My Upgrading LEAP Experience

SUSE recently released Service Pack 6 very recently, which means LEAP 15.6 became available.

Of course I wanted to update to it, but I was traveling quite a bit and wasn't finding the time. I was told that it is super easy, a few simple commands, etc...

Well was it? I would say "yes and no."

Migration

First, I figured I would use the zypper migration command I heard so much about. When I started, I got some errors that were caused by invalid repositories. So I went through and deleted any repos that were invalid or even inactive, with sudo zypper rr <repository_name>. Then I refreshed and updated.

But it didn't work because it turns out that migration is for SLES. I guess I should uninstall the zypper migration plugin at some point.

$releaseserver

Ok, no problem, I just set the releaseserver envar and then kick off zypper refresh right? Well, no. For some reason, all the repository versions were hard coded. Running grep baseurl /etc/zypp/repos.d/*.repo resulted in a serious mess of .repo files. I think it's from installing random things from OBS, but I'm not quite sure. In any case, running sudo zypper --releasever=15.6 refresh did absolutely nothing because there were no baseurls defined with that environment variable.

repo deletion madness

So I went on a rampage of delete .repo files. Anything that looked earlier than 15.5 I nuked. I accepted in my heart that I was going to nuke something that I shouldn't, but I was on a rampage (Archer Reference).

sed to the rescue

I never really got expert at programming with sed, but I have used it often. It is one of those programs that is so old that it is small, lightening fast, and always does what you tell it (even if you tell it to do the wrong thing).

So, ok, with my cleaned up repo, a couple of sed commands:

  sudo sed -i 's/15.5/${releasever}/g' /etc/zypp/repos.d/*.repo
  sudo sed -i 's/SLE-15-SP5/SLE-15-SP6/g' /etc/zypp/repos.d/*.repo

Basically, use the environment variable where you can, otherwise, use the SLE SP6 repos.

update away

So by this point, I had cleaned my repos, refreshed, and updated everything. So, I just needed to tell zypper to do the updates:

  sudo zypper --releasever=15.6 refresh
  sudo zypper --releasever=15.6 dup --download-in-advance

I assume that the refresh was necessary, because it needed to load into the package database from the new repos. Then I download all the packages and do the distribution update.

Here's the thing ... by this point ... it worked, and worked very well. First, it was insanely fast. I was expecting to go for a walk while it was downloading, but it managed to download all of the new packages and apply them before I had a chance.

Secondly, it worked. I mean, it rebooted, and everything just works!

Anyway, that's my LEAP update saga. I am traveling for another month with just my LEAP laptop, my $65 Tumbleweed is waiting for me at home :)

How to save your very old openSUSE Tumbleweed installation?

Say you’re in need of recovering a very old system?, I got you:

Make sure you have a container engine, if you like to live your life dangerously:

nerdctl run -it -v /:/mnt -v /dev:/dev -v /sys:/sys -v /boot:/boot \
    --name hacky_tw --rm registry.opensuse.org/opensuse/tumbleweed:latest bash

• zypper --root /mnt dup -D --allow-vendor-change

You should be able to reboot your machine and go on with your life.

Down the rabbit hole

Now, if you want to do weirder things, or for instance, want to check what have you changed i.e vs an default installation, you can do the following:

rpm --root /mnt -V -ac  --nodeps --nomtime | \
 # this will match i.e: files that have been modified, and have different changes
 # from what originally was when the package was installed 
 # S.5......  c /etc/mail/spamassassin/local.cf backup
 awk '/^..5/ { 
    if (system("test -f /mnt"$3".rpmnew") == 0)
        must="diff"; 
    else 
        must="backup"; 

# the format will be:
# backup   /etc/fonts/conf.d/58-family-prefer-local.conf
# add $1, before "must" if you want to "debug"
print must, "\t", $3 

}'

My fav Presentations

The XZ Backdoor - Report from Our Side, Retrospection, and Looking Forward by Marcus Meissner

