Deploying and Managing SUSE Edge on Lenovo ThinkEdge SE360 V2

In this guide, we will be using SUSE Edge solutions for deployment and management. SUSE provides several key components to help manage and deploy edge devices, including Edge Image Builder (EIB), SUSE Linux Enterprise Micro (SLE Micro) operating system, and SUSE Rancher services. These key components are introduces below:

• SUSE Edge solution

  For the SUSE Edge solution, the primary components include Edge Image Builder (EIB), SLE Micro OS, and Rancher services. EIB allows for the creation of customized images tailored to specific environmental needs, including addressing the requirements of the ThinkEdge SE360 V2 system. These images can be deployed using Lenovo's XClarity and managed via the Rancher server for comprehensive server management. For detailed reference documents on SUSE Edge, please refer to SUSE Documentation.

• Edge Image Builder (EIB)

  Edge Image Builder (EIB) is a tool designed by SUSE to streamline and accelerate the process of generating Customized, Ready-to-Boot (CRB) disk images. These images can bootstrap machines and are effective even in fully isolated environments. When using Lenovo Edge systems, the EIB tool can generate SLE Micro images tailored to your needs for deployment. For detailed usage instructions, please refer to the SUSE documentation and GitHub resources.

• SUSE Linux Enterprise Micro (SLE Micro)

  SUSE Linux Enterprise Micro OS is a product designed by SUSE specifically for edge devices. It is a lightweight and secure edge operating system that combines the enterprise-hardened components of SUSE Linux with the features of a modern, immutable operating system, providing a simple and reliable infrastructure platform. For detailed usage instructions, please refer to the SUSE documentation

• SUSE Rancher

  Rancher is a Kubernetes management tool from SUSE that deploys and runs clusters anywhere and on any provider. Rancher can provision Kubernetes from a hosted provider, configure compute nodes, and then install Kubernetes onto them or import existing Kubernetes clusters running anywhere. For detailed information, please refer to the SUSE documentation.

In this paper, we will demonstrate how to utilize SUSE Edge components, including the Edge Image Builder (EIB), to create a customized SLE Micro 6.1, and use its customized image to simplify the bootstrapping process of machines. Additionally, we will use the Lenovo XClarity Controller to further deploy customized ISO images for remote machine deployment. Using SUSE Rancher, we will import the already deployed Lenovo Edge System SE360 V2 for resource management.

To create a boot image supporting SE360 V2 based on SLE Micro OS, the following are required:

• One host machine with SUSE Edge Image Builder installed
• One edge system to be deployed

This example installs on openSUSE Tumbleweed. The steps are as follows:

1. Install the podman tool.

   #zypper install -y podman
   

   
   Figure 1: Installing the Podman Tool

2. Obtain the EIB image.

   # podman pull registry.opensuse.org/isv/suse/edge/edgeimagebuilder/containerfile-sp6/suse/edge-image-builder:1.1.0
   

   
   Figure 2: Obtaining the EIB Image

We will proceed with the following steps to create a Custom Image for Boot Installation:

• Creating an Image Configuration Directory
• Creating an Image Definition File
• Generating a Custom Image File

Creating an Image Configuration Directory

Since EIB runs as a container, we need to set up a directory on the host to specify the required configurations and allow EIB to access necessary files and supporting items during the build process. This directory must follow a specific structure. We create this directory in the home directory and name it "eib":

# export CONFIG_DIR=$HOME/eib
# mkdir -p $CONFIG_DIR/base-images

In the previous step, we created the "base-images" directory to host the SLE Micro 6.1 ISO files. Now, we ensure that the downloaded ISO files are copied to the configuration directory:

# cp SL-Micro.x86_64-6.1-Default-SelfInstall-GM.install.iso /root/eib/base-images/

At this point, the configuration directory should look like this:

├── eib
│   └── base-images
│       └── SL-Micro.x86_64-6.1-Default-SelfInstall-GM.install.iso

Creating an Image Definition File

The definition file describes the configurable options supported by Edge Image Builder. We can find a complete example of the options here and refer to the upstream image-building guide provided by SUSE for more flexible environment settings.

Below, we will build a custom image with SE360 V2 as the endpoint device.

Setting the Objectives

1. Create a customized SLE Micro OS 6.1.
2. Install the OS on a VROC RAID1 disk.
3. Configure SE360 V2 to use a fixed IP so that Rancher can obtain the information for import. If there are other network ports, use the DHCP IP address.

Creating the Definition File

1. Create a main definition file.
   • Generate an x86_64 image file.
   • Output the image file as eibimage-eib110.iso.
   • Define kernel parameters "auto=1" and "rd.kiwi.install.pass.bootparam," in kernelArgs.
   • Specify the services to be started: sshd.
   • Create the root and a regular user "conie", defining their home directories and passwords.
   • Install additional software, wget.
   • Enter the SUSE registration code to add additional software packages, wget, to the image ISO. For SUSE registration code, please contact SUSE.
   • Configure the Kubernetes version.

   The main definition file should look like this:

   
   Figure 3: Main definition file

2. Create a network directory and a network definition file, “local.yaml”, in the eib/network/ folder.
   • Set a fixed IP address for the SE360 V2 specific MAC address.
   • Define other networks as DHCP.

   The network definition file should look like this:

   
   Figure 4: Network definition file

Generating a Custom Image File

Execute the podman command with the configuration file to generate a custom image.

