Open Source Technology Center MeetUps, profile picture
Uploaded byOpen Source Technology Center MeetUps
PPTX, PDF3,269 views

Clear Linux OS - Architecture Overview

The document provides an overview of Clear Linux OS, emphasizing its architecture, performance optimizations, and stateless design. It highlights features such as a rolling release distribution, developer-focused bundles, and an opt-in telemetry solution for monitoring software performance. Additionally, it discusses the updating process and customization options for users and teams, ensuring security and efficiency in system updates.

Embed presentation

Downloaded 25 times
Clear Linux* OS Architecture Overview Patrick McCarty - Software Engineer *Other names and brands may be claimed as the property of others
© 2018 Intel Corporation. Intel, the Intel logo, Intel Inside, the Intel Inside logo, Intel Experience What’s Inside, The Intel Experience What’s Inside logo, and Xeon are trademarks of Intel Corporation in the U.S. and/or other countries. *Other names and brands may be claimed as the property of others. Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Learn more at intel.com, or from the OEM or retailer. Intel processors of the same SKU may vary in frequency or power as a result of natural variability in the production process. For more complete information about performance and benchmark results, visit www.intel.com/benchmarks. The cost reduction scenarios described are intended to enable you to get a better understanding of how the purchase of a given Intel based product, combined with a number of situation-specific variables, might affect future costs and savings. Circumstances will vary and there may be unaccounted-for costs related to the use and deployment of a given product. Nothing in this document should be interpreted as either a promise of or contract for a given level of costs or cost reduction. Intel does not control or audit third-party benchmark data or the web sites referenced in this document. You should visit the referenced web site and confirm whether referenced data are accurate. Optimization Notice: Intel's compilers may or may not optimize to the same degree for non-Intel microprocessors for optimizations that are not unique to Intel microprocessors. These optimizations include SSE2, SSE3, and SSSE3 instruction sets and other optimizations. Intel does not guarantee the availability, functionality, or effectiveness of any optimization on microprocessors not manufactured by Intel. Microprocessor- dependent optimizations in this product are intended for use with Intel microprocessors. Certain optimizations not specific to Intel microarchitecture are reserved for Intel microprocessors. Please refer to the applicable product User and Reference Guides for more information regarding the specific instruction sets covered by this notice. Notice Revision #20110804. No computer system can be absolutely secure. Intel® Advanced Vector Extensions (Intel® AVX)* provides higher throughput to certain processor operations. Due to varying processor power characteristics, utilizing AVX instructions may cause a) some parts to operate at less than the rated frequency and b) some parts with Intel® Turbo Boost Technology 2.0 to not achieve any or maximum turbo frequencies. Performance varies depending on hardware, software, and system configuration and you can learn more at http://www.intel.com/go/turbo. Available on select Intel® processors. Requires an Intel® HT Technology-enabled system. Your performance varies depending on the specific hardware and software you use. Learn more by visiting http://www.intel.com/info/hyperthreading. § Configurations: The testing was done on Based on fourth-generation Intel Xeon E5-2699 v4 @2.20 GHz processor with 22 cores, 55 MB LLC and 62 GB memory 16 1G hugepages. The testing was conducted in OPNFV Pharos testbed on Pod 12 by VSPERF community engineers Intel, the Intel logo are trademarks of Intel Corporation or its subsidiaries in the U.S. and/or other countries. *Other names and brands may be claimed as the property of others. © Intel Corporation Legal Disclaimer
Agenda ● Clear Linux* OS Overview ● Performance optimizations ● Use-case focused bundles ● Stateless OS design ● Telemetry ● Updates *Other names and brands may be claimed as the property of others
Clear Linux* OS Overview ● Optimized for IA ● Rolling release distribution ● Average of 9 releases per week ● Developer-focused *Other names and brands may be claimed as the property of others
Performance Optimizations ● Optimize the entire stack ● Compiler flags ○ Westmere baseline ○ Haswell tuned ● Optimized libraries selected at runtime based on available CPU features ● Performance patches to packages ● Example optimized package: https://github.com/clearlinux- pkgs/opencv/blob/master/opencv.spec Program using OpenCV* AVX2-enabled CPU dynamic linker libopencv_*.so (base) libopencv_*.so (avx2) *Other names and brands may be claimed as the property of others