Working Together in One Place with Nextcloud by Jos Poortvliet

What is openSUSE? And How Does It Help SUSE and Its Partners? by Simon Lees

The Future of Agama and openSUSE by Josef Reidinger and Ancor González Sosa

We're All Grown Up: openSUSE is Not SUSE by Richard Brown and Robert Sirchia

Linux at Volkswagen by Jan-Michael Brummer

Sweetening Heterogeneous Linux Deployments in the Cloud with KIWI by Neal Gompa and David Duncan

Moderation and Code of Conduct Are Vital for a Community by Gertjan Lettink

Challenges in Making Slowroll by Bernhard M. Wiedemann

If We Build It, Will They Come: Contribution Beyond Coding by Robert Sirchia

Community and Celebration

Conclusion

Acknowledgement

Presentation videos

Über KI allgemein und vor allem auch ChatGPT wird ja zur Zeit allerorten geredet. Zum Teil wird die sogenannte KI als ein weiterer riesen Schritt in der digitalen Welt gesehen, und oft auch als Anfang des Ende des kultivierten Lebens dargestellt.

Das soll hier garnicht vertieft werden. Statt dessen wird hier ein konkretes Beispiel gezeigt für das, was mit ChatGPT jetzt einfach machbar ist, und welche Wirkung das auf uns haben könnte.

Dazu betrachte man zuerst diesen (noch fiktiven) Wikipedia-Artikel mit dem Namen „Der Fünfzehner“:

Sicher werden Sie denken: „Oh ja, ein informativer Artikel, der auf geschichtlichen Fakten basiert und von einer forschenden Person zusammengetragen wurde, die die Arbeiterbewegung und ihre Kuturgeschichte zu kennen scheint. Er ist sprachlich auf einem ordentlichen Niveau und sicherlich eine Bereicherung der Wikipedia. Bestimmt war es ein bisschen aufwändig, diesen Artikel zu schreiben. Vielleicht zollen Sie der Autorin etwas Anerkennung im Stillen.

Nach der Lektüre besteht kein Zweifel mehr daran, was „ein Fünfzehner“ ist, und dass wir ihn vielleicht auch öfter in unser Leben integrieren sollten, um stabile, gesunde und erfüllende Arbeitsverhältnisse zu pflegen.

Die Geschichte hinter diesem Artikel stellt sich jedoch anders dar.

Die einzige Person, die ich je von einem „Fünfzehner“ habe sprechen hören, war meine liebe Mutter. Sie machte gern mal einen Fünfzehner, in dem sie dann eine angemessene Menge Kaffee und HBs konsumierte, bevor sie nach mehr oder weniger genau fünfzehn Minuten wieder ihrer Tätigkeit nachging.

Als ich dann einen Kollegen zu einem ebensolchen Fünfzehner aufforderte, musste ich ihm diese Geschichte erzählen, denn er hatte noch nie vom Fünfzehner gehört. Dazu kamen einige weitere Fakten wie dass Muttern einem handwerklich bürgerlichen Milieu Hamburgs enstammte und einige Jahre in einem großen Handwerksbetrieb im Büro gearbeitet hatte.

Der Kollege, immer interessiert an den Möglichkeiten, die ChatGPT eröffnet, hat daraufhin den oben gezeigten Artikel mit ChatGPT zusammen erstellt. Seiner Aussage nach hat das nicht länger als eine Minute gedauert und erforderte keine weitere menschliche Überarbeitung.

Diese einfache Beispiel zeigt, was mit dieser Technologie möglich ist. Ob intelligent oder nicht, dieses sprachgewandte Helferlein ermöglicht es uns, mit einigen wenigen Interaktionen solche elaborierte Texte zu vielen Themen zu erstellen. Dabei sind die Texte weder schlecht recherchiert, noch offensichtlich falsch oder wirken komplett synthetisch.

Trotzdem muss die Idee zu einem Text immer noch von einem Menschen kommen und zusammen mit einigen eingrenzenden Fakten an den Algorithmus übergeben werden. Es ist also weiterhin ein Mensch, der hier weitgehend bestimmt was geschrieben wird.

