An Operating System Tailored for Containers and Built for the Embedded World

Similar documents
IoT usecase for Yocto Project

The ultimate guide to software updates on embedded Linux devices

ViryaOS RFC: Secure Containers for Embedded and IoT. A proposal for a new Xen Project sub-project

Building Debian-Based Products: Experiences in Collaboration

Travis Cardwell Technical Meeting

Snappy Ubuntu Core Enabling secure devices with app stores

Birds of a Feather Session - OSS Vancouver Eystein Stenberg, Mender.io

Android System Development Training 4-day session

Read-only rootfs. Theory and practice. Chris Simmonds. Embedded Linux Conference Europe Read-only rootfs 1 Copyright , 2net Ltd

Yocto Project and OpenEmbedded training 3-day session

How we added software updates to AGL

Deby - Reproducible and Maintainable Embedded Linux Environment with Poky

Lesson 7 Programming Embedded Galileo, Raspberry Pi, BeagleBone and mbed Platforms

BeagleBone Black: Installing Operating Systems

Surviving in the wilderness integrity protection and system update. Patrick Ohly, Intel Open Source Technology Center Preliminary version

F28HS Hardware-Software Interface: Systems Programming

January 28 29, 2014San Jose. Engineering Workshop

IoT.js. Next generation web for connected things. Samsung Electronics Software Center Piotr Marcinkiewicz 2017

BeagleBone Black: Installing Operating Systems

Isar. Build Debian-Based Products with BitBake. Baurzhan Ismagulov. Embedded Linux Conference Europe Oct 11-13, 2016 Berlin, Germany

System Requirements ENTERPRISE

Lab: Setting up PL-App with a Raspberry Pi

Think Small to Scale Big

Session Overview. Background Integration Mender libostree (aktualizr) SWUpdate resin.io

meta-raspberrypi Documentation

Ten (or so) Small Computers

CloudFleet Documentation

RDKB IOT GATEWAY INTODUCTION. Khem Raj Linaro Connect BKK16 BKK March 8, 2016

Poky-tiny and Beyond, or Trying to put the Yocto in Yocto Project. Scott Murray

Important new NVMe features for optimizing the data pipeline

Building a Remote Control Robot with Automotive Grade Linux

Java Programming on the Raspberry Pi with Pi4J. Rob Ratcliff

SUSE Linux Entreprise Server for ARM

RAK831 Pilot Gateway User Manual V1.0

u-root: / with the convenience of scripting and the performance of compilation

LINUX CONTAINERS. Where Enterprise Meets Embedded Operating Environments WHEN IT MATTERS, IT RUNS ON WIND RIVER

OpenEmbedded in the Real World

Contributing to Automotive Grade Linux and GENIVI Development Platform

Software Updates for Connected Devices

Azure Sphere: Fitting Linux Security in 4 MiB of RAM. Ryan Fairfax Principal Software Engineering Lead Microsoft

LotOS Framework. Getting Started Guide for Banana Pi. Copyright (C) 2015 ilbers GmbH Revision 1.1,

EMBEDDED MACHINE VISION

Debian & Yocto: State of the Art

S3C6410-TFAUbuntu Easy Guide

Guide to your Plug Computer

Z-Stack Linux Gateway Quick Start Guide Version 1.0

SQL Server on Linux and Containers

趙庸鎭 (Cho, Yong Jin)

Advanced Continuous Delivery Strategies for Containerized Applications Using DC/OS

ovirt Node November 1, 2011 Mike Burns Alan Pevec Perry Myers ovirt Node 1

Collaboration Management Suite. Installation manual

ovirt Node June 9, 2012 Mike Burns ovirt Node 1

RakunLS1, Qseven SBC module with LS1021A

NI Linux Real-Time. Fanie Coetzer. Field Sales Engineer SA North. ni.com

Windows Persistent Memory Support

Dockerized Tizen Platform

Mesos on ARM. Feng Li( 李枫 ),

Presented by: Nafiseh Mahmoudi Spring 2017

Digi Embedded Yocto 1.6. First Steps Guide

The Yocto Project. Chris Young S/W Specialist SILICA Europe. Harmonising Software Development across multiple Embedded ARM SOC targets

Improving the Yocto Project Developer Experience. How New Tools Will Enable a Better Workflow October 2016 Henry Bruce

There Should be One Obvious Way to Bring Python into Production. Sebastian Neubauer

Tutorial: Howto setup a Remote Test Lab (not only) within the AGL CI Infrastructure

HOW TO INTEGRATE NFC FRONTENDS IN LINUX

Leveraging Docker and CoreOS to provide always available Cassandra at Instaclustr

D1Y - Embedded Linux with Yocto

Unikernels? Thomas [Twitter]

Embedded Linux kernel and driver development training 5-day session

RDO container registry Documentation

D1 - Embedded Linux. Building and installing an embedded and real-time Linux platform. Objectives. Course environment.