Use-Case Focused Bundles ● Bundles provide use-case driven functionality to end user ● Dependencies resolved at build time on server, not at install or runtime ● Similar to package groups in other distros ● Vertically vs horizontally integrated os-core os-core-update network-basic webserver openssl python-basic application-server kvm-host ansible iproute2 virt-manager scm-server cloud-control *Other names and brands may be claimed as the property of others
TRADITIONAL OS User Data System Configuration Operating System CLEAR LINUX* OS User Data System Configuration Operating System Stateless ● OS provides functional and secure default configuration in /usr ● Defaults can be overridden or modified in /etc and the home directory ● Wiping /etc and /var performs a "factory reset", restoring OS default configs *Other names and brands may be claimed as the property of others
Stateless – example ● Default telemetrics.conf from operating system in /usr record_expiry=1200 spool_max_size=5120 spool_process_time=900 rate_limit_enabled=true record_burst_limit=1000 record_window_length=15
Stateless – example ● Default telemetrics.conf from operating system in /usr ● Custom configuration in /etc record_expiry=1200 spool_max_size=5120 spool_process_time=900 rate_limit_enabled=true record_burst_limit=1000 record_window_length=15 record_expiry=1200 spool_max_size=5120 spool_process_time=900 rate_limit_enabled=false record_burst_limit=1000 record_window_length=15
Stateless – example ● Default telemetrics.conf from operating system in /usr ● Custom configuration in /etc record_expiry=1200 spool_max_size=5120 spool_process_time=900 rate_limit_enabled=true record_burst_limit=1000 record_window_length=15 record_expiry=1200 spool_max_size=5120 spool_process_time=900 rate_limit_enabled=false record_burst_limit=1000 record_window_length=15
Telemetry ● Opt-in telemetry solution ● Lightweight client service ● Client-side probes send records to help debug software anomalies. ● Probes avoid collecting personally identifiable information and records comply with Privacy Policy*. ● Records are analyzed and displayed in a developer-oriented format on the telemetry server. * https://www.intel.com/content/www/us/en/privacy/intel-privacy-notice.html
Probe Probe Probe … telemprobd libtelemetry telempostd Server Telemetry – Client architecture
Updating ● All installed bundles are updated at once ○ Entire system update (one OS version) ○ QA is done on the entire OS release at once ● Proportional updates ● Auto-update on by default
Update content created by mixer tool Upstream Sources Bundle definitions Bundle A data Bundle B data Bundle C data Full chroot Update Creator Update Creator Update Artifacts Swupd clients... swupd clients... Mixing
Mixing – Update artifacts Manifests MANIFEST 24 # OS tooling/content format version: 21260 # OS Version this manifest describes previous: 21220 # Previous change to this manifest at this OS version filecount: 13624 # Number of files in the manifest timestamp: 1520706949 # Epoch of creation contentsize: 811403622 # Size, in bytes, of this bundle (not accounting for included bundles) includes: os-core # Bundle included by this bundle F... 0437fc1556fdfe08ee8cfa492094e5c11a86b7b793213767d4f5697d9b437b36 21080 /usr/bin/c_hash F... 4fdebd92c2ad33ad063c8de973b4eafa35d800ff70abe75644172ae6d0b81436 21080 /usr/bin/corelist < 13622 more entries > Manifest of Manifests (MoM) M... 39be958b03625d0507222996f167de279bc2edaec9a1ff45a86f3cdfac83ca6a 21080 desktop-autostart M... 3ac656e9bdb43871f5345cf71c866a67a58d3ce0a2a085efb8e703be4dd3d753 21080 desktop-locales M... 1dbd2354eb2cbf47a871a4d70fc5cee0dc0e6df2c940b03ab6d5ac2edbad594d 21080 dhcp-server
Manifest.MoM signed, verification cascades through SHA256 hashes hashes verifiedhashes verified Manifest.MoM Manifest.MoM.sig Manifest.os-core Manifest.go-basic Manifest.shells Manifest.editors Manifest.desktop ... /usr /usr/bin/bash /usr/bin/cat /usr/bin/chmod /usr/bin/rm ... /usr/bin/chown /usr/bin/chroot Mixing – Security
Mixing – Update artifacts ● Packs ○ Delta-packs (from version x to y, content difference between versions) Binary deltas ○ Zero-packs (from version 0, complete content of bundle) ● Full files (for fallback) ○ Compressed full files available for download if pack download/extraction fails
NON-ATOMIC ms-s durationATOMIC Download + verify MoM Download + extract packs Apply delta files and stage Verify pack contents with manifests Rename staged to final Update Artifacts Updating – Client Operation
Clear Linux bundles and content Mixer Update Artifacts swupd clients... User bundles and content Creating Custom Mixes Useful for teams that want to provide their own content on top of Clear Linux* OS content for development, testing, etc. *Other names and brands may be claimed as the property of others
mixin Useful for individual users that want to add their own content User adds package Mixer Local Artifacts Upstream Artifacts Merge swupd client Side-loading Custom Content
Clear Linux* OS ● Rolling release security updates ● Stateless OS design ● Performance focused ● Use-case optimized bundles ● Fast, secure, and reliable updates *Other names and brands may be claimed as the property of others
Contact details Patrick McCarty pmccarty on #clearlinux (freenode) More resources: Project site: clearlinux.org Forum: community.clearlinux.org Git repos: github.com/clearlinux github.com/clearlinux-pkgs

