What is the internal Linux distribution used by Microsoft?



In 2001, Microsoft was hostile to Linux, as Microsoft CEO Steve Ballmer said, 'Linux is a cancer.' However, Microsoft has changed significantly since Satya Nadella became CEO in 2014,

joining the Linux Foundation in 2016 and running binary files for Linux on Windows. The mechanism ' WSL ' is installed, and the attitude of compromise is set out. Meanwhile, Microsoft engineer Yuan Manuel Ray revealed that a Linux distribution is being developed for internal use, and blogs about how to use it and its features.

A look into CBL-Mariner, Microsoft's internal Linux distribution --Juanma's Blog
https://blog.jreypo.io/2021/07/09/a-look-into-cbl-mariner-microsoft-internal-linux-distribution/



According to Ray, the internal distribution is called 'CBL-Mariner ' and was created by the team that created the Linux kernel used in WSL2 and is intended for use in cloud infrastructure and edge computing. It is a distribution of.

CBL-Mariner is open source and can be downloaded by anyone from Microsoft's repository. However, at the time of article creation, there is no distribution of pre-built images that are easy for the general public to use, and in order to use it, you need to build by yourself while reading the documents in the repository. As a demonstration on the blog, Ray is building by entering the following code after satisfying the build requirements in order to create an image file for installation on vSphere of the server virtualization tool.

[code] git clone https://github.com/microsoft/CBL-Mariner.git
cd CBL-Mariner / toolkit
sudo make iso REBUILD_TOOLS = y REBUILD_PACKAGES = n CONFIG_FILE = ./imageconfigs/full.json [/ code]



Next, Ray explained the installation on vSphere. The VM setting is that the guest OS is 'Other 5.x or later Linux (64-bit)' and the hardware is '1 v CPU', '2GB RAM', and '16GB disk'. Text mode and graphic mode can be selected as the installation mode, and graphic mode is selected here. In addition, you can select two types of installation, 'Core' and 'Full'. According to Mr. Ray, the installation of Core is completed in 29 seconds, and even in Full it takes about 76 seconds, and it can be installed at a fairly high speed.



Set the partition and system during installation.



CBL-Mariner was created with reference to Fedora and Photon-OS, and it is said that it is quite similar to these two distributions. Also, since the SSH daemon is not installed in the initial state, Ray first installs the SSH daemon from the vSphere console with the following command.

[code] sudo tdnf install -y openssh-server
sudo systemctl enable --now sshd.service [/ code]



CBL-Mariner's package system is RPM-based,

and both 'dnf ' and ' tdnf ' are used for updates, and an image-based update system using RPM-OSTree is also supported. thing. The software that can be used after installation is organized in two package repositories, 'base' and 'update', and a total of about 3300 packages are prepared.



CBL-Mariner also focuses on security and is designed based on the 'Secure by Default' principle. In addition to kernel and compiler-based measures, it is said that updates are signed, address space layout is randomized, and log tampering measures are taken. Other security elements adopted by CBL-Mariner can be confirmed from the GitHub repository.

Ray concludes his blog by all means checking out the CBL-Mariner repository.

in Software, Posted by log1d_ts