Aber es wird einfacher, halbwegs ordentliche Texte zu erstellen mit dieser Technologie, und was einfach ist, wird schnell als Standard erwartet. Übertragen auf das Thema dieses Blogs würde das vielleicht heissen, dass die Qualität von Texten in Angeboten besser werden muss, weil das die Erwartung der Kunden wird. Es lohnt sich also, sich jetzt mit dieser Technologie auseinanderzusetzen und zu lernen, wo sie einem persönlich nützen kann. Ob das nun mit ChatGPT oder einer anderen, KI gestützten Technologie passiert, ist erstmal zweitrangig.

Andererseits heisst das natürlich auch, dass die Menge an Informationen aller Arten schnell weiter zunehmen wird. Die schiere Menge macht es komplizierter, Sinnhaftigkeit oder gar Wahrheit zu beurteilen. Was massenhaft verfügbar ist, wird auch weniger wert.

Ob wir wollen oder nicht, wir müssen uns mit diesen Wirkmechanismen alle auseinandersetzen.

Ach ja, und wenn Sie den Ausdruck „einen Fünfzehner machen“ ebenfalls kennen, lassen Sie es mich bitte wissen

Agama 8 was a massive release. It took almost five months of work and, as a result, Agama got a new HTTP API and a more powerful user interface for setting up storage devices. Not that bad, uh?

After such a big release, our UX expert came with a completely new prototype for the web user interface and we thought it would be cool to get it on time for the openSUSE Conference. So here we are: presenting Agama 9 and the new user interface during the conference. If you missed the first talk, you can enjoy the recording.

However, that's not the only remarkable change in this release. As usual, let's have a look at the most relevant changes.

A new web user interface​

The most noticeable feature in this release is the debut of the new web user interface. Agama was born as a simplified installer that allowed the user to deploy the system with just a few clicks. However, as new features were introduced, we discovered that the user interface would not scale.

The new interface uses a more classic approach, with a sidebar that makes navigation easier. Moreover, all the sections received significant updates, with special mention of the networking area.

Despite all these changes, we still consider the new interface a work in progress and expect it to evolve significantly in the upcoming weeks. Stay tuned!

AutoYaST compatibility​

Many (open)SUSE users rely on AutoYaST for their automated deployments. So the question is obvious: what happens with those AutoYaST profiles they have been crafting for years? We have good news: at least partially, you can use them in Agama.

Agama and YaST are different beasts and will not implement the same features. For that reason, there might be many AutoYaST elements that will not be supported in Agama. However, don't panic! We plan to support the most relevant sections, like partitioning, networking, software, scripts, etc.

As a first step, Agama 9 introduces support for importing an AutoYaST profile and automatically converting it to something it can understand. Moreover, Rules/Classes, Embedded Ruby and pre-scripts are fully supported.

Automated installation​

Support for automated installations using Agama has been greatly improved in this release too. The most noticeable changes are:

• Agama provides more hardware information during Jsonnet profiles evaluation. You can find an example in the repository.
• A new legacy-autoyast-storage section makes it possible to use an AutoYaST <partitioning /> section in Agama.
• The command-line interface has received a significant update, including a handy agama config edit that allows you to change and apply the configuration from the comfort of your favorite editor.

A better installation media​

The Agama Live ISO includes many security-related improvements. Until now, you could connect to a system running the ISO by simply using linux as the root password. It was OK at the beginning of the development process, but for security reasons it's not acceptable anymore.

Now you can set your own password or, if you prefer, let Agama Live ISO generate a random one. You can find the password in the local console which, additionally, includes the fingerprints for the SSH host keys and the web server SSL certificate.

Another exciting addition is installing your own packages in the running Live system. In previous versions, Agama locked the packages database, but that's not the case anymore. It enables you to update Agama, add your own modifications, fixes, etc. And it makes development a little bit easier.

See it in action​

Do you want to give it a try to the new user interface? Or are you an "automate all the things" kind of person? In any case, you can grab the Agama Live ISO testing images and boot it on a virtual or bare-metal machine.

