Join the Gitter channel! https://gitter.im/uyuni-project/hackweek
Uyuni is a configuration and infrastructure management tool that saves you time and headaches when you have to manage and update tens, hundreds or even thousands of machines. It also manages configuration, can run audits, build image containers, monitor and much more!
Currently there are a few distributions that are completely untested on Uyuni or SUSE Manager (AFAIK) or just not tested since a long time, and could be interesting knowing how hard would be working with them and, if possible, fix whatever is broken.
For newcomers, the easiest distributions are those based on DEB or RPM packages. Distributions with other package formats are doable, but will require adapting the Python and Java code to be able to sync and analyze such packages (and if salt does not support those packages, it will need changes as well). So if you want a distribution with other packages, make sure you are comfortable handling such changes.
No developer experience? No worries! We had non-developers contributors in the past, and we are ready to help as long as you are willing to learn. If you don't want to code at all, you can also help us preparing the documentation after someone else has the initial code ready, or you could also help with testing :-)
The idea is testing Salt and Salt-ssh clients, but NOT traditional clients, which are deprecated.
To consider that a distribution has basic support, we should cover at least (points 3-6 are to be tested for both salt minions and salt ssh minions):
- Reposync (this will require using spacewalk-common-channels and adding channels to the .ini file)
- Onboarding (salt minion from UI, salt minion from bootstrap scritp, and salt-ssh minion) (this will probably require adding OS to the bootstrap repository creator)
- Package management (install, remove, update...)
- Patching
- Applying any basic salt state (including a formula)
- Salt remote commands
- Bonus point: Java part for product identification, and monitoring enablement
- Bonus point: sumaform enablement (https://github.com/uyuni-project/sumaform)
- Bonus point: Documentation (https://github.com/uyuni-project/uyuni-docs)
- Bonus point: testsuite enablement (https://github.com/uyuni-project/uyuni/tree/master/testsuite)
If something is breaking: we can try to fix it, but the main idea is research how supported it is right now. Beyond that it's up to each project member how much to hack :-)
- If you don't have knowledge about some of the steps: ask the team
- If you still don't know what to do: switch to another distribution and keep testing.
This card is for EVERYONE, not just developers. Seriously! We had people from other teams helping that were not developers, and added support for Debian and new SUSE Linux Enterprise and openSUSE Leap versions :-)
Pending
FUSS
FUSS is a complete GNU/Linux solution (server, client and desktop/standalone) based on Debian for managing an educational network.
https://fuss.bz.it/
Seems to be a Debian 12 derivative, so adding it could be quite easy.
[W]
Reposync (this will require using spacewalk-common-channels and adding channels to the .ini file)[W]
Onboarding (salt minion from UI, salt minion from bootstrap script, and salt-ssh minion) (this will probably require adding OS to the bootstrap repository creator) --> Working for all 3 options (salt minion UI, salt minion bootstrap script and salt-ssh minion from the UI).[W]
Package management (install, remove, update...) --> Installing a new package works, needs to test the rest.[I]
Patching (if patch information is available, could require writing some code to parse it, but IIRC we have support for Ubuntu already). No patches detected. Do we support patches for Debian at all?[W]
Applying any basic salt state (including a formula)[W]
Salt remote commands[ ]
Bonus point: Java part for product identification, and monitoring enablement[ ]
Bonus point: sumaform enablement (https://github.com/uyuni-project/sumaform)[ ]
Bonus point: Documentation (https://github.com/uyuni-project/uyuni-docs)[ ]
Bonus point: testsuite enablement (https://github.com/uyuni-project/uyuni/tree/master/testsuite)
PR: https://github.com/uyuni-project/uyuni/pull/9502
It's basically a Debian 12. I don't even know whether it makes sense to separate it.
root@fuss-12:/tmp# cat /etc/os-release
PRETTY_NAME="Debian GNU/Linux 12 (bookworm)"
NAME="Debian GNU/Linux"
VERSION_ID="12"
VERSION="12 (bookworm)"
VERSION_CODENAME=bookworm
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"
root@fuss-12:/tmp# venv-salt-call grains.items| grep -v osvw|grep -A 1 " os"
os:
Debian
os_family:
Debian
osarch:
amd64
oscodename:
bookworm
osfinger:
Debian-12
osfullname:
Debian GNU/Linux
osmajorrelease:
12
osrelease:
12
osrelease_info:
- 12
openSUSE Leap 16
The distribution will all love!
https://en.opensuse.org/openSUSE:Roadmap#DRAFTScheduleforLeap16.0
If we are lucky, we'll get an alpha in time for Hack Week
Will be based on SUSE Linux Enterprise 16.0.
[W]
Reposync (this will require using spacewalk-common-channels and adding channels to the .ini file)[W]
Onboarding (salt minion from UI, salt minion from bootstrap scritp, and salt-ssh minion) (this will probably require adding OS to the bootstrap repository creator)[W]
Package management (install, remove, update...). Works, even reboot requirement detection[ ]
Patching (if patch information is available, could require writing some code to parse it, but IIRC we have support for Ubuntu already) Could not test patches, none available for now[W]
Applying any basic salt state (including a formula) Locale formula to adjust TZ to UTC,a nd apply highstate[W]
Salt remote commands[W]
Bonus point: Java part for product identification. I did not do any enablements, as I guess it's still not clear what we'll do. But I added the new SLFO GPG key for package identification[ ]
Bonus point: sumaform enablement (https://github.com/uyuni-project/sumaform) Not for now, it's way too early[W]
Bonus point: Documentation (https://github.com/uyuni-project/uyuni-docs) https://github.com/uyuni-project/uyuni-docs/pull/3468[ ]
Bonus point: testsuite enablement (https://github.com/uyuni-project/uyuni/tree/master/testsuite) Not for now, it's way too early
Resources:
- Research card: https://github.com/uyuni-project/uyuni-docs/pull/3468
- PR: https://github.com/uyuni-project/uyuni/pull/9491
- PR for doc: https://github.com/uyuni-project/uyuni-docs/pull/3468
Zorin OS
In particular the Education version (https://help.zorin.com/docs/getting-started/system-requirements/ and https://zorin.com/os/education/)
Because of the IDLINK and the UBUNTUCODENAME values, it should be compatible with the bundle and client tools for Ubuntu 22.04 out of the box.
[ ]
Reposync (this will require using spacewalk-common-channels and adding channels to the .ini file)[ ]
Onboarding (salt minion from UI, salt minion from bootstrap script, and salt-ssh minion) (this will probably require adding OS to the bootstrap repository creator)[ ]
Package management (install, remove, update...)[ ]
Patching (if patch information is available, could require writing some code to parse it, but IIRC we have support for Ubuntu already)[ ]
Applying any basic salt state (including a formula)[ ]
Salt remote commands[ ]
Bonus point: Java part for product identification, and monitoring enablement[ ]
Bonus point: sumaform enablement (https://github.com/uyuni-project/sumaform)[ ]
Bonus point: Documentation (https://github.com/uyuni-project/uyuni-docs)[ ]
Bonus point: testsuite enablement (https://github.com/uyuni-project/uyuni/tree/master/testsuite)
It's a distro based on Ubuntu. This is the content of /etc/os-release
:
PRETTY_NAME="Zorin OS 17.2"
NAME="Zorin OS"
VERSION_ID="17"
VERSION="17.2"
VERSION_CODENAME=jammy
ID=zorin
ID_LIKE="ubuntu debian"
HOME_URL="https://zorin.com/os/"
SUPPORT_URL="https://help.zorin.com/"
BUG_REPORT_URL="https://zorin.com/os/feedback/"
PRIVACY_POLICY_URL="https://zorin.com/legal/privacy/"
UBUNTU_CODENAME=jammy
In progress
openSUSE MicroOS
PRs: https://github.com/uyuni-project/uyuni/pull/6550 and https://github.com/uyuni-project/uyuni/pull/7858 Doc for the PoC: https://github.com/uyuni-project/uyuni/wiki/openSUSE-Tumbleweed-and-openSUSE-MicroOS-for-Uyuni
Check the doc to see what works, and what does not
NOTE: Broken for now because of SELinux, see the link above about the PoC.
