Linux User Group of Mauritius Promoting open source software in our beautiful island

1Apr/200

क्या openSUSE Asia Summit 2020 अब भी भारत में होगा ?

Posted by Ish Sookun

इस प्रश्न का उत्तर जानने के लिए हमें जुलाई के महीने तक इंतजार करना होगा।

१७ मार्च को openSUSE Board की बैठक हुई। यह निर्णय लिया गया कि इस समय हम केवल COVID-19 की स्थिति देख सकते हैं और जुलाई तक इंतजार कर सकते हैं जब बोर्ड द्वारा openSUSE.Asia Summit और oSLO 2020 को लेकर कुछ निर्णय लिया जाएगा।

तब तक सुरक्षित रहें और यदि आप का देश लॉकडाउन में हैं तो कृपया घर पर रहें।

Filed under: Hindi, India, openSUSE No Comments
9Mar/200

DevCon 2020 | Kubernetes – Introducing through openSUSE MicroOS & Kubic

Posted by Chittesh Sham

Guest post by Chittesh Sham 😉

DevCon 2020 is just about three weeks away and the hype is real.

People know me as a friendly neighborhood SysAdmin and this year I am excited to announce that I will be co-hosting a presentation alongside Ish at the Developers Conference. It has been a long time coming, and as you might have noticed Ish has been building up to this one, starting with his Kubic Presentation at DevCon 2019 , openSUSE MicroOS in Production talk at openSUSE Conference 2019 and a workshop on Managing Pods & Containers at the openSUSE Asia Summit.

Half Left - Kubernetes Logo ; Half right MicroOS logo 😊

We have been experimenting with a bunch of tools such as Podman, Buildah, Skopeo and openSUSE Kubic for a while now and we would like to share our experience.

Our presentation is scheduled on Saturday 4 April 2020, 2:30pm - 3:15pm in the Kryptone room at the Caudan Arts Centre. We will also be around for all three days at the conference, so if you want to grab a coffee and geek out on openSUSE and Kubernetes, don't hesitate to hit us up!

I would like to give express my gratitude to the Linux Foundation and Cloud Native Computing Foundation (CNCF) for their support. I was impressed by Chris Aniszczyk, especially how quickly he reacted to show his support upon noticing our talk.

See you at DevCon Geeks! 🤓

1Mar/200

openSUSE community welcomes new board member

Posted by Ish Sookun

The results of the openSUSE Board election were published on 1 February 2020. The community welcomed Sarah Julia Kriesch and Simon Lees as they started their new term.

However, ten days later, Sarah stepped down, leaving a vacant seat on the board. Under such circumstance and the board election rules, the sitting board may appoint someone until the next board election.

On 27 February 2020, openSUSE Chairman Gerald Pfeifer, announced the appointment of Vinzenz Vietzke as board member. His appointment was unanimously supported by the Board and the openSUSE Election Officials.

Filed under: openSUSE No Comments
28Feb/200

DRM Plugin crashes after openSUSE Tumbleweed update

Posted by Ish Sookun

A few days ago openSUSE users started complaining about DRM Plugin crashes in Firefox after running a Tumbleweed update.

Netflix requires the DRM plugin in Firefox to be able to play encrypted videos. The plugin would crash due to a bug in Firefox 73. While this bug affected not just openSUSE users, but everyone using Firefox 73, it became apparent to TW users as v73 landed in the Tumbleweed repo.

Mozilla fixed the bug in the 73.0.1 release. I tweeted about that a little more than a week ago.

Firefox 73.0.01 is now available in the Tumbleweed repo. So, a quick update should fix your Netflix. 😉

Information for package MozillaFirefox:
---------------------------------------
Repository     : openSUSE-Tumbleweed-Oss                 
Name           : MozillaFirefox                          
Version        : 73.0.1-1.1                              
Arch           : x86_64                                  
Vendor         : openSUSE                                
Installed Size : 186.7 MiB                               
Installed      : Yes                                     
Status         : out-of-date (version 73.0-1.1 installed)
Source package : MozillaFirefox-73.0.1-1.1.src           
Summary        : Mozilla Firefox Web Browser             
Description    :                                         
    Mozilla Firefox is a standalone web browser, designed for standards
    compliance and performance.  Its functionality can be enhanced via a
    plethora of extensions.
Filed under: openSUSE No Comments
15Feb/200

oSLO Conference 🐧

Posted by Ish Sookun

oSLO is short for openSUSE + LibreOffice.

The two projects are celebrating their 15ᵗʰ and 10ᵗʰ anniversary respectively in 2020. To mark the occasion, openSUSE and LibreOffice projects are organizing a joint conference from 13ᵗʰ to 16ᵗʰ October 2020 in Nuremberg, Germany. The conference will take place at Z-bau (Frankenstraße 200). It is the same location where last year's openSUSE Conference was held.

openSUSE and LibreOffice conferences are meant to bring like minded people together to discuss about topics relative to the projects. People can learn, teach and share their passion about the projects.