# podman run --rm -it --privileged -v $CONFIG_DIR:/eib registry.opensuse.org/isv/suse/edge/edgeimagebuilder/containerfile-sp6/suse/edge-image-builder:
1.1.0 build --definition-file iso-definition_eib11.yaml

Figure 5: Generating a Custom Image File

In this section, we will be using the XClarity Controller in the ThinkEdge SE360 V2 to perform the deployment. The following steps will guide you through the process of connecting to the XClarity Controller Web and remotely mounting the custom ISO for installation and deployment.

Connecting to ThinkEdge SE360 V2 XClarity Controller Web and Remotely Mounting Custom ISO

Notes: For more information about the Lenovo XClarity Controller, please refer to this link. https://pubs.lenovo.com/xcc/

1. Connect to the remote ThinkEdge SE360 V2 and remotely mount the customized ISO.

   
   Figure 6: Select the Media option

2. Ensure the customized ISO is mounted.

   
   Figure 7: Mount the customized ISO

3. Perform the customized ISO installation, automating any interactive modes until the installation is complete.

   
   Figure 8: Perform the customized ISO installation

4. Confirm the OS is fully installed on the ThinkEdge SE360 V2.

   
   Figure 9: Confirm the OS is fully installed

This example will use SUSE OS for installation. If you want to use other operating systems to install Rancher software, you can refer to the SUSE Rancher documentation.

1. Install Docker:

   #zypper install docker
   #systemctl enable docker
   

2. Install the Rancher container. Once the installation is complete, you can access the Rancher interface.

   # docker run --privileged -d --restart=unless-stopped -p 80:80 -p 443:443 rancher/rancher 
   

After installing SUSE Rancher, if you are unsure about the login password, you can use the following command to query it:

1. Obtain the Rancher container ID.
2. Retrieve the initial password.

   # docker ps
   CONTAINER ID   IMAGE             COMMAND           CREATED         STATUS         PORTS
              NAMES
   e7932b12c399   rancher/rancher   "entrypoint.sh"   8 minutes ago   Up 8 minutes   0.0.0.0:80->80/tcp, :::80->80/tcp, 0.0.0.0:443->443/tcp, :::443-
   >443/tcp   relaxed_chatterjee
   # docker logs e7932b12c399 2>&1 | grep "Bootstrap Password:"
   2025/01/13 07:48:25 [INFO] Bootstrap Password: 5h9t6kfgbft5qqnh9fk9wvdjkcvtkn2nt7v8qxdwr2s5sswch62cx6
   

If the Rancher password is forgotten, reset the password as follows:

1. Ensure Rancher is running properly: Open the main node shell and run `docker ps` to confirm the Rancher container is running.

   # docker ps
   CONTAINER ID   IMAGE             COMMAND           CREATED        STATUS        PORTS                                                                      NAMES
   e7932b12c399   rancher/rancher   "entrypoint.sh"   20 hours ago   Up 20 hours   0.0.0.0:80->80/tcp, :::80->80/tcp, 0.0.0.0:443->443/tcp, :::443->443/tcp   relaxed_chatterjee
   

2. Reset the password.

   # docker exec -ti e7932b12c399 reset-password
   New password for default admin user (user-ws6vx):
   OfBZdkPvc6WKdyCL2ldq
   

import the node host1:

1. Access the Rancher web interface and log in: The default username is admin.

   
   Figure 10: Login Rancher web interface

2. During login, import the SE360 V2 and follow the prompts to enter the information. At this point, the added node, with a cluster name as hakuba.

   
   Figure 11: Import one node into Rancher web interface

3. Execute the commands sequentially on host1 as instructed by Rancher.

   
   Figure 12: The commands as instructed by Rancher

4. Move to the node that needs to be added and follow Rancher's instructions to execute the commands.

   # curl --insecure -sfL https://192.168.0.10/V3/import/j7hjm2bdbxxj8mrn9xrw684cv4nx2p7dft69jh94pl9b4zqq2s4q2t_c-m-plwgtvj7.yaml | kubectl apply -f -
   clusterrole.rbac.authorization.k8s.io/proxy-clusterrole-kubeapiserver unchanged
   clusterrolebinding.rbac.authorization.k8s.io/proxy-role-binding-kubernetes-master unchanged
   namespace/cattle-system created
   serviceaccount/cattle created
   clusterrolebinding.rbac.authorization.k8s.io/cattle-admin-binding created
   secret/cattle-credentials-e97d362 created
   clusterrole.rbac.authorization.k8s.io/cattle-admin created
   Warning: spec.template.spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].key: beta.kubernetes.io/os is deprecated since v1.14; use "kubernetes.io/os" instead
   deployment.apps/cattle-cluster-agent created
   service/cattle-cluster-agent created
   

5. Moving to Rancher confirms that the node has been successfully imported. Then you can use Rancher to manage the node's resources.

   
   Figure 13: The system information in Rancher

For more information, see these resources:

• Lenovo XClarity Controller
  https://pubs.lenovo.com/lxcc-overview/
• Lenovo ThinkEdge SE360 V2 Server
  https://lenovopress.lenovo.com/lp1677-thinkedge-se360-V2-server
• SUSE Edge Documentation
  https://documentation.suse.com/suse-edge/3.1/html/edge/index.html
• The upstream building images guide
  https://github.com/suse-edge/edge-image-builder/blob/release-1.1/docs/building-images.md
• SUSE Rancher
  https://www.suse.com/products/rancher/

Conie Chang is a Linux Engineer in the Lenovo Infrastructure Solutions Group, based in Taipei, Taiwan. She has experience in Red Hat and SUSE Linux OS.

Thanks to the following people for their assistance:

• Adrian Huang, Senior Linux Kernel Engineer
• David Watts, Lenovo Press