[W]
Reposync (this will require using spacewalk-common-channels and adding channels to the .ini file)[W]
Onboarding (salt minion from UI, salt minion from bootstrap scritp, and salt-ssh minion) (this will probably require adding OS to the bootstrap repository creator)[P]
Package management (install, remove, update...) See the doc above[ ]
Patching No tests available for testing[P]
Applying any basic salt state (including a formula) See the doc above[W]
Salt remote commands[ ]
Bonus point: Java part for product identification, and monitoring enablement[ ]
Bonus point: sumaform enablement (https://github.com/uyuni-project/sumaform)[ ]
Bonus point: Documentation (https://github.com/uyuni-project/uyuni-docs)[ ]
Bonus point: testsuite enablement (https://github.com/uyuni-project/uyuni/tree/master/testsuite)
A transactional OS, similar to SLE Micro but based on openSUSE Tumbleweed. Supporting it could be problematic, because of the bundle extra work, but we can at least give it a try.
Astra Linux
PR: https://github.com/uyuni-project/uyuni/pull/1915
Originally it was a GNU/Linux developed for the Russian army and intelligence agencies, but it now offers a free (as in free beer) version for general usage. It is based on Debian GNU/Linux, so maybe getting some basic support will not be that hard.
Our team in Russia told me about it, so I joined their Telegram support channel some months ago.
Right now there are more than 1600 users at their Telegram channel (linked to Matrix.org with a bridge, which I suspect is what most of the users use) with a lot of traffic each day talking not only about support, but also about news regarding the distribution.
The distribution is now Linux Foundation Corporate Member (Silver).
[W]
Reposync (this will require using spacewalk-common-channels and adding channels to the .ini file)- After adding the repositories to
spacewalk-common-channels
works fine.
- After adding the repositories to
[W]
Onboarding (both salt and salt-ssh)- WebUI works (salt and salt-ssh), with some caveats: https://github.com/uyuni-project/uyuni/pull/1915
- I can bootstrap using a script.
[W]
Package management- Works!
[ ]
Patching- Can't test yet, no patches available.
[W]
Applying any basic salt state- Works!
[W]
Salt remote commands- Works!
Already implemented in past Hack Weeks
- Amazon Linux 2023
- Raspbian/Raspberry Pi OS 12
- openEuler (22.03)
- openSUSE Leap Micro
- openSUSE Leap 15.5
- SUSE Linux Enterprise 15 SP5
- Ubuntu 22.04
- AlmaLinux9
- Oracle Linux 9
- AlmaLinux8
- Alibaba Cloud Linux 2
- Oracle Linux 6/7/8
- Debian 10/9
Others
Interested on testing other distributions? Ping me and let's try.
[W]
= works
[F]
= Fails
[P]
= in Progress
[I]
= Ignored (state the reason)
Looking for hackers with the skills:
uyuni susemanager distribution linux management testing java bash python terraform cucumber obs documentation salt
This project is part of:
Hack Week 19 Hack Week 20 Hack Week 21 Hack Week 22 Hack Week 23 Hack Week 24
Activity
Comments
-
almost 5 years ago by nicoladm | Reply
Hi, nice project. I was trying to help with the debian 9 onboarding testing https://github.com/uyuni-project/uyuni/issues/1356 since the process is still fairly manual. Looks like mgr-create-bootstrap-repo needs tweaking https://github.com/uyuni-project/uyuni/issues/1495 i am not a developer but i can probably tweak scripts and help with some guidance
-
almost 5 years ago by juliogonzalezgil | Reply
Hi @nicoladm
If that's the only think that's failing, it's not so hard to fix.
The packages to be added to a bootstrap repository by
mgr-create-bootstra-repo
are at https://github.com/uyuni-project/uyuni/blob/master/susemanager/src/mgrbootstrapdata.pyYou just need to add a new variable
PKGLISTDEBIAN9
with the list of packages required to bootstrap with salt (salt itself and all dependencies). Most probably the list will be similar to Ubuntu18.04.Then at
DATA
you need a new entrydebian8-amd64-uyuni
(similar to ubuntu-18.04-amd64-uyuni) using the basechanneldebian-9-pool-amd64
and adapting the rest.And finally, you maybe you will need to adjust https://github.com/uyuni-project/uyuni/tree/master/susemanager-utils/susemanager-sls/salt/bootstrap (specifically
init.sls
) if the bootstrap procedure itself fails to find the repository.It would be good if you can add both Debian9 and Debian10 :-)
-
almost 5 years ago by nicoladm | Reply
systems used: KVM VM openSUSE Leap 15.1 with Uyuni 2020.01 KVM VM debian 9.9 Salt minion version: salt-minion2019.2.0+ds-1all.deb
NOTE: The following repo as mentioned by mateiw on github should contain the patch for salt-minion deb package that suppose to fix the problems related with removing/disabling Debian repos during the bootstrap hence i am using this version salt patch (https://build.opensuse.org/package/show/systemsmanagement:saltstack:products:testing:debian/salt): https://download.opensuse.org/repositories/systemsmanagement:/saltstack:/products:/testing:/debian/Debian_10/
Debian 9 repos synced successfully, created a test/qa channel using the Content lifecycle section and created an activation key (1-qa-debian9-test) with the qa channels added to it.
spacecmd softwarechannel_listchildchannels debian-9-amd64-main-security debian-9-amd64-main-updates debian9-opensuse-salt debian9-servers-qa-debian9-debian-9-amd64-main-security debian9-servers-qa-debian9-debian-9-amd64-main-updates debian9-servers-qa-debian9-debian9-opensuse-salt spacecmd activationkey_listchildchannels 1-qa-debian9-test debian9-servers-qa-debian9-debian-9-amd64-main-security debian9-servers-qa-debian9-debian-9-amd64-main-updates debian9-servers-qa-debian9-debian9-opensuse-salt
After the bootstrap the file pushed by salt is empty.
/etc/apt/sources.list.d/susemanager\:channels.list
First question that is puzzling me: Is it normal that the channels are not subscribed automatically even if the activation key has the debian channells assigned correctly? Has this something to do with the susemanager-sls state you have mentioned right?
I will have a closer look to the below files on the uyuni server tomorrow and start play with them
/usr/share/susemanager/mgr_bootstrap_data.py /usr/sbin/mgr-create-bootstrap-repo
-
almost 5 years ago by juliogonzalezgil | Reply
What's the content of
/etc/apt/sources.list.d/susemanager\:channels.list
> Is it normal that the channels are not subscribed automatically even if the activation key has the debian channells assigned correctly?
Well, if the activation key had the channels assigned BEFORE the onboarding, then that's a bug.
If you add channels to an activation key AFTER the onboarding, then already onboarded clients will not get the channels.
-
almost 5 years ago by nicoladm | Reply
>What's the content of /etc/apt/sources.list.d/susemanager:channels.list
root@debian9-uyuni:~# cat /etc/apt/sources.list/susemanager\:channels.list # Channels managed by SUSE Manager # Do not edit this file, changes will be overwritten
To double check I have tried to deselect and reselect the debian channels from the activation key and bootstrapped again and i can confirm I had the same behaviour - i needed to manually subscribe the channels from Systems --> Debian host --> Software --> Software channels because shown as none, disable service.
Where is the place to raise this bug?
-
almost 5 years ago by juliogonzalezgil | Reply
Did the onboarding complete without issues?
-
almost 5 years ago by nicoladm | Reply
Not yet, at least not automatically.
I am facing like a chicken and the egg situation where i need salt-minion-2019.2.0+ds-1.all-deb to be installed in order for the bootstrap to work properly (disable default debian channels and assign the susemanager channels and so on).
