Virtual ipmi interface

Kvm/qemu support virtual ipmi devices which can be used to test ipmitool related commands on a virtual machine. These feature is barely documented, but is use able.

There are two components, the ipmi device of kvm/qemu and a ipmi simulator which is part of the ipmitools package.

Adding the ipmi device

The ipmi device can be added to qemu as command line argument, which is

-device ipmi-bmc-sim,id=virt-bmc -device pci-ipmi-kcs,bmc=virt-bmc,id=virt-bmc-pci

** Warning **

This changes the pci is, so other device need new ids

Unfortunately this device isn’t presented by the libvirt interfaces, but can be added to the xml configuration directly with the following lines

  <qemu:commandline>
    <qemu:arg value="-device"/>
    <qemu:arg value="ipmi-bmc-sim,id=virt-bmc"/>
    <qemu:arg value="-device"/>
    <qemu:arg value="pci-ipmi-kcs,bmc=virt-bmc,id=virt-bmc-pci"/>
  </qemu:commandline>

Connect device to simulator

Its also possible to connect this kvm/qemu to a ipmi simulator running on the host. The xml changes to

  <qemu:commandline>
    <qemu:arg value="-chardev"/>
    <qemu:arg value="socket,id=ipmi0,host=localhost,port=9002,reconnect=10"/>
    <qemu:arg value="-device"/>
    <qemu:arg value="ipmi-bmc-extern,id=virt-bmc,chardev=ipmi0"/>
    <qemu:arg value="-device"/>
    <qemu:arg value="pci-ipmi-kcs,bmc=virt-bmc,id=virt-bmc-pci"/>
  </qemu:commandline>

where we had to add an additonal chardev which connects to the ipmi simulator. The simulator can be started with

ipmi_sim /etc/ipmi/lan.conf -f /etc/ipmi/ipmisim1.emu -s $IPMISTATDIR

The configuration files under /etc/ipmi are part of the ipmitool package. Important is the $IPMISTATDIR which can contain addtional SDRs. A simple SDR with a temperature sensor can be added adding the followiing lines to the file $IPMISTATDIR/ipmisim1/sdr.20.main:

last_add_time:i:1691752652
6:d:\06\00Q\11\140\03\80\00\00\10\00\08\02\00\c9mm2frudev
5:d:\05\00Q\02" \00\02\08\01\00\00%o\03\00\03\00\03\00\c0\00\00\00\00\00\00\00\00\00\00\c7mm1pres
4:d:\04\00Q\0120\00\01\07\01E\00\01\01\00\00\00\00\00\00\00\01\00\00\01\00\00\01\01\00\00\00\00\00\ff\00\00\00\00\00\00\00\00\00\00\00\00\c7SubTemp
3:d:\03\00Q\011 \00\01\07\01E\00\01\01\00\00\00\00\00\00\00\01\00\00\01\00\00\01\01\00\00\00\00\00\ff\00\00\00\00\00\00\00\00\00\00\00\00\c6MBTemp
2:d:\02\00Q\03\14 \00\00\07\01#o\00\00\00\00\c8watchdog
1:d:\01\00Q\12\14 \00\00\8f\00\00\00\07\01\00\c9IPMI sim1

Have a lot of fun.

Confluent/Xcat quickstart guide for (open)SUSE

At first you need a least a compute cluster containing of one orchestrator and one node. For testing purpose a terrform configuration for setting this up is available under:

https://github.com/warewulf/warewulf-testenv

Install confluent

Add the reop and the keys

rpm --import https://hpc.lenovo.com/yum/latest/suse15/x86_64/lenovohpckey.pub
zypper install https://hpc.lenovo.com/yum/latest/suse15/x86_64/lenovo-hpc-zypper-1-1.x86_64.rpm

After that the confluent package can be installed with

zypper install lenovo-confluent

Unfortunately the dependency the python dbm package is missing and must be installed with

zypper install python3-dbm

To enable the service run

systemctl enable confluent --now

and enable also tftp with

systemctl enable --now tftp

Enable web client

Follow the steps under https://hpc.lenovo.com/users/documentation/installconfluent_suse.html or do following

cp /etc/apache2/vhosts.d/vhost-ssl.template /etc/apache2/vhosts.d/mySSL.conf

and create the SSL certificate with

osdeploy initialize -t

and enable SSL for apache with

a2enmod rewrite
a2enflag SSL
systemctl enable apache2 --now

Now a user root in this case can be added to the web gui with

confetty create /users/root role=admin

Configure cluster

Add nodes

Add global variables to everything group in which all nodes are part of

nodegroupattrib everything deployment.useinsecureprotocols=firmware console.method=ipmi dns.servers=172.16.16.1 dns.domain=cluster.net net.ipv4_gateway=172.16.16.1