More Related Content

PPT
Cc unit 1 ppt
byDr VISU P
 
PDF
Lecture5 virtualization
byhktripathy
 
PPTX
Clear Linux OS - Introduction
byOpen Source Technology Center MeetUps
 
PPT
Samba server configuration
byRohit Phulsunge
 
PPTX
Wireless network security
byShahid Beheshti University
 
PPTX
what is LINUX ? presentation.
bysaad_khan1122
 
PPTX
Firewall and its configuration
byMuhammad Baqar Kazmi
 
PDF
Introduction to Software Defined Networking (SDN)
byBangladesh Network Operators Group
 
Cc unit 1 ppt
byDr VISU P
 
Lecture5 virtualization
byhktripathy
 
Clear Linux OS - Introduction
byOpen Source Technology Center MeetUps
 
Samba server configuration
byRohit Phulsunge
 
Wireless network security
byShahid Beheshti University
 
what is LINUX ? presentation.
bysaad_khan1122
 
Firewall and its configuration
byMuhammad Baqar Kazmi
 
Introduction to Software Defined Networking (SDN)
byBangladesh Network Operators Group
 

What's hot

PDF
Privacy Enhanced Mail (PEM)
byPalash Mehar
 
PPT
Wireless security presentation
byMuhammad Zia
 
PPT
VMware Presentation
byEmirates Computers
 
PPTX
Virtual Private Network
byRajendra Dangwal
 
PPTX
Server Virtualization
bySiddharth Bhatt
 
PDF
Network firewall function & benefits
byAnthony Daniel
 
PPTX
Networking infrastructure
byKerry Cole
 
PPTX
39 ethernet
byjaimin
 
PPTX
LAMP TECHNOLOGY BY SAIKIRAN PANJALA
bySaikiran Panjala
 
PPT
Proxy Server
byguest095022
 
PPTX
Proxy Presentation
byprimeteacher32
 
PPT
Chord Algorithm
bySijia Lyu
 
PPTX
11. operating-systems-part-1
byMuhammad Ahad
 
PPTX
Virtualization- Cloud Computing
byNIKHILKUMAR SHARDOOR
 
PPTX
Virtualization 101
byGaurav Marwaha
 
PPTX
Linux.ppt
byonu9
 
PDF
SDN Fundamentals - short presentation
byAzhar Khuwaja
 
PPTX
peer to peer and client server model
byBharath Nair
 
PPTX
Introduction To Mobile Computing
byMadhuri Badgujar
 
PPTX
Mobile computing
byTapesh Chalisgaonkar
 
Privacy Enhanced Mail (PEM)
byPalash Mehar
 
Wireless security presentation
byMuhammad Zia
 
VMware Presentation
byEmirates Computers
 
Virtual Private Network
byRajendra Dangwal
 
Server Virtualization
bySiddharth Bhatt
 
Network firewall function & benefits
byAnthony Daniel
 
Networking infrastructure
byKerry Cole
 
39 ethernet
byjaimin
 
LAMP TECHNOLOGY BY SAIKIRAN PANJALA
bySaikiran Panjala
 
Proxy Server
byguest095022
 
Proxy Presentation
byprimeteacher32
 
Chord Algorithm
bySijia Lyu
 
11. operating-systems-part-1
byMuhammad Ahad
 
Virtualization- Cloud Computing
byNIKHILKUMAR SHARDOOR
 
Virtualization 101
byGaurav Marwaha
 
Linux.ppt
byonu9
 
SDN Fundamentals - short presentation
byAzhar Khuwaja
 
peer to peer and client server model
byBharath Nair
 
Introduction To Mobile Computing
byMadhuri Badgujar
 
Mobile computing
byTapesh Chalisgaonkar
 

Similar to Clear Linux OS - Architecture Overview

PPTX
Clear Linux Overview and Engagement
byOpen Source Technology Center MeetUps
 
PDF
Best Practices and Performance Studies for High-Performance Computing Clusters
byIntel® Software
 
