The download end-point of Spacewalk/SUSE Manager resolves the packages from channels dynamically with a database query.

With the integration of Salt into SUSE Manager we have the chance to rethink this.

As the current SUSE Manager Salt implementation uses a plain HTTP end-point and self-contained JWT tokens for authentication against the end-point, we think about resolving the channel/package relationship at repodata generation time (eg. symlinks) and then doing the authentication with a simple helper program so that we don't need to hit tomcat at all.

This would also make possible to use the endpoint without any authentication at all, giving even more performance.

Making the end-point static would make scalability much easier.


Results

The experiment failed and we were not able to implement a fully static end-point because of authentication. However, the project resulted in the addition of mod_xsendfile to avoid having the package download go via Tomcat.

Looking for hackers with the skills:

spacewalk susemanager http

This project is part of:

Hack Week 13

Activity

  • over 9 years ago: moio left this project.
  • almost 10 years ago: moio joined this project.
  • almost 10 years ago: j_renner liked this project.
  • almost 10 years ago: dmacvicar started this project.
  • almost 10 years ago: dmacvicar added keyword "spacewalk" to this project.
  • almost 10 years ago: dmacvicar added keyword "susemanager" to this project.
  • almost 10 years ago: dmacvicar added keyword "http" to this project.
  • almost 10 years ago: dmacvicar originated this project.

  • Comments

    • ericmenk33
      2 months ago by ericmenk33 | Reply

      That’s an interesting deep-dive into SUSE Manager’s architecture and how endpoints can be optimized for efficiency and security. While it's tailored for enterprise systems, casual users looking for seamless content delivery can experience a different kind of optimization through a free movie streaming app like PPCine, which offers buffer-free viewing without any complex backend setup. It's a great contrast showing how both enterprise and entertainment platforms strive for smooth access and performance.

    Similar Projects

    pudc - A PID 1 process that barks to the internet by mssola

    Description

    As a fun exercise in order to dig deeper into the Linux kernel, its interfaces, the RISC-V architecture, and all the dragons in between; I'm building a blog site cooked like this:

    • The backend is written in a mixture of C and RISC-V assembly.
    • The backend is actually PID1 (for real, not within a container).
    • We poll and parse incoming HTTP requests ourselves.
    • The frontend is a mere HTML page with htmx.

    The project is meant to be Linux-specific, so I'm going to use io_uring, namespaces, and Linux-specific features in order to drive all of this.

    I'm open for suggestions and so on, but this is meant to be a solo project, as this is more of a learning exercise for me than anything else.

    Goals

    • Have a better understanding of different Linux features from user space down to the kernel internals.
    • Most importantly: have fun.

    Resources