CONTINUOUS DELIVERY WITH DC/OS AND JENKINS

NAND/MTD support under Linux

One year of Deploying Applications for Docker, CoreOS, Kubernetes and Co.

Experiments 1 How to set up Raspberry Pi B+ The little computer you can cook into DIY tech projects

CS 326: Operating Systems. Lecture 1

BCS Raspberry Pi Launch Events Getting started with Raspberry Pi

Docker and Security. September 28, 2017 VASCAN Michael Irwin

Cross platform enablement for the yocto project with containers. ELC 2017 Randy Witt Intel Open Source Technology Center

Prototyping IoT with. Pierre Ficheux 02/2017. Prototyping IoT with Yocto

Soletta. Closing the IoT Development Gap. OpenIoT & ELC Europe 2016

ABOUT ZEPCAM SOFTWARE INSTALLATION MANAGEMENT AND BACKUPS. Description What is it Installation requirement Server requirement

OpenDCRE Documentation

S2C K7 Prodigy Logic Module Series

Be smart. Think open source.

Copyright 2017 Samsung. All Rights Reserved. O-Hoon Kwon, Ph.D. Samsung Electronics

Embedded Linux Architecture

Intel Clear Containers. Amy Leeland Program Manager Clear Linux, Clear Containers And Ciao

An Incubator Project in the Apache Software Foundation. 13 July 2016

Creating a profile from Tizen:Common. Stéphane Desneux Senior Software Engineer Eurogiciel

Nubo on premise POC requirements for VMWare ESXi

A New Model for Image Distribution

How Container Runtimes matter in Kubernetes?

Microservices. Chaos Kontrolle mit Kubernetes. Robert Kubis - Developer Advocate,

Container Security and new container technologies. Dan

Introduction to the Yocto Project. Developer s perspective

Reducing the pain of Yocto development upgrades. Michael Brown NGM Firmware Lead Technologist Dell EMC Embedded Linux Conference 2017

64-bit ARM Unikernels on ukvm

[Docker] Containerization

Electronics Single Board Computers

Investigating Containers for Future Services and User Application Support

Transcription:

Introducing resinos An Operating System Tailored for Containers and Built for the Embedded World Andrei Gherzan / Petros Angelatos October 2016

About us Andrei Gherzan Lead engineer of resinos Maintainer of meta-raspberrypi, meta-chip Petros Angelatos Founder / CTO Ported Docker to ARM

Agenda Mission History Architecture Features Development tools Future

Mission Be the embedded OS of choice for containers in IoT Create a community around containers for IoT Modern security features Minimal footprint Production ready

History - resin.io Started 4 years ago Modern devops practices to the embedded world Naturally leaned towards containers Ported Docker to ARMv6 Ported Docker to ARMv5 Fixes upstreamed

History - resinos Needed an OS for our platform Tried a modified Arch Tried a modified TinyCore Both had important shortcomings

History - resinos Started in January 2014 as internal project Used Yocto as a base Open sourced in July 2015 Currently under very active development It s been running in production for 2.5 years

Architecture

Yocto Why we chose yocto Minimal Low footprint Build system allows for easy patching Board vendors usually supply Yocto BSP Easier device support

Yocto layer architecture One repo per board Submodules for dependent layers Tried repo tool Tried monolithic repo Each board can move independently resin-<board-name> submodules board BSP meta-resin poky meta-oe https://github.com/resin-os?query=resin-

meta-resin Main resinos layer Automatic aufs patching BSP independent kernel configuration Can prepopulate docker images Kernel headers for out-of-tree module development meta-resin Jethro overlayer Fido overlayer Daisy overlayer meta-resin-common https://github.com/resin-os/meta-resin

Build system Environment defined in a Dockerfile Predictable host configuration Docker image artifacts You can use the OS as a container resin/resinos:<version>-<board> https://github.com/resin-os/resin-yocto-scripts

Partition layout Separate rootfs and root state We know exactly which services write to disk Dual root partition data partition auto-expands on first boot boot roota rootb state data

Read-only root Forced us to investigate all writes Configuration stored in state partition Network configuration Random seed Clock at shutdown Some state is stored in tmpfs DHCP leases Limited logs

Read-only root Cleaner separation OTA updates are much easier Enables diff based updates We can t leave state behind