I am looking at the bootstrap script there might be something we need to tweak there as well which is failing with:
pkg_|-salt-minion-package_|-salt-minion_|-latest(retcode=2): No information found for 'salt-minion'. file_|-/etc/salt/minion.d/susemanager.conf_|-/etc/salt/minion.d/susemanager.conf_|-managed(retcode=2): One or more requisite failed: bootstrap.salt-minion-package file_|-/etc/salt/pki/minion/minion.pub_|-/etc/salt/pki/minion/minion.pub_|-managed(retcode=2): One or more requisite failed: bootstrap.salt-minion-package service_|-salt-minion_|-salt-minion_|-running(retcode=2): One or more requisite failed: bootstrap.salt-minion-package, bootstrap./etc/salt/pki/minion/minion.pem, bootstrap./etc/salt/minion.d/susemanager.conf, bootstrap./etc/salt/pki/minion/minion.pub, bootstrap./etc/salt/minion_id file_|-/etc/salt/minion_id_|-/etc/salt/minion_id_|-managed(retcode=2): One or more requisite failed: bootstrap.salt-minion-package file_|-/etc/salt/pki/minion/minion.pem_|-/etc/salt/pki/minion/minion.pem_|-managed(retcode=2): One or more requisite failed: bootstrap.salt-minion-package<\code>
Regarding the mgr-bootstrap i made the changes you suggested to /usr/share/susemanager/mgrbootstrapdata.py and it seems to be working fine:
mgr-create-bootstrap-repo --with-custom-channels 1. SLE-12-SP4-x86_64 2. debian9-amd64-uyuni Enter a number of a product label: 2 Creating bootstrap repo for debian9-amd64-uyuni copy 'libsodium18-1.0.11-2.amd64-deb' copy 'dctrl-tools-2.24-2+b1.amd64-deb' copy 'libzmq5-4.2.1-4+deb9u2.amd64-deb' copy 'python-chardet-2.3.0-2.all-deb' copy 'python-croniter-0.3.12-2.all-deb' copy 'python-crypto-2.6.1-7.amd64-deb' copy 'python-dateutil-2.5.3-2.all-deb' copy 'python-enum34-1.1.6-1.all-deb' copy 'python-ipaddress-1.0.17-1.all-deb' copy 'python-jinja2-2.8-1.all-deb' copy 'python-markupsafe-0.23-3.amd64-deb' copy 'python-minimal-2.7.13-2.amd64-deb' copy 'python-msgpack-0.4.8-1.amd64-deb' copy 'python-openssl-16.2.0-1.all-deb' copy 'python-pkg-resources-33.1.1-1.all-deb' copy 'python-psutil-5.0.1-1.amd64-deb' copy 'python-requests-2.12.4-1.all-deb' copy 'python-six-1.10.0-3.all-deb' copy 'python-systemd-233-1.amd64-deb' copy 'python-tornado-4.4.3-1.amd64-deb' copy 'python-tz-2016.7-0.3.all-deb' copy 'python-urllib3-1.19.1-1.all-deb' copy 'python-yaml-3.12-1.amd64-deb' copy 'python-zmq-16.0.2-2.amd64-deb' copy 'python-pycurl-7.43.0-2.amd64-deb' copy 'salt-common-2019.2.0+ds-1.all-deb' copy 'salt-minion-2019.2.0+ds-1.all-deb' copy 'dmidecode-3.0-4.amd64-deb' Exporting indices... ll /srv/www/htdocs/pub/repositories/debian/9/bootstrap/ total 0 drwxr-xr-x 1 root root 26 Feb 11 23:21 conf drwxr-xr-x 1 root root 154 Feb 11 23:21 db drwxr-xr-x 1 root root 18 Feb 11 23:21 dists drwxr-xr-x 1 root root 8 Feb 11 23:21 pool
-
almost 5 years ago by juliogonzalezgil | Reply
> Is it normal that the channels are not subscribed automatically even if the activation key has the debian channells assigned correctly?
Then in this case, I think it normal. The first thing the bootstraping does is disabling the repositories, and then add the bootstrap repository.
no information found for 'salt-minion'
seems to show that the package was not found, despite I can at the log you offer.First, check that you can find the package at
/srv/www/htdocs/pub/repositories/debian/9/bootstrap/
(most probably you will).If that's the case, then it's time to check the
susemanage-sls
package, as there is where the association between an OS and the bootstrap repository happens, according to the salt grains available during bootstrap (checksusemanager-utils/susemanager-sls/salt/bootstrap/
).Maybe a patch is needed there, most probably at the
init.sls
file.-
almost 5 years ago by juliogonzalezgil | Reply
BTW, if you can join Rocket.chat maybe we'll be able to collaborate faster than only using the website :-)
-
-
-
-
-
-
-
-
almost 5 years ago by juliogonzalezgil | Reply
Having a look at Amazon Linux 2 already :-)
-
almost 4 years ago by juliogonzalezgil | Reply
Just discovered that Amazon Linux 2 is now publishing XML information, and not just sqlite:
http://amazonlinux.default.amazonaws.com/2/core/2.0/x8664/34112b4f91c3e1ecf2b2e90cfd565b12690fa3c6a3e71a5ac19029d2a9bd3869/repodata/repomd.xml http://amazonlinux.default.amazonaws.com/2/core/2.0/x8664/34112b4f91c3e1ecf2b2e90cfd565b12690fa3c6a3e71a5ac19029d2a9bd3869/repodata/primary.xml.gz
So it seems we I will be able to bring this back to life without maybe any changes to reposync.
Plan is reopen my PR, test again, and if it works see if I can fix the product detection (no promisies) and some more stuff.
As for Astra Linux, let's see if I can convince OBS guys to fix the repos they added, so I can enable for Uyuni.
-
-
almost 5 years ago by nicoladm | Reply
@juliogonzalezgil thanks Julio for the suggestions!! will start to do some testing hopefully this afternoon/evening
-
almost 5 years ago by Pharaoh_Atem | Reply
@juliogonzalezgil What about OpenMandriva? They seem interesting...
-
almost 5 years ago by juliogonzalezgil | Reply
@Pharaoh_Atem join and try :-D
So far I will be happy if can complete Amazon Linux, Astra Linux and (maybe) Oracle Linux. No more time during this hackweek :-\
So either for next hackweek, or you (or someone else) can have a look :-)
-
almost 5 years ago by juliogonzalezgil | Reply
For reference, we are using a rocket.chat channel as so far only Nicola and I working on this.
If someone from the community wants to join during this hackweek, we can move to Freenode or Gitter.
-
-
almost 5 years ago by truquaeb | Reply
I'm trying to move away from Spacewalk, but getting stuck with my Fedora clients. It seems there aren't Uyuni client tools built for Fedora, I've got the repo's syncing and salt seems to work, machines are registered. Can't access the susemanager repos. I assume client tools need to be built, but where can I start?
-
almost 5 years ago by juliogonzalezgil | Reply
Well, that depends. New distributions will only support salt (unless community actually takes care of maintaining traditional for them)
You could start by creating an OBS repository based on Fedora and try to build salt there. You can use https://build.opensuse.org/project/show/systemsmanagement:Uyuni:Master:CentOS8-Uyuni-Client-Tools as inspiration.
But I guess we'd also need changes at other packages, so Uyuni is able to recognize this new distribution. My PR to Add Astra Linux (https://github.com/uyuni-project/uyuni/pull/1915) can also be used as insperation (Astra Linux is Debian Based, but even with this in mind, it can be of help).
-
-
almost 4 years ago by pagarcia | Reply
More to add: Alibaba Cloud Linux 2 (WIP here: https://github.com/paususe/uyuni/commits/paususe-aliyun), Alma Linux and Rocky Linux.
-
almost 4 years ago by juliogonzalezgil | Reply
As soon as we have someone to take care of them, I will add them :-)
I understand you want to take care of Alibaba, right @pagarcia?
-
almost 4 years ago by pagarcia | Reply
Yes, I will try to have Alibaba Cloud Linux 2 done before Hackweek even.
-
almost 4 years ago by juliogonzalezgil | Reply
Alibaba Clolud Linux 2 added, with all checkboxes. Please add join the project, using the button above.
If you will also handle Alma, let me know and I'll add it.
-
-
-
-
over 2 years ago by juliogonzalezgil | Reply
Project is updated, in preparation for Hackweek 21.
As always, we can add more distributions if someone wants to work on them. I plan to focus on finishing Ubuntu 22.04, and testing AlmaLinux9 :-)
-
almost 2 years ago by juliogonzalezgil | Reply
For reference, project is now updated with the plans for Hackweek 22.
Same as always, we can add more distributions if someone wants to work on them.
For now the plans are: - OpenEuler - openSUSE Leap Micro and openSUSE MicroOS - openSUSE Leap 15.5 and SLES 15 SP5
-
almost 2 years ago by smflood | Reply
Please can someone correct the SUSE spacewalk GitHub links for openSUSE Leap Micro ( https://github.com/SUSE/spacewalk/issues/20349 and https://github.com/SUSE/spacewalk/issues/20306 ) as they both give "Page not found"
-
almost 2 years ago by juliogonzalezgil | Reply
Yes, I reused things reported for SUSE Manager, and those are private. But they are described at https://github.com/uyuni-project/uyuni/pull/6550
-
-
almost 2 years ago by juliogonzalezgil | Reply
Closing for now, and reopening for next hackweek.
For this hackweek: - Support for SLE1SP5 and openSUSE Leap 15.5 is added (pending merging) - Support for openSUSE Leap Micro 5.3 is almost there, we just need a fix for the bootstrap problem to have the basic stuff (under research), and then the other fixes that are common for SLE Micro as well. - Support for openSUSE MicroOS is not there, but we'll see if we can get the bundle built in the next few months, as PoC.