The option deployment.useinsecureprotocols=firmware allows iPXE installations deployment.useinsecureprotocols=firmware allows iPXE installations. Secrets and passwords can be added with

nodegroupattrib everything -p bmcuser bmcpass crypted.rootpassword crypted.grubpassword

which will add the BMC/User with password and the cluster wide root password and as well the password to access grub.

Now the nodes can be added with

for i in {1..4}; do nodename=n$(printf %02i $i); nodedefine $nodename net.ipv4_address=172.16.16.${i}; done

Add the entries to /etc/hosts with

noderun -n n01-n04 echo {node}  {net.ipv4_address} >> /etc/hosts

Add OS

Before any OS can be added certificates for the OS deployment must be create with

osdeploy initialize -i

and import the SLE iso with

osdeploy import SLE-15-SP5-Full-x86_64-GM-Media1.iso

the imported image can be checked with

osdeploy list

Since last Friday, librsvg is available from crates.io. You can add this line to your dependencies in Cargo.toml:

librsvg = "2.57.0-beta.2"

I am nailing down the release process for this, but my intention is that starting with GNOME 45 / librsvg-2.57.0, the Rust crate will be in sync with the GNOME release schedule: a stable minor release every six months, and micro releases regularly and as needed.

For now, these releases are equivalent and contain the same code:

• 2.56.92 (the usual tarball, beta release before GNOME 45)
• 2.57.0-beta.2 (release for crates.io)

Both git tags exist in gitlab.gnome.org's repository and point to the same commit.

While GNOME uses .9x micro version numbers to identify alpha or beta releases, Rust uses Semantic Versioning, which allows for the -beta.2 suffixes. I'll keep the corresponding schemes and add both git tags to the release commits.

Dear Tumbleweed users and hackers,

At least over here where I live, the last few days we had slightly less summery time and more rain – and bad weather means more work in front of the screen. The same thing likely happened to other contributors, looking at the things we passed through staging or are still there. This week has seen 7 snapshots (0804..0810).

The most relevant changes during this week were:

• Mesa 23.1.5
• openSSL 3.1.2
• Linux kernel 6.4.8 & 6.4.9
• Libvirt 9.6.0
• Perl 5.38 (incl all perl modules rebuilt)
• GCC 13.2
• LibreOffice 7.6.0.1 & 7.6.0.2
• QEmu 8.0.4

Staging projects are currently testing these changes:

• Meson 1.2.1
• Python 3.11, configured for PEP-0688 (externally managed system tree)
• Node.JS 20.5.1
• glibc 2.38
• NetworkManager 1.44.0
• systemd 253.8
• Mozilla Firefox 116.x
• FMT 10: breaks mariadb boo#1213219 and ceph boo#1213217; help welcome
• libxml2 2.11.x
• oxygen 1.9.7 – breaks wxPython build

Tumbleweed snapshots didn’t lack excitement this week as multiple packages received updates and a couple major versions arrived for openSUSE rolling release users this week.

The 20230809 snapshot provided an update of GNU Compiler Collection. GNU Compiler Collection. The new 13.2.1+git7683 version for developers that rely on the compiler includes the 13.2 release and various fixes. Notably, the update addresses a patch for a broken testcase in libbacktrace, which resolves build issues on SUSE Linux Enterprise Server 12. GNOME users received an update of gtk4 4.10.5. The release addresses various issues, including fixing ordering problems with filter model signals, avoiding lingering resize cursors, and resolving alignment issues on the Scalable Processor Architecture. The fuse3 3.16.1 package, which is an interface for userspace programs to export a filesystem to the Linux kernel, had some enhancements with an ability to enable readdir kernel cache from the high-level Application Programming Interface. Office suite libreoffice received a minor version update to 7.6.0.2 a day after updating from the 7.5.4.2 version. This release incorporates bug fixes and updates to bundled dependencies, which ensures a more stable and feature-rich office experience. A third update this week of libstorage-ng 4.5.136 had translation updates for Indonesian. The upower package for power management and device information updated to version 1.90.2. Notably, the release marks the end of lid handling in UPower since the functionality will now be provided by logind. A few other packages updated in the snapshot like python-importlib-resources, which updated to major version 6.0.1 and removed legacy functions deprecated in 5.3; it require Python 3.8 or later.

LibreOffice was updated in snapshot 20230808. The change from 7.5.4.2 to 7.6.0.1 incorporates a wide array of features, bug fixes and improvements like the handling fonts. It fixed an issue with an infinite loop when changing the document language. The package added missing dependencies on Java Runtime Environment (64 Bit) for RISC-V 64. The pipewire multimedia framework updated to 0.3.77. This update included a fix for Advanced Linux Sound Architecture sources to prevent xruns and a new L permission to force node links. The Virtual Broadcast Audio Network module now supports Musical Instrument Digital Interface and a range of cleanup and fixes were made with the package. An update of KDE editor okteta to version 0.26.13 improves translations, decoding tables, and structures tools. It also improves CMake Unity builds that are now possible.

Some changes for GNOME became available in snapshot 20230807. The gnome-software package rolled out version 44.4. This update introduces several noteworthy improvements like enhancing error notifications from failed GPG checks and improving the handling of updates that involve the removal of some packages to fulfill dependencies. Perl enthusiasts will be delighted with it’s current major version release in Tumbleweed. The 5.38.0 version introduces a host of new features, including the class feature and support for unicode 15.0. The language also improves defined-or and logical-or assignment default expressions in signatures, and more. There was a significant deprecation in the release with the use of ‘ as a package name separator. There was some translation enhancements for Georgian users with openSUSE’s libstorage-ng 4.5.135 update. There was also an update of python-alembic 1.11.1 in the snapshot, which was also a major release. It modified calling signatures and had fixes for typing use of SQLAlchemy classes along with some enhancements in error handling.

Snapshot 20230806 had about a handful of packages updated. An update of the plasma5-desktop 5.27.7.1 includes a fix for an issue where applets did not return focus after pressing an applet shortcut, and a fix for a missing feature providing more fluid and seamless handling was made for the desktop environment. The 9.6.0 libvirt update includes an upstream commit to fix max file limits in systemd, contributing to smoother operations for virtualized environments. Python developers get an update that aligns with the latest changes in libvirt to ensure compatibility and seamless integration for Python-based virtualization tasks. The libzypp package management library underpinning openSUSE’s software management received an update to version 17.31.18. The version addresses the respect of ZYPP_READONLY_HACK when checking the zypp-rpm lock. Version 2.40.5 of webkit2gtk3 introduces several crash and rendering fixes, along with multiple security fixes addressing vulnerabilities like CVE-2023-38133, CVE-2023-38572 and more.

The Linux Kernel updated in snapshot 20230805. The kernel-source 6.4.8 release had some Btrfs fixes and some changes related to KVM (Kernel-based Virtual Machine) with the s390 architecture. The GNU Multiple Precision Arithmetic Library gmp 6.3.0 update brought better handling of integer overflow, enhanced error handling for malformed files and improved support for building Link-Time Optimization. An update of harfbuzz 8.1.1 addresses a regression introduced in the previous version. There were also optimizations made to speed up font loading, subsetting and shaping. The 4.6/6 yast2-installation update fixed a status label toggle issue and improved the user interface and experience during software installation. The first of three libstorage-ng updates for the week came with the 4.5.134 update in this snapshot.

Graphics improved in snapshot 20230804 as Mesa 23.1.5 updated. The release notes show that several fixes were made to different graphics drivers, including Radeon, ANV and more. The Intel ANV driver no longer experiences GPU hangs on Multisample Anti-Aliasing tests with Angle. Gamers might enjoy the SDL2 2.28.2 update.The software package takes a leap forward by addressing various issues and ensuring better compatibility. The update fixes controller lockup initializing some unofficial PS4 replica controllers, according to the changelog. An update of openssl-3 3.1.2 addresses potential vulnerabilities that include excessive time spent checking DH parameter values and proper handling of associated data entries with AES-SIV encryption. The update of dracut introduces a series of critical fixes and features. These improvements covered a wide range of areas, including systemd-udevd, systemd-journald, base functionality, and more. The openssl-3 3.1.2 update includes fixes for the proper handling of associated data entries with AES-SIV encryption. Another update in the snapshot was made to for the policy analysis tool for SELinux; The setools 4.4.3 version includes better compatibility with Cython 3.0.0 and enhanced manpages.

