi nguva dzekumhanya dzinochengetwa dziripo uye dzinogashira kusvika mana zvigadziriso pagore seyakajairwa, saka unenge uchigara uchimhanyisa yazvino uye yakagadzikana shanduro.

Heino rondedzero yeUBI 7 mudziyo mifananidzo:

Vaka, Goverana, Batirana

Heino rondedzero yemifananidzo yemidziyo yeUBI 8:

Vaka, Goverana, Batirana

Associated packages

Kushandisa yakagadzirira-yakagadzirwa mifananidzo iri nyore chaizvo. Red Hat inovachengeta kusvika parizvino uye inovagadziridza nekuburitswa kweshanduro nyowani yeRHEL, uyezve kana zvakakosha CVE zvigadziriso zvave kuwanikwa zvinoenderana nehurongwa hwekuvandudza. RHEL mufananidzo mutemo kuitira kuti iwe utore imwe yemifananidzo iyi uye wobva watanga kushanda pachishandiswa.

Vaka, Goverana, Batirana

Asi dzimwe nguva, kana uchigadzira application, unogona kungoerekana wada imwe pasuru yekuwedzera. Kana, dzimwe nguva, kuti application ishande, unofanirwa kugadzirisa imwe kana imwe package. Ndosaka mifananidzo yeUBI ichiuya neseti yeRPMs inowanikwa kuburikidza neyum, uye inogovaniswa uchishandisa inokurumidza uye inowanikwa zvakanyanya kuburitsa zvemukati network (iwe une package!). Paunenge uchimhanyisa yum update paCI/CD yako panguva iyoyo yakaoma yekuburitsa, unogona kuve nechokwadi kuti ichashanda.

RHEL ndiyo nheyo

Hatineti kudzokorora kuti RHEL ndiyo hwaro hwezvese. Unoziva here kuti ndezvipi zvikwata paRed Hat zvinoshanda kugadzira mifananidzo yekutanga? Somuenzaniso izvi:

  • Chikwata cheinjiniya chine basa rekuona kuti maraibhurari akakosha senge glibc neOpenSSL, pamwe nenguva dzekumhanya dzemutauro sePython neRuby, dzinopa kuita kwakafanana uye kuita basa rakavimbika kana richishandiswa mumidziyo.
  • Chikwata chekuchengetedza chigadzirwa chine basa rekugadzirisa zvikanganiso uye nyaya dzekuchengetedza mumaraibhurari nenzvimbo dzemitauro, kushanda kwebasa ravo kunoongororwa uchishandisa yakakosha index. Container Health Index giredhi.
  • Chikwata chemamaneja echigadzirwa uye mainjiniya akazvipira kuwedzera zvinhu zvitsva uye kuve nechokwadi chehupenyu hurefu hwechigadzirwa, zvichikupa chivimbo mukudyara kwako kuvaka.

Red Hat Enterprise Linux inogadzira yakanakisa muenzi uye mufananidzo wemidziyo, asi vazhinji vanogadzira vanokoshesa kugona kushanda nehurongwa mune akasiyana mafomati, mamwe acho angave ari kunze kweanotsigirwa ekushandisa eLinux system. Apa ndipo apo mifananidzo yepasi rose yeUBI inouya kuzonunura.

Ngatitii izvozvi, panguva ino, urikungotsvaga mufananidzo wekutanga kuti utange kushanda pane yakapfava midziyo yekushandisa. Kana kuti watove pedyo neramangwana uye uchifamba kubva mumidziyo yakamira inomhanya painjini yemidziyo kuenda kune gore-yekuzvarwa nhoroondo uchishandisa kuvaka uye certifying Operators vanomhanya paOpenShift. Chero zvazvingava, UBI ichapa hwaro hwakanakisa hweizvi.

Vaka, Goverana, Batirana

Midziyo inosanganisira yakareruka vhezheni yenzvimbo yevashandisi yekushandisa mune imwe nyowani yekurongedza fomati. Kuburitswa kwemifananidzo yeUBI kunoseta chiyero chitsva cheindasitiri chekusimudzira midziyo, zvichiita kuti mabhizinesi-kirasi midziyo iwanikwe kune chero mushandisi, yakazvimirira vanogadzira software, uye yakavhurika sosi nharaunda. Kunyanya, vanogadzira software vanogona kumisa zvigadzirwa zvavo vachishandisa imwe chete, yakasimbiswa hwaro hwezvese mashandisirwo emidziyo, kusanganisira Kubernetes Operators. Makambani ekusimudzira anoshandisa UBI anewo mukana weRed Hat Container Certification uye Red Hat OpenShift Operator Certification, iyo inobvumira kuenderera mberi kwekuongorora kwesoftware inoshanda paRed Hat mapuratifomu akadai seOpenShift.

Vaka, Goverana, Batirana

Ungatanga sei kushanda nemufananidzo

Muchidimbu, zviri nyore kwazvo. Podman inowanikwa kwete chete paRHEL, asiwo paFedora, CentOS uye mamwe akati wandei Linux kugovera. Zvese zvaunofanirwa kuita kudhawunirodha mufananidzo kubva kune anotevera repositories uye wagadzirira kuenda.

YeUBI 8: 

podman pull registry.access.redhat.com/ubi8/ubi
podman pull registry.access.redhat.com/ubi8/ubi-minimal
podman pull registry.access.redhat.com/ubi8/ubi-init

YeUBI 7: 

podman pull registry.access.redhat.com/ubi7/ubi
podman pull registry.access.redhat.com/ubi7/ubi-minimal
podman pull registry.access.redhat.com/ubi7/ubi-init

Zvakanaka, tarisa iyo yakazara Universal Base Image Guide

Source: www.habr.com

Voeg