The First Prototype of Adaptable Linux Platform is Live
Adaptable Linux Platform Prototype
The first prototype of The Adaptable Linux Platform (ALP), the next generation of Linux, is already live! The introduction of the Adaptable Linux Platform to the SUSE communities started an endeavor to build and design a new application-centric, secure and flexible platform. You can read more about this here.
The idea behind ALP is to allow users to focus on their workloads while abstracting from the hardware and the application layer. With the usage of virtual machines and container technologies, the Adaptable Linux Platform allows workloads to be independent of the code stream.
The first prototype of the ALP is named “Les Droites.”
Major topics on Les Droites
The first prototype comes with the following features:
- Software: Salt pre-installed and Ansible available in repositories, allowing users to configure and/or manage ALP systems in a flexible and agile manner.
- Hardware support: The architecture baseline for ALP is set to x86_64-v2. Previous consideration of x86_64-v3 was declined after the initial feedback round. We are considering support of x86_64-v3 and possibly v4 through the hwcaps functionality.
- Full Disk Encryption
Les Droites comes with the first approach of Full Disk Encryption (FDE). Although it may not be the definitive solution, we want to show the current status, and, of course, we want to hear from the community. FDE encrypts hardware at the hard drive, which encrypts and decrypts as they are accessed; finding and implementing the best solution for an architecture for ALP is critical for the project.
- To make testing and exploring easier during the early bird release, the first prototypes are more relaxed regarding SELinux. SELinux is incorporated into future versions.
- Podman and K3s can be used as the container runtime.
- Containerized Workloads
Although some workloads are still in the work-in-progress phase and follow ALP design principles, some components come already containerized, such as GDM or Yast2, and others will follow, like Cockpit.
In ALP, these new containerized services are known as WORKLOADS.
There are several improvements the Engineering Work Groups have been working into the YaST containerization, such as getting better cockpit metrics, insight about installation on transactional ALP and YaST design in ALP or security policies.
Look at these two Development Reports:
- Available for x86_64 architecture.
The Adaptable Linux Platform intends to require the least amount of intervention possible. This uses some self-management capabilities, allowing it to recognize stable snapshots and roll them back if some unexpected behavior is found after a patch. This ensures it keeps compliance by applying patches according to the workloads and the usage of the system itself.
This prototype comes with a first approach of the Self-Management features and Zero Touch, it will be fully implemented in the next releases.
Adaptable Linux Platform should be easy to set up due to its Zero-Touch environment, deployment and configuration. ALP takes advantage of self-healing, self-tuning, and self-updating while making these key features self-explanatory; changes trigger a mechanism to show the implications of the change itself so that no external references are needed.
The Adaptable Linux Platform implements a zero-touch approach. The system should deploy, configure and operate the system without intervention, allowing ALP to run workloads on edge devices.
It will also help implement the Operating System as a Service(OSaaS).
ALP ensures the systems keep themselves compliant with the latest security standards and the required patching level. This is accomplished by the combination of Live Patching and High Availability features.
Users then configure the patching timing and granularity of the configuration. The self-management features will take care of ensuring the system keeps in compliance with required security standards.
These self-management features will be configurable and with the following level of granularity:
- Security and regular updates
- Security updates
- Critical security updates
- Download only and manual installation
- No auto-updates
These policies can be configured to be installed by the best fit schedule for the users and the components using ALP.
Self-Management means the system can identify the system’s last stable state and react to unexpected behaviors or error events to roll back the previous changes applied. This ensures the system works as expected throughout all the patching and changes happening at OS or applications.
The ALP uses self-healing features to detect unexpected behavior and return to the last known stable state.
Self-Healing capabilities are not a new component of the Operating System. SUSE provides health checkers with MicroOS, which can be leveraged with custom-developed plugins as specified here.
We are very excited about the first prototype of the Adaptable Linux Platform, with all features being implemented in this new approach for Next-Generation Linux, such as isolating workloads, making good use of the modern CPU features and streamlining hardware performance.
With an application-centric approach, container and virtualization technologies, users are confident that non-intrusive updates or behavior are interfering with the regular operation at the same time. You can decide when to patch the system and how deep you want to go into the granularity, from security and regular updates to download-only and manual installation.
(Thanks Mackenzie Berube)
Adaptable Linux Platform “Les Droites” is available here
Check out the Adaptable Linux Platform documentation at the SUSE Documentation