-
about 1 year ago by deneb_alpha | Reply
hello @juliogonzalezgil, for this hackweek I would like to work on adding Zorin OS. In particular I would like to enable the Education version.
Some details:
- https://help.zorin.com/docs/getting-started/system-requirements/
- https://zorin.com/os/education/
It's a distro based on Ubuntu. This is the /etc/os-release:
- NAME="Zorin OS"
- VERSION="16.3"
- ID=zorin
- ID_LIKE=ubuntu
- PRETTY_NAME="Zorin OS 16.3"
- VERSION_ID="16"
- HOME_URL="https://zorin.com/os/"
- SUPPORT_URL="https://help.zorin.com/"
- BUGREPORTURL="https://zorin.com/os/feedback/"
- PRIVACYPOLICYURL="https://zorin.com/legal/privacy/"
- VERSION_CODENAME=focal
- UBUNTU_CODENAME=focal
-
about 1 year ago by juliogonzalezgil | Reply
Just for reference, the project is updated and ready for Hackweek 23. But if anyone wants to explore more OS, please add comments, as @deneb_alpha did :-)
-
about 1 year ago by juliogonzalezgil | Reply
Completed this hack week: - Amazon Linux 2023 - Raspberry Pi OS 12
Progress on: - openEuler - openSUSE Tumbleweed and openSUSE MicroOS (PoC)
-
2 months ago by juliogonzalezgil | Reply
For awareness: I updated the project for Hack Week 24.
As usual: if anyone wants to explore more OS, rather than those suggested, just comment here :-)
-
about 1 month ago by juliogonzalezgil | Reply
Progress for me:
- Code and doc for openSUSE Leap 16.0, done (links at the desc above). With that, a bug report to agama, one fix for the uyuni site, one for the doc, one problem reported to the openSUSE Leap releng about
/etc/os-release
for Leap. - openSUSE Tumbleweed and MicroOS, did some extra testing, but could not complete what was done last year. SELinux breaks the bundle at MicrOOS, and probably at Tumbleweed (Tumbleweed does not enable it by default)
- Helped a bit Raul with FUSS, and a bit Marina with Zorin OS.
- Code and doc for openSUSE Leap 16.0, done (links at the desc above). With that, a bug report to agama, one fix for the uyuni site, one for the doc, one problem reported to the openSUSE Leap releng about
-
about 1 month ago by raulosuna | Reply
Work during the hackweek regarding FUSS:
- Reposync working
- Onboarding works from the UI. Need to test bootstrap script and salt-ssh minion
- Installing a new package works. Need to test updates and removals.
- Everything else needs to be tested, but being a 1:1 clone of Debian 12 I don't expect any issues.
Hope to be able to continue work during next Learning Tuesday (Dec. 3rd). PR (draft): https://github.com/uyuni-project/uyuni/pull/9502
-
about 1 month ago by deneb_alpha | Reply
I didn't have a complete week to focus on hackweek due to some releases to be done at the beginning of the week.
For the Zorin OS 17.2 support, this is where we are now:
- research how the OS is designed (3 "flavors" with different set of packages) The "base OS" is Ubuntu 22.04 but they enhance it with additional repos and more updated packages.
- The salt bundle used for Ubuntu 22.04 works for installing/removing/searching packages, but salt needs a patch.
- I researched how to contribute to salt and what to change in the code for supporting Zorin OS. The patch is ready and the code works locally. the patch needs to be finalized with tests and submitted to upstream salt. The channels changes are ready, there are several additional repos to be added and a few more additional GPG keys too.
Initial draft PR: https://github.com/uyuni-project/uyuni/pull/9510
I'll continue to work on it during the next Learning Tuesday (Dec 3rd) The initial work will be presented at the next Uyuni Community Hours on Nov 28th.
Similar Projects
Uyuni developer-centric documentation by deneb_alpha
Description
While we currently have extensive documentation on user-oriented tasks such as adding minions, patching, fine-tuning, etc, there is a notable gap when it comes to centralizing and documenting core functionalities for developers.
The number of functionalities and side tools we have in Uyuni can be overwhelming. It would be nice to have a centralized place with descriptive list of main/core functionalities.
Goals
Create, aggregate and review on the Uyuni wiki a set of resources, focused on developers, that include also some known common problems/troubleshooting.
The documentation will be helpful not only for everyone who is trying to learn the functionalities with all their inner processes like newcomer developers or community enthusiasts, but also for anyone who need a refresh.
Resources
The resources are currently aggregated here: https://github.com/uyuni-project/uyuni/wiki
Saline (state deployment control and monitoring tool for SUSE Manager/Uyuni) by vizhestkov
Project Description
Saline is an addition for salt used in SUSE Manager/Uyuni aimed to provide better control and visibility for states deploymend in the large scale environments.
In current state the published version can be used only as a Prometheus exporter and missing some of the key features implemented in PoC (not published). Now it can provide metrics related to salt events and state apply process on the minions. But there is no control on this process implemented yet.
Continue with implementation of the missing features and improve the existing implementation:
authentication (need to decide how it should be/or not related to salt auth)
web service providing the control of states deployment
Goal for this Hackweek
Implement missing key features
Implement the tool for state deployment control with CLI
Resources
https://github.com/openSUSE/saline
Create SUSE Manager users from ldap/ad groups by mbrookhuis
Description
This tool is used to create users in SUSE Manager Server based on LDAP/AD groups. For each LDAP/AD group a role within SUSE Manager Server is defined. Also, the tool will check if existing users still have the role they should have, and, if not, it will be corrected. The same for if a user is disabled, it will be enabled again. If a users is not present in the LDAP/AD groups anymore, it will be disabled or deleted, depending on the configuration.
The code is written for Python 3.6 (the default with SLES15.x), but will also work with newer versions. And works against SUSE Manger 4.3 and 5.x
Goals
Create a python and/or golang utility that will manage users in SUSE Manager based on LDAP/AD group-membership. In a configuration file is defined which roles the members of a group will get.
Table of contents
Installation
To install this project, perform the following steps:
- Be sure that python 3.6 is installed and also the module python3-PyYAML. Also the ldap3 module is needed:
bash
zypper in python3 python3-PyYAML
pip install yaml
On the server or PC, where it should run, create a directory. On linux, e.g. /opt/sm-ldap-users
Copy all the file to this directory.
Edit the configsm.yaml. All parameters should be entered. Tip: for the ldap information, the best would be to use the same as for SSSD.
Be sure that the file sm-ldap-users.py is executable. It would be good to change the owner to root:root and only root can read and execute:
bash
chmod 600 *
chmod 700 sm-ldap-users.py
chown root:root *
Usage
This is very simple. Once the configsm.yaml contains the correct information, executing the following will do the magic:
bash
/sm-ldap-users.py
repository link
https://github.com/mbrookhuis/sm-ldap-users
Edge Image Builder and mkosi for Uyuni by oholecek
Description
One part of Uyuni system management tool is ability to build custom images. Currently Uyuni supports only Kiwi image builder.
Kiwi however is not the only image building system out there and with the goal to also become familiar with other systems, this projects aim to add support for Edge Image builder and systemd's mkosi systems.
Goals
Uyuni is able to
- provision EIB and mkosi build hosts
- build EIB and mkosi images and store them
Resources
- Uyuni - https://github.com/uyuni-project/uyuni
- Edge Image builder - https://github.com/suse-edge/edge-image-builder
- mkosi - https://github.com/systemd/mkosi
Saltboot ability to deploy OEM images by oholecek
Description
Saltboot is a system deployment part of Uyuni. It is the mechanism behind deploying Kiwi built system images from central Uyuni server location.
System image is when the image is only of one partition and does not contain whole disk image and deployment system has to take care of partitioning, fstab on top of integrity validation.
However systems like Aeon, SUSE Linux Enterprise Micro and similar are distributed as disk images (also so called OEM images). Saltboot currently cannot deploy these systems.
The main problem to saltboot is however that currently saltboot support is built into the image itself. This step is not desired when using OEM images.
Goals
Saltboot needs to be standalone and be able to deploy OEM images. Responsibility of saltboot would then shrink to selecting correct image, image integrity validation, deployment and boot to deployed system.
Resources
- Saltboot - https://github.com/uyuni-project/retail/tree/master
- Uyuni - https://github.com/uyuni-project/uyuni
Saline (state deployment control and monitoring tool for SUSE Manager/Uyuni) by vizhestkov
Project Description
Saline is an addition for salt used in SUSE Manager/Uyuni aimed to provide better control and visibility for states deploymend in the large scale environments.
