Alpine Linux:About: Difference between revisions
(Rearranged selling points, updated wording.) |
(Overhauled the "What's It Like?" section) |
||
Line 22: | Line 22: | ||
== What's It Like? == | == What's It Like? == | ||
Its network configuration is similar to Debian's and its package management is, in some ways, similar to Debian's APT or RedHat's yum, the BSDs' <code>pkg_*</code> commands (<code>apk_*</code> under Alpine), and ArchLinux's PKGBUILDs (<code>APKBUILD</code> under Alpine). | |||
Also, if you've ever used a BusyBox-based system before, you would know that its applets do not have all of the features of their GNU/Linux counterparts. However, in an effort to make the system run like any other, the Alpine developers have contributed a number of enhancements to the BusyBox project. | |||
* The base installation is small enough for a firewall | Having said that, there are situations where things do not run like they do on a "real" Linux system. When you run into those situations, just remember these two things: | ||
* Alpine | |||
* The base installation is kept small enough for a firewall or router system, so there's not much there except the basics. (You can probably get what you need out of it using just the tools that are there, although crudely. Tools like sh, awk, sed, and grep can do everything Perl can do — really.) | |||
* Alpine does have a complete set of packages, but you will need to explicitly choose what to install. | |||
== What Should I Know? == | == What Should I Know? == |
Revision as of 05:22, 8 October 2010
Alpine Linux is a community-developed operating system designed for x86 Routers, Firewalls, VPNs, VoIP and servers.
Alpine Linux is and always will be free of charge. You do not pay any licensing fees. You can download, use and share Alpine Linux with anyone for absolutely nothing.
Alpine Linux was designed with security in mind. It has proactive security features, such as PaX and SSP, that prevent security holes from being exploited.
Alpine Linux uses the uClibc C library and all of the base tools from BusyBox. These are normally found on embedded systems and are smaller than the tools found on GNU/Linux systems.
Why Should I Try It?
We're partial, of course, but here are a few reasons:
- It's quick: You can boot it from a USB stick and have a very usable system in less than 10 minutes.
- It's simple: The package management and init system is a breeze to use.
- It has the Alpine Configuration Framework (ACF): While optional, ACF is a powerful web application used for configuring an Alpine Linux device. (Screenshots)
- It's great for experimenting: Since the system configuration can be backed up to a single file, you will be able to test new configurations before installing them on a production system. (See Alpine Local Backup.)
- It supports Linux VServer: You can run virtualized hosts on it, similar to FreeBSD Jails. (You can even run them on RAM-based installs, and although it's not very practical, it is worth geek points!)
- It's more secure: When The Linux 0-day vmsplice vulnerability was causing admins everywhere to upgrade their kernels post-haste, Alpine Linux systems were basically impervious. Yes, the code crashed the application, but the PaX protection prevented system compromise. The value of PaX and SSP has been proven on more than one occasion.
What's It Like?
Its network configuration is similar to Debian's and its package management is, in some ways, similar to Debian's APT or RedHat's yum, the BSDs' pkg_*
commands (apk_*
under Alpine), and ArchLinux's PKGBUILDs (APKBUILD
under Alpine).
Also, if you've ever used a BusyBox-based system before, you would know that its applets do not have all of the features of their GNU/Linux counterparts. However, in an effort to make the system run like any other, the Alpine developers have contributed a number of enhancements to the BusyBox project.
Having said that, there are situations where things do not run like they do on a "real" Linux system. When you run into those situations, just remember these two things:
- The base installation is kept small enough for a firewall or router system, so there's not much there except the basics. (You can probably get what you need out of it using just the tools that are there, although crudely. Tools like sh, awk, sed, and grep can do everything Perl can do — really.)
- Alpine does have a complete set of packages, but you will need to explicitly choose what to install.
What Should I Know?
In addition to basic UNIX management, you should know that...
- Alpine Linux uses apk-tools for its package management system. You will need to learn about
apk
before you can effectively manage the system. - Alpine Linux uses OpenRC for its init system. You will need to know how to add services to the OpenRC startup process.
- Alpine Linux uses the Alpine Local Backup Utility (
lbu
), primarily on RAM-based installs; you use it so you don't lose everything between reboots, but it can also be used to copy a new, tested and working configuration to a production system. You should know thatlbu
will only backup things in/etc
by default.
You should also know that we are engineers, not documenters. There's not alot of documentation out there (yet). We are working on it, but could use the help. So in many cases, things are not documented as well as they should be.
How did Alpine Linux Begin?
Alpine Linux began life as a fork of the LEAF Project. The active members of the LEAF Project wanted to continue making a Linux distribution that ran off of a single floppy disk — and we think that's great — however, our needs required Squid, DansGuardian, Samba, and a slew of other heavyweight applications. So, we ended up with a set of packages that fit onto a CD-ROM.
The LEAF concept of "run from RAM" has a number of appealing features, especially for a firewall:
- If your configs are all on a floppy, an upgrade is as simple as burning a new CD and rebooting.
- If your configs are all on a write-protected floppy, recovering from a root-kit is as simple as rebooting.
On the other hand, there were some things that we wanted to experiment with that wasn't easy to do in the LEAF build environment at that time, such as:
- A Complete Build-from-Source Environment (e.g. Gentoo-Style Build World)
- 2.6.x Kernel Support
- Stack-Smashing Support (SSP) in GCC
- PaX Kernel Security
- Better package management with dependencies, upgrade path, pre- and post-install scripts, etc.
And so the project began. Our goals, however, have always been to keep it as simple and small as possible. Alpine Linux won't fit onto a floppy disk today, but it certainly runs from a 64MB USB stick.
Why the Name Alpine?
Alpine originally stood for A Linux Powered Integrated Network Engine. The idea was that the distro would be focused on networking, and be a tiny "engine" or framework upon which larger systems could be built. Today, Alpine lives up to that name. The first open source implementation of Cisco's DMVPN, called OpenNHRP, was written for Alpine Linux. Improvements to networking functions in the Linux Kernel have started from patches and the needs of the Alpine Linux team.
In addition to its use as a firewall/router, Alpine Linux is also used in a number of installations as the basis for enterprise servers, running software such as PostgreSQL, Postfix, Asterisk, Kamailio, and being used for iSCSI SANs. It is the little engine that could.
Nowadays, Alpine is just a name.