Sergei Shtepa Linux Piter presentation - OSTconf
Transcript of Sergei Shtepa Linux Piter presentation - OSTconf
![Page 1: Sergei Shtepa Linux Piter presentation - OSTconf](https://reader036.fdocuments.us/reader036/viewer/2022072217/62d9e95f3d21ce40c64fc628/html5/thumbnails/1.jpg)
how to use any distribution availableMany-Faced Linux
Sergey ShtepaSenior Developer
![Page 2: Sergei Shtepa Linux Piter presentation - OSTconf](https://reader036.fdocuments.us/reader036/viewer/2022072217/62d9e95f3d21ce40c64fc628/html5/thumbnails/2.jpg)
Veeam In Numbers
355K+Customers worldwide4,000 additional per month
82%of Fortune 500Saint - PetersburgPrague
R&D Offices: 30+Countries where Veeam has offices
4K+Employees worldwide
3.5XIndustry Average for Customer Satisfaction
13 28 66 145 298 515833 986
1259
20202600
30003500
4000
2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019Veeam ONE Veeam Agent
for WindowsVeeam Agent
for LinuxVB for Microsoft
Office 365VA Console
OrchestratorVA for NutanixVeeam Agent
for Unix
Veeam FastSCP
Veeam Monitor for VMware
Veeam Reporter
Veeam Management Pack
VeeamBackup & Replication
Empl
oyee
sPr
oduc
ts
$1 Billionin revenue in 2018
© 2019 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. 2
![Page 3: Sergei Shtepa Linux Piter presentation - OSTconf](https://reader036.fdocuments.us/reader036/viewer/2022072217/62d9e95f3d21ce40c64fc628/html5/thumbnails/3.jpg)
3© 2019 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners.
source: https://distrowatch.com/images/other/periodic-table-of-distro.png
Periodic Table of Linux Distros
![Page 4: Sergei Shtepa Linux Piter presentation - OSTconf](https://reader036.fdocuments.us/reader036/viewer/2022072217/62d9e95f3d21ce40c64fc628/html5/thumbnails/4.jpg)
Package managersDebian Package Manager allows to use a single .deb package for any Debian-based distributive.
With RPM Package Manager we need a separate rpm package forRed Hat distribution:
el6, el7, el8, fc24SUSE distribution:
sles11, sles12, opensuse.
4
![Page 5: Sergei Shtepa Linux Piter presentation - OSTconf](https://reader036.fdocuments.us/reader036/viewer/2022072217/62d9e95f3d21ce40c64fc628/html5/thumbnails/5.jpg)
Package dependenciesel7:
• libblkid• libgcc• libstdc++• ncurses-libs• fuse-libs• file-libs• veeamsnap = 3.0.2.1185
sles 12:
• libblkid1• libgcc_s1• libstdc++6• libmagic1• libfuse2• veeamsnap-kmp = 3.0.2.1185
5
![Page 6: Sergei Shtepa Linux Piter presentation - OSTconf](https://reader036.fdocuments.us/reader036/viewer/2022072217/62d9e95f3d21ce40c64fc628/html5/thumbnails/6.jpg)
Alternative package managersSnappy Flatpak
6
![Page 7: Sergei Shtepa Linux Piter presentation - OSTconf](https://reader036.fdocuments.us/reader036/viewer/2022072217/62d9e95f3d21ce40c64fc628/html5/thumbnails/7.jpg)
Updates problem
• Do not update, ever.
• Automatically update as soon as possible.
• Manually update only after testing in a test infrastructure.
To be, or not to be updated,that is the question!
7
![Page 8: Sergei Shtepa Linux Piter presentation - OSTconf](https://reader036.fdocuments.us/reader036/viewer/2022072217/62d9e95f3d21ce40c64fc628/html5/thumbnails/8.jpg)
Most common problems in support of different platforms for C/C ++ programs :
1. Platform-dependent types2. Alignment of structures3. Byte order (Little/big endian)
Currently we support only x86 and amd64 platforms :(
Various platforms support
8
![Page 9: Sergei Shtepa Linux Piter presentation - OSTconf](https://reader036.fdocuments.us/reader036/viewer/2022072217/62d9e95f3d21ce40c64fc628/html5/thumbnails/9.jpg)
Static vs dynamic linkingStatic:+ Guarantees use of a specific version of the library+ using fresh libraries on older systems without updating
Dynamic:+ The library is guaranteed to be compatible with the kernel, modules, and other software.
9
![Page 10: Sergei Shtepa Linux Piter presentation - OSTconf](https://reader036.fdocuments.us/reader036/viewer/2022072217/62d9e95f3d21ce40c64fc628/html5/thumbnails/10.jpg)
libVIX.so
Intersection of librariesVeeamAgentEx
libssl.a- SSL_free()- X509_VERIFY_PARAM_free()
crypto
libCURL.solibssl.so
- SSL_free()- X509_VERIFY_PARAM_free()
10
![Page 11: Sergei Shtepa Linux Piter presentation - OSTconf](https://reader036.fdocuments.us/reader036/viewer/2022072217/62d9e95f3d21ce40c64fc628/html5/thumbnails/11.jpg)
Segmentation fault at 0x00000000x21d490f 0x000000000000x4c5.Backtrace.-- #0 at 0x00000000x131efde /tmp/VeeamAgent() [0x131efde]-- #1 at 0x000x7f42ee0b5890 /lib/x86_64-linux-
gnu/libpthread.so.0(+0xf890) [0x7f42ee0b5890]-- #2 at 0x00000000x21d490f
/tmp/VeeamAgent(X509_VERIFY_PARAM_free+0x5f) [0x21d490f]-- #3 at 0x000x7f42d1db13a3 /usr/lib/vmware-vix/Workstation-
11.0.0-and-vSphere-6.0.0/64bit/libssl.so.1.0.1(SSL_free+0x43) [0x7f42d1db13a3]-- #4 at 0x000x7f42d1b34c60 /usr/lib/vmware-vix/Workstation-
11.0.0-and-vSphere-6.0.0/64bit/libcurl.so.4(Curl_ossl_close+0x30) [0x7f42d1b34c60]…-- #11 at 0x000x7f42d035371c /usr/lib/vmware-vix/Workstation-11.0.0-and-vSphere-6.0.0/64bit/libvix.so(+0x2e371c) [0x7f42d035371c]
11
![Page 12: Sergei Shtepa Linux Piter presentation - OSTconf](https://reader036.fdocuments.us/reader036/viewer/2022072217/62d9e95f3d21ce40c64fc628/html5/thumbnails/12.jpg)
Symbols visibility-fvisibility=[default|internal|hidden|protected] • Set the default ELF image symbol visibility to the specified option
all symbols are marked with this unless overridden within the code.
• Despite the nomenclature, default always means public; i.e., available to be linked against from outside the shared object. protected and internal are pretty useless in real-world usage so the only other commonly used option is hidden. The default if -fvisibility isn't specified is default, i.e., make every symbol public.
--exclude-libs lib,lib,...• Specifies a list of archive libraries from which symbols should not
be automatically exported. The library names may be delimited by commas or colons. Specifying "--exclude-libs ALL" excludes symbols in all archive libraries from automatic export.
12
![Page 13: Sergei Shtepa Linux Piter presentation - OSTconf](https://reader036.fdocuments.us/reader036/viewer/2022072217/62d9e95f3d21ce40c64fc628/html5/thumbnails/13.jpg)
Creating a package for C/C++ appsCross compiling
Pros:• Simpler builder infrastructure• Less resource consuming
Cons:• Perparation of a cross-compiling
environment is required
Build farm
Pros:• Simple preparation• Platform independence
Cons:• Requires a lot of resources• Maintenance costs
13
![Page 14: Sergei Shtepa Linux Piter presentation - OSTconf](https://reader036.fdocuments.us/reader036/viewer/2022072217/62d9e95f3d21ce40c64fc628/html5/thumbnails/14.jpg)
OpenBuildService structure
14
![Page 15: Sergei Shtepa Linux Piter presentation - OSTconf](https://reader036.fdocuments.us/reader036/viewer/2022072217/62d9e95f3d21ce40c64fc628/html5/thumbnails/15.jpg)
15
![Page 16: Sergei Shtepa Linux Piter presentation - OSTconf](https://reader036.fdocuments.us/reader036/viewer/2022072217/62d9e95f3d21ce40c64fc628/html5/thumbnails/16.jpg)
ABI for kernel moduleskABI for modules is:
• API stability is guaranteed and source code is portable within a single release.
• Compatible ABI can be guaranteed and modules are portable within a single release.
• Between releases API and ABI can break.
16
![Page 17: Sergei Shtepa Linux Piter presentation - OSTconf](https://reader036.fdocuments.us/reader036/viewer/2022072217/62d9e95f3d21ce40c64fc628/html5/thumbnails/17.jpg)
In the Linux kernels from distributors we can find an abundance of bug fixes, patches and backports. The kernel version turns out to be useless.
Kernel version and backports
17
![Page 18: Sergei Shtepa Linux Piter presentation - OSTconf](https://reader036.fdocuments.us/reader036/viewer/2022072217/62d9e95f3d21ce40c64fc628/html5/thumbnails/18.jpg)
https://access.redhat.com/solutions/3658111WARNING: at block/blk-throttle.c:1222 blk_throtl_drain+0xff/0x180() (Not tainted)Hardware name: PowerEdge R630Modules linked in: veeamsnap(U)Pid: 7812, comm: Lpb Server thre Not tainted 2.6.32-754.6.3.el6.x86_64 #1Call Trace:[<ffffffff810805c1>] ? warn_slowpath_common+0x91/0xe0[<ffffffff8108062a>] ? warn_slowpath_null+0x1a/0x20[<ffffffff812978af>] ? blk_throtl_drain+0xff/0x180[<ffffffff81286cd1>] ? __blk_drain_queue+0x91/0x140[<ffffffff81286fab>] ? blk_cleanup_queue+0xeb/0x1d0[<ffffffffa0436899>] ? _snapimage_destroy+0x1d9/0x3a0 [veeamsnap]
18
![Page 19: Sergei Shtepa Linux Piter presentation - OSTconf](https://reader036.fdocuments.us/reader036/viewer/2022072217/62d9e95f3d21ce40c64fc628/html5/thumbnails/19.jpg)
19
![Page 20: Sergei Shtepa Linux Piter presentation - OSTconf](https://reader036.fdocuments.us/reader036/viewer/2022072217/62d9e95f3d21ce40c64fc628/html5/thumbnails/20.jpg)
20
![Page 21: Sergei Shtepa Linux Piter presentation - OSTconf](https://reader036.fdocuments.us/reader036/viewer/2022072217/62d9e95f3d21ce40c64fc628/html5/thumbnails/21.jpg)
https://patchwork.kernel.org/patch/7748091> @@ -1736,12 +1736,14 @@ EXPORT_SYMBOL(ioctl_by_bdev);> /**> * lookup_bdev - lookup a struct block_device by name> * @pathname: special file representing the block device> + * @mask: rights to check for (%MAY_READ, %MAY_WRITE, %MAY_EXEC). . .> */> -struct block_device *lookup_bdev(const char *pathname)> +struct block_device *lookup_bdev(const char *pathname, int mask)> {. . .> inode = d_backing_inode(path.dentry);> + if (mask != 0 && !capable(CAP_SYS_ADMIN)) {> + error = __inode_permission(inode, mask);> + if (error)> + goto fail;> + }
Kernel patchwork
21
![Page 22: Sergei Shtepa Linux Piter presentation - OSTconf](https://reader036.fdocuments.us/reader036/viewer/2022072217/62d9e95f3d21ce40c64fc628/html5/thumbnails/22.jpg)
Kernel module signatureopensuse-15-host:/ # modinfo veeamsnapfilename: /lib/modules/4.12.14-lp150.12.45-default/weak-updates/updates/drivers/veeamsnap.kosupported: externalversion: 4.0.0.1311description: Veeam Snapshot Kernel Moduleauthor: Veeam Software Group GmbHlicense: GPLsuserelease: openSUSE Leap 15.0srcversion: 4BB3B8E50B15FC85E3AC2ABretpoline: Yvermagic: 4.12.14-lp150.11-default SMP mod_unload modversions retpolinesig_id: X509signer: Veeam Software Group GmbHsig_key: A5:DA:85:BB:C9:CF:A8:DD:92:CA:DD:BE:67:75:65:AD:C9:1D:2F:44sig_hashalgo: sha256signature: 01:00:1F:89:6F:C4:56:30:2E:DC:0C:63:39:7A:3A:87:22:C4:3B:BF:
. . .
22
![Page 23: Sergei Shtepa Linux Piter presentation - OSTconf](https://reader036.fdocuments.us/reader036/viewer/2022072217/62d9e95f3d21ce40c64fc628/html5/thumbnails/23.jpg)
Enrolling module certificate
23
![Page 24: Sergei Shtepa Linux Piter presentation - OSTconf](https://reader036.fdocuments.us/reader036/viewer/2022072217/62d9e95f3d21ce40c64fc628/html5/thumbnails/24.jpg)
24
![Page 25: Sergei Shtepa Linux Piter presentation - OSTconf](https://reader036.fdocuments.us/reader036/viewer/2022072217/62d9e95f3d21ce40c64fc628/html5/thumbnails/25.jpg)
Supported distributionsDebian 6.0 – 9.7Ubuntu 10.04 – 19.04RHEL 6.0 – 8.0CentOS 6.0 – 7.6Oracle Linux 6 (starting from UEK R1)Oracle Linux 7 (up to UEK R4 U7)Oracle Linux 6 – 7.6 (RHCK)Fedora 23 – 30SLES 11 SP4 – 15 SP1SLES for SAP 11 SP4 – 15 SP1openSUSE 11.3 – 13.2, 42.0 – 42.1
42.2 – 42.3, 15.0 – 15.1Tumbleweed
25
![Page 26: Sergei Shtepa Linux Piter presentation - OSTconf](https://reader036.fdocuments.us/reader036/viewer/2022072217/62d9e95f3d21ce40c64fc628/html5/thumbnails/26.jpg)
Veeam vacancies:
careers.veeam.ru/vacancies
Thank you for your attention!My contacts:
habr.com/ru/users/codeimp/
github.com/CodeImp/
strava.com/athletes/39745077
26