In current state the published version can be used only as a Prometheus exporter and missing some of the key features implemented in PoC (not published). Now it can provide metrics related to salt events and state apply process on the minions. But there is no control on this process implemented yet.
Continue with implementation of the missing features and improve the existing implementation:
authentication (need to decide how it should be/or not related to salt auth)
web service providing the control of states deployment
Goal for this Hackweek
Implement missing key features
Implement the tool for state deployment control with CLI
Resources
https://github.com/openSUSE/saline
Create SUSE Manager users from ldap/ad groups by mbrookhuis
Description
This tool is used to create users in SUSE Manager Server based on LDAP/AD groups. For each LDAP/AD group a role within SUSE Manager Server is defined. Also, the tool will check if existing users still have the role they should have, and, if not, it will be corrected. The same for if a user is disabled, it will be enabled again. If a users is not present in the LDAP/AD groups anymore, it will be disabled or deleted, depending on the configuration.
The code is written for Python 3.6 (the default with SLES15.x), but will also work with newer versions. And works against SUSE Manger 4.3 and 5.x
Goals
Create a python and/or golang utility that will manage users in SUSE Manager based on LDAP/AD group-membership. In a configuration file is defined which roles the members of a group will get.
Table of contents
Installation
To install this project, perform the following steps:
- Be sure that python 3.6 is installed and also the module python3-PyYAML. Also the ldap3 module is needed:
bash
zypper in python3 python3-PyYAML
pip install yaml
On the server or PC, where it should run, create a directory. On linux, e.g. /opt/sm-ldap-users
Copy all the file to this directory.
Edit the configsm.yaml. All parameters should be entered. Tip: for the ldap information, the best would be to use the same as for SSSD.
Be sure that the file sm-ldap-users.py is executable. It would be good to change the owner to root:root and only root can read and execute:
bash
chmod 600 *
chmod 700 sm-ldap-users.py
chown root:root *
Usage
This is very simple. Once the configsm.yaml contains the correct information, executing the following will do the magic:
bash
/sm-ldap-users.py
repository link
https://github.com/mbrookhuis/sm-ldap-users
Improve Development Environment on Uyuni by mbussolotto
Description
Currently create a dev environment on Uyuni might be complicated. The steps are:
- add the correct repo
- download packages
- configure your IDE (checkstyle, format rules, sonarlint....)
- setup debug environment
- ...
The current doc can be improved: some information are hard to be find out, some others are completely missing.
Dev Container might solve this situation.
Goals
Uyuni development in no time:
- using VSCode:
- setting.json should contains all settings (for all languages in Uyuni, with all checkstyle rules etc...)
- dev container should contains all dependencies
- setup debug environment
- implement a GitHub Workspace solution
- re-write documentation
Lots of pieces are already implemented: we need to connect them in a consistent solution.
Resources
- https://github.com/uyuni-project/uyuni/wiki
Explore simple and distro indipendent declarative Linux starting on Tumbleweed or Arch Linux by janvhs
Description
Inspired by mkosi the idea is to experiment with a declarative approach of defining Linux systems. A lot of tools already make it possible to manage the systems infrastructure by using description files, rather than manual invocation. An example for this are systemd presets for managing enabled services or the /etc/fstab
file for describing how partitions should be mounted.
If we would take inspiration from openSUSE MicroOS and their handling of the /etc/
directory, we could theoretically use systemd-sysupdate
to swap out the /usr/
partition and create an A/B boot scheme, where the /usr/
partition is always freshly built according to a central system description. In the best case it would be possible to still utilise snapshots, but an A/B root scheme would be sufficient for the beginning. This way you could get the benefit of NixOS's declarative system definition, but still use the distros package repositories and don't have to deal with the overhead of Flakes or the Nix language.
Goals
- A simple and understandable system
- Check fitness of
mkosi
or write a simple extensible image builder tool for it - Create a declarative system specification
- Create a system with swappable
/usr/
partition - Create an A/B root scheme
- Swap to the new system without reboot (kexec?)
Resources
- Ideas that have been floating around in my head for a while
- https://0pointer.net/blog/fitting-everything-together.html
- GNOME OS
- MicroOS
- systemd mkosi
- Vanilla OS
Switch software-o-o to parse repomd data by hennevogel
Currently software.opensuse.org search is using the OBS binary search for everything, even for packages inside the openSUSE distributions. Let's switch this to use repomd data from download.opensuse.org
toptop - a top clone written in Go by dshah
Description
toptop
is a clone of Linux's top
CLI tool, but written in Go.
Goals
Learn more about Go (mainly bubbletea) and Linux
Resources
Explore simple and distro indipendent declarative Linux starting on Tumbleweed or Arch Linux by janvhs
Description
Inspired by mkosi the idea is to experiment with a declarative approach of defining Linux systems. A lot of tools already make it possible to manage the systems infrastructure by using description files, rather than manual invocation. An example for this are systemd presets for managing enabled services or the /etc/fstab
file for describing how partitions should be mounted.
If we would take inspiration from openSUSE MicroOS and their handling of the /etc/
directory, we could theoretically use systemd-sysupdate
to swap out the /usr/
partition and create an A/B boot scheme, where the /usr/
partition is always freshly built according to a central system description. In the best case it would be possible to still utilise snapshots, but an A/B root scheme would be sufficient for the beginning. This way you could get the benefit of NixOS's declarative system definition, but still use the distros package repositories and don't have to deal with the overhead of Flakes or the Nix language.
Goals
- A simple and understandable system
- Check fitness of
mkosi
or write a simple extensible image builder tool for it - Create a declarative system specification
- Create a system with swappable
/usr/
partition - Create an A/B root scheme
- Swap to the new system without reboot (kexec?)
Resources
- Ideas that have been floating around in my head for a while
- https://0pointer.net/blog/fitting-everything-together.html
- GNOME OS
- MicroOS
- systemd mkosi
- Vanilla OS
Contributing to Linux Kernel security by pperego
Description
A couple of weeks ago, I found this blog post by Gustavo Silva, a Linux Kernel contributor.
I always strived to start again into hacking the Linux Kernel, so I asked Coverity scan dashboard access and I want to contribute to Linux Kernel by fixing some minor issues.
I want also to create a Linux Kernel fuzzing lab using qemu and syzkaller
Goals
- Fix at least 2 security bugs
- Create the fuzzing lab and having it running
The story so far
- Day 1: setting up a virtual machine for kernel development using Tumbleweed. Reading a lot of documentation, taking confidence with Coverity dashboard and with procedures to submit a kernel patch
- Day 2: I read really a lot of documentation and I triaged some findings on Coverity SAST dashboard. I have to confirm that SAST tool are great false positives generator, even for low hanging fruits.
- Day 3: Working on trivial changes after I read this blog post:
https://www.toblux.com/posts/2024/02/linux-kernel-patches.html. I have to take confidence
with the patch preparation and submit process yet.
- First trivial patch sent: using strtruefalse() macro instead of hard-coded strings in a staging driver for a lcd display
- Fix for a dereference before null check issue discovered by Coverity (CID 1601566) https://scan7.scan.coverity.com/#/project-view/52110/11354?selectedIssue=1601566
- Day 4: Triaging more issues found by Coverity.
- The patch for CID 1601566 was refused. The check against the NULL pointer was pointless so I prepared a version 2 of the patch removing the check.
- Fixed another dereference before NULL check in iwlmvmparsewowlaninfo_notif() routine (CID 1601547). This one was already submitted by another kernel hacker :(
- Day 5: Wrapping up. I had to do some minor rework on patch for CID 1601566. I found a stalker bothering me in private emails and people I interacted with me, advised he is a well known bothering person. Markus Elfring for the record.
Wrapping up: being back doing kernel hacking is amazing and I don't want to stop it. My battery pack is completely drained but changing the scope gave me a great twist and I really want to feel this energy not doing a single task for months.
I failed in setting up a fuzzing lab but I was too optimistic for the patch submission process.
The patches
VulnHeap by r1chard-lyu
Description
The VulnHeap project is dedicated to the in-depth analysis and exploitation of vulnerabilities within heap memory management. It focuses on understanding the intricate workflow of heap allocation, chunk structures, and bin management, which are essential to identifying and mitigating security risks.
