Aliyun Linux 17.01 特性说明

中文文档

Aliyun Linux 17.01（Golden Toad）具有如下特性。

• 集成阿里云内核组维护的 4.4 系列 Kernel。

  1. 支持 swap 内存压缩可保证显著减少 I/O；
  2. 支持动态补丁机制 kpatch，升级内核无需重启系统；
  3. 支持超大内存 kdump（至多 3 TB）；
  4. 支持 Automatic NUMA；
  5. 用户态 vsyscall 获取时间戳性能提升；
  6. 全面支持 Docker 技术栈；
  7. 支持 pv panic，方便协助云用户快速定位内核问题；
  8. 重新设计的无锁 TCP listener，提升 2 ~ 3 个数量级防 SYN 攻击能力。

• 高效创建和启动。

  • 基于虚拟化级优化栈创建实例，有效降低创建虚拟机所需时间。OS 搭载阿里云定制启动服务，提升启动速率，使创建到可登录时间控制在 30 秒内。
• 文件系统：新增支持文件系统：XFS、Btrfs、AUFS 和 OverlayFS。
• 全新工具链：GCC 4.8.x glibc 2.17 GDB 7.6.1。

• 安全提升。

  • OpenSSH 支持 chroot shell 登录，限制用户登录在一个受限的根文件系统中。
  • OpenSSH 可指定多个验证条件以加强登录访问。
• 兼容 CentOS 7.2。

英文文档

From Document Center

Aliyun Linux 17.01 (Golden Toad) has the following features.

• Integrated with Linux kernel 4.4 maintained by the Alibaba Cloud kernel group

  1. Supports swap space compression to guarantee a significant I/O reduction.
  2. Supports kpatch, a hot patching feature. No need to restart the instance to upgrade the kernel.
  3. Supports kdump for virtual machines with large memory (3 TB at the most).
  4. Supports automatic NUMA.
  5. Improves the performance of getting timestamps in user mode using vsyscall page.
  6. Comprehensively supports Docker technology stacks.
  7. Supports paravirtual (PV) panic event interface, facilitating cloud users to quickly locate kernel problems.
  8. Provides the lockless TCP listener that is re-designed with the anti-SYN flooding attack capability elevated by two to three orders of magnitude.

• Efficient creation and start

  • The instance is created based on the virtualization-level optimized stack to effectively reduce the time required for creating a virtual machine. The OS is equipped with Alibaba Cloud custom boot services to improve the boot rate, so that the time needed from instance creation to logon is 30 seconds or less.

• File systems

  • The following file systems are newly supported: XFS, Btrfs, AUFS, and OverlayFS.

• Brand new tool chain

  • GCC 4.8.x glibc 2.17 GDB 7.6.1.

• Improved security

  • OpenSSH supports logon by using the chroot shell, but the user logon is within a limited root file system.
  • OpenSSH supports specifying multiple verification conditions to enhance logon access.
• Compatible with CentOS 7.2