CBL-Mariner yanzu an sake masa suna Azure Linux a cikin kayan aiki da daidaitawa

DarkcriztAn sabunta

4 minti

azure linux

Azure Linux rarraba Linux ce ta ciki don kayan aikin girgije na Microsoft da samfuran baki da sabis.

Bayan fiye da shekaru 3, CBL-Mariner, rarraba Linux wanda Microsoft ke aiki a kai, ya gabatar da wani muhimmin canji, kuma wannan shine. Microsoft ya yanke shawarar sake suna rarraba CBL-Mariner zuwa Linux Azure.

Kuma yana da daraja tunawa cewa a baya, sunan Azure Linux yana haɗin gwiwa tare da gini na musamman don sabis na Azure Kubernetes (AKS), yayin da babban dandamali don ƙirƙirar rarraba aka sani da CBL-Mariner (Common Base Linux Mariner).

Kwanan nan, Microsoft ya canza ma'ajiyar suna daga CBL-Mariner zuwa Azure Linux, ya canza sunayen abubuwan amfani kuma sun sabunta takaddun Linux na Azure don nuna waɗannan canje-canje. Sakamakon haka, an fitar da sigar farko ta dandalin tare da sabon suna: Azure Linux 2.0.20240301, wanda ya haɗa da gyaran kwaro da lahani da aka tara a cikin sigogin baya.

Manufa babban dalilin wannan canjin shine Haɓaka hanyoyin Microsoft Linux da sauƙaƙe kiyaye tsarin Linux domin daban-daban updated dalilai. Ana amfani da Azure Linux a cikin kayan aikin girgije, tsarin gefe, da sabis na Microsoft daban-daban, kuma ana rarraba ci gaban aikin a ƙarƙashin lasisin MIT.

Ana amfani da Linux Azure azaman tushen don rarraba WSLg, wanda ke ba da kayan haɗin zane-zane don gudanar da aikace-aikacen Linux GUI a cikin mahalli dangane da tsarin WSL2 (Windows Subsystem for Linux). WSLg yana faɗaɗa aikinsa ta haɗa da ƙarin fakiti kamar Weston Composite Server, XWayland, PulseAudio da FreeRDP.

Tsarin ginin Linux na Azure yana ba da damar ƙirƙirar fakitin RPM guda ɗaya dangane da fayilolin SPEC da lambar tushe, haka kuma hotunan tsarin monolithic da aka ƙirƙira tare da rpm-ostree Toolkit, waɗanda aka sabunta su ta atomatik ba tare da raba su cikin fakiti daban-daban ba. Wannan yana ba da damar ƙirar isarwa ta ɗaukakawa guda biyu: sabunta fakitin mutum ɗaya ko sake ginawa da sabunta dukkan hoton tsarin. Akwai ma'aji na kusan fakitin RPM 3000 da aka riga aka tsara don ƙirƙirar hotuna na al'ada dangane da fayilolin sanyi.

Dandalin An ƙirƙira tushen tushen Linux na Azure don bayar da ƙarancin amfani da albarkatu da babban saurin lodi. Yana ɗaukar tsarin "mafi girman tsaro ta tsohuwa" ta aiwatar da ƙarin hanyoyin inganta tsaro:

  • Tace kira tsarin: Yana amfani da tsarin seccomp don tace kiran tsarin.
  • Rufaffen ɓangarori na faifai: An ɓoye ɓangarori na diski don kare bayanai.
  • Tabbatar da fakiti: Ana tabbatar da fakiti ta hanyar sa hannun dijital don tabbatar da gaskiya da amincin.
  • Bazuwar adireshin sarari: Ana amfani da bazuwar sararin adireshi don sa hari ya fi wahala.
  • Kariya daga takamaiman hari: Yana kariya daga hare-haren symlink, mmap, /dev/mem, da /dev/kmem.
  • Yanayin karantawa kawai da haramcin kisa: An kafa yanayin karanta-kawai kuma an hana aiwatar da code a cikin mahimman wuraren ƙwaƙwalwar ajiya.
  • Kashe kayan aikin kwaya: Kuna iya kashe kayan aikin kwaya bayan ƙaddamar da tsarin.
  • Tace fakitin hanyar sadarwa: Ana amfani da Iptables don tace fakitin cibiyar sadarwa da inganta tsaro na cibiyar sadarwa.
  • Kariya daga ambaliya da matsalolin tsara kirtani: Hanyoyin kariya daga cunkoso da yawa, zubar da ruwa, da al'amuran tsara kirtani ana kunna su yayin haɗawa.

Tsarin yana amfani da tsarin don sarrafa ayyuka da farawa, kuma yana ba da masu sarrafa fakitin RPM da DNF don sarrafa kunshin. Ba a kunna uwar garken SSH ta tsohuwa ba. Mai sakawa yana ba da zaɓuɓɓuka a cikin rubutu da yanayin hoto, gami da zaɓin cikakken saitin fakiti na asali, daidaita sassan diski, sunan mai masauki, da ƙirƙirar masu amfani.

Bugu da kari, Microsoft ya gabatar da Azure Sphere 24.03, wani dandali da aka kera don na'urorin IoT dangane da na'urorin sarrafa makamashi masu inganci. Ya haɗa da tsarin tsarin Pluton, wanda ke ba da kayan aiki don ɓoyewa, ma'ajiyar maɓalli na sirri, da hadaddun ayyukan sirri, gami da na'ura mai sarrafawa, injin cryptography, janareta na lambar bazuwar hardware, da keɓantaccen ma'ajiyar maɓalli.

Finalmente idan kuna sha'awar ƙarin sani game da shi, zaka iya duba bayanan A cikin mahaɗin mai zuwa. Yana da kyau a faɗi cewa hotunan ISO masu bootable suna samuwa don x86_64 da gine-gine aarch64, tare da daidaitattun fakiti na asali waɗanda ke aiki azaman tushen duniya don ƙirƙirar kwantena, mahalli da sabis na girgije.


Bar tsokaci

Your email address ba za a buga. Bukata filayen suna alama da *

*

*

  1. Wanda ke da alhakin bayanan: Miguel Ángel Gatón
  2. Manufar bayanan: Sarrafa SPAM, sarrafa sharhi.
  3. Halacci: Yarda da yarda
  4. Sadarwar bayanan: Ba za a sanar da wasu bayanan ga wasu kamfanoni ba sai ta hanyar wajibcin doka.
  5. Ajiye bayanai: Bayanin yanar gizo wanda Occentus Networks (EU) suka dauki nauyi
  6. Hakkoki: A kowane lokaci zaka iyakance, dawo da share bayanan ka.