Setup Kanidm as OIDC provider on Kubernetes by jkuzilek

Description

I am planning to upgrade my homelab Kubernetes cluster to the next level and need an OIDC provider for my services, including K8s itself.

Goals

• Successfully configure and deploy Kanidm on homelab cluster
• Integrate with K8s auth
• Integrate with other services (Envoy Gateway, Container Registry, future deployment of Forgejo?)

Resources

• https://kanidm.github.io/kanidm/stable/

---

Introducing "Bottles": A Proof of Concept for Multi-Version CRD Management in Kubernetes by aruiz

Description

As we delve deeper into the complexities of managing multiple CRD versions within a single Kubernetes cluster, I want to introduce "Bottles" - a proof of concept that aims to address these challenges.

Bottles propose a novel approach to isolating and deploying different CRD versions in a self-contained environment. This would allow for greater flexibility and efficiency in managing diverse workloads.

Goals

• Evaluate Feasibility: determine if this approach is technically viable, as well as identifying possible obstacles and limitations.
• Reuse existing technology: leverage existing products whenever possible, e.g. build on top of Kubewarden as admission controller.
• Focus on Rancher's use case: the ultimate goal is to be able to use this approach to solve Rancher users' needs.

Resources

Core concepts:

• ConfigMaps: Bottles could be defined and configured using ConfigMaps.
• Admission Controller: An admission controller will detect "bootled" CRDs being installed and replace the resource name used to store them.
• Aggregated API Server: By analyzing the author of a request, the aggregated API server will determine the correct bottle and route the request accordingly, making it transparent for the user.

---

Integrate Backstage with Rancher Manager by nwmacd

Description

Backstage (backstage.io) is an open-source, CNCF project that allows you to create your own developer portal. There are many plugins for Backstage.

This could be a great compliment to Rancher Manager.

Goals

Learn and experiment with Backstage and look at how this could be integrated with Rancher Manager. Goal is to have some kind of integration completed in this Hack week.

Progress

Screen shot of home page at the end of Hackweek:

Day One

• Got Backstage running locally, understanding configuration with HTTPs.
• Got Backstage embedded in an IFRAME inside of Rancher
• Added content into the software catalog (see: https://backstage.io/docs/features/techdocs/getting-started/)
• Understood more about the entity model

Day Two

• Connected Backstage to the Rancher local cluster and configured the Kubernetes plugin.
• Created Rancher theme to make the light theme more consistent with Rancher

Days Three and Day Four

• Created two backend plugins for Backstage:

  1. Catalog Entity Provider - this imports users from Rancher into Backstage
  2. Auth Provider - uses the proxied sign-in pattern to check the Rancher session cookie, to user that to authenticate the user with Rancher and then log them into Backstage by connecting this to the imported User entity from the catalog entity provider plugin.

• With this in place, you can single-sign-on between Rancher and Backstage when it is deployed within Rancher. Note this is only when running locally for development at present

Day Five

• Start to build out a production deployment for all of the above
• Made some progress, but hit issues with the authentication and proxying when running proxied within Rancher, which needs further investigation

---

SUSE AI Meets the Game Board by moio

Use tabletopgames.ai’s open source TAG and PyTAG frameworks to apply Statistical Forward Planning and Deep Reinforcement Learning to two board games of our own design. On an all-green, all-open source, all-AWS stack!

---

Results: Infrastructure Achievements

We successfully built and automated a containerized stack to support our AI experiments. This included:

• a Fully-Automated, One-Command, GPU-accelerated Kubernetes setup: we created an OpenTofu based script, tofu-tag, to deploy SUSE's RKE2 Kubernetes running on CUDA-enabled nodes in AWS, powered by openSUSE with GPU drivers and gpu-operator
• Containerization of the TAG and PyTAG frameworks: TAG (Tabletop AI Games) and PyTAG were patched for seamless deployment in containerized environments. We automated the container image creation process with GitHub Actions. Our forks (PRs upstream upcoming):
  • https://github.com/moio/TabletopGames/tree/hackweek24
  • https://github.com/moio/PyTAG/tree/hackweek24

./deploy.sh and voilà - Kubernetes running PyTAG (k9s, above) with GPU acceleration (nvtop, below)

Results: Game Design Insights

Our project focused on modeling and analyzing two card games of our own design within the TAG framework:

• Game Modeling: We implemented models for Dario's "Bamboo" and Silvio's "Totoro" and "R3" games, enabling AI agents to play thousands of games ...in minutes!
• AI-driven optimization: By analyzing statistical data on moves, strategies, and outcomes, we iteratively tweaked the game mechanics and rules to achieve better balance and player engagement.
• Advanced analytics: Leveraging AI agents with Monte Carlo Tree Search (MCTS) and random action selection, we compared performance metrics to identify optimal strategies and uncover opportunities for game refinement .
  • more about Bamboo on Dario's site
  • more about R3 on Silvio's site (italian, translation coming)
  • more about Totoro on Silvio's site

A family picture of our card games in progress. From the top: Bamboo, Totoro, R3

Results: Learning, Collaboration, and Innovation

Beyond technical accomplishments, the project showcased innovative approaches to coding, learning, and teamwork:

• "Trio programming" with AI assistance: Our "trio programming" approach—two developers and GitHub Copilot—was a standout success, especially in handling slightly-repetitive but not-quite-exactly-copypaste tasks. Java as a language tends to be verbose and we found it to be fitting particularly well.
• AI tools for reporting and documentation: We extensively used AI chatbots to streamline writing and reporting. (Including writing this report! ...but this note was added manually during edit!)
• GPU compute expertise: Overcoming challenges with CUDA drivers and cloud infrastructure deepened our understanding of GPU-accelerated workloads in the open-source ecosystem.
• Game design as a learning platform: By blending AI techniques with creative game design, we learned not only about AI strategies but also about making games fun, engaging, and balanced.