Last September, openSUSE announced a logo design competition for this co-conference with LibreOffice. Early this month the winner of the competition was announced. Kukuh Syafaat from Indonesia won the hearts of the co-conference organizing team.

Logo design by Kukuh Syafaat for oSLO Conference, Nuremberg.

The conference is free to attend. Mark you calendar & join the fun!

Call for Papers

The organizing team is currently accepting proposals for sessions. The deadline for submission is 21 July 2020.

Tagged as: No Comments
2Feb/200

openSUSE Board election 2019-2020 result

Posted by Ish Sookun

The openSUSE Board election 2019-2020 reached an end on the night of 31 January 23h59 CET after running for about two weeks.

Four candidates ran in this election and the result is as follows:

Simon is re-elected and gets to serve for another term while Sarah replaces outgoing board member Gertjan Lettink.

281 out of 500 eligible members voted in this election.

Filed under: openSUSE No Comments
28Dec/190

openSUSE Board election 2019-2020

Posted by Ish Sookun

This year's openSUSE Election Committee is composed of Ariez Vachha, Edwin Zakaria and myself. Ariez joined the committee for the first time, while Edwin and I have worked together on the previous Board election. Weeks ago, after consulting the election rules and brainstorming a bit, we came up with an election schedule that spans over several weeks, starting in December 2019 until January 2020.

Image credit goes to openSUSE member Aris Winardi

Candidates

As the call for nominations and applications ended on 25 December, we had a list of four candidates for the two seats on the openSUSE Board. The candidates are:

The election campaign now begins. Members are encouraged to ping the candidates and ask them questions about their views and ideas that they'd like to bring on the the openSUSE Board.

Filed under: openSUSE No Comments
23Nov/190

अगला openSUSE Asia Summit भारत में होगा

Posted by Ish Sookun

पिचले सितंबर को Bali, Indonesia के Udayana University में openSUSE Asia Summit 2019 घटित हुआ। लगातार दो दिनों तक दुनिया के कोने कोने से आए हुए इंजीनियरों, डेवलपर्स, डिजाइनरों और कइ तरह के openSUSE योगदानकर्ताओं ने मिलकर तकनीकी प्रदर्शन तथा अन्य कार्यशालाएँ आयोजित कीं।

इस सम्मेलन के द्वारा openSUSE समुदाय अपने उपयोगकर्ताओं और योगदानकर्ताओं को एक साथ लाता हें ताकि इन में openSUSE प्रोजैक्ट को लेकर बातचीत हो सके। बोर्ड के सदस्य समुदाय को प्रोजैक्ट से संबंधित जानकारी देते हैं। नए उपयोगकर्ता इस सम्मेलन से बहुत लाभ उठा सकते हैं।

सम्मेलन के समापन समारोह से पहले यह घोषित कि गइ की अगला सम्मेलन, याने कि openSUSE Asia Summit 2020, मानव रचना इंटरनेशनल इंस्टिट्यूट ऑफ़ रिसर्च एंड स्टडीस (Manav Rachna Int'l Institute of Research & Studies), फरीदाबाद, हरियाणा, भारत (Faridabab, Haryana, India) में होगा। इंस्टिट्यूट की प्रतिनिधि, शोभा त्यागी, ने विस्तार से अपना प्रस्ताव बाताया जोकी सम्मेलन के आयोजकों ने स्वीकार किया।

Tagged as: No Comments
12Nov/190

Debugging on MicroOS made easier with toolbox

Posted by Ish Sookun

Until now, it was not easy to run debugging tools on openSUSE MicroOS or Kubic for the simple reason that installing any package using the transactional-update in package_name command would require a reboot for the program to be available on the system. Why so? MicroOS & Kubic use transactional updates and thus, the root filesystem is mounted as read-only. Packages that are installed are available in a "snapshot" which is selected at the next boot. openSUSE MicroOS & Kubic fall in the category of immutable operating systems.

One couldn't just reboot the system every time a simple program was needed - e.g using Vi to edit a YAML config or using database client utils for a rapid inspection.

But now we have a toolbox script available in MicroOS & Kubic that allows us to launch a container and use debugging utilities that can interact with the host. The script is written in Bash and it is based on CoreOS/toolbox.

Thorsten Kukuk, SUSE Engineer & Architect (SLES / MicroOS), announced the availability of the toolbox container on the openSUSE Kubic mailing list in October.