Tumbleweed users have the option of choosing between open GPU kernel modules or proprietary drivers and can get more information on using NVIDIA GPU drivers on openSUSE Tumbleweed. Tumbleweed users are presented with a choice between open GPU kernel modules and proprietary drivers, and can find guidance on using NVIDIA GPU drivers on openSUSE Tumbleweed. Within the openSUSE repositories, NVIDIA’s proprietary drivers are available for installation through zypper. It’s important to recognize that these proprietary drivers originate from the NVIDIA repository due to licensing restrictions. Additionally, users can enhance their experience with improved download accessibility and reduced latency by enabling the 3rd party NVIDIA repository. Furthermore, users can elevate their experience with enhanced download accessibility and reduced latency through the sponsorship of a CDN subscription by Fastly.com, benefiting download.opensuse.org.

Happy 18th Birthday to openSUSE! It’s that time of the year once again where we will raise our virtual glasses and celebrate the remarkable journey of open-source innovation.

On August 9th, 2005, an announcement was made during the LinuxWorld Conference & Expo in San Francisco, giving birth to what we now know as the openSUSE Project.

The now defunct company known as Novell unveiled openSUSE to the technology world with excitement. Riding on the heels of the success of Red Hat’s announcement of Fedora, it was natural for Novell to embrace the open-source movement and introduce its own community-driven Linux distribution.

The journey of openSUSE officially began with the release of beta versions of SUSE Linux 10.0 under the banner of openSUSE.org. The first official release under the openSUSE name was 10.2.

As we celebrate 18 years of openSUSE, it’s an opportune moment to reflect on the incredible journey this project has undertaken. Here we are years later and openSUSE stands strong with a lot of experiences endured by the community and its main sponsor SUSE. SUSE joined Novell in 2003, which broadened its horizons and influence. Six years later Novell made the announcement of the openSUSE Project there was an acquisition of SUSE by The Attachmate Group, which was later integrated into Micro Focus in 2014; this point in time showcased SUSE’s resilience. EQT added a unique touch in 2018 with the purchase of SUSE. In 2021, SUSE’s public debut on the Frankfurt Stock Exchange highlighted its dynamic evolution and enduring voyage as an open-source company.

To celebrate the project’s 18th Birthday, consider joining openSUSE’s virtual bar, where open-source enthusiasts from across the globe can gather to celebrate, connect, and share their passion for openSUSE. Known as slash bar (/bar), the virtual doors to meet others with a similar passion remain open. Join in or listen to the openSUSE bar’s playlist on Spotify.

As the world evolves, so does openSUSE, and we hope you celebrate along with us for turning 18. Let’s toast to 18 years of open-source excellence and look forward to the exciting chapters that lie ahead. Happy 18th Birthday, openSUSE! Here’s to the journey and the future!

openSUSE Tumbleweed is a rolling release distribution, so it's ideal for developers and users that like to have the bleeding edge software.

It's also really "stable" to be a rolling release, from time to time you can find a broken package because of one package is updated and another one is not compatible yet, but it's something that doesn't happen too often thanks to openqa tests, so you don't need to worry about a breaking system.

You can find the Python interpreter and a lot of python modules in every Linux distribution, but Tumbleweed does an interesting thing for Python.

Default Python version (python3 -> python-3.11)

If you don't worry about the python version, you can just rely on python3. In Tumbleweed python3 is not a real package, but the default python version provides python3, so depending on when you install python3 you will get a different package, if you install it today (August 2023) you'll get python311.

In your system you'll have the /usr/bin/python3 binary that points to the default python, so you don't need to worry about the current version, you'll have there the default Python version for the operating system.

In addition to the Python interpreter, you can find in the distribution a lot of python modules, but again you can use the default version, so, for example, if you want to install poetry, you just use zypper install python3-poetry and that will install the real package python311-poetry.

Multiple python versions (3.8, 3.9, 3.10, 3.11)

Besides the default Python, in Tumbleweed you can also find other supported Python interpreters. Right now you can find all the Python versions currently supported by the Python Foundation, from 3.8 to 3.11.

