Staying up-to-date with the latest trends, tools and industry knowledge is crucial for open-source developers and IT professionals like system administrators.

Online resources provide valuable information, but there is no substitute for the immersive and collaborative experience of attending conferences.

As the openSUSE Conference ended about a month ago and the openSUSE.Asia Summit is accepting talk proposals until August 20, we will explore the benefits and reasons why people should not only attend conferences but actively contribute by submitting talks.

The sharing of expertise and insights is perhaps the most fundamental of reasons to attend conferences as it provides an opportunity to share knowledge, expertise, and unique insights with a diverse audience. By submitting talks, people showcase their experiences, best practices, and innovative approaches to commonly shared challenges; they actively contribute to the growth and development of IT and open-source communities. These contributions can inspire others, spark new ideas and foster collaboration among attendees. Sharing expertise not only contributes to the collective knowledge but it helps to establish thought leaders and field experts.

Submitting talks and presenting it at conferences presents opportunities for personal and professional growth. It challenges people to refine their communication skills, overcome stage fright, and think critically about a topic. The experience of preparing and delivering a talk enhances people’s ability to articulate complex concepts clearly and concisely.

Attending sessions where speakers articulate a topic offers a unique opportunity to gain fresh perspectives, learn about emerging technologies, and stay ahead of the curve. The openSUSE and openSUSE.Asia Summit curate sessions with experts in open-source software and Linux, which provides valuable insights for attendees.

Many conferences like openSUSE and openSUSE.Asia Summit organize hands-on workshops where attendees gain practical experience and sharpen their skills. These interactive sessions allow IT professionals and developers to dive deep into specific technologies, frameworks, or tools. Attendees enhance their proficiency and return to their IT department with practical knowledge that can be immediately applied to their work.

Networking at conferences provides an invaluable chance to connect, exchange ideas, and establish meaningful relationships with industry peers and fellow community members. This helps to build a robust professional network that can lead to future collaborations, job opportunities, and mentorship possibilities.

Conferences like ours and others throughout the world foster a sense of community among attendees who share a common passion for technology and open-source. Engaging with fellow professionals and developers can lead to fruitful collaborations, collaborative projects, and contributions to open-source initiatives. The openSUSE and openSUSE.Asia Summit offer a vibrant community atmosphere and provide a platform for connecting with open-source enthusiasts from around the world.

For those managers and IT leaders that have not yet explored sending an employee to a conference, know that attending conferences provides immense value, but actively participating as a speaker takes the experience to new heights.

Get started today by submitting a talk, especially to the openSUSE.Asis Summit; it will take place at Chongqing University of Posts and Telecommunications in Chongqing, China, from Oct. 21 to 23.

When it comes to choosing a reliable and powerful Linux distribution for your workloads, CentOS and openSUSE are both popular options. However, recent changes in the CentOS project have left many users seeking alternatives. In this blog post, we will explore ten compelling reasons why migrating from CentOS to openSUSE might be a smart move. […]

The post 10 Reasons to Migrate from CentOS to openSUSE appeared first on SUSE Communities.

Dear Tumbleweed users and hackers,

We have just finished week 26, meaning half of the year is over. This week was a ‘super fast’ one for Tumbleweed: in the 7 days since the last review we published 9 snapshots. Go figure! The 9 snapshots covered this week are 0621…0629.

The most relevant changes that were delivered during this week were:

• Mozilla Firefox 114.0.2
• KDE Plasma 5.27.6
• IceWM 3.4.0
• Node.JS 20.3.1
• AppArmor 3.1.6
• PHP 8.2.7
• Mesa 23.1.3
• Linux kernel 6.3.9
• util-linux 2.39
• firewalls 2.0.0
• strace 6.4
• transactional-update 4.3.0

As you come to expect, staging projects are filled up and the following few things are being worked on and tested:

• Protobuf 22
• linux-glibc-devel 6.4.0
• Linux kernel 6.4: kernel lockdown enabled, see the announcement
• exiv2 0.28.0
• wine 8.11: this was part of a single snapshot (0627) last week, but was quickly reverted in 0628 as there were issues starting apps. The problem could be identified and fixed.
• Python 3.12.0b3

Warewulf booting

The HPC deployment system warewulf uses the bootloader iPXE to load the linux kernel and the root file system with configuration overlay on top. This method was chosen as its flexible and scalable as well.

There was no technical reasons or outstanding features to choose iPXE over other boot loaders, so the de facto linux grub bootloader can also be used, which enables the secure boot and measured boot features. This document describes how to use grub with warewulf4 and enable secure for it. Measured boot can also be enabled so that keylime can be used for remote attestation.

