openSUSE:ALP/Workgroups/SysMngmnt/ContainerizedYaST
Goal
The ALP System Management work group did some research and created a document containing the conclusions of such a research and the plans and commitment for the first ALP prototype on September 2022: conclusion.md
As part of the result, the work group is developing an experimental prototype of YaST running in a container. It does not need any YaST package in the system, even Ruby is not needed, everything is included in the container.
Status
Updated: 2022-10-20
- Done
- Many YaST clients already adapted to run containerized: AddOn, Bootloader, CheckMedia, Firewall, Host, iSCSIClient, Kdump, Keyboard, Language, Journal, LAN, NTPClient, Proxy, ReleaseNotes, Remote, ServicesManager (although it runs slower than on normal system), SWSingle, SWSource, Timezone, Users, Vendor, Messages
- Several modules adapted to work in transactional systems, although currently some clients work only in the non-transactional variant of ALP
- Documented challenges and decisions regarding software installation on transactional systems
- Implemented initial handling for transactional system when some package needs to be installed
- Documented how to execute the containerized YaST, see next section which even includes a hint to execute the graphical YaST remotely in systems with no graphical environment nor YaST
- Make libyui-rest-api available at the containers for openQA (see the *-test-api containers in the Usage section below)
- Planned:
- Small reorganization of the documentation (and the now obsolete yast-in-container repository)
- Fix several things that doesn't work well with containerization and/or with transactional systems
- Speed up services manager
- Try other methods to reduce the size of the container images even further
- For more (scattered) details, see blog posts: 2022-07-19, 2022-08-02, 2022-08-23, 2022-09-06, 2022-09-22, 2022-10-20.
Usage
There are five âofficialâ containers for YaST, all available at the repository SUSE:ALP:Workloads.
The repository, as the name suggests, is supposed to provide containerized workloads to be executed on top of ALP. But in the case of YaST, that repository is the official source for containerized YaST no matter if you execute it on top of ALP, the latest SLE, the latest Leap or openSUSE Tumbleweed.
Management Containers
There are several containers with different user interfaces (UI).
- yast-mgmt-ncurses - the base container image, contains YaST with text mode (ncurses) user interface
- yast-mgmt-qt - this image adds the graphical (Qt-based) user interface, if the graphical interface is not available it falls back to the text mode
- yast-mgmt-web - adds web access by exposing the standard graphical (Qt) UI in a VNC server and using Javascript VNC client to render the screen in a browser
Testing Containers
These containers are intended for automated testing of the containerized YaST itself. They should be used by the openQA or other automated tests.
Do not use these containers in a production environment! Using the testing API has some security consequences!
- yast-mgmt-ncurses-test-api - adds the REST API used to control the text-based interface in the openQA tests and that should not be used in production systems
- yast-mgmt-qt-test-api - equivalent to the previous one but with the graphical Qt interface
Running the Containers
A containerized YaST can be executed in any supported system by doing:
podman container runlabel run registry.opensuse.org/suse/alp/workloads/tumbleweed_containerfiles/suse/alp/workloads/yast-mgmt-ncurses:latest
Replace âncursesâ by âqtâ, âwebâ, âncurses-test-apiâ or âqt-test-apiâ to enjoy the alternative versions.
The route is a bit redundant and maybe it will change in the future, but thatâs out of the control of the YaST Team.
Notes
Using the Graphical UI with SSH X Forwarding
You can use the yast-mgmt-qt image remotely or with your local X server. The SSH X forwarding requires the xauth package installed on the remote machine. That package is not installed in the default ALP system, you need to install it manually.
transactional-update pkg install xauth reboot
If you run this from an SSH session then you need to relogin to activate the X forwarding. To use the SSH X forwarding add the "-X" SSH option to the command line.