Ukukhishwa kwephrojekthi ye-Kata Containers 3.2 kushicilelwe, kwakhiwa inqwaba yokuhlela ukukhishwa kweziqukathi kusetshenziswa ukuhlukaniswa okusekelwe ezindleleni ezigcwele ze-virtualization. Iphrojekthi yasungulwa ngabakwa-Intel kanye ne-Hyper ngokuhlanganisa Ama-Clear Containers kanye nobuchwepheshe be-runV. Ikhodi yephrojekthi ibhalwe ku-Go and Rust, futhi isatshalaliswa ngaphansi kwelayisensi ye-Apache 2.0. Ukuthuthukiswa kwalo msebenzi kwenganyelwe ithimba elisebenzayo elakhiwe ngaphansi kwenhlangano ezimele i-OpenStack Foundation, ehlanganisa izinkampani ezifana neCanonical, China Mobile, Dell/EMC, EasyStack, Google, Huawei, NetApp, Red Hat, SUSE kanye neZTE. .
I-Kata isekelwe esikhathini sokusebenza esivumela ukudalwa kwemishini ebonakalayo emincane esebenza ku-hypervisor ephelele, esikhundleni sokusebenzisa izitsha zendabuko ezisebenzisa i-kernel evamile. Linux futhi kuhlukaniswe kusetshenziswa izikhala zamagama kanye namaqembu e-c. imishini ebonakalayo ivumela izinga eliphezulu lokuphepha elivikela ekuhlaselweni okubangelwa ukuxhaphaza ubuthakathaka ku-kernel Linux.
I-Kata Containers igxile ekuhlanganisweni kuzingqalasizinda ezikhona zokuhlukanisa iziqukathi ezinekhono lokusebenzisa imishini efanayo ebonakalayo ukuthuthukisa ukuvikelwa kweziqukathi zendabuko. Le phrojekthi ihlinzeka ngezindlela zokuqinisekisa ukuhambisana kwemishini engasindi enezingqalasizinda ezahlukahlukene zokuhlukanisa iziqukathi, amapulatifomu e-orchestration ye-container kanye nokucaciswa okufana ne-OCI (Open Container Initiative), i-CRI (I-Container Runtime Interface) kanye ne-CNI (I-Container Networking Interface). Amathuluzi ayatholakala ukuze ahlanganiswe ne-Docker, Kubernetes, QEMU kanye ne-OpenStack.
Ukuhlanganiswa nezinhlelo zokuphatha izitsha kufezwa kusetshenziswa ungqimba lokuphatha izitsha oluxhumana ne-ejenti yokuphatha emshinini obonakalayo nge-interface ye-gRPC kanye ne-proxy ezinikele. I-kernel elungiselelwe ngokukhethekile isetshenziswa ngaphakathi kwendawo ebonakalayo, eqaliswa yi-hypervisor. Linux, equkethe kuphela isethi encane yezici ezidingekayo.
I-hypervisor esekelwayo yi-Dragonball Sandbox (uhlelo lwe-KVM olulungiselelwe isitsha) olune-QEMU, kanye ne-Firecracker kanye ne-Cloud Hypervisor. Indawo yesistimu ifaka i-init daemon kanye ne-ejenti. I-ejenti ivumela ukwenziwa kwezithombe zesitsha ezichazwe ngumsebenzisi ngefomethi ye-OCI yefomethi ye-Docker kanye ne-CRI yama-Kubernetes. Uma isetshenziswa kanye ne-Docker, kwenziwa isibonelo esihlukile sesitsha ngasinye. umshini obonakalayo, okungukuthi indawo egijima phezu kwe-hypervisor isetshenziselwa ukwethulwa kweziqukathi ezifakwe esidlekeni.
Ukuze kuncishiswe ukusetshenziswa kwememori, kusetshenziswa indlela ye-DAX (ukufinyelela okuqondile ohlelweni lwefayela, ukweqa inqolobane yekhasi ngaphandle kokusebenzisa izinga ledivayisi yokuvimba), kanye nokuphindaphinda izindawo ezifanayo zenkumbulo, kusetshenziswa ubuchwepheshe be-KSM (Kernel Samepage Merging), obuvumela ukuthi ukuhlela ukwabelana kwezinsiza zesistimu yokusingatha futhi uxhume kumasistimu wezihambeli ahlukene wabelane ngesifanekiso sendawo yesistimu evamile.
Enguqulweni entsha:
- Ngaphezu kokusekelwa kwezakhiwo ze-AMD64 (x86_64), ukukhishwa kunikezwa i-ARM64 (Aarch64) kanye ne-s390 (IBM Z) yezakhiwo. Usekelo lwezakhiwo ze-ppc64le (IBM Power) lusathuthukiswa.
- Ukuze uhlele ukufinyelela ezithombeni zesiqukathi, kusetshenziswa isistimu yefayela ye-Nydus 2.2.0, esebenzisa amakheli wokuqukethwe ukuze kusebenze kahle nezithombe ezijwayelekile. I-Nydus isekela ukulayishwa kwezithombe lapho undiza (ukulandwa kuphela uma kudingeka), inikeza ukuphindaphinda kwedatha eyimpinda, futhi ingasebenzisa izingemuva ezihlukene ukuze ugcine isitoreji sangempela. Ukuhambisana kwe-POSIX kunikezwa (okufana ne-Composefs, ukuqaliswa kwe-Nydus kuhlanganisa amandla e-OverlayFS ne-EROFS noma i-FUSE module).
- Umphathi womshini obonakalayo we-Dragonball uhlanganiswe nesakhiwo esiyinhloko sephrojekthi ye-Kata Containers, manje ezothuthukiswa endaweni yokugcina abantu abaningi.
- Umsebenzi wokulungisa iphutha ungeziwe kunsizakalo ye-kata-ctl ukuze kuxhunywe emshinini obonakalayo ovela endaweni yokusingatha.
- Amandla okuphatha e-GPU anwetshiwe futhi usekelo lwengeziwe lokudlulisela phambili ama-GPU ezitsheni ukuze kwenziwe ikhompuyutha eyimfihlo (Isitsha Esiyimfihlo), esihlinzeka ngokubethela kwedatha, inkumbulo nesimo sokukhishwa ukuze kuvikelwe uma kwenzeka kuba sengozini yendawo yokusingatha noma i-hypervisor.
- Isistimu engaphansi yokuphatha amadivayisi asetshenziswa ezitsheni noma endaweni ye-sandbox yengezwe ku-Runtime-rs. Isekela ukusebenza nge-vfio, block, inethiwekhi nezinye izinhlobo zamadivayisi.
- Ukuhambisana ne-OCI Runtime 1.0.2 kanye ne-Kubernetes 1.23.1 kunikezwa.
- Njengomongo Linux Kunconywa ukusebenzisa ukukhululwa 6.1.38 ngama-patches.
- Ukuthuthukiswa kudlulisiwe kusuka ekusebenziseni isistimu yokuhlanganisa eqhubekayo ye-Jenkins kuya ku-GitHub Actions.
Source: opennet.ru