PDF
Deep Dive on Amazon EC2 Instances (March 2017)
byJulien SIMON
 
PDF
Platform Observability and Infrastructure Closed Loops
byOpen Source Technology Center MeetUps
 
PDF
Intel® Open Image Denoise in Unity*
byIntel® Software
 
PDF
Hetergeneous Compute with Standards Based OFI/MPI/OpenMP Programming
byIntel® Software
 
PDF
Lynn Comp - Intel Big Data & Cloud Summit 2013 (2)
byIntelAPAC
 
PPTX
Unveiling the Early Universe with Intel Xeon Processors and Intel Xeon Phi at...
byIntel IT Center
 
PDF
A Reimplementation of NetBSD Based on a Microkernel by Andrew S. Tanenbaum
byeurobsdcon
 
PDF
Operating Systems 1 (5/12) - Architectures (Unix)
byPeter Tröger
 
PDF
301132
byHiroshi Ono
 
PDF
DUG'20: 01 - Welcome & DAOS Update
byAndrey Kudryavtsev
 
PDF
Download full ebook of Intel Debugger Command Reference Coll instant download...
bysaffaarmenqe
 
PDF
8 intel network builders overview
byvideos
 
PDF
Introduction to container networking in K8s - SDN/NFV London meetup
byHaidee McMahon
 
PDF
What's New in RHEL 6 for Linux on System z?
byIBM India Smarter Computing
 
PDF
Overview of Intel® Omni-Path Architecture
byIntel® Software
 
PDF
Omni path-fabric-software-architecture-overview
byDESMOND YUEN
 
PPTX
Introduction to Operating system and graduate
byRamaSubramanian79
 
PDF
Real-Time Game Optimization with Intel® GPA
byIntel® Software
 
Clear Linux Overview and Engagement
byOpen Source Technology Center MeetUps
 
Best Practices and Performance Studies for High-Performance Computing Clusters
byIntel® Software
 
Deep Dive on Amazon EC2 Instances (March 2017)
byJulien SIMON
 
Platform Observability and Infrastructure Closed Loops
byOpen Source Technology Center MeetUps
 
Intel® Open Image Denoise in Unity*
byIntel® Software
 
Hetergeneous Compute with Standards Based OFI/MPI/OpenMP Programming
byIntel® Software
 
Lynn Comp - Intel Big Data & Cloud Summit 2013 (2)
byIntelAPAC
 
Unveiling the Early Universe with Intel Xeon Processors and Intel Xeon Phi at...
byIntel IT Center
 
A Reimplementation of NetBSD Based on a Microkernel by Andrew S. Tanenbaum
byeurobsdcon
 
Operating Systems 1 (5/12) - Architectures (Unix)
byPeter Tröger
 
301132
byHiroshi Ono
 
DUG'20: 01 - Welcome & DAOS Update
byAndrey Kudryavtsev
 
Download full ebook of Intel Debugger Command Reference Coll instant download...
bysaffaarmenqe
 
8 intel network builders overview
byvideos
 
Introduction to container networking in K8s - SDN/NFV London meetup
byHaidee McMahon
 
What's New in RHEL 6 for Linux on System z?
byIBM India Smarter Computing
 
Overview of Intel® Omni-Path Architecture
byIntel® Software
 
Omni path-fabric-software-architecture-overview
byDESMOND YUEN
 
Introduction to Operating system and graduate
byRamaSubramanian79
 
Real-Time Game Optimization with Intel® GPA
byIntel® Software
 

Recently uploaded

PDF
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
PDF
DIGITAL FORENSICS - Notes for Everything.pdf
bypankajkumavatbeit
 
PDF
Unlocking the Power of Salesforce Architecture: Frameworks for Effective Solu...
byvarsha30tiwari
 
PPTX
The Future of IT Service Management AI Automation & Beyond.pptx
byChetu
 
PDF
API206-S: Transforming Supply Chains with Amazon Bedrock AgentCore - AWS re:I...
byChris Bingham
 
