Jump to content
SUSE Linux Enterprise Micro 5.0

Installation Quick Start Edit source

SUSE Linux Enterprise Micro 5.0

This Quick Start guides you step-by-step through the installation of SUSE® Linux Enterprise Micro 5.0.

Publication Date: November 26, 2021

1 Welcome to SUSE Linux Enterprise Micro Edit source

SUSE Linux Enterprise Micro is a modern system primarily designed for edge computing. The main features of SUSE Linux Enterprise Micro are predictability and reliability thanks to the read-only root file system and transactional updates. The read-only file system ensures that the system cannot be altered during runtime and that the system behaves the same way after each reboot. Transactional updates enable you to update the system without influencing the running system and always provide a rollback.

If you want to install SUSE Linux Enterprise Micro, you can choose any of the following installation procedures:

2 SUSE Linux Enterprise Micro hardware requirements Edit source

SUSE Linux Enterprise Micro has the following minimum hardware requirements:

  • 1 GB RAM

  • 12 GB HDD.

The recommended hard disk space is 20 GB for SLE Micro itself and 40 GB for containers data. Bear in mind that actual hardware requirements depend on the workloads of your containers.

3 The manual installation procedure Edit source

The following installation steps assume that you have successfully booted to the installation system.

3.1 The language and keyboard selection Edit source

The default language and keyboard layout is English (US). You can choose a different language in the Language drop-down box. If necessary, select a different keyboard layout from the Keyboard Layout drop-down box.

Read the license agreement. The default language is English, but the licence agreement is available in multiple languages. To get a particular translation, click License translations and in the drop-down box select the desired language and click OK. After you read the license agreement, check I Agree to the License Terms and click Next to proceed to the next installation step.

3.2 Registration Edit source

In order to receive technical support and product updates, you need to register and activate your SUSE Linux Enterprise Micro with the SUSE Customer Center or a local registration server.

Register system via scc.suse.com

To register with the SUSE Customer Center, enter the E-mail Address associated with your SCC account and the Registration Code for SUSE Linux Enterprise Micro. Proceed with Next.

Register system via local RMT server

If your organization provides a local registration server, you may alternatively register there. Activate Register System via local RMT Server and either choose a URL from the drop-down box or type in an address. Proceed with Next.

Skip registration

If you want to skip registration, click Skip Registration. Accept the warning with OK and proceed with Next.

Important
Important: Skipping registration

Your system needs to be registered in order to retrieve updates and to be eligible for support. You can register later, after the installation.

After completing registration, click Next.

3.3 NTP servers configuration Edit source

In order to keep time on your system properly synchronized, configure at least one NTP server.

3.4 Authentication for root Edit source

Configure a strong password for root with at least 5 characters—a combination of uppercase and lowercase letters and numbers. The maximum length for passwords is 72 characters, and passwords are case-sensitive.

You can import an already existing SSH key by clicking Browse and selecting the public SSH key.

Click Next to proceed to the next installation step.

3.5 Installation settings Edit source

The last installation step provides a summary of installation setting. Review the settings and—if necessary—perform changes. To change a setting, click the button behind the option or click the setting headline for more options.

Partitioning

To modify partitions, you can use the Expert partitioner. To encrypt your disk or to enable logical volume management, click Guided Setup and then fill in a password for the disk decryption.

Software

Clicking Software opens the Software Selection and System Tasks screen, where you can change the software selection by selecting or deselecting patterns. Each pattern contains several software packages needed for specific functions. To view and manage these packages, click Details.

Time Zone

By default, the time is synchronized by using the NTP servers you provided in the previous steps of the installation procedure, but you can select the region and time zone. If you want to set the time and date manually, click the Other settings button and select Manually.

Network Configuration

Displays the current network configuration. Click Network Configuration to change the settings.

Booting

This section shows the boot loader configuration. Changing the defaults is only recommended if really needed.

Kdump

Kdump saves the memory image (core dump) to the file system in case the kernel crashes. This enables you to find the cause of the crash by debugging the dump file. Kdump is preconfigured and enabled by default.

Default systemd target

Only the text mode is available.

System

View detailed hardware information by clicking System. In the resulting screen you can also change Kernel Settings.

