Upgrade to Pro — share decks privately, control downloads, hide ads and more …

oSC23 - (open)SUSE ALP prototype on AWS, experimental, but fun!

Dominik Wombacher
May 26, 2023
Technology
0
57

oSC23 - (open)SUSE ALP prototype on AWS, experimental, but fun!

How does the latest prototype of the Adaptable Linux Platform behave on AWS? What is required to build a EC2 compatible image via OBS? How does the workflow look like to go from OBS to an available and deployable AMI? What is the state of integration with AWS compared to openSUSE Leap? And what has SUSE NeuVector todo with all that? Let me take you on my journey and share my experiences, thoughts and results with you.

Presented at openSUSE Conference 2023:
https://events.opensuse.org/conferences/oSC23/program/proposals/4163

Dominik Wombacher

May 26, 2023
Tweet

More Decks by Dominik Wombacher

See All by Dominik Wombacher
oSC23 - Rancher integration with AWS services: possibilities, challenges, outlook.
wombelix
0
63

Other Decks in Technology

See All in Technology
Databricksの生成AI戦略
taka_aki
1
340
回り回って効いてくる副次的効果としての技術広報/techpr
nishiuma
1
140
M5stackで使用できるpHセンサの開発
shinrinakamura
1
300
パフォーマンス最適化のベストプラクティス
databricksjapan
0
180
データ基盤を支える技術
chanyou0311
5
2.9k
開発スピードの維持向上を支える、テスト設計の 漸進的進化への取り組み / Continuous Test Design Development for Speed of Product Development
ropqa
0
180
日本が誇るイタリアのダンスミュージック!? ユーロビートって何??
minorun365
PRO
1
120
能動学習のいろは:書籍「Human-in-the-Loop機械学習」3〜5章
hiroyoshiito
0
280
類似ロジック実装をiOS/Android間で合わせる道標No.1
fumiyasac0921
1
220
サービス開発におけるVue3とTypeScriptの親和性について
tsukuha
10
1.7k
SWC Transformerから見るTypeScript関数記述ベストプラクティス
fujiyamaorange
1
160
Step by Stepで学ぶ、ADT(代数的データ型)、モナドからEffect-TSまで
leveragestech
1
2.6k

Featured

See All Featured
Music & Morning Musume
bryan
41
5.6k
How GitHub Uses GitHub to Build GitHub
holman
468
290k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
117
18k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
23
1.7k
Visualization
eitanlees
137
14k
Code Review Best Practice
trishagee
56
15k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
660
120k
Build your cross-platform service in a week with App Engine
jlugia
226
17k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
323
20k
Creatively Recalculating Your Daily Design Routine
revolveconf
211
11k
The Cult of Friendly URLs
andyhume
74
5.7k
Learning to Love Humans: Emotional Interface Design
aarron
267
39k

Transcript

  1. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Amazon Confidential and Trademark. © 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. openSUSE ALP prototype on AWS Dominik Wombacher Sr. Partner Solutions Architect [email protected] Experimental, but fun!

  2. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Amazon Confidential and Trademark. Session Agenda openSUSE ALP Building an AWS EC2 image on OBS From OBS to AWS AMI openSUSE ALP on AWS Q&A 2

  3. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Amazon Confidential and Trademark. Disclaimer U N O F F I C I A L A N D U N S U P P O R T E D P R O T O T Y P E 3

  4. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Amazon Confidential and Trademark. © 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. openSUSE ALP 4

  5. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Amazon Confidential and Trademark. Overview Lightweight base operating system Host OS and Application layer separated Immutable operating system Transactional updates Security focused W H A T I S T H E A D A P T A B L E L I N U X P L A T F O R M ? 5

  6. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Amazon Confidential and Trademark. Technical highlights Read-only root filesystem BTRFS Snapshots Zero touch configuration W H A T M A K E S A L P D I F F E R E N T ? 6