PDF
Digit Expo 2025 - EICC Edinburgh 27th November
byRay Bugg
 
PDF
Decoding the DNA: The Digital Networks Act, the Open Internet, and IP interco...
byCSUC - Consorci de Serveis Universitaris de Catalunya
 
PDF
Security Technologys: Access Control, Firewall, VPN
byShielaLasala
 
PDF
TrustArc Webinar - Assessing AI Risk with Confidence
byTrustArc
 
DOCX
Introduction to the World of Computers (Hardware & Software)
byALIABBAS ABASOV
 
PDF
The Ultimate Guide to Problem Management Dashboards for IT Teams.pdf
byomnex systems
 
PDF
Accelerating Responsible AI Adoption in Public Sector and Private Organizations.
byYasir Naveed Riaz
 
PDF
December Patch Tuesday
byIvanti
 
PDF
Usage Control for Process Discovery through a Trusted Execution Environment
byValerioGoretti
 
PDF
Guided Substation Engineering with CoMPAS: Simplifying IEC 61850
byDanBrown980551
 
PDF
Agentic Automation for Testers – A Hands-On Deep Dive
byUiPathCommunity
 
PDF
Top Cybersecurity Threats 2025 Guide by Sureshdas
byPrintersassist
 
PPTX
Ritesh_kumar_Aatmanirbhar Bharat: Make in India, Make for the World.pptx
byriteshrkgs2008
 
PDF
The year in review - MarvelClient in 2025
bypanagenda
 
PPTX
THIS IS CYBER SECURITY NOTES USED IN CLASS ON VARIOUS TOPICS USED IN CYBERSEC...
byMelissaGblinwon
 
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
DIGITAL FORENSICS - Notes for Everything.pdf
bypankajkumavatbeit
 
Unlocking the Power of Salesforce Architecture: Frameworks for Effective Solu...
byvarsha30tiwari
 
The Future of IT Service Management AI Automation & Beyond.pptx
byChetu
 
API206-S: Transforming Supply Chains with Amazon Bedrock AgentCore - AWS re:I...
byChris Bingham
 
Digit Expo 2025 - EICC Edinburgh 27th November
byRay Bugg
 
Decoding the DNA: The Digital Networks Act, the Open Internet, and IP interco...
byCSUC - Consorci de Serveis Universitaris de Catalunya
 
Security Technologys: Access Control, Firewall, VPN
byShielaLasala
 
TrustArc Webinar - Assessing AI Risk with Confidence
byTrustArc
 
Introduction to the World of Computers (Hardware & Software)
byALIABBAS ABASOV
 
The Ultimate Guide to Problem Management Dashboards for IT Teams.pdf
byomnex systems
 
Accelerating Responsible AI Adoption in Public Sector and Private Organizations.
byYasir Naveed Riaz
 
December Patch Tuesday
byIvanti
 
Usage Control for Process Discovery through a Trusted Execution Environment
byValerioGoretti
 
Guided Substation Engineering with CoMPAS: Simplifying IEC 61850
byDanBrown980551
 
Agentic Automation for Testers – A Hands-On Deep Dive
byUiPathCommunity
 
Top Cybersecurity Threats 2025 Guide by Sureshdas
byPrintersassist
 
Ritesh_kumar_Aatmanirbhar Bharat: Make in India, Make for the World.pptx
byriteshrkgs2008
 