Last but not least we had a lot of fun! ...and this was definitely not a chatbot generated line!

The Context: AI + Board Games

---

Mammuthus - The NFS-Ganesha inside Kubernetes controller by vcheng

Description

As the user-space NFS provider, the NFS-Ganesha is wieldy use with serval projects. e.g. Longhorn/Rook. We want to create the Kubernetes Controller to make configuring NFS-Ganesha easy. This controller will let users configure NFS-Ganesha through different backends like VFS/CephFS.

Goals

1. Create NFS-Ganesha Package on OBS: nfs-ganesha5, nfs-ganesha6
2. Create NFS-Ganesha Container Image on OBS: Image
3. Create a Kubernetes controller for NFS-Ganesha and support the VFS configuration on demand. Mammuthus

Resources

NFS-Ganesha

---

iSCSI integration in Warewulf by ncuralli

Description

This Hackweek project aims to enhance Warewulf’s capabilities by adding iSCSI support, enabling both remote boot and flexible mounting of iSCSI devices within the filesystem. The project, which already handles NFS, DHCP, and iPXE, will be extended to offer iSCSI services as well, centralizing all necessary services for provisioning and booting cluster nodes.

Goals

• iSCSI Boot Option: Enable nodes to boot directly from iSCSI volumes
• Mounting iSCSI Volumes within the Filesystem: Implement support for mounting iSCSI devices at various points within the filesystem

Resources

https://warewulf.org/

Steps

• add generic framework to handle remote ressource/filesystems to wwctl [ ]
• add iSCSI handling to wwctl configure [ ]
• add iSCSI to dracut files [ ]
• test it [ ]

---

Hack on rich terminal user interfaces by amanzini

Description

TUIs (Textual User Interface) are a big classic of our daily workflow. Many linux users 'live' in the terminal and modern implementations have a lot to offer : unicode fonts, 24 bit colors etc.

Goals

• Explore the current available solution on modern languages and implement a PoC , for example a small maze generator, porting of a classic game or just display the HackWeek cute logo.
• Practice some Go / Rust coding and programming patterns
• Fiddle around, hack, learn, have fun
• keep a development diary, practice on project documentation

Follow this link for source code repository

• includes development diary

Some ideas for inspiration:

• https://github.com/coding-horror/basic-computer-games
• https://git.imzadi.de/acn/vt100-games
• https://github.com/skx/lighthouse-of-doom
• https://github.com/rothgar/awesome-tuis
• https://www.zq1.de/~bernhard/images/share/geeko/logo.txt

Related projects:

• https://hackweek.opensuse.org/24/projects/suse-rancher-supportconfig from @eminguez

Resources

• Python:

  • https://github.com/Textualize/rich

• Go:

  • https://charm.sh/
  • https://github.com/JoelOtter/termloop
  • https://github.com/gdamore/tcell
  • https://earthly.dev/blog/tui-app-with-go/
  • https://www.inngest.com/blog/interactive-clis-with-bubbletea
  • https://m.youtube.com/watch?v=uJ2egAkSkjg

• Rust:

  • https://ratatui.rs/
  • https://github.com/lemunozm/ruscii
  • https://gitlab.com/thustle/thardians-rs
  • https://www.youtube.com/live/qaaHhfPGde0

• Misc:

  • Book about programming mazes

---

WebUI for your data by avicenzi

A single place to view every bit of data you have.

Problem

You have too much data and you are a data hoarder.

• Family photos and videos.
• Lots of eBooks, TV Shows, Movies, and else.
• Boxes full of papers (taxes, invoices, IDs, certificates, exams, and else).
• Bank account statements (multiple currencies, countries, and people).

Maybe you have some data on S3, some on your NAS, and some on your local PC.

• How do you get it all together?
• How do you link a bank transaction to a product invoice?
• How to tag any object type and create a collection out of it (mix videos, photos, PDFs, transactions)?
• How to store this? file/folder structure does not work, everything is linked together

Project Description

The idea is a place where you can throw all your data, photos, videos, documents, binaries, and else.

Create photo albums, document collections, add tags across multiple file-formats, link content, and else.

The UI should be easy to use, where the data is not important for now (could be all S3 or local drive).

Similar proposals

The closest I found so far is https://perkeep.org/, but this is not what I'm looking for.

Goal for this Hackweek

Create a web UI, in Svelte ideally, perhaps React.

It should be able to show photos and videos at least.