Security

The CPU Mitigations refer to kernel boot command line parameters for software mitigations that have been deployed to prevent CPU side-channel attacks. Click the highlighted entry to choose a different option.

By default, the firewall is disabled. Click enable to change the default.

The SSH service is enabled by default. Click disable to change the setting. Bear in mind that if you disable the SSH service, you will not be able to login to your system remotely. The SSH port (22) is open by default.

The default SELinux option is disabled. You can change the value by clicking Security and selecting another option in the Mode menu.

If you reviewed the installation settings, you can proceed to installation by clicking Install and then confirming the installation.

4 Unattended installation by using AutoYaST Edit source

SUSE Linux Enterprise Micro can be installed by using AutoYaST. You need to manually create an XML control file also called profile. AutoYaST then installs SLE Micro according to the instructions in the profile. For details, refer to Book “AutoYaST Guide.

Important
Important

Some of the resources and properties in the AutoYaST profile are by default applied in the second stage of the unattended installation, but the second stage is not available for SUSE Linux Enterprise Micro. Thus in order to apply all resources and properties, you need to disable the second stage in the AutoYaST profile:

  <second_stage config:type="boolean">false</second_stage>

AutoYaST then applies all resources and properties in the first stage regardless of whether they are by default applied in the second stage.

5 Raw image deployment Edit source

SUSE Linux Enterprise Micro provides raw images that can be directly deployed to your device storage—a memory card, USB flash drive, or a hard disk. The options for which type of device you can deploy the image to depend on your particular hardware—follow your vendor documentation.

To initially configure the deployed image, you need to prepare the configuration data as described in Procedure 2, “Preparing the configuration device.” and you need to copy the configuration data to a device (e.g. USB disk). The device needs to be connected to your host running SLE Micro during its first boot.

To prepare the setup, you need two separate devices. One for the raw disk image, where SLE Micro runs, and another one that serves as a configuration medium.

Procedure 1: Preparing the raw disk image
  1. Download the raw image and decompress it:

    tux > xz -d <downloaded_image.raw.xz>
  2. Copy the decompressed image to the device where SLE Micro will run:

    tux > dd if=<downloaded_image.raw> of=/dev/sdX

The following procedure describes how to prepare the configuration device (usually a USB flash disk).

Procedure 2: Preparing the configuration device.
  1. Format the disk to any file system supported by SLE Micro: Ext3, Ext4, etc.:

    tux > sudo mkfs.ext4 /dev/sdY
  2. Set the device label to either ignition or combustion. For the Ext4 file system:

    tux > sudo e2label /dev/sdY ignition

    You can use any type of configuration storage media that your virtualization system or your hardware supports—ISO image, a USB flash disk, etc.

  3. Mount the device:

    tux > sudo mount /dev/sdY /mnt
  4. Create the directory structure as mentioned in Section 5.1, “Configuration by using Ignition” or Section 5.2, “Configuration by using Combustion”, depending on the configuration tool used:

    tux > sudo mkdir -p /mnt/ignition/

    or:

    tux > sudo mkdir -p /mnt/combustion/
  5. Prior to booting for the first time, prepare all elements of the configuration that will be used by Ignition or Combustion. The minimal configuration must provide a password for root, otherwise the system will not be accessible after the first boot.

After the first boot, you need to register your SUSE Linux Enterprise Micro instance by using the command line tool SUSEConnect. For details, refer to Section 5.3, “Registering with SUSEConnect”.

5.1 Configuration by using Ignition Edit source

Ignition configures your system on the first boot according to the config.ign configuration file. The config.ign file must be placed in a directory named ignition. The ignition directory is a subdirectory of the root directory on the configuration medium labeled ignition. The directory structure is then the following:

<root directory>
	- ignition
		- config.ign
Note
Note: Using Ignition on a QEMU virtual machine

Ignition can be used to configure your QEMU virtual machine on the first boot. To configure your virtual machine by using Ignition, use the QEMU commnad line attribute fw_cfg to pass the location of the config.ign to your virtual machine.

