openSUSE:ALP/Workgroups/SysMngmnt/ContainerizedYaST

Jump to: navigation, search

Goal

The ALP System Management work group did some research and created a document containing the conclusions of such a research and the plans and commitment for the first ALP prototype on September 2022: conclusion.md

As part of the result, the work group is developing an experimental prototype of YaST running in a container. It does not need any YaST package in the system, even Ruby is not needed, everything is included in the container.

Status

Updated: 2022-10-20

  • Done
    • Many YaST clients already adapted to run containerized: AddOn, Bootloader, CheckMedia, Firewall, Host, iSCSIClient, Kdump, Keyboard, Language, Journal, LAN, NTPClient, Proxy, ReleaseNotes, Remote, ServicesManager (although it runs slower than on normal system), SWSingle, SWSource, Timezone, Users, Vendor, Messages
    • Several modules adapted to work in transactional systems, although currently some clients work only in the non-transactional variant of ALP
    • Documented challenges and decisions regarding software installation on transactional systems
    • Implemented initial handling for transactional system when some package needs to be installed
    • Documented how to execute the containerized YaST, see next section which even includes a hint to execute the graphical YaST remotely in systems with no graphical environment nor YaST
    • Make libyui-rest-api available at the containers for openQA (see the *-test-api containers in the Usage section below)
  • Planned:
    • Small reorganization of the documentation (and the now obsolete yast-in-container repository)
    • Fix several things that doesn't work well with containerization and/or with transactional systems
    • Speed up services manager
    • Try other methods to reduce the size of the container images even further
  • For more (scattered) details, see blog posts: 2022-07-19, 2022-08-02, 2022-08-23, 2022-09-06, 2022-09-22, 2022-10-20.

Usage

There are five “official” containers for YaST, all available at the repository SUSE:ALP:Workloads.

The repository, as the name suggests, is supposed to provide containerized workloads to be executed on top of ALP. But in the case of YaST, that repository is the official source for containerized YaST no matter if you execute it on top of ALP, the latest SLE, the latest Leap or openSUSE Tumbleweed.

Management Containers

There are several containers with different user interfaces (UI).

  • yast-mgmt-ncurses - the base container image, contains YaST with text mode (ncurses) user interface
  • yast-mgmt-qt - this image adds the graphical (Qt-based) user interface, if the graphical interface is not available it falls back to the text mode
  • yast-mgmt-web - adds web access by exposing the standard graphical (Qt) UI in a VNC server and using Javascript VNC client to render the screen in a browser

Testing Containers

These containers are intended for automated testing of the containerized YaST itself. They should be used by the openQA or other automated tests.

Do not use these containers in a production environment! Using the testing API has some security consequences!

  • yast-mgmt-ncurses-test-api - adds the REST API used to control the text-based interface in the openQA tests and that should not be used in production systems
  • yast-mgmt-qt-test-api - equivalent to the previous one but with the graphical Qt interface

Running the Containers

A containerized YaST can be executed in any supported system by doing: 

 podman container runlabel run registry.opensuse.org/suse/alp/workloads/tumbleweed_containerfiles/suse/alp/workloads/yast-mgmt-ncurses:latest

Replace “ncurses” by “qt”, “web”, “ncurses-test-api” or “qt-test-api” to enjoy the alternative versions.

The route is a bit redundant and maybe it will change in the future, but that’s out of the control of the YaST Team.

Notes

Using the Graphical UI with SSH X Forwarding

You can use the yast-mgmt-qt image remotely or with your local X server. The SSH X forwarding requires the xauth package installed on the remote machine. That package is not installed in the default ALP system, you need to install it manually. 

 transactional-update pkg install xauth
 reboot

If you run this from an SSH session then you need to relogin to activate the X forwarding. To use the SSH X forwarding add the "-X" SSH option to the command line.

Retrieved from "https://en.opensuse.org/index.php?title=openSUSE:ALP/Workgroups/SysMngmnt/ContainerizedYaST&oldid=170284"