Goals
- Familiarize with heap
- Heap workflow
- Chunk and bin structure
- Vulnerabilities
- Vulnerability
- Use after free (UAF)
- Heap overflow
- Double free
- Use Docker to create a vulnerable environment and apply techniques to exploit it
Resources
- https://heap-exploitation.dhavalkapil.com/divingintoglibc_heap
- https://raw.githubusercontent.com/cloudburst/libheap/master/heap.png
- https://github.com/shellphish/how2heap?tab=readme-ov-file
Hack on isotest-ng - a rust port of isotovideo (os-autoinst aka testrunner of openQA) by szarate
Description
Some time ago, I managed to convince ByteOtter to hack something that resembles isotovideo but in Rust, not because I believe that Perl is dead, but more because there are certain limitations in the perl code (how it was written), and its always hard to add new functionalities when they are about implementing a new backend, or fixing bugs (Along with people complaining that Perl is dead, and that they don't like it)
In reality, I wanted to see if this could be done, and ByteOtter proved that it could be, while doing an amazing job at hacking a vnc console, and helping me understand better what RuPerl needs to work.
I plan to keep working on this for the next few years, and while I don't aim for feature completion or replacing isotovideo tih isotest-ng (name in progress), I do plan to be able to use it on a daily basis, using specialized tooling with interfaces, instead of reimplementing everything in the backend
Todo
- Add
make
targets for testability, e.g "spawn qemu and type" - Add image search matching algorithm
- Add a Null test distribution provider
- Add a Perl Test Distribution Provider
- Fix unittests https://github.com/os-autoinst/isotest-ng/issues/5
- Research OpenTofu how to add new hypervisors/baremetal to OpenTofu
- Add an interface to openQA cli
Goals
- Implement at least one of the above, prepare proposals for GSoC
- Boot a system via it's BMC
Resources
See https://github.com/os-autoinst/isotest-ng
Make more sense of openQA test results using AI by livdywan
Description
AI has the potential to help with something many of us spend a lot of time doing which is making sense of openQA logs when a job fails.
User Story
Allison Average has a puzzled look on their face while staring at log files that seem to make little sense. Is this a known issue, something completely new or maybe related to infrastructure changes?
Goals
- Leverage a chat interface to help Allison
- Create a model from scratch based on data from openQA
- Proof of concept for automated analysis of openQA test results
Bonus
- Use AI to suggest solutions to merge conflicts
- This would need a merge conflict editor that can suggest solving the conflict
- Use image recognition for needles
Resources
Timeline
Day 1
- Conversing with open-webui to teach me how to create a model based on openQA test results
- Asking for example code using TensorFlow in Python
- Discussing log files to explore what to analyze
- Drafting a new project called Testimony (based on Implementing a containerized Python action) - the project name was also suggested by the assistant
Day 2
- Using NotebookLLM (Gemini) to produce conversational versions of blog posts
- Researching the possibility of creating a project logo with AI
- Asking open-webui, persons with prior experience and conducting a web search for advice
Highlights
- I briefly tested compared models to see if they would make me more productive. Between llama, gemma and mistral there was no amazing difference in the results for my case.
- Convincing the chat interface to produce code specific to my use case required very explicit instructions.
- Asking for advice on how to use open-webui itself better was frustratingly unfruitful both in trivial and more advanced regards.
- Documentation on source materials used by LLM's and tools for this purpose seems virtually non-existent - specifically if a logo can be generated based on particular licenses
Outcomes
- Chat interface-supported development is providing good starting points and open-webui being open source is more flexible than Gemini. Although currently some fancy features such as grounding and generated podcasts are missing.
- Allison still has to be very experienced with openQA to use a chat interface for test review. Publicly available system prompts would make that easier, though.
Automated Test Report reviewer by oscar-barrios
Description
In SUMA/Uyuni team we spend a lot of time reviewing test reports, analyzing each of the test cases failing, checking if the test is a flaky test, checking logs, etc.
Goals
Speed up the review by automating some parts through AI, in a way that we can consume some summary of that report that could be meaningful for the reviewer.
Resources
No idea about the resources yet, but we will make use of:
- HTML/JSON Report (text + screenshots)
- The Test Suite Status GithHub board (via API)
- The environment tested (via SSH)
- The test framework code (via files)
Drag Race - comparative performance testing for pull requests by balanza
Description
«Sophia, a backend developer, submitted a pull request with optimizations for a critical database query. Once she pushed her code, an automated load test ran, comparing her query against the main branch. Moments later, she saw a new comment automatically added to her PR: the comparison results showed reduced execution time and improved efficiency. Smiling, Sophia messaged her team, “Performance gains confirmed!”»
Goals
- To have a convenient and ergonomic framework to describe test scenarios, including environment and seed;
- to compare results from different tests
- to have a GitHub action that executes such tests on a CI environment
Resources
The MVP will be built on top of Preevy and K6.
Yearly Quality Engineering Ask me Anything - AMA for not-engineering by szarate
Goal
Get a closer look at how developers work on the Engineering team (R & D) of SUSE, and close the collaboration gap between GSI and Engineering
Why?
Santiago can go over different development workflows, and can do a deepdive into how Quality Engineering works (think of my QE Team, the advocates for your customers), The idea of this session is to help open the doors to opportunities for collaboration, and broaden our understanding of SUSE as a whole.
Objectives
- Give $audience a small window on how to get some questions answered either on the spot or within days of how some things at engineering are done
- Give Santiago Zarate from Quality Engineering a look into how $audience sees the engineering departments, and find out possibilities of further collaboration
How?
By running an "Ask me Anything" session, which is a format of a kind of open Q & A session, where participants ask the host multiple questions.
How to make it happen?
I'm happy to help joining a call or we can do it async (online/in person is more fun). Ping me over email-slack and lets make the magic happen!. Doesn't need to be during hackweek, but we gotta kickstart the idea during hackweek ;)
Rules
The rules are simple, the more questions the more fun it will be; while this will be only a window into engineering, it can also be the place to help all of us get to a similar level of understanding of the processes that are behind our respective areas of the organization.
Dynamics
The host will be monitoring the questions on some pre-agreed page, and try to answer to the best of their knowledge, if a question is too difficult or the host doesn't have the answer, he will do his best to provide an answer at a later date.
Atendees are encouraged to add questions beforehand; in the case there aren't any, we would be looking at how Quality Engineering tests new products or performs regression tests
Agenda
- Introduction of Santiago Zarate, Product Owner of Quality Engineering Core team
- Introduction of the Group/Team/Persons interested
- Ice breaker
- AMA time! Add your questions $PAGE
- Looking at QE Workflows: How is
- A maintenance update being tested before being released to our customers
- Products in development are tested before making it generally available
- Engineering Opportunity Board
SUSE AI Meets the Game Board by moio
Use tabletopgames.ai’s open source TAG and PyTAG frameworks to apply Statistical Forward Planning and Deep Reinforcement Learning to two board games of our own design. On an all-green, all-open source, all-AWS stack!
Results: Infrastructure Achievements
We successfully built and automated a containerized stack to support our AI experiments. This included:
- a Fully-Automated, One-Command, GPU-accelerated Kubernetes setup: we created an OpenTofu based script, tofu-tag, to deploy SUSE's RKE2 Kubernetes running on CUDA-enabled nodes in AWS, powered by openSUSE with GPU drivers and gpu-operator
- Containerization of the TAG and PyTAG frameworks: TAG (Tabletop AI Games) and PyTAG were patched for seamless deployment in containerized environments. We automated the container image creation process with GitHub Actions. Our forks (PRs upstream upcoming):
./deploy.sh
and voilà - Kubernetes running PyTAG (k9s
, above) with GPU acceleration (nvtop
, below)
Results: Game Design Insights
Our project focused on modeling and analyzing two card games of our own design within the TAG framework:
- Game Modeling: We implemented models for Dario's "Bamboo" and Silvio's "Totoro" and "R3" games, enabling AI agents to play thousands of games ...in minutes!
- AI-driven optimization: By analyzing statistical data on moves, strategies, and outcomes, we iteratively tweaked the game mechanics and rules to achieve better balance and player engagement.
- Advanced analytics: Leveraging AI agents with Monte Carlo Tree Search (MCTS) and random action selection, we compared performance metrics to identify optimal strategies and uncover opportunities for game refinement .
- more about Bamboo on Dario's site
- more about R3 on Silvio's site (italian, translation coming)
- more about Totoro on Silvio's site
A family picture of our card games in progress. From the top: Bamboo, Totoro, R3
Results: Learning, Collaboration, and Innovation
Beyond technical accomplishments, the project showcased innovative approaches to coding, learning, and teamwork:
- "Trio programming" with AI assistance: Our "trio programming" approach—two developers and GitHub Copilot—was a standout success, especially in handling slightly-repetitive but not-quite-exactly-copypaste tasks. Java as a language tends to be verbose and we found it to be fitting particularly well.