	-fw_cfg name=opt/com.coreos/config,file=<path to config.ign>

The config.ign is in JSON format. A minimal example follows:

{
  "ignition": { "version": "3.1.0" },
  "passwd": {
    "users": [
      {
        "name": "root",
        "passwordHash": "O9h4s2UUtAtok"
      }
    ]
  }
}

The example above sets a password for root to password. To obtain your own password hash, use the command:

root #  openssl passwd

5.2 Configuration by using Combustion Edit source

Combustion is a minimal module for dracut. You can provide your script and Combustion runs the script on the first boot of the system. You can use Combustion to add files, install packages, set up devices, and repartition your disk. You can provide the configuration as a shell script on external storage. The script is executed during the boot process in a transactional update shell. If the process is successful, the system boots into the new snapshot.

To use Combustion on boot, create a directory named combustion as a subdirectory of the root directory on the configuration medium labeled ignition or combustion. In the combustion directory, place a file named script and any other necessary files. The directory structure looks as follows:

    <root directory>
	- combustion
		- script
		- other files
Note
Note: Using Combustion on a QEMU virtual machine

Combustion searches for the script in opt/org.opensuse.combustion/script. If the script is present, Combustion creates the combustion directory on the device and copies the script to the directory.

To pass the script to your virtual machine, use the following QEMU fw cfg parameter:

    -fw_cfg name=opt/org.opensuse.combustion/script,file=/var/combustion-script

You can use Combustion together with Ignition. In this case, label your device ignition, create also the ignition subdirectory of the root directory, and place the config.ign into the ignition directory. The directory structure then looks as follows:

<root directory>
	-combustion
		- script
		- other files
	- ignition 
		- config.ign

The following example of script sets a root password, copies an SSH key (the SSH key must be located in the combustion directory), and installs the Vim editor with reduced features.

#!/bin/bash
# combustion: network
# Redirect output to the console
exec > >(exec tee -a /dev/tty0) 2>&1
# Set a password for root, generate the hash with "openssl passwd -6"
echo 'root:$5$.wn2BZHlEJ5R3B1C$TAHEchlU.h2tvfOpOki54NaHpGYKwdNhjaBuSpDotD7' | chpasswd -e
# Add a public ssh key and enable sshd
mkdir -pm700 /root/.ssh/
cat id_rsa_new.pub >> /root/.ssh/authorized_keys
systemctl enable sshd.service
# Install vim-small
zypper --non-interactive install vim-small
# Leave a marker
echo "Configured with combustion" > /etc/issue.d/combustion
Note
Note

The statement # combustion: network informs Combustion that the network must be configured before the script is executed. Combustion uses the initrd network configuration—DHCP is used by default.

5.3 Registering with SUSEConnect Edit source

Registering the system is possible from the command line using SUSEConnect. For information that goes beyond the scope of this section, refer to the inline documentation with SUSEConnect --help

Procedure 3: Product registration with SUSEConnect
  1. To register SUSE Linux Enterprise Micro with SUSE Customer Center, run SUSEConnect as follows:

    tux > sudo SUSEConnect -r REGISTRATION_CODE -e EMAIL_ADDRESS

    To register with a local registration server, additionally provide the URL to the server:

    tux > sudo SUSEConnect -r REGISTRATION_CODE -e EMAIL_ADDRESS \
    --url "https://suse_register.example.com/"

    Replace REGISTRATION_CODE with the registration code you received with your copy of SUSE Linux Enterprise Micro. Replace EMAIL_ADDRESS with the e-mail address associated with the SUSE account you or your organization uses to manage subscriptions.

  2. SUSE Linux Enterprise Micro is now registered.

6 Legal notice Edit source

Copyright© 2006– 2021 SUSE LLC and contributors. All rights reserved.

Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or (at your option) version 1.3; with the Invariant Section being this copyright notice and license. A copy of the license version 1.2 is included in the section entitled GNU Free Documentation License.

For SUSE trademarks, see https://www.suse.com/company/legal/. All other third-party trademarks are the property of their respective owners. Trademark symbols (®, ™ etc.) denote trademarks of SUSE and its affiliates. Asterisks (*) denote third-party trademarks.

All information found in this book has been compiled with utmost attention to detail. However, this does not guarantee complete accuracy. Neither SUSE LLC, its affiliates, the authors, nor the translators shall be held liable for possible errors or the consequences thereof.

Print this page