Canonical Company kusunungurwa kwezvishandiso zvekuronga basa remidziyo iri yoga , maneja wemidziyo uye virtual FS yekufananidza mu / proc, / sys midziyo uye inomiririra cgroupfs inomiririra yekugovera pasina tsigiro ye cgroup namespaces. Bazi 4.0 inorongedzerwa seyekureba kwerutsigiro kuburitswa, zvigadziriso zvinogadzirwa mukati memakore mashanu.
LXC inguva yekumhanyisa yekumhanyisa ese ari maviri system midziyo uye OCI midziyo. LXC inosanganisira liblxc raibhurari, seti yezvishandiso (lxc-gadzira, lxc-kutanga, lxc-stop, lxc-ls, nezvimwewo), matemplate emidziyo yekuvakisa uye seti yezvisungo zvemitauro yakasiyana-siyana yekuronga. Kuzviparadzanisa kunoitwa uchishandisa yakajairwa Linux kernel maitiro. Kuparadzanisa maitiro, iyo ipc network stack, uts, maID ID uye mapoinzi ekumisikidza, iyo nzvimbo yemazita nzira inoshandiswa. cgroups inoshandiswa kuderedza zviwanikwa. Kudzikisa ropafadzo uye kudzikisira kuwana, kernel maficha akadai seApparmor uye SELinux profiles, Seccomp marongero, Chroots (pivot_root) uye kugona zvinoshandiswa. Kodhi LXC mumutauro weC uye yakagoverwa pasi perezinesi reGPLv2.
LXD ndeye yekuwedzera kuLXC, CRIU neQEMU iyo inoshandiswa kubata nechepakati midziyo nemichina chaiyo pane imwe kana kupfuura sevha. Kana LXC iri yakaderera-chikamu cheturusi chekushandisa padanho remidziyo yega, saka LXD inoshandiswa senzira yekumashure inogashira zvikumbiro pamusoro penetiweki kuburikidza neREST API uye inobvumidza iwe kugadzira scalable zvigadziriso zvakaiswa pane sumbu remaseva akati wandei.
Yakasiyana-siyana yekuchengetedza backends inotsigirwa (dhairekitori muti, ZFS, Btrfs, LVM), snapshots ine chidimbu chenyika, mhenyu kutama kwemidziyo inomhanya kubva kune mumwe muchina kuenda kune mumwe, uye maturusi ekuronga ekuchengetedza mufananidzo. Kodhi LXD muGo uye yakagovaniswa pasi peiyo Apache 2.0 rezinesi.
Key muLXC 4.0:
- Mutyairi akanyorwa zvachose kushanda necgroup. Yakawedzerwa tsigiro kune yakabatana cgroup hierarchy (cgroup2). Yakawedzera freezer controller functionality, iyo iwe yaunogona kumisa basa muboka uye kusunungura kwechinguva zvimwe zviwanikwa (CPU, I/O, uye zvingangoita ndangariro) kuita mamwe mabasa;
- Inoshandiswa zvivakwa zvekubata nharembozha;
- Yakawedzerwa tsigiro ye "pidfd" kernel subsystem, yakagadzirirwa kubata mamiriro ekushandisa zvakare PID (pidfd inosanganiswa neimwe nzira uye haichinji, nepo PID inogona kubatanidzwa neimwe nzira mushure mekuita kwazvino kwakabatana neiyo PID kuguma) ;
- Kugadziridzwa kusikwa uye kudzima kwetiweki zvishandiso, pamwe nekufamba kwavo pakati pe network subsystem namespaces;
- Iko kugona kufambisa isina waya network zvishandiso (nl80211) mumidziyo yakaitwa.
Key muLXD 4.0:
- Yakawedzerwa rutsigiro rwekutanga kwete midziyo chete, asiwo chaiwo michina;
- Kugovera maseva eLXD, pfungwa yeprojekiti yakatsanangurwa inorerutsa manejimendi emapoka emidziyo nemichina chaiyo. Imwe neimwe purojekiti inogona kusanganisira yayo seti yemidziyo, chaiwo michina, mifananidzo, maprofile uye zvikamu zvekuchengetera. Nezvemapurojekiti, unogona kuseta yako wega zvirambidzo uye shandura marongero;
- Yakawedzerwa tsigiro ye intercepting system inodaidzira midziyo;
- Kuitwa kwekugadzirwa kwemakopi ekuchengetedza enzvimbo uye kudzoreredza kubva kwavari;
- Kusikwa otomatiki kwemifananidzo yenzvimbo uye zvikamu zvekuchengetedza zvinopihwa nekugona kuseta hupenyu hweiyo snapshot;
- Yakawedzerwa API yekutarisa network mamiriro (lxc network info);
- Yakawedzerwa rutsigiro , chaiyo FS yemepu yekumisikidza mapoinzi kunzvimbo dzemazita emushandisi;
- Marudzi matsva emadhizaini etiweki "ipvlan" uye "routed" akakurudzirwa;
- Yakawedzerwa backend yekushandisa CephFS-based storage;
- Tsigiro yekudzokororwa kwechifananidzo uye akawanda-ezvivakwa zvigadziriso zvakaitirwa masumbu;
- Yakawedzerwa basa-based access control (RBAC);
- Yakawedzera rutsigiro rweCGroup2;
- Yakawedzera kugona kugadzirisa iyo MAC kero uye kuona kwainobva kero yeNAT;
- Yakawedzerwa API yekutarisira DHCP bindings (lease);
- Yakawedzera rutsigiro rweNftables.
Source: opennet.ru