Choose the right bootloader

It possible to boot grub directly, but in order to enable secure boot shim is used as first binray which is run and it will pull directly then grub with the same method as shim was pulled. This means that if shim was pulled per tftp, grub will to also be pulled per tftp.

With enabled secure boot the distributions which warewulf can use will be locked to one vendor as the shim of a vendor can only load the signed of grub of the vendor without any additional steps. Still it would be possible to the keys of the different vendors to the MOK (Machine Owner Key) database, but this requires a physical presence to enroll the MOKs.

Install

Follow the quck start guide for a basic installation of warewulf 4 4.x. If not already done, download am actual openSUSE leap container with the command

# wwctl container import docker://registry.opensuse.org/science/warewulf/leap-15.5/containers/kernel:latest leap15.5

This container contains allready a kernel but is missing shim and grub. In order to install this open a shell in the container with following command

# wwctl container shell leap15.5

within the container install the needed shim and grub binaries with

[leap15.5] Warewulf> zypper in -y shim grub2-x86_64-efi

Now the shim and grub binary has to copied to the tFTP directory. For this use the commands:

# cp $(wwctl container show leap15.5)/usr/share/efi/x86_64/shim-sles.efi  /srv/tftpboot/warewulf/sles.efi
# cp $(wwctl container show leap15.5)/usr/share/grub2/x86_64-efi/grub-tpm.efi /srv/tftpboot/warewulf/grub.efi

With the binaries in the right place the dhpc server configuration has to be updated. The name of the binaries can be configured in warewulf.conf where you should replace following two lines

    "00:07": ipxe-x86_64.efi
    "00:09": ipxe-x86_64.efi

with

    "00:07": shim.efi
    "00:09": shim.efi

and restart the dhpc services with

# wwctl configure dhcp

After this steps instead of the iPXE binaries, first the shim signed by Microsoft is loaded which then loads grub.efi. Still missing is a grub.cfg in the right place which is created with following command:

#  wwctl overlay edit host -p /srv/tftpboot/warewulf/grub.cfg.ww

Replace the content of this file with

# This file is autogenerated by warewulf
# Host:   {{.BuildHost}}
# Time:   {{.BuildTime}}
# Source: {{.BuildSource}}
echo "================================================================================"
echo "Warewulf v4 now booting with grub"
echo
uri="(http,{{.Ipaddr}}:9873)/provision/${net_default_mac}?assetkey="
kernel="${uri}&stage=kernel"
container="${uri}&stage=container&compress=gz"
system="${uri}&stage=system&compress=gz"
echo "Warewulf Controller: {{.Ipaddr}}"
echo "Trying to load a kernel... "
linux $kernel wwid=$"{net_default_mac}" quiet crashkernel=no vga=791 net.naming-scheme=v238
if [ x$? = x0 ] ; then
echo "Loading initrd..."
initrd $system $container
echo "Booting..."
boot
else
echo "MESSAGE: This node is unconfigured. Please have your system administrator add a"
echo "         configuration for this node with HW address: ${net_default_mac}"
echo ""
echo "Rebooting in 1 minute..."
sleep 60
reboot
fi

and after the modificatin rebuild the host overlay with

# wwctl overlay build -H

Now the nodes can be rebooted with secure boot enabled.

Known problems

With this configuration will be only able to boot openSUSE/SUSE as the shim is taken from this distribution. Also the kernel commandline is statically configured in grub.cfg.ww

The openSUSE.Asia Committee is seeking sponsors for the ninth openSUSE.Asia Summit. The summit will take place in Chongqing, China, from Oct. 21–23, 2023. Our participants are FLOSS users, developers, students and people who are interested in FLOSS from a wide range of different industries. The sponsorship is for accommodation, food, publicity, etc.

We are aiming to provide a low-barrier offline platform for users, contributors and developers to meet. Relationships between open-source enthusiasts can be greatly facilitated through offline summits. It is also an opportunity for technologists to share and promote the latest trends in technology and to exchange experiences. Sponsorship is an expression of your appreciation and recognition of our community and our work goals.

• Promote your products in the community.

• Business can promote their solutions / services to our community and stakeholders through business tracks.

• Sponsors can promote their products / services through

  • openSUSE.Asia Summit website.

  • Printed materials advertising the event.

  • Summit welcome package.

  • Promotional advertising visible throughout the event location.

  • Other community events that we attend  to promote openSUSE.Asia summit.

  • Sponsors can also request a booth to highlight their products and businesses.