Resources

None so far, this is just an idea.

---

Contribute to terraform-provider-libvirt by pinvernizzi

Description

The SUSE Manager (SUMA) teams' main tool for infrastructure automation, Sumaform, largely relies on terraform-provider-libvirt. That provider is also widely used by other teams, both inside and outside SUSE.

It would be good to help the maintainers of this project and give back to the community around it, after all the amazing work that has been already done.

If you're interested in any of infrastructure automation, Terraform, virtualization, tooling development, Go (...) it is also a good chance to learn a bit about them all by putting your hands on an interesting, real-use-case and complex project.

Goals

• Get more familiar with Terraform provider development and libvirt bindings in Go
• Solve some issues and/or implement some features
• Get in touch with the community around the project

Resources

• CONTRIBUTING readme
• Go libvirt library in use by the project
• Terraform plugin development
• "Good first issue" list

---

Harvester Packer Plugin by mrohrich

Description

Hashicorp Packer is an automation tool that allows automatic customized VM image builds - assuming the user has a virtualization tool at their disposal. To make use of Harvester as such a virtualization tool a plugin for Packer needs to be written. With this plugin users could make use of their Harvester cluster to build customized VM images, something they likely want to do if they have a Harvester cluster.

Goals

Write a Packer plugin bridging the gap between Harvester and Packer. Users should be able to create customized VM images using Packer and Harvester with no need to utilize another virtualization platform.

Resources

Hashicorp documentation for building custom plugins for Packer https://developer.hashicorp.com/packer/docs/plugins/creation/custom-builders

Source repository of the Harvester Packer plugin https://github.com/m-ildefons/harvester-packer-plugin

---

Cobbler Angular Web Interface by SchoolGuy

Project Description

The old Cobbler webinterface was built into the server, leading to a huge dependency stack only required for a few people.

Goal for this Hackweek

The project should aim to finalize the first prototype of the new Angular based web interface.

A secondary goal of this hackweek is to learn a lot of Angular.

Update for Hackweek 24

The GH project received some traction since I have some vacation. As such it is my aim to get a first alpha released to close the milestone 0.0.1 (or whatever version I can release with semantic release).

Resources

• GitHub Repo
• GitHub Project

---

SUSE AI Meets the Game Board by moio

Use tabletopgames.ai’s open source TAG and PyTAG frameworks to apply Statistical Forward Planning and Deep Reinforcement Learning to two board games of our own design. On an all-green, all-open source, all-AWS stack!

---

Results: Infrastructure Achievements

We successfully built and automated a containerized stack to support our AI experiments. This included:

• a Fully-Automated, One-Command, GPU-accelerated Kubernetes setup: we created an OpenTofu based script, tofu-tag, to deploy SUSE's RKE2 Kubernetes running on CUDA-enabled nodes in AWS, powered by openSUSE with GPU drivers and gpu-operator
• Containerization of the TAG and PyTAG frameworks: TAG (Tabletop AI Games) and PyTAG were patched for seamless deployment in containerized environments. We automated the container image creation process with GitHub Actions. Our forks (PRs upstream upcoming):
  • https://github.com/moio/TabletopGames/tree/hackweek24
  • https://github.com/moio/PyTAG/tree/hackweek24

./deploy.sh and voilà - Kubernetes running PyTAG (k9s, above) with GPU acceleration (nvtop, below)

Results: Game Design Insights

Our project focused on modeling and analyzing two card games of our own design within the TAG framework:

• Game Modeling: We implemented models for Dario's "Bamboo" and Silvio's "Totoro" and "R3" games, enabling AI agents to play thousands of games ...in minutes!
• AI-driven optimization: By analyzing statistical data on moves, strategies, and outcomes, we iteratively tweaked the game mechanics and rules to achieve better balance and player engagement.
• Advanced analytics: Leveraging AI agents with Monte Carlo Tree Search (MCTS) and random action selection, we compared performance metrics to identify optimal strategies and uncover opportunities for game refinement .
  • more about Bamboo on Dario's site
  • more about R3 on Silvio's site (italian, translation coming)
  • more about Totoro on Silvio's site

A family picture of our card games in progress. From the top: Bamboo, Totoro, R3

Results: Learning, Collaboration, and Innovation

Beyond technical accomplishments, the project showcased innovative approaches to coding, learning, and teamwork:

• "Trio programming" with AI assistance: Our "trio programming" approach—two developers and GitHub Copilot—was a standout success, especially in handling slightly-repetitive but not-quite-exactly-copypaste tasks. Java as a language tends to be verbose and we found it to be fitting particularly well.
• AI tools for reporting and documentation: We extensively used AI chatbots to streamline writing and reporting. (Including writing this report! ...but this note was added manually during edit!)
• GPU compute expertise: Overcoming challenges with CUDA drivers and cloud infrastructure deepened our understanding of GPU-accelerated workloads in the open-source ecosystem.
• Game design as a learning platform: By blending AI techniques with creative game design, we learned not only about AI strategies but also about making games fun, engaging, and balanced.

Last but not least we had a lot of fun! ...and this was definitely not a chatbot generated line!

The Context: AI + Board Games

---