Recently, NestOS, a cloud-based operating system released on the Cloud Native SIG of the Huawei EulerOS open source community. This new cloud base operating system provides the best container host and safe features to run containerization tasks on a large scale.
Nest os is based on EulerOS provides enhanced security, compatibility, and easy-to-use features along with high Reliability. It meets the increasing requirements of Linux OS in enterprise applications and provides a suitable choice of open IT platform for users.
EulerOS integrates the advanced Linux technologies, delivers more value to enterprise users in terms of high capability, stability, usability, and expansibility. It helps you reallocate resources from maintaining the increasing challenges in the management of ongoing tasks in real-time.
Nest stands for “nest”. As a “nest” that can accommodate podman (mole), iSulad (ant), and Docker (container), NestOS is an operating system that can carry basic platforms such as iSulad, docker, and podman.
EulerOS powered NestOS integrates the configuration tool ignition with rpm-ostree, OCI support, SElinux enhancement, and other technologies. It adopts design ideas based on dual-system partitions, container technology, and cluster architecture. It can adapt to a variety of different infrastructure environments and is close to OKD. The integration is optimized for running Kubernetes, so that the system has a very convenient cluster formation capability.
NestOS applicable scenarios:
With the power of EulerOS , NestOS supports large-scale cluster deployment. The data synchronization and transmission volume of distributed applications will increase as the number of nodes increases. NestOS can give full play to the features of automatic upgrade and cluster management. At the same time, a key basis for judging whether the cluster is suitable for NestOS is whether the service can be containerized.
Stateless service architecture
All services in the system are required to process a single request without relying on other requests. That is, all the information needed to process a request is either included in the request or can be obtained from the outside, and the server itself does not store any information.
Microservice architecture is a development form oriented to a stateless service architecture, which advocates a more loosely coupled SOA approach. This deployment structure is very consistent with the characteristics of NestOS, such as lightweight, fast speed, and distributed data. Making good use of NestOS’s cluster operation and maintenance capabilities can save a lot of operation and maintenance costs of migrating to the microservice architecture.
Equipped with mainstream container infrastructure platforms such as iSulad, docker, podman, etc., it overcomes the unreliable upgrade process due to users modifying system content, user service dependence on system components, and service interruption when the system restarts. , A customized operating system is presented.
Ignition is a configuration utility that has nothing to do with distribution. It is used to install the system and read the configuration file (JSON format) to initialize NestOS. The configurable components include storage and file systems, system units and users, etc.
NestOS-installer is a program to help install NestOS, it can install the operating system to the target disk, and it can be customized with the ignition and first boot kernel parameters. At the same time, you can list the NestOS images available for download and download and verify the operating system images of various cloud platforms, virtualization, or bare metal platforms.
Rpm-ostree can be regarded as a combination of rpm and ostree. On the one hand, it provides an rpm-based software package installation and management method, and on the other hand, it provides an ostree-based operating system update and upgrades.
Each update to the system is like rpm-ostree submitting a “Transaction” to ensure that all updates are successful or all fail, and allow the system to be rolled back to the state before the update after the system is updated.
Zincati is the agent of NestOS automatic update. It acts as a client of Cincinnati and rpm-ostree and is responsible for the automatic update/restart of the machine. It supports automatic update agents, user-defined configuration files, and multiple update strategies, with configurable priority log records.
Dual system partition
The two partitions of NestOS are set to active mode and passive mode respectively and perform their own duties during system operation. The active partition is responsible for system operation, and the passive partition is responsible for system upgrades. Once the new version of the operating system is released, a complete system file will be downloaded to the passive partition and booted from the new version partition when the system is restarted next time.
The original passive partition will be switched to the active partition, and the previous active partition will be Switched to a passive partition, and the roles played by the two partitions will be reversed. At the same time, the system partition is set to a read-only state during system operation, ensuring the security of NestOS.