SUSE yakaburitsa yechipiri prototype yeALP "Punta Baretti" (Inochinjika Linux Platform), yakamira sekuenderera mberi kwekusimudzira kwekugovera kweSUSE Linux Enterprise. Musiyano wakakosha pakati peALP kupatsanurwa kwekugovera kwepakati muzvikamu zviviri: yakabviswa-pasi "host OS" yekumhanya pamusoro pe Hardware uye dhizaini yekutsigira maapplication, ane chinangwa chekushanda mumidziyo nemichina chaiyo. Magungano akagadzirirwa iyo x86_64 dhizaini. ALP inotanga kugadzirwa uchishandisa yakavhurika yekuvandudza maitiro, mune yepakati kuvaka uye bvunzo mhinduro inowanikwa pachena kune wese munhu.
Iyo ALP dhizaini yakavakirwa pakusimudzira mu "host OS" yenharaunda iyo isinganyanyi kukosha kutsigira uye kubata michina. Inokurudzirwa kumhanyisa maapplication ese uye mushandisi nzvimbo yenzvimbo kwete munzvimbo yakasanganiswa, asi mumidziyo yakaparadzana kana chaiwo michina inomhanya pamusoro pe "host OS" uye yakaparadzaniswa kubva kune mumwe nemumwe. Iri sangano rinobvumira vashandisi kuti vatarise pamashandisirwo uye abstract workflows kure neiyo iri pasi system nharaunda uye hardware.
Iyo SLE Micro chigadzirwa, zvichienderana nekuvandudzwa kweiyo MicroOS purojekiti, inoshandiswa sehwaro hwe "host OS". Kune yepakati manejimendi, magadzirirwo ekugadzirisa masisitimu Munyu (pre-yakaiswa) uye Ansible (optional) inopihwa. Podman uye K3s (Kubernetes) maturusi aripo ekumhanyisa midziyo yakasarudzika. Pakati pezvikamu zvehurongwa zvakaiswa mumidziyo ndeye yast2, podman, k3s, cockpit, GDM (GNOME Display Manager) uye KVM.
Pakati pezvinhu zvemamiriro ekunze, kushandiswa kwedhisiki encryption (FDE, Full Disk Encryption) nekukwanisa kuchengeta makiyi muTPM kunotaurwa. Iyo midzi yekuparadzanisa inoiswa mukuverenga-chete modhi uye haichinji panguva yekushanda. Iyo nharaunda inoshandisa atomu yekuvandudza yekumisikidza michina. Kusiyana neatomu inogadziridza yakavakirwa pane ostree uye snap inoshandiswa muFedora neUbuntu, ALP inoshandisa yakajairwa pasuru maneja uye snapshot mechanism muBtrfs faira system pane kuvaka yakaparadzana mifananidzo yeatomu uye nekuisa imwe dhizaini yekuunza.
Pane inogadziriswa modhi yekumisikidza otomatiki yezvigadziriso (semuenzaniso, unogona kugonesa kuisirwa otomatiki kwezvigamba zvekusagadzikana kwakanyanya kana kudzoka kunosimbisa nemaoko kuisirwa zvigadziriso). Live zvigamba zvinotsigirwa kugadzirisa iyo Linux kernel pasina kutangazve kana kumisa basa. Kuti uchengetedze kuponeswa kwehurongwa (kuzviporesa), iyo yekupedzisira yakagadzikana inonyorwa uchishandisa Btrfs snapshots (kana anomalies akaonekwa mushure mekushandisa zvigadziriso kana kushandura marongero, sisitimu inoendeswa kune yakapfuura nyika).
Ipuratifomu inoshandisa akawanda-version software stack - nekuda kwekushandiswa kwemidziyo, unogona kushandisa panguva imwe chete shanduro dzakasiyana dzematurusi uye maapplication. Semuenzaniso, unogona kumhanyisa maapplication anoshandisa akasiyana vhezheni ePython, Java, uye Node.js sekutsamira, kupatsanura zvisingaenderane zvinoenderana. Base dependencies inopihwa muchimiro cheBCI (Base Container Images) seti. Mushandisi anogona kugadzira, kugadzirisa uye kudzima software stacks pasina kukanganisa dzimwe nharaunda.
Shanduko huru mune yechipiri ALP prototype:
- Iyo D-Installer installer inoshandiswa, iyo inoshandiswa mushandisi inoparadzaniswa kubva kune zvikamu zvemukati zveYaST uye zvinokwanisika kushandisa zvakasiyana-siyana zvemberi, kusanganisira kumberi kwekugadzirisa kuiswa kuburikidza newebhu web interface. Iyo yakakosha interface yekugadzirisa kuisirwa inovakwa uchishandisa webhu matekinoroji uye inosanganisira inobata inopa mukana kune D-Bhasi mafoni kuburikidza neHTTP, uye yewebhu interface pachayo. Iyo web interface yakanyorwa muJavaScript uchishandisa iyo React framework uye PatternFly components. Kuti uve nechokwadi chekuchengetedza, D-Installer inotsigira kuisirwa pane encrypted partitions uye inobvumidza iwe kushandisa TPM (Trusted Platform Module) kudhipfenyura chikamu chebhutsu, uchishandisa makiyi akachengetwa muTPM chip panzvimbo yemapassword.
- Inogonesa kuuraya kwevamwe vatengi veYaST (bootloader, iSCSIClient, Kdump, firewall, nezvimwewo) mumidziyo yakasiyana. Mhando mbiri dzemidziyo dzakaitwa: dzinodzora dzekushanda neYaST mune zvinyorwa, muGUI uye kuburikidza neWebhu interface, uye bvunzo dzekutumira mameseji. A akati wandei mamodule akachinjirwawo kuti ashandiswe mumasisitimu ane transactional updates. Kubatanidzwa neakavhurikaQA, iyo libyui-rest-api raibhurari ine REST API kuita inokurudzirwa.
- Kuitwa kunoitwa mumudziyo weCockpit chikuva, pahwaro hwekuti iyo webhu interface yemugadziri uye mumisi inovakwa.
- Zvinogoneka kushandisa yakazara-dhisiki encryption (FDE, Yakazara Disk Encryption) mukumisikidza pamusoro peyakajairwa michina, uye kwete muvirtulization masisitimu uye makore masisitimu.
- GRUB2 inoshandiswa seyo huru bootloader.
- Yakawedzerwa masisitimu ekutumira midziyo yekuvaka firewall (firewalld-container) uye centralized manejimendi masisitimu nemasumbu (warewulf-container).
Source: opennet.ru