If you find any bug, please, do not hesitate to report it through our issues tracker

See you soon​

As we anticipated the last week, part of the team is present at the openSUSE Conference 2024 and we would love to hear from you. But even if you are not visiting the conference, you can always reach us at the YaST Development mailing list, our #yast channel at Libera.chat or the Agama project at GitHub.

Have a lot of fun!

Agama 8 was a massive release. It took almost five months of work and, as a result, Agama got a new HTTP API and a more powerful user interface for setting up storage devices. Not that bad, uh?

After such a big release, our UX expert came with a completely new prototype for the web user interface and we thought it would be cool to get it on time for the openSUSE Conference. So here we are: presenting Agama 9 and the new user interface during the conference. If you missed the first talk, you can enjoy the recording.

However, that’s not the only remarkable change in this release. As usual, let’s have a look at the most relevant changes.

A New Web User Interface

The most noticeable feature in this release is the debut of the new web user interface. Agama was born as a simplified installer that allowed the user to deploy the system with just a few clicks. However, as new features were introduced, we discovered that the user interface would not scale.

The new interface uses a more classic approach, with a sidebar that makes navigation easier. Moreover, all the sections received significant updates, with special mention of the networking area.

Despite all these changes, we still consider the new interface a work in progress and expect it to evolve significantly in the upcoming weeks. Stay tuned!

AutoYaST Compatibility

Many (open)SUSE users rely on AutoYaST for their automated deployments. So the question is obvious: what happens with those AutoYaST profiles they have been crafting for years? We have good news: at least partially, you can use them in Agama.

Agama and YaST are different beasts and will not implement the same features. For that reason, there might be many AutoYaST elements that will not be supported in Agama. However, don’t panic! We plan to support the most relevant sections, like partitioning, networking, software, scripts, etc.

As a first step, Agama 9 introduces support for importing an AutoYaST profile and automatically converting it to something it can understand. Moreover, Rules/Classes, Embedded Ruby and pre-scripts are fully supported.

Automated Installation

Support for automated installations using Agama has been greatly improved in this release too. The most noticeable changes are:

• Agama provides more hardware information during Jsonnet profiles evaluation. You can find an example in the repository.
• A new legacy-autoyast-storage section makes it possible to use an AutoYaST <partitioning /> section in Agama.
• The command-line interface has received a significant update, including a handy agama config edit that allows you to change and apply the configuration from the comfort of your favorite editor.

A Better Installation Media

The Agama Live ISO includes many security-related improvements. Until now, you could connect to a system running the ISO by simply using linux as the root password. It was OK at the beginning of the development process, but for security reasons it’s not acceptable anymore.

Now you can set your own password or, if you prefer, let Agama Live ISO generate a random one. You can find the password in the local console which, additionally, includes the fingerprints for the SSH host keys and the web server SSL certificate.

Another exciting addition is installing your own packages in the running Live system. In previous versions, Agama locked the packages database, but that’s not the case anymore. It enables you to update Agama, add your own modifications, fixes, etc. And it makes development a little bit easier.

See it in Action

Do you want to give it a try to the new user interface? Or are you an “automate all the things” kind of person? In any case, you can grab the Agama Live ISO testing images and boot it on a virtual or bare-metal machine.

If you find any bug, please, do not hesitate to report it through our issues tracker

See You Soon

As we anticipated the last week, part of the team is present at the openSUSE Conference 2024 and we would love to hear from you. But even if you are not visiting the conference, you can always reach us at the YaST Development mailing list, our #yast channel at Libera.chat or the Agama project at GitHub.

Have a lot of fun!

The openSUSE.Asia Summit is an annual openSUSE conference in Asia and a great opportunity for contributors and enthusiasts from Asia to come together and meet face-to-face. The event focuses primarily on the openSUSE distribution, its applications for personal and enterprise use, and open source culture.

In its quest to spread openSUSE throughout Asia, openSUSE.Asia Summit Organization Committee seeks out local communities to rise to the challenge of organizing an excellent openSUSE event in 2025. The committee stands ready to assist you throughout the process.

Here is the date you need to take notes:

• Oct. 1: Deadline for application
• Nov. 3: Presentation at openSUSE.Asia Summit 2024
• Dec. 23: Announcement of the following host

We will invite you to our regular online meetings so that you can experience and learn how to organize the event. Furthermore, we will ask you to present your proposals at the next summit in Tokyo, Japan.

The submitted proposals are to be reviewed by the organization committee. During the review, the committee might have additional questions and requests.

How to Submit?

Please email your proposal to both summit@lists.opensuse.org and opensuseasia-summit@googlegroups.com. Because the former address does not allow attachments, you need to upload your proposal somewhere and share the link to it.

The proposal should contain:

• Venue
• How to reach your city and venue
• Budget Estimation
  • Conference Venue
  • T-shirt
  • Tea break, Lunch, Dinner, Conference Tour, etc.
• Introduction to your community who will organize the summit

Please refer to openSUSE.Asia Summit Tips for Organizers before writing your proposal.

We are looking forward to hearing from you soon!

A new major version of Leap Micro is now available!  Leap Micro 6.0 images can be found at get.opensuse.org.

Leap Micro 6.0 uses a brand-new codebase, comes with plenty of new appliances and, for the first time, enters images for public cloud.

About Leap Micro

Leap Micro 6.0 is a rebranded SUSE Linux Enterprise Micro 6.0 which is an ultra-reliable container and Virtual Machine host by SUSE. Leap Micro is released twice a year and has support over two releases.

Leap Micro 5.4 is now EOL

With the release of Leap Micro 6.0, Leap Micro 5.4 reaches End Of Life; users will no longer receive maintenance updates and are advised to upgrade.

More conservative users can stay on Leap Micro 5.5, which will receive updates until the release of Leap Micro 6.1.

Understanding Image variants

All of Leap and SLE Micro generally come in two variants either Base or Default.

Both Base and Default have a container stack, but only the Default variant has the Virtual Machine stack.

If you do not plan to use VMs and you care for space, then the Base might be a variant just for you. 

All of our images offered at get-o-o are the Default ones (VMs+containers) as we expect they’re suitable for most users.

All appliances including Base variants (without virtualization stack) can be downloaded directly from https://download.opensuse.org/distribution/leap-micro/6.0/appliances/

Explaining individual appliances

A general recommendation for everyone use is the self-install image. It’s a bootable image with a quick wizard that writes the preconfigured image to your drive and grows the root partition. This process from boot takes about 5 minutes.

The preconfigured image is a raw bootable image you can manually write/dd to the disk or SD card. Images can be configured via Ignition/Combustion or will default to the jeos-firsboot wizard.

We have a Real-time image with kernel-rt, qcow image for KVM, VMWare image, and a brand new raw image with Full Disk Encryption.

Users who want to try our FDE image within a VM will need to make sure that they’re using emulated tpm-2 chip and UEFI. This can be achieved easily with virt-manager.

SLE Micro 6.0 dropped the traditional installer in favor of self-install media, therefore Leap Micro 6.0 doesn’t have it either.

The new Packages image is not a bootable media. This is just an image with an offline repository in case you need it.

Leap Micro 6.0 comes for the first time also with Public Cloud Images.

Images will soon be available with all major public cloud providers. 

Upgrading from 5.X

A recommendation is to make a clean install since this is a brand-new major version.

For those who’d like to try migration, please follow the upgrade guide.

Release Notes

Users can refer to SLE Micro 6.0 Release notes.

Leap Micro 6.0 uses openSUSE-repos for repository management. It is highly recommended to pay attention to this detail, especially for those who migrate. Here is an article explaining how openSUSE repos work.

Leap Micro 6.0 has no longer a dedicated SLE update repo. This has been merged into the main repository.

Last week I had the opportunity to speak at KCD Italy, a Kubernetes Community Days event. I delivered a talk titled “How to leverage and extend CEL for your cluster security”. The talk gives an overview about the Common Expression Language (CEL), Kubernetes ValidatingAdmissionPolicy, and Kubewarden.

While the talk has been delivered in Italian, the slides are in English and can be found here.