- AI tools for reporting and documentation: We extensively used AI chatbots to streamline writing and reporting. (Including writing this report! ...but this note was added manually during edit!)
- GPU compute expertise: Overcoming challenges with CUDA drivers and cloud infrastructure deepened our understanding of GPU-accelerated workloads in the open-source ecosystem.
- Game design as a learning platform: By blending AI techniques with creative game design, we learned not only about AI strategies but also about making games fun, engaging, and balanced.
Last but not least we had a lot of fun! ...and this was definitely not a chatbot generated line!
The Context: AI + Board Games
ClusterOps - Easily install and manage your personal kubernetes cluster by andreabenini
Description
ClusterOps is a Kubernetes installer and operator designed to streamline the initial configuration
and ongoing maintenance of kubernetes clusters. The focus of this project is primarily on personal
or local installations. However, the goal is to expand its use to encompass all installations of
Kubernetes for local development purposes.
It simplifies cluster management by automating tasks and providing just one user-friendly YAML-based
configuration config.yml
.
Overview
- Simplified Configuration: Define your desired cluster state in a simple YAML file, and ClusterOps will handle the rest.
- Automated Setup: Automates initial cluster configuration, including network settings, storage provisioning, special requirements (for example GPUs) and essential components installation.
- Ongoing Maintenance: Performs routine maintenance tasks such as upgrades, security updates, and resource monitoring.
- Extensibility: Easily extend functionality with custom plugins and configurations.
- Self-Healing: Detects and recovers from common cluster issues, ensuring stability, idempotence and reliability. Same operation can be performed multiple times without changing the result.
- Discreet: It works only on what it knows, if you are manually configuring parts of your kubernetes and this configuration does not interfere with it you can happily continue to work on several parts and use this tool only for what is needed.
Features
- distribution and engine independence. Install your favorite kubernetes engine with your package
manager, execute one script and you'll have a complete working environment at your disposal.
- Basic config approach. One single
config.yml
file with configuration requirements (add/remove features): human readable, plain and simple. All fancy configs managed automatically (ingress, balancers, services, proxy, ...). - Local Builtin ContainerHub. The default installation provides a fully configured ContainerHub available locally along with the kubernetes installation. This configuration allows the user to build, upload and deploy custom container images as they were provided from external sources. Internet public sources are still available but local development can be kept in this localhost server. Builtin ClusterOps operator will be fetched from this ContainerHub registry too.
- Kubernetes official dashboard installed as a plugin, others planned too (k9s for example).
- Kubevirt plugin installed and properly configured. Unleash the power of classic virtualization (KVM+QEMU) on top of Kubernetes and manage your entire system from there, libvirtd and virsh libs are required.
- One operator to rule them all. The installation script configures your machine automatically during installation and adds one kubernetes operator to manage your local cluster. From there the operator takes care of the cluster on your behalf.
- Clean installation and removal. Just test it, when you are done just use the same program to uninstall everything without leaving configs (or pods) behind.
Planned features (Wishlist / TODOs)
- Containerized Data Importer (CDI). Persistent storage management add-on for Kubernetes to provide a declarative way of building and importing Virtual Machine Disks on PVCs for
Run local LLMs with Ollama and explore possible integrations with Uyuni by PSuarezHernandez
Description
Using Ollama you can easily run different LLM models in your local computer. This project is about exploring Ollama, testing different LLMs and try to fine tune them. Also, explore potential ways of integration with Uyuni.
Goals
- Explore Ollama
- Test different models
- Fine tuning
- Explore possible integration in Uyuni
Resources
- https://ollama.com/
- https://huggingface.co/
- https://apeatling.com/articles/part-2-building-your-training-data-for-fine-tuning/
Ansible for add-on management by lmanfredi
Description
Machines can contains various combinations of add-ons and are often modified during the time.
The list of repos can change so I would like to create an automation able to reset the status to a given state, based on metadata available for these machines
Goals
Create an Ansible automation able to take care of add-on (repo list) configuration using metadata as reference
Resources
- Machines
- Repositories
- Developing modules
- Basic VM Guest management
- Module
zypper_repository_list
- ansible-collections community.general
Results
Created WIP project Ansible-add-on-openSUSE
Symbol Relations by hli
Description
There are tools to build function call graphs based on parsing source code, for example, cscope
.
This project aims to achieve a similar goal by directly parsing the disasembly (i.e. objdump) of a compiled binary. The assembly code is what the CPU sees, therefore more "direct". This may be useful in certain scenarios, such as gdb/crash debugging.
Detailed description and Demos can be found in the README file:
Supports x86 for now (because my customers only use x86 machines), but support for other architectures can be added easily.
Tested with python3.6
Goals
Any comments are welcome.
Resources
https://github.com/lhb-cafe/SymbolRelations
symrellib.py: mplements the symbol relation graph and the disassembly parser
symrel_tracer*.py: implements tracing (-t option)
symrel.py: "cli parser"
Team Hedgehogs' Data Observability Dashboard by gsamardzhiev
Description
This project aims to develop a comprehensive Data Observability Dashboard that provides r insights into key aspects of data quality and reliability. The dashboard will track:
Data Freshness: Monitor when data was last updated and flag potential delays.
Data Volume: Track table row counts to detect unexpected surges or drops in data.
Data Distribution: Analyze data for null values, outliers, and anomalies to ensure accuracy.
Data Schema: Track schema changes over time to prevent breaking changes.
The dashboard's aim is to support historical tracking to support proactive data management and enhance data trust across the data function.
Goals
Although the final goal is to create a power bi dashboard that we are able to monitor, our goals is to 1. Create the necessary tables that track the relevant metadata about our current data 2. Automate the process so it runs in a timely manner
Resources
AWS Redshift; AWS Glue, Airflow, Python, SQL
Why Hedgehogs?
Because we like them.
terraform-provider-feilong by e_bischoff
Project Description
People need to test operating systems and applications on s390 platform.
Installation from scratch solutions include:
- just deploy and provision manually (with the help of
ftpboot
script, if you are at SUSE) - use
s3270
terminal emulation (used byopenQA
people?) - use
LXC
from IBM to start CP commands and analyze the results - use
zPXE
to do some PXE-alike booting (used by theorthos
team?) - use
tessia
to install from scratch using autoyast - use
libvirt
for s390 to do some nested virtualization on some already deployed z/VM system - directly install a Linux kernel on a LPAR and use
kvm
+libvirt
from there
Deployment from image solutions include:
- use
ICIC
web interface (openstack
in disguise, contributed by IBM) - use
ICIC
from theopenstack
terraform
provider (used byRancher
QA) - use
zvm_ansible
to controlSMAPI
- connect directly to
SMAPI
low-level socket interface
IBM Cloud Infrastructure Center (ICIC
) harnesses the Feilong API, but you can use Feilong
without installing ICIC
, provided you set up a "z/VM cloud connector" into one of your VMs following this schema.
What about writing a terraform Feilong
provider, just like we have the terraform
libvirt
provider? That would allow to transparently call Feilong
from your main.tf files to deploy and destroy resources on your system/z.
Other Feilong-based solutions include:
- make
libvirt
Feilong-aware - simply call
Feilong
from shell scripts withcurl
- use
zvmconnector
client python library from Feilong - use
zthin
part of Feilong to directly commandSMAPI
.
Goal for Hackweek 23
My final goal is to be able to easily deploy and provision VMs automatically on a z/VM system, in a way that people might enjoy even outside of SUSE.
My technical preference is to write a terraform provider plugin, as it is the approach that involves the least software components for our deployments, while remaining clean, and compatible with our existing development infrastructure.
Goals for Hackweek 24
Feilong provider works and is used internally by SUSE Manager team. Let's push it forward!
Let's add support for fiberchannel disks and multipath.
Goals for Hackweek 25
- Finish support for fiberchannel disks and multipath
- Fix problems with registration on hashicorp providers registry
Rancher/k8s Trouble-Maker by tonyhansen
Project Description
When studying for my RHCSA, I found trouble-maker, which is a program that breaks a Linux OS and requires you to fix it. I want to create something similar for Rancher/k8s that can allow for troubleshooting an unknown environment.
Goal for this Hackweek
Create a basic framework for creating Rancher/k8s cluster lab environments as needed for the Break/Fix Create at least 5 modules that can be applied to the cluster and require troubleshooting
Resources
https://github.com/rancher/terraform-provider-rancher2 https://github.com/rancher/tf-rancher-up
SUSE AI Meets the Game Board by moio
Use tabletopgames.ai’s open source TAG and PyTAG frameworks to apply Statistical Forward Planning and Deep Reinforcement Learning to two board games of our own design. On an all-green, all-open source, all-AWS stack!
