Mushure memakore maviri ebudiriro, kuburitswa kweKata Containers 3.0 purojekiti yakaburitswa, ichigadzira stack yekuronga kuurayiwa kwemidziyo uchishandisa yekuzviparadzanisa nevamwe zvichibva pane yakazara-yakazara virtualization maitiro. Iyo purojekiti yakagadzirwa neIntel neHyper nekubatanidza Clear Containers uye runV matekinoroji. Iyo kodhi yeprojekiti yakanyorwa muGo and Rust, uye yakagoverwa pasi peiyo Apache 2.0 rezinesi. Kuvandudzwa kwechirongwa ichi kunotariswa neboka rinoshanda rakagadzirwa pasi pesangano rakazvimirira reOpenStack Foundation, iro rinosanganisira makambani akaita seCanonical, China Mobile, Dell/EMC, EasyStack, Google, Huawei, NetApp, Red Hat, SUSE neZTE. .
Pamwoyo weKata ndiyo nguva yekumhanya, iyo inopa kugona kugadzira compact chaiyo michina inomhanya ichishandisa yakazara hypervisor, pachinzvimbo chekushandisa echinyakare midziyo inoshandisa yakajairwa Linux kernel uye yakasarudzika uchishandisa mazita nzvimbo nemapoka. Iko kushandiswa kwemashini chaiwo kunotendera iwe kuti uwane yakakwira nhanho yekuchengetedza iyo inodzivirira kubva kurwiswa kunokonzerwa nekushandiswa kwekusagadzikana muLinux kernel.
Kata Containers yakatarisana nekubatanidzwa mune iripo yekuzviparadzanisa yemidziyo zvivakwa nekugona kushandisa akafanana chaiwo muchina kusimudzira kuchengetedzwa kwemidziyo yechinyakare. Iyo purojekiti inopa maitiro ekuona kuenderana kweakareruka chaiwo muchina ane akasiyana ega ega masisitimu, midziyo orchestration mapuratifomu uye zvakatemwa zvakaita seOCI (Open Container Initiative), CRI (Container Runtime Interface) uye CNI (Container Networking Interface). Zvishandiso zviripo zvekubatanidza neDocker, Kubernetes, QEMU uye OpenStack.
Kubatanidzwa nemasisitimu ekutarisira midziyo kunowanikwa uchishandisa dhizaini inoteedzera manejimendi emidziyo, iyo inowana manejimendi ekutonga mumushini chaiwo kuburikidza negRPC interface uye yakakosha proxy. Mukati memamiriro ekunze, ayo anotangwa neiyo hypervisor, yakanyatso optimized Linux kernel inoshandiswa, ine chete yakaderera seti yekugona kunodiwa.
Se hypervisor, inotsigira kushandiswa kweDragonball Sandbox (iyo edition yeKVM yakagadziridzwa midziyo) ine QEMU toolkit, pamwe neFirecracker uye Cloud Hypervisor. Iyo sisitimu nharaunda inosanganisira yekutanga daemon uye mumiririri. Iyo mumiririri inopa kuurayiwa kwemushandisi-yakatsanangurwa mudziyo mifananidzo muOCI fomati yeDocker uye CRI yeKubernetes. Kana ichishandiswa pamwe chete neDocker, muchina wakasiyana chaiwo unogadzirwa kune yega yega mudziyo, i.e. Iyo nharaunda inomhanya pamusoro peiyo hypervisor inoshandiswa kune nested kuvhurwa kwemidziyo.
Kuderedza kushandiswa kwekuyeuka, iyo DAX nzira inoshandiswa (yakananga kupinda kune faira system, kudarika peji cache pasina kushandisa block device level), uye kudhindisa nzvimbo dzakafanana dzekuyeuka, teknolojia yeKSM (Kernel Samepage Merging) inoshandiswa, iyo inokubvumira. kuronga kugovaniswa kweanotambira system zviwanikwa uye kubatana kune akasiyana masisitimu evaenzi kugovera yakajairika system nharaunda template.
Mushanduro itsva:
- Imwe nguva yekumhanya (runtime-rs) inokurudzirwa, inoumba kuzadzwa kwemidziyo, yakanyorwa nemutauro weRust (nguva yekumhanya yakambopihwa yakanyorwa nemutauro weGo). Runtime inoenderana neOCI, CRI-O uye Containerd, ichibvumira kuti ishandiswe neDocker uye Kubernetes.
- Iyo nyowani dragonball hypervisor yakavakirwa paKVM uye ngura-vmm yakatsanangurwa.
- Yakawedzerwa rutsigiro rwekuendesa mberi kupinda kuGPU uchishandisa VFIO.
- Yakawedzera rutsigiro rwecgroup v2.
- Tsigiro yekushandura marongero pasina kushandura iyo huru yekumisikidza faira yaitwa nekutsiva zvidhinha mumafaira akasiyana ari mu "config.d/" dhairekitori.
- Rust zvikamu zvinosanganisira raibhurari nyowani yekushanda zvakachengeteka nemafaira nzira.
- Iyo virtiofsd chikamu (yakanyorwa muC) yakatsiviwa nevirtiofsd-rs (yakanyorwa muRust).
- Yakawedzerwa rutsigiro rwesandboxing QEMU zvikamu.
- QEMU inoshandisa iyo io_uring API yeasynchronous I/O.
- Tsigiro yeIntel TDX (Trusted Domain Extensions) yekuwedzera yakaitirwa QEMU uye Cloud-hypervisor.
- Zvikamu zvakagadziridzwa: QEMU 6.2.0, Cloud-hypervisor 26.0, Firecracker 1.1.0, Linux kernel 5.19.2.
Source: opennet.ru