The year in review - MarvelClient in 2025
bypanagenda
 
THIS IS CYBER SECURITY NOTES USED IN CLASS ON VARIOUS TOPICS USED IN CYBERSEC...
byMelissaGblinwon
 

Clear Linux OS - Architecture Overview

  • 1.
    Clear Linux* OS ArchitectureOverview Patrick McCarty - Software Engineer *Other names and brands may be claimed as the property of others
  • 2.
    © 2018 IntelCorporation. Intel, the Intel logo, Intel Inside, the Intel Inside logo, Intel Experience What’s Inside, The Intel Experience What’s Inside logo, and Xeon are trademarks of Intel Corporation in the U.S. and/or other countries. *Other names and brands may be claimed as the property of others. Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Learn more at intel.com, or from the OEM or retailer. Intel processors of the same SKU may vary in frequency or power as a result of natural variability in the production process. For more complete information about performance and benchmark results, visit www.intel.com/benchmarks. The cost reduction scenarios described are intended to enable you to get a better understanding of how the purchase of a given Intel based product, combined with a number of situation-specific variables, might affect future costs and savings. Circumstances will vary and there may be unaccounted-for costs related to the use and deployment of a given product. Nothing in this document should be interpreted as either a promise of or contract for a given level of costs or cost reduction. Intel does not control or audit third-party benchmark data or the web sites referenced in this document. You should visit the referenced web site and confirm whether referenced data are accurate. Optimization Notice: Intel's compilers may or may not optimize to the same degree for non-Intel microprocessors for optimizations that are not unique to Intel microprocessors. These optimizations include SSE2, SSE3, and SSSE3 instruction sets and other optimizations. Intel does not guarantee the availability, functionality, or effectiveness of any optimization on microprocessors not manufactured by Intel. Microprocessor- dependent optimizations in this product are intended for use with Intel microprocessors. Certain optimizations not specific to Intel microarchitecture are reserved for Intel microprocessors. Please refer to the applicable product User and Reference Guides for more information regarding the specific instruction sets covered by this notice. Notice Revision #20110804. No computer system can be absolutely secure. Intel® Advanced Vector Extensions (Intel® AVX)* provides higher throughput to certain processor operations. Due to varying processor power characteristics, utilizing AVX instructions may cause a) some parts to operate at less than the rated frequency and b) some parts with Intel® Turbo Boost Technology 2.0 to not achieve any or maximum turbo frequencies. Performance varies depending on hardware, software, and system configuration and you can learn more at http://www.intel.com/go/turbo. Available on select Intel® processors. Requires an Intel® HT Technology-enabled system. Your performance varies depending on the specific hardware and software you use. Learn more by visiting http://www.intel.com/info/hyperthreading. § Configurations: The testing was done on Based on fourth-generation Intel Xeon E5-2699 v4 @2.20 GHz processor with 22 cores, 55 MB LLC and 62 GB memory 16 1G hugepages. The testing was conducted in OPNFV Pharos testbed on Pod 12 by VSPERF community engineers Intel, the Intel logo are trademarks of Intel Corporation or its subsidiaries in the U.S. and/or other countries. *Other names and brands may be claimed as the property of others. © Intel Corporation Legal Disclaimer
  • 3.
    Agenda ● Clear Linux*OS Overview ● Performance optimizations ● Use-case focused bundles ● Stateless OS design ● Telemetry ● Updates *Other names and brands may be claimed as the property of others
  • 4.
    Clear Linux* OSOverview ● Optimized for IA ● Rolling release distribution ● Average of 9 releases per week ● Developer-focused *Other names and brands may be claimed as the property of others
  • 5.
    Performance Optimizations ● Optimizethe entire stack ● Compiler flags ○ Westmere baseline ○ Haswell tuned ● Optimized libraries selected at runtime based on available CPU features ● Performance patches to packages ● Example optimized package: https://github.com/clearlinux- pkgs/opencv/blob/master/opencv.spec Program using OpenCV* AVX2-enabled CPU dynamic linker libopencv_*.so (base) libopencv_*.so (avx2) *Other names and brands may be claimed as the property of others
  • 6.
    Use-Case Focused Bundles ●Bundles provide use-case driven functionality to end user ● Dependencies resolved at build time on server, not at install or runtime ● Similar to package groups in other distros ● Vertically vs horizontally integrated os-core os-core-update network-basic webserver openssl python-basic application-server kvm-host ansible iproute2 virt-manager scm-server cloud-control *Other names and brands may be claimed as the property of others