The toolbox script resides in the system $PATH and thus can be called directly. On its first execution, the script will pull the toolbox container from the openSUSE Container Registry.

microos:~ # toolbox
Trying to pull registry.opensuse.org/opensuse/toolbox...
Getting image source signatures
Copying blob 92a022f7c0d8 [>-------------------------------------] 2.8MiB / 122.9MiB
Copying blob f0c8107beec9 [==>-----------------------------------] 3.0MiB / 36.4MiB

The host root filesystem can be accessed at /media/root/ and since the toolbox container is spawned as the root user, the files will be modifiable.

toolbox:/ # ls /media/root/
bin   dev  home  lib64	opt   root  sbin     srv  tmp  var
boot  etc  lib	 mnt	proc  run   selinux  sys  usr

Non-root toolbox containers will have read-only access to the host files, unless the --root flag is provided.

ish@microos:~> toolbox --root

Next, use zypper to install the required utilities and interact with the host and other containers.

Exiting toolbox will stop and the container and next time the script is called, the container is started again. Therefore, previously installed utilities remain available.

Each toolbox container is named by appending the username calling it, e.g toolbox-ish.

microos:~ # podman ps --format "{{.ID}} {{.Status}} {{.Names}}"
7f61fba95487 Up 10 minutes ago toolbox-ish
00ada606ec4f Up 33 minutes ago toolbox-root
5Nov/190

Understand networking in Podman

Posted by Ish Sookun

I received a message on Twitter on 17 October from a fellow who attended the openSUSE Asia Summit 2019. Strangely, I didn't get any notification about it and it's only today that I read the message. He also attended my workshop on openSUSE MicroOS and had some questions regarding inter-Pod communication.

As a quick response, I explained him very breifly about "container networking" and pointed him to the Kubernetes documentation on IP allocation. I do realize though, that most of the times, documenation can be lengthy and {boring}, and that you would just want a simple article or blog post that clears your doubts.

Tell me about Podman networks

Rootless containers (i.e containers started using Podman as a regular user) do not obtain an IP address. Podman uses slirp4netns to allow Internet connectivity inside the container.

Communication with a rootless container is achieved by mapping the container ports to the host, e.g using -p 8080:80 to map a webserver port 80 to the host on port port 8080.

$ podman run -dt --name webserver -p 8080:80 nginx
$ curl http://localhost:8080

Therefore, two rootless containers can communicate over their published ports on the host. Let's experiment this by starting an openSUSE Leap container and installing the telnet package.

$ podman run -dt --name leap leap
$ podman exec -it leap bash

4a0f95e011b9:/ # zypper in telnet

We run ip a s on the host to find its IP address. Say the IP address is 192.168.100.8. Now, from within Leap container let's telnet port 8080 over the host IP.

4a0f95e011b9:/ # telnet 192.168.100.10 8080
Trying 192.168.100.10...
Connected to 192.168.100.10.
Escape character is '^]'.

The connection went through successfully, meaning from the Leap container we've been able to access the Nginx container through it's mapped port on the host.

This same experiment can be repeated using two different pods, say you have a pod that contains your web services and another pod that contains your databases.

$ podman pod create --name webservice -p 8080:80
$ podman run -dt --name webserver --pod webservice nginx

$ podman pod create --name db -p 3306:3306
$ podman run -dt --name mariadb --pod db -e "MYSQL_ALLOW_EMPTY_PASSWORD=yes" mariadb

The Nginx container will be able to reach the MariaDB database over 192.168.100.10:3306 as the same port is mapped on the host.

Ideally, these two containers could have been created in the same pod and therefore share the same network space. Then, the Nginx container would reach the database over localhost:3306 easily.

I used the above Nginx/MariaDB example to explain rootless inter-Pod communication, which was the question that was asked to me initially.

What about rootfull containers?

Rootfull containers are those that are created using Podman with root privileges, either by the root user itself or using sudo privilege.

Containers created using Podman with root privileges obtain an IP address. Podman then uses the Container Network Interfec (CNI) instead of slirp4netns for networking provisioning.

Details about the network subnet is found in the CNI config file.

$ cat /etc/cni/net.d/87-podman-bridge.conflist

{
    "cniVersion": "0.3.0",
    "name": "podman",
    "plugins": [
      {
        "type": "bridge",
        "bridge": "cni0",
        "isGateway": true,
        "ipMasq": true,
        "ipam": {
            "type": "host-local",
            "subnet": "10.88.0.0/16",
            "routes": [
                { "dst": "0.0.0.0/0" }
            ]
        }
      },
      {
        "type": "portmap",
        "capabilities": {
          "portMappings": true
        }
      }
    ]
}

So, let's start a container with root privileges and see.

$ sudo podman run -dt --name db postgres

$ sudo podman inspect -f "{{.NetworkSettings.IPAddress}}" db
10.88.0.30

The podman inspect ... command returns the container's IP address and the same is ranged within the subnet specified in the CNI config. The PostgreSQL database can be accessed over 10.88.0.30:5432 from the host or from within any other container started using root privileges.

$ telnet 10.88.0.30 5432
Trying 10.88.0.30...
Connected to 10.88.0.30.
Escape character is '^]'.