openSUSE MicroOS
Micro Service OS providing Transactional (Atomic) Updates upon a read-only btrfs root filesystem
Designed to host container workloads with automated administration & patching. Installing openSUSE MicroOS you get a quick, small environment for deploying Containers, or any other workload that benefits from Transactional Updates. As rolling release distribution the software is always up-to-date.
MicroOS offers an offline image. The main difference between the offline and self-install/raw images are that the offline image has an installer. Raw and self-install allows for customization via combustion or manually in the image after it is written to the disk. There is an option for a real-time kernel.
Try MicroOS in VMs running on either Xen or KVM. Using a Raspberry Pi or other System on Chip hardware may use the preconfigured image together with the Combustion functionality for the boot process. Both preconfigured and self-installed images are intended to be used with Combustion written to a USB, which is driven to allow configuration on any first boot, with the option for default password protected changes.
DownloadPhilosophy
Is predictable
- Is not altered during runtime
- Will run the same artifacts consistently on every boot
Is scalable
- Eliminates efforts in configuring individual instances during runtime
- Can be rolled out easily repeatedly with predictable outcome
Is reliable
- Automated recovery from faulty updates
Atomic Updates
Transactional Updates
Unique
By using btrfs with snapshots MicroOS uses a very space
efficient way to store the file system’s history. All the configuration
files in /etc
are part of the snapshot and the rollback.
Flexible
- No new package format is needed, use standard openSUSE RPMs
- No size limitation, neither for partitions nor the operating system
- Easy to enhance
Rollback
MicroOS is an Immutable OS, rollback is simple
- Immutable: No changes on disk
- Rollback by rebooting to an old BTRFS snapshot
Secure Updates
- Get your updates via HTTPS
- Packages and repositories are signed by our build system
- Packages are verified
- No updates are done in case of dependency conflicts
- No waste of space: Filesystem snapshots get deleted in case of unsuccessful updates
Workloads
Applications are installed in containers rather than the root filesystem:
- Isolated from the core filesystem
- Reduced ability for malicious applications to compromise the system
- New installation without reboot
- Update in atomic way possible (create new, kill old)
- Easy rollback
Debugging
Debugging Toolbox Container
- Launches privileged container
- Root filesystem available below
/media/root
- zypper to install the necessary tools, available without reboot
- Persistent between usages
建議系統需求
Minimum
- 2 GB 記億體: 1GB physical RAM + additional memory for your workload
- Storage:
- / (root) partition: 5GB available disk space
- /var partition: 5GB available disk space
Recommended
- 2 GB 記億體: 2GB physical RAM + additional memory for your workload
- Storage:
- / (root) partition: 20GB available disk space
- /var partition: 40GB available disk space
使用前請驗證你的下載
有很多程式可以驗證下載文件的 checksum。驗證你的下載是很重要,因為可以確保你的下載沒有任何錯誤。你可以在下載的過程中驗證文件。例如當你選擇以上的 Metalink 及使用火狐瀏覽器 (Firefox) 的插件 DownThemAll!,checksum (SHA256) 會被自動使用。
對於每一個光碟映像,我們提供了一個 checksum 文件來進行 SHA256 對應。
你可以用 GPG 驗證 .sha256 文件來加強保安
它應該是 AD48 5664 E901 B867 051A B15F 35A2 F86E 29B7 00A4
如果需要協助驗證你的下載,請參閱 Checksum 幫助