AliyunLinux17.01特性說明

casparant發表於2019-02-22
Linux

中文文件

(來源:文件中心

Aliyun Linux 17.01(Golden Toad)具有如下特性。

  • 整合阿里雲核心組維護的 4.4 系列 Kernel。

    1. 支援 swap 記憶體壓縮可保證顯著減少 I/O;
    2. 支援動態補丁機制 kpatch,升級核心無需重啟系統;
    3. 支援超大記憶體 kdump(至多 3 TB);
    4. 支援 Automatic NUMA;
    5. 使用者態 vsyscall 獲取時間戳效能提升;
    6. 全面支援 Docker 技術棧;
    7. 支援 pv panic,方便協助雲使用者快速定位核心問題;
    8. 重新設計的無鎖 TCP listener,提升 2 ~ 3 個數量級防 SYN 攻擊能力。

  • 高效建立和啟動。

    • 基於虛擬化級優化棧建立例項,有效降低建立虛擬機器所需時間。OS 搭載阿里雲定製啟動服務,提升啟動速率,使建立到可登入時間控制在 30 秒內。
  • 檔案系統:新增支援檔案系統:XFS、Btrfs、AUFS 和 OverlayFS。
  • 全新工具鏈:GCC 4.8.x glibc 2.17 GDB 7.6.1。

  • 安全提升。

    • OpenSSH 支援 chroot shell 登入,限制使用者登入在一個受限的根檔案系統中。
    • OpenSSH 可指定多個驗證條件以加強登入訪問。
  • 相容 CentOS 7.2。

英文文件

(From Document Center)

Aliyun Linux 17.01 (Golden Toad) has the following features.

  • Integrated with Linux kernel 4.4 maintained by the Alibaba Cloud kernel group

    1. Supports swap space compression to guarantee a significant I/O reduction.
    2. Supports kpatch, a hot patching feature. No need to restart the instance to upgrade the kernel.
    3. Supports kdump for virtual machines with large memory (3 TB at the most).
    4. Supports automatic NUMA.
    5. Improves the performance of getting timestamps in user mode using vsyscall page.
    6. Comprehensively supports Docker technology stacks.
    7. Supports paravirtual (PV) panic event interface, facilitating cloud users to quickly locate kernel problems.
    8. Provides the lockless TCP listener that is re-designed with the anti-SYN flooding attack capability elevated by two to three orders of magnitude.

  • Efficient creation and start

    • The instance is created based on the virtualization-level optimized stack to effectively reduce the time required for creating a virtual machine. The OS is equipped with Alibaba Cloud custom boot services to improve the boot rate, so that the time needed from instance creation to logon is 30 seconds or less.

  • File systems

    • The following file systems are newly supported: XFS, Btrfs, AUFS, and OverlayFS.

  • Brand new tool chain

    • GCC 4.8.x glibc 2.17 GDB 7.6.1.

  • Improved security

    • OpenSSH supports logon by using the chroot shell, but the user logon is within a limited root file system.
    • OpenSSH supports specifying multiple verification conditions to enhance logon access.
  • Compatible with CentOS 7.2


相關文章