  • 7.
    TRADITIONAL OS User Data SystemConfiguration Operating System CLEAR LINUX* OS User Data System Configuration Operating System Stateless ● OS provides functional and secure default configuration in /usr ● Defaults can be overridden or modified in /etc and the home directory ● Wiping /etc and /var performs a "factory reset", restoring OS default configs *Other names and brands may be claimed as the property of others
  • 8.
    Stateless – example ●Default telemetrics.conf from operating system in /usr record_expiry=1200 spool_max_size=5120 spool_process_time=900 rate_limit_enabled=true record_burst_limit=1000 record_window_length=15
  • 9.
    Stateless – example ●Default telemetrics.conf from operating system in /usr ● Custom configuration in /etc record_expiry=1200 spool_max_size=5120 spool_process_time=900 rate_limit_enabled=true record_burst_limit=1000 record_window_length=15 record_expiry=1200 spool_max_size=5120 spool_process_time=900 rate_limit_enabled=false record_burst_limit=1000 record_window_length=15
  • 10.
    Stateless – example ●Default telemetrics.conf from operating system in /usr ● Custom configuration in /etc record_expiry=1200 spool_max_size=5120 spool_process_time=900 rate_limit_enabled=true record_burst_limit=1000 record_window_length=15 record_expiry=1200 spool_max_size=5120 spool_process_time=900 rate_limit_enabled=false record_burst_limit=1000 record_window_length=15
  • 11.
    Telemetry ● Opt-in telemetrysolution ● Lightweight client service ● Client-side probes send records to help debug software anomalies. ● Probes avoid collecting personally identifiable information and records comply with Privacy Policy*. ● Records are analyzed and displayed in a developer-oriented format on the telemetry server. * https://www.intel.com/content/www/us/en/privacy/intel-privacy-notice.html
  • 12.
  • 13.
    Updating ● All installedbundles are updated at once ○ Entire system update (one OS version) ○ QA is done on the entire OS release at once ● Proportional updates ● Auto-update on by default
  • 14.
    Update content createdby mixer tool Upstream Sources Bundle definitions Bundle A data Bundle B data Bundle C data Full chroot Update Creator Update Creator Update Artifacts Swupd clients... swupd clients... Mixing
  • 15.
    Mixing – Updateartifacts Manifests MANIFEST 24 # OS tooling/content format version: 21260 # OS Version this manifest describes previous: 21220 # Previous change to this manifest at this OS version filecount: 13624 # Number of files in the manifest timestamp: 1520706949 # Epoch of creation contentsize: 811403622 # Size, in bytes, of this bundle (not accounting for included bundles) includes: os-core # Bundle included by this bundle F... 0437fc1556fdfe08ee8cfa492094e5c11a86b7b793213767d4f5697d9b437b36 21080 /usr/bin/c_hash F... 4fdebd92c2ad33ad063c8de973b4eafa35d800ff70abe75644172ae6d0b81436 21080 /usr/bin/corelist < 13622 more entries > Manifest of Manifests (MoM) M... 39be958b03625d0507222996f167de279bc2edaec9a1ff45a86f3cdfac83ca6a 21080 desktop-autostart M... 3ac656e9bdb43871f5345cf71c866a67a58d3ce0a2a085efb8e703be4dd3d753 21080 desktop-locales M... 1dbd2354eb2cbf47a871a4d70fc5cee0dc0e6df2c940b03ab6d5ac2edbad594d 21080 dhcp-server
  • 16.
    Manifest.MoM signed, verificationcascades through SHA256 hashes hashes verifiedhashes verified Manifest.MoM Manifest.MoM.sig Manifest.os-core Manifest.go-basic Manifest.shells Manifest.editors Manifest.desktop ... /usr /usr/bin/bash /usr/bin/cat /usr/bin/chmod /usr/bin/rm ... /usr/bin/chown /usr/bin/chroot Mixing – Security
  • 17.
    Mixing – Updateartifacts ● Packs ○ Delta-packs (from version x to y, content difference between versions) Binary deltas ○ Zero-packs (from version 0, complete content of bundle) ● Full files (for fallback) ○ Compressed full files available for download if pack download/extraction fails
  • 18.
    NON-ATOMIC ms-s durationATOMIC Download + verifyMoM Download + extract packs Apply delta files and stage Verify pack contents with manifests Rename staged to final Update Artifacts Updating – Client Operation
  • 19.
    Clear Linux bundles and content MixerUpdate Artifacts swupd clients... User bundles and content Creating Custom Mixes Useful for teams that want to provide their own content on top of Clear Linux* OS content for development, testing, etc. *Other names and brands may be claimed as the property of others
  • 20.
    mixin Useful for individualusers that want to add their own content User adds package Mixer Local Artifacts Upstream Artifacts Merge swupd client Side-loading Custom Content
  • 21.
    Clear Linux* OS ●Rolling release security updates ● Stateless OS design ● Performance focused ● Use-case optimized bundles ● Fast, secure, and reliable updates *Other names and brands may be claimed as the property of others
  • 22.
    Contact details Patrick McCarty pmccartyon #clearlinux (freenode) More resources: Project site: clearlinux.org Forum: community.clearlinux.org Git repos: github.com/clearlinux github.com/clearlinux-pkgs