Reliability Compartmentalisation of failures Device can survive data partition corruption Most I/O activity happens in there Root partition is never written to while in use We strive to do atomic operations everywhere

CONTAINER CONTAINER(S) User Application Language Packages Language Runtime Runtime OS packages Base Image Container Engine (Docker) ResinOS Userspace Linux Kernel + Kernel Modules

Ingredients Systemd NetworkManager ModemManager dropbear dnsmasq docker avahi

Systemd Leverage a lot of systemd features Adjusting OOM score for critical services Running services in separate mount namespaces Very easy dependency management NTP Socket activation for SSH Saves RAM since ssh is running only when needed

Networking DNS is hard dnsmasq Integration of Docker with host s dnsmasq NetworkManager Excellent D-Bus API ModemManager Excellent D-Bus API Lots of documentation

Docker AUFS driver Allows support for NAND based devices Currently on docker 1.10.3 Backported stability patches Journald logging driver Avoids SD card wear Seccomp enabled

Log management All logs end up in journald In RAM 8MB buffer by default Configurable log persistence Journald allows for structured logs Container logs are annotated with metadata Easy to send logs to a central location to store and process

Features

Two stage flashing Some boards have internal storage Image for these boards is a flasher Automatic copying to internal storage Feedback through LEDs

Host OS updates So many options It s one of our biggest focus areas resinhup is our current approach Takes advantage of dual root partition Validates everything before changing the state It s still experimental https://github.com/resin-os/resinhup/

Dual root partition method Used by CoreOS, ChromiumOS, Ubuntu Snappy Brillo, Mender.io But wastes a lot of space We re experimenting with more advanced approaches ostree docker

ResinHUP Integration with docker It uses docker to pull the OS image It then unpacks and applies it Leveraging important docker features Signed images Programmatic API for fetching Open question: can unify containers and host? https://github.com/resin-os/resinhup/

Automatic emulated testing We support virtual QEMU boards Automated basic testing on every PR Booting Networking Integrated with our Jenkins https://github.com/resin-io/autohat

Automatic hardware testing Manual testing doesn t scale Currently 22 boards We built a board that instruments boards GPIO Provisioning SD muxing Wifi testing https://github.com/resin-io/autohat-rig

Device support ARMv7 Raspberry Pi 2 Raspberry Pi 3 Samsung Artik 5 SamsungArtik 10 Beaglebone Black Beaglebone Green Beaglebone Green Wireless Odroid C1/C1+ Odroid XU4 SolidRun Hummingboard i2 Boundary Devices Nitrogen6x Parallella Board VIA 820 board Zynq zc702 TS4900 single and Quad ARM64 Coming soon ARMv6 RPI Zero RPI model 1 A+ ARMv5 TS7700 X86_32 Intel Edison X86_64 Intel NUC

Device support Easy to add new boards Meta-resin handles Userspace Image generation Kernel configuration

Development tools

Development tools How do you.. Configure network credentials? Provision a device? Develop on the board? Get logs?

Development mode Development images have Open SSH server Docker socket exposed over TCP mdns exposed metadata Device is at <hostname>.local

Resin Device Toolbox Image configuration Wifi credentials Hostname Persistent logging $ rdt configure ~/Downloads/resinos-dev.img? Network SSID super_wifi? Network Key super_secure_password? Do you want to set advanced settings? Yes? Device Hostname resin? Do you want to enable persistent logging? no Done!

Resin Device Toolbox Automatically detects removable storage Won t wipe your drive! Validates after writing $ sudo rdt flash ~/Downloads/resinos-dev.img? Select drive /dev/disk3 (7.9 GB) - STORAGE DEVICE? This will erase the selected drive. Are you sure? Yes Flashing [========================] 100% eta 0s Validating [========================] 100% eta 0s

Resin Device Toolbox Docker development Finds device in local network Continously syncs code into the container Rebuilds when necessary $ rdt push --source. * Building.. - Stopping and Removing any previous 'myapp' container - Removing any existing container images for 'myapp' - Building new 'myapp' image

Base Images More than 500 images for each supported device type Debian, Fedora, Alpine Nodejs, python, golang, Java Follow docker conventions https://github.com/resin-io-library/base-images

Future

Future Roadmap includes.. Compressed RAM Docker 1.12 Hardware watchdog integration Secure Boot ramoops integration... We interested in your thoughts There is lots of room for innovation

Open source Website - https://resinos.io/ Github - https://github.com/resin-os Gitter - https://gitter.im/resin-os/chat Apache 2 Licence

Questions?

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback