Packages
A package refers to a binary distribution for a given piece of Habitat software that contains a software library or application as well as any configuration information for that software.
Keys:
Habitat has strong cryptography built into both the build system and the supervisor. This means there are several different kinds of keys.
Origin Keys
Every package in Habitat belongs to an origin, and is cryptographically signed with that origin's private key.
Origin key cryptography is asymmetric; it has a public key that you can distribute freely, and a private key that you should keep safe.
Supervisors, by default, will refuse to run packages for which they do not have the public key. They use this public key to verify the integrity of the Habitat package they download, before running it. Supervisors can be provided the public key by pointing them at a depot that has it, or by putting the key on disk outside of Habitat.
Studio
The Habitat Studio is a clean, self-contained, minimal environment in which you can develop, build, and package software that is free from any upstream operating system distribution. All tools and dependencies included in the Studio are installed through Habitat packages, thus preventing any unwanted dependencies from being used by your package.
Create Packages
Packages are the cryptographically-signed tarballs that are uploaded, downloaded, unpacked, and installed in Habitat. They are built from shell scripts known as plans, but may also include runtime hooks and service configuration files that describe the behavior and configuration of a running package.
Create plans
At the center of Habitat packaging is the plan. This is a directory comprised of shell scripts and optional configuration files that define how you download, configure, make, install, and manage the lifecycle of the software in the package.
Build packages
Habitat packages are cryptographically-signed tarballs with a .hart extension that are built from plans. You can build a package in two ways: interactively from inside a studio, and non-interactively.
Container orchestration with Habitat
Habitat packages may be exported with the supervisor directly into a Docker or ACI-formatted container, but frequently the container itself will run within a container orchestrator such as Kubernetes or Mesos. Container orchestrators provide scheduling and resource allocation, ensuring workloads are running and available. Containerized Habitat packages may run within these runtimes, managing the applications while the runtimes handle the environment surrounding the application (ie. compute, networking, security).
No comments:
Post a Comment