For Python 3.8 you'll only find the interpreter, because the python modules are not built anymore, but for all the other versions you can find almost the same modules.

All python modules that provide binaries uses the update-alternatives, so you can configure in your system the version that you want to use as default. For example, if you want to use the 3.9 version of poetry, having installed different versions you can decide what /usr/bin/poetry points to:

$ sudo zypper in python311-poetry python39-poetry
$ sudo update-alternatives --config poetry

/usr/bin/python3 is a link provided by the default python package, so you can't modify with update-alternatives, so if you want to use a different python version, make sure to do the correct call with the full name python3.9, and use the correct shebang in your python scripts, for example #!/usr/bin/env python3.9.

What happens when default changes?

This way of distributing Python interpreter and modules is useful, because you don't need to update your software to work with the latest Python version, if your software requires another version, you can just install and continue using it, even on a bleeding-edge distribution like Tumbleweed.

But this method has some problems. When the default Python interpreter is changed in the distribution, all packages that depends on python3 will be updated, and that works correctly. But if you have installed some python module using the python3 prefix, that package, and all dependencies, is not updated automatically.

For example, if you installed python3-poetry when python3.10 was the default system, and then the distribution updates the system Python to python3.11, you don't get the python311-poetry package by default, you'll need to install it again. This could break you software, because if you use python3 and the dependencies are not updated, you'll find that some dependencies are not installed after updating.

For that reason, when the default python is changed in Tumbleweed, if you've software that rely on python3 you should make sure to install dependencies again by hand. And also you can do a cleanup and remove all old version packages that you don't need anymore.

If you just want the latest version you can just do all at once with a simple script like this:

#!/bin/bash
# up-py-tw.sh

FROM=$1
TO=$2

if [ $# -lt 2 ]
then
    echo "Usage:   up-py-tw.sh FROM TO"
    echo "example: up-py-tw.sh 310 311"
    exit 0
fi

echo "Updating python packages from $FROM to $TO"

OLDP=$(zypper -q search -i python${FROM}-* | tail --lines +4 | cut --delimiter \| --fields 2)
NEWP=$(echo $OLDP | sed "s/python${FROM}/python${TO}/g")

sudo zypper in $NEWP
sudo zypper rm $OLDP

You should verify what will be installed and what will be removed to make sure that just the python related packages are removed. It's possible that other packages depend on a python version that's older than the system one and that's okay.

Beta version (3.12.0b4)

In Tumbleweed, right now you can find all the supported Python versions, but it's not just that. At this moment you can also find the beta version of the next Python interpreter.

$ sudo zypper in python312

So if you are adventurous and want to test some new feature in the next Python release, you can do it with the version provided there. This version could also be used by openSUSE packagers to test the packages before the Python version is released so it allow us to prepare everything for the release and it could be in the distribution earlier and more tested.

Development

All this multiple python versions is done at distribution level and usually there's only one source package that produces the python39-foo, python310-foo and python311-foo. The source package is usually called python-foo and can be found in the Python devel project.

These packages spec uses the python-rpm-macros to generate all the versions from one source. If you're a packager you can find more information on the openSUSE wiki about Python Packaging.

Dear Tumbleweed users and hackers,

As so often during the vacation season, I take some Fridays off and am punished for it by having to do reviews spanning more than one week. The same thing happened this time, so you had to wait an extra week again to find out what happened in Tumbleweed. A total of 10 snapshots have been published since my last review (0719, 0724, 0727..0731, 0801, 0802, and 0803). Between 0719 and 0724, there was a more significant gap due to SUSE moving some infrastructure between data centers.

The most relevant changes delivered during the last two weeks include:

• Qemu 8.0.3
• systemd 253.7
• Linux kernel 6.4.4 & 6.4.6
• openSSH 9.3p2
• PHP 8.2.8
• Mesa 23.1.4
• cURL 8.2.0 & 8.2.1
• GStreamer 1.22.5
• Samba 4.18.5
• Mozilla Firefox 115.0.3
• KDE Plasma 5.27.7
• Inkscape 1.3

Staging projects are well used, and we have the following changes in the queue for testing:

• glibc 2.38
• Mesa 23.1.5
• Mozilla Firefox 116 (fails to build on i586, aarch64, armv7l – inclusion blocked)
• Linux kernel 6.4.8
• Perl 5.38.0
• Python Sphinx 7.1.x