Results: Infrastructure Achievements
We successfully built and automated a containerized stack to support our AI experiments. This included:
- a Fully-Automated, One-Command, GPU-accelerated Kubernetes setup: we created an OpenTofu based script, tofu-tag, to deploy SUSE's RKE2 Kubernetes running on CUDA-enabled nodes in AWS, powered by openSUSE with GPU drivers and gpu-operator
- Containerization of the TAG and PyTAG frameworks: TAG (Tabletop AI Games) and PyTAG were patched for seamless deployment in containerized environments. We automated the container image creation process with GitHub Actions. Our forks (PRs upstream upcoming):
./deploy.sh
and voilà - Kubernetes running PyTAG (k9s
, above) with GPU acceleration (nvtop
, below)
Results: Game Design Insights
Our project focused on modeling and analyzing two card games of our own design within the TAG framework:
- Game Modeling: We implemented models for Dario's "Bamboo" and Silvio's "Totoro" and "R3" games, enabling AI agents to play thousands of games ...in minutes!
- AI-driven optimization: By analyzing statistical data on moves, strategies, and outcomes, we iteratively tweaked the game mechanics and rules to achieve better balance and player engagement.
- Advanced analytics: Leveraging AI agents with Monte Carlo Tree Search (MCTS) and random action selection, we compared performance metrics to identify optimal strategies and uncover opportunities for game refinement .
- more about Bamboo on Dario's site
- more about R3 on Silvio's site (italian, translation coming)
- more about Totoro on Silvio's site
A family picture of our card games in progress. From the top: Bamboo, Totoro, R3
Results: Learning, Collaboration, and Innovation
Beyond technical accomplishments, the project showcased innovative approaches to coding, learning, and teamwork:
- "Trio programming" with AI assistance: Our "trio programming" approach—two developers and GitHub Copilot—was a standout success, especially in handling slightly-repetitive but not-quite-exactly-copypaste tasks. Java as a language tends to be verbose and we found it to be fitting particularly well.
- AI tools for reporting and documentation: We extensively used AI chatbots to streamline writing and reporting. (Including writing this report! ...but this note was added manually during edit!)
- GPU compute expertise: Overcoming challenges with CUDA drivers and cloud infrastructure deepened our understanding of GPU-accelerated workloads in the open-source ecosystem.
- Game design as a learning platform: By blending AI techniques with creative game design, we learned not only about AI strategies but also about making games fun, engaging, and balanced.
Last but not least we had a lot of fun! ...and this was definitely not a chatbot generated line!
The Context: AI + Board Games
Contribute to terraform-provider-libvirt by pinvernizzi
Description
The SUSE Manager (SUMA) teams' main tool for infrastructure automation, Sumaform, largely relies on terraform-provider-libvirt. That provider is also widely used by other teams, both inside and outside SUSE.
It would be good to help the maintainers of this project and give back to the community around it, after all the amazing work that has been already done.
If you're interested in any of infrastructure automation, Terraform, virtualization, tooling development, Go (...) it is also a good chance to learn a bit about them all by putting your hands on an interesting, real-use-case and complex project.
Goals
- Get more familiar with Terraform provider development and libvirt bindings in Go
- Solve some issues and/or implement some features
- Get in touch with the community around the project
Resources
- CONTRIBUTING readme
- Go libvirt library in use by the project
- Terraform plugin development
- "Good first issue" list
New features in openqa-trigger-from-obs for openQA by jlausuch
Description
Implement new features in openqa-trigger-from-obs to make xml more flexible.
Goals
One of the features to be implemented: - Possibility to define "VERSION" and "ARCH" variables per flavor instead of global.
Resources
https://github.com/os-autoinst/openqa-trigger-from-obs
Explore the integration between OBS and GitHub by pdostal
Project Description
The goals:
1) When GitHub pull request is created or modified the OBS project will be forked and the build results reported back to GitHub. 2) When new version of the GitHub project will be published the OBS will redownload the source and rebuild the project.
Goal for this Hackweek
Do as much as possible, blog about it and maybe use it another existing project.
Resources
- The Blog post
- Issue: poo#123858 - build.opensuse.org: /usr/lib/obs/service//go_modules.service No such file or directory
Learn about OSB and contribute to `kustomize` and `k9s` packages to add ARM arch by dpock
Description
There are already k9s
and kustomize
packages that exist for openSUSE today. These could be used as the source for these binaries in our rancher projects. By using them we would benefit from CVE fixes included in our distribution of the packages not in cluded upstream. However they are not providing arm package builds which are required.
Goals
- [ ] Update the kustomize package in OBS to use the newest version and send change request
Resources
- k9s: https://build.opensuse.org/package/show/openSUSE:Factory/k9s
- kustomize: https://build.opensuse.org/package/show/openSUSE:Factory/kustomize
- Learning Docs: https://confluence.suse.com/display/packaging/Training%2C+Talks+and+Videos
Git CI to automate the creation of product definition by gyribeiro
Description
Automate the creation of product definition
Goals
Create a Git CI that will:
- automatically be triggered once a change (commit) in package list is done.
- run tool responsible to update product definition based on the changes in package list
- test the updated product definition in OBS
- submit a pull request updating the product definition in the repository
NOTE: this Git CI may also be triggered manually
Resources
- https://docs.gitlab.com/ee/ci/
- https://openbuildservice.org/2021/05/31/scm-integration/
- https://github.com/openSUSE/openSUSE-release-tools
Implement a full OBS api client in Rust by nbelouin
Description
I recently started to work on tooling for OBS using rust, to do so I started a Rust create to interact with OBS API, I only implemented a few routes/resources for what I needed. What about making it a full fledged OBS client library.
Goals
- Implement more routes/resources
- Implement a test suite against the actual OBS implementation
- Bonus: Create an osc like cli in Rust using the library
Resources
- https://github.com/suse-edge/obs-tools/tree/main/obs-client
- https://api.opensuse.org/apidocs/
ddflare: (Dynamic)DNS management via Cloudflare API in Kubernetes by fgiudici
Description
ddflare is a project started a couple of weeks ago to provide DDNS management using v4 Cloudflare APIs: Cloudflare offers management via APIs and access tokens, so it is possible to register a domain and implement a DynDNS client without any other external service but their API.
Since ddflare allows to set any IP to any domain name, one could manage multiple A and ALIAS domain records. Wouldn't be cool to allow full DNS control from the project and integrate it with your Kubernetes cluster?
Goals
Main goals are:
- add containerized image for ddflare
- extend ddflare to be able to add and remove DNS records (and not just update existing ones)
- add documentation, covering also a sample pod deployment for Kubernetes
- write a ddflare Kubernetes operator to enable domain management via Kubernetes resources (using kubebuilder)
Available tasks and improvements tracked on ddflare github.
Resources
- https://github.com/fgiudici/ddflare
- https://developers.cloudflare.com/api/
- https://book.kubebuilder.io
Uyuni developer-centric documentation by deneb_alpha
Description
While we currently have extensive documentation on user-oriented tasks such as adding minions, patching, fine-tuning, etc, there is a notable gap when it comes to centralizing and documenting core functionalities for developers.
The number of functionalities and side tools we have in Uyuni can be overwhelming. It would be nice to have a centralized place with descriptive list of main/core functionalities.
Goals
Create, aggregate and review on the Uyuni wiki a set of resources, focused on developers, that include also some known common problems/troubleshooting.
The documentation will be helpful not only for everyone who is trying to learn the functionalities with all their inner processes like newcomer developers or community enthusiasts, but also for anyone who need a refresh.
Resources
The resources are currently aggregated here: https://github.com/uyuni-project/uyuni/wiki
Saline (state deployment control and monitoring tool for SUSE Manager/Uyuni) by vizhestkov
Project Description
Saline is an addition for salt used in SUSE Manager/Uyuni aimed to provide better control and visibility for states deploymend in the large scale environments.
In current state the published version can be used only as a Prometheus exporter and missing some of the key features implemented in PoC (not published). Now it can provide metrics related to salt events and state apply process on the minions. But there is no control on this process implemented yet.
Continue with implementation of the missing features and improve the existing implementation:
authentication (need to decide how it should be/or not related to salt auth)
web service providing the control of states deployment
Goal for this Hackweek
Implement missing key features
Implement the tool for state deployment control with CLI
Resources
https://github.com/openSUSE/saline