  7. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Amazon Confidential and Trademark. Transactional updates demystified U P D A T E A I M M U T A B L E O P E R A T I N G S Y S T E M 7 transactional-update up new snapshot zypper up reboot snapshot #1 boot snapshot #2 snapshot #2 boot snapshot #1 On failure, reboot into snapshot #1

  8. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Amazon Confidential and Trademark. Challenges Breaking changes Probably no In-place migration Applications as container instead rpm C L I M B I N G T H E A L P ( S ) I S N ’ T A L W A Y S E A S Y 8

  9. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Amazon Confidential and Trademark. © 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Building an AWS EC2 Image on Open Build Service 9

  10. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Amazon Confidential and Trademark. Amazon Machine Image Required to launch an Amazon EC2 Instance Contains one or more Amazon EBS snapshots Provided by AWS and 3rd parties Customize or build from scratch W H A T I S A N A M I ? 10 Amazon EC2 Image Builder Amazon Elastic Compute Cloud (Amazon EC2)

  11. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Amazon Confidential and Trademark. Amazon Machine Image A M I L I F E C Y C L E 11 Snapshot AMI AMI Instance create register deregister launch copy

  12. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Amazon Confidential and Trademark. Open Build Service O B S P A C K A G E L I F E C Y C L E 12 commit build change publish checkout Workers Repository

  13. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Amazon Confidential and Trademark. OBS Package AWS EC2 AMI Based on SUSE ALP Bedrock 0.1 Inspired by openSUSE Leap Cloud Images P R O J E C T : H O M E : W O M B E L I X : I M A G E S : A L P : B E D R O C K 13 Branched packages cloud-init amazon-ssm-agent flatpak Additional packages aws-cli cloud-netconfig-ec2 dhcp-client

  14. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Amazon Confidential and Trademark. OBS Package AWS EC2 AMI Overlay ec2-root cloud-init config chrony timeserver kernel modules udev rules motd Overlay repos branched packages ALP Bedrock media Workaround for bug bsc#1211405 $arch (x86_64_v4) $basearch (x86_64) P R O J E C T : H O M E : W O M B E L I X : I M A G E S : A L P : B E D R O C K 14

  15. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Amazon Confidential and Trademark. © 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. From OBS to AWS AMI 15

  16. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Amazon Confidential and Trademark. From OBS to AWS AMI W O R K F L O W 16 commit build publish Workers Repository 1) Download 2) Decompress 3) Upload to S3 4) Import 5) Register 6) Launch Snapshot AMI Instance import register launch S3 Bucket download upload decompress

  17. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Amazon Confidential and Trademark. From OBS to AWS AMI A U T O M A T I O N 17

  18. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Amazon Confidential and Trademark. From OBS to AWS AMI AWS CodePipeline > AWS CodeBuild > Ansible Deploy Check Clean-up T E S T I N G 18

  19. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Amazon Confidential and Trademark. © 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. openSUSE ALP on AWS 19

  20. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Amazon Confidential and Trademark. State of integration Customizing on boot via cloud-init Accessing metadata (IMDSv2) NTP 169.254.169.123 DNS 169.254.169.253 AWS CLI AWS Systems Manager Run Command Fleet Manager Session Manager H O W D O E S O P E N S U S E A L P I N T E R A C T W I T H A W S S E R V I C E S 20

  21. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Amazon Confidential and Trademark. Comparison to openSUSE Leap Not supported by AWS SSM SELinux in enforced mode wicked replaced by NetworkManager Toolbox Container for debugging Pre-installed Salt minion and Cockpit BTRFS root filesystem Transactional updates NeuVector security scanning O P E N S U S E A L P D I F F E R E N C E S , N O T J U S T O N A W S 21

  22. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Amazon Confidential and Trademark. Comparison to openSUSE Leap S U S E N E U V E C T O R 22

  23. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Amazon Confidential and Trademark. © 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Thank you! Dominik Wombacher Sr. Partner Solutions Architect [email protected] https://pulse.buildon.aws/survey/4L6DKGJG Please provide Feedback