Contact opensuse-asia-2023@googlegroups.com no later than 15th of September, 2023. The sponsorship prospectus is available at:

English Call For Sponsorship(en).pdf

Chinese Call For Sponsorship(cn).pdf

We would like to thank SUSE and arm, which are both Platinum sponsors, for their support.

This week’s openSUSE Tumbleweed snapshots are rolling out at a steady pace.

The snapshots were not large, but consistent.

Snapshot 20230628 provided a few small changes that focused on removing some obsolete mechanisms and cleaned up some aspects to help with the future direction of Python.

Snapshot 20230627 was one of the bigger snapshots this week and it provided updates for gegl, kdump pipewire, strace and much more. The graphics package gegl brought version 0.4.46. The package provides some bug fixes and performance improvements and it re-enabled a deprecation warning. The kernel-crash dumping package kdump updated to version 1.9.2; this had enhancements like a rewrite of kdump-save and updates for other parts to ensure mounts are now entirely handled by dracut. An update of audio-compression package flac 1.4.3 improved the encoder speed for all presets, and it made significant improvements for the fastest presets as well as 24-bit and 32-bit inputs. Multimedia framework pipewire 0.3.72 fixed a critical bug that refused to update JACK clients, and there were some audio enhancements for Advanced Linux Sound Architecture. Strace 6.4 and perl-Bootloader 1.4 were among several other packages updated in the snapshot.

The only package updated in snapshot 20230626 was low-level signal processing library spandsp; the updated 3.0.0 git + version had some modifications aimed at mitigating concerns related to buffer overflows, memory corruption, and other potential issues that could arise from excessive data copying into an output buffer.

The 20230625 snapshot updated two packages. New major version firewalld 2.0 gained support for nftables flowtable, which is expected to accelerate Transmission Control Protocol and User Datagram Protocol flows. The major version also gained a new feature called Zone Priorities, which allows the user to control the order in which packets are classified into zones; it can be set using command line option --set-priority. The other package to update in the snapshot was sssd 2.9.1. This identity management client fixed a couple regressions to include one that affected lookups for kernel-based automounter autofs when cache_first is set to true.

Mesa and the Linux Kernel were updated in snapshot 20230625, but LibVNCServer 0.9.14 had several changes to highlight. The package fixed some Transport Layer Security interoperability with GnuTLS servers, removed a CVE-2020-29260 patch and added support for qemu extended key events. Mesa’s 23.1.3 update fixed a regression related to boo#1209005 that caused a crash in some instances. An update of the kernel-source to version 6.3.9 addressed an issue related to x86 architecture where a switch is performed immediately after installing a new Global Descriptor Table (GDT). A change was also made in the wireless networking subsystem related to regulatory wireless device channel validation. Another package to update in the snapshot was sendmail 8.17.2. The package improved error handling for TLS setup failures, introduces various improvements related to Email Address Internationalization support and improves security by maintaining DNS-based Authentication of Named Entities requirements. Several other packages updated in the snapshot.

Dear Tumbleweed users and hackers,

Finally back on the weekly review cycle – are we taking bets on how long I can keep it up (summertime is ‘terrible’ – it motivates too much to take Fridays off). Anyway, even without me there, you are used to Tumbleweed rolling. Lately, all the excellent work on Staging Is being performed by Ana. During this week, we managed to publish again 6 snapshots (the 7th was in QA, but took slightly longer to test than the next one needed to build).

The 6 snapshots (0614, 0616, 0617, 0619, 0620, and 0620) brought you those changes:

• Python 3.11 has been set as the default Python interpreter
• libzypp: fix for stricter http/2 RFC 9113 server implementations: trim custom headers
• Qt 5.15.10
• PHP 8.1.20
• LibreOffice 7.5.4.2
• poppler 23.06.0
• LLVM 16.0.6
• node.JS 20.3.0
• Mozilla Firefox 114.0.2
• KDE Plasma 5.27.6

Integration tests are currently being performed on these planned changes:

• Linux kernel 6.3.9
• Protobuf 22.5: please help to sort out the failures in Staging:K
• util-linux 2.39
• Mesa 23.1.3
• PHP 8.2.7: Nextcloud was updated to 26.0.3, which claims to support PHP 8.2

A few weeks ago, I posted about sngbench, a shell script to measure syslog-ng performance. The performance of syslog-ng is influenced by many factors, including the hardware and OS it runs on, and syslog-ng itself. This blog summarizes some of my findings using the script.

https://www.syslog-ng.com/community/b/blog/posts/what-i-learned-about-syslog-ng-performance-using-sngbench