The observatory's servers and control computers run on the OpenSuse distribution of Linux-based software. Most current systems are using release Leap 42.2 or 42.3. Our evolving installation notes given below are rewritten as we gain experience with the most recent releases. Except for older Nvidia video cards, install an Nvidia driver after the default installation and remove or disable the Nouveau community driver. With that exception, the installation from a USB iso image will work.
The following describes how to build a system with OpenSuse that provides a solid foundation of software for physics and astronomy for real-time control of telescopes and observatories, operating small servers, and processing astronomical data.
- 1 Before Installation
- 2 During installation
- 3 From OpenSuse using YAST
- 4 After updates
- 5 From source in /usr/local
- 6 Python
- 7 Complete Data Visualization Chain
- 8 From local software in /usr/local
- 9 Update /etc
- 10 Settings for the network
- 11 Desktop
- 12 OpenGL with Nvidia
- 13 Google Chrome
- 14 Adobe Flash
- 15 gPhoto2
- 16 exFAT
- 17 VLC
- 18 Mplayer and ffmpeg
- 19 Simple Screen Recorder
- 20 VirtualBox
- 21 OpenGL
- 22 Skype
- 23 Wireless
- 24 Static LAN and dnsmasq
- 25 Proxy
Prepare a DVD or a USB memory stick with the ISO image of the 64-bit distribution. OpenSuse's imagewriter is a convenient way to create the correct structure on the USB device.
On a new system not using RAID, deselect RAID in BIOS if it is offered. This will prevent OpenSuse from creating disk partitions with RAID. However, if RAID information has already been written to the disk the OpenSuse installer will assume a RAID configuration even if hardware raid is not enabled. A simple cure is to install the system twice. On the first pass use the Expert Partitioner option and delete the proposed raid configuration. Then in /dev/sda (or equivalent) add a root and a home ext4 partition but intentionally do not add a boot partition. The installer will warn you this will not work. Ignore those warnings and let the installer prepare the disk. Once that is accomplished you can abort the installation, or let it run to the end. The disk will not be bootable but it will be cleaned of RAID and on the next installation pass you will have a proposal to use the full disk with conventional structure and btrfs for the root partition.
For most new machines allow UEFI (custom option, if available) and disable compatibility mode. The installer will identify the system as allowing UEFI and properly select the boot configuration. However, also use the BIOS setup to change the boot priority to the medium reflecting this choice. The boot medium and a UEFI installation must match.
Opensuse will detect and set up a UEFI boot protocol unless this option is turned off in the BIOS. With that selection it will handle and format large disks.
Some recent hardware, notably the Supermicro X10-SRA, may hang on booting with older USB devices attached. While we do not know the cause, the cure in this instance was to enable EHCI-Hand-off in the USB configuration options presented for the BIOS. This may apply only to specific applications, and could be kernel-dependent,. In general, the default BIOS settings are fine for installation and need modification later if specific applications raise issues.
Insert the medium, reboot the system, and select Installation from the splash screen. If there is a booting problem, use the keyboard to bring up a boot selection screen (often "Del", F11 or F12), and check the boot order and if needed also the BIOS setup.
If there is a proxy for network access at this point it may be necessary to enter that information before proceedings to the actual installation. At the OpenSuse boot screen press F4 for access to the manual network configuration and enter the information. At Mt. Kent, for example, there is a proxy but it is handled automatically for browsers. For zypper and yast, however, it has to be explicitly configured to http://proxy.usq.edu.au:8080 so that yast will find the repositories. After installation for normal use this would be turned off by deselecting the proxy in the yast configuration screen.
On laptops with Nvidia Quadro graphics and GPU combined with Intel graphics, if the BIOS allows it, deselect options that use the Intel graphics or that automatically select the card to enable sole use of Nvidia. This avoids a multitude of booting and configuration issues, and provides a platform for GPU computing. The downside is increased power consumption and loss of battery life. If those are the primary considerations, then it may be best to not use Nvidia at all. Alternatively, it is possible to install Bumblebee to enable switching between cards for specific uses. Nvidia Quadro will require their proprietary driver for full support.
At this point if the system has a recent Nvidia card it also may be best to disable modeset. The symptom this is necessary is that subsequent booting freezes before the installation begins. With Leap 42.2 edit the boot options by pressing "e" before the system tries to start an installation. This will open a simple boot editing screen with instructions.
At the end of the line for linux add "nouveau.nomodeset=0" . Similarly, a problem with an Intel graphics card that was switching, perhaps to a Displayport interface, was fixed with simply "nomodeset".
Continue with the installation as instructed on this editing screen. The default settings should work with the following additions and exceptions.
Deselect software by taking the checkmark off with a spacebar press. After installation is complete, return to the software menu of YAST and make sure that those items never to be install (pk-update is the worst of them) are marked "Taboo". For now, just do not install them.
Select a user interface of "Other" rather than KDE or Gnome, and then Xfce as default environment to have a lightweight but fully functional system.
Select almost all packages by group except Apparmor which should be marked "taboo". Include PHP, MySQL, and Apache unless not needed not needed for your use. Decline KDE and Gnome desktop but add their development code. Some KDE and Gnome applications may be loaded individually later. Do not install laptop tools unless you are configuring a laptop. Otherwise network management will default to be selectively controlled by the user rather than by the system at boot time.
Set the computer system clock to use UTC, check the time zone and the local time.
The gparted package may be useful to manage disks larger than 2 TB. As of Opensuse 13.2 with new disks the installer will use BTRFS for the root partition and XFS for the remainder to make full use of large disks on UEFI systems. In the event of a failure, leaving a critical disk formatted in the wrong size or filesystem, add gdisk from a repository and reformat the disk. Reboot, and re-install the operating system on the reformatted disk.
While it would be preferred to use 100 GB for the root directory in a BTRFS, Opensuse by default allocates a marginally large enough 40 GB. It is sufficient for the base system, and if large files are needed in /usr/local/ they can be located in the /home partition with a soft link from /usr/local. The remaining space on the system disk will be formatted as XFS. An advantage to putting locally installed software in /usr/local/ and having that outside of the root partition is that in subsequent upgrades there is less risk of losing special software installations.
Deselect and mark "taboo" Apparmor for systems which do not require its access controls.
Add nano so that you will have a simple terminal-based editor after booting the first time
Delete pk-update to avoid nagware about package updates and mark it for non-installation permanently by selecting "taboo"
Turn off firewall (assuming your system is already behind an institutional or local firewall)
Open port for SSH
Check the boot option for grub2 on a non-UEFI system
Complete the installation from the media (either USB or DVD)
Remove the medium, reset the boot priority to the hard disk, reboot
From OpenSuse using YAST
Start yast from the command line as su with yast --qt
Disable DVD or USB in software respositories
Unless doing GPU development or you have recent nvidia hardware, do not include the repository for nvidia (creates a long term maintenance problem) and use the Nouveau Xorg driver
Perform all updates based on default respositories as needed
Note that in removing packages, as of OpenSuse 13.2, select Options --> Cleanup when deleting packages to prevent their automatic reinstalling though the preselection feature of Yast. Generally it is not necessary to remove packages unless there is something about them that interferes with your use of the system. In most cases they may be disabled in subsequent system configuration.
Remove really annoying pk-update-icon if you missed deleting it initially. You will have to mark it in YAST for permanent deletion.
Add Nvidia public respository if needed and nvidia graphics and gpu drivers. Select the most recent driver unless Nvidia's documentation suggests otherwise for your hardware.
Add texlive if it has not already been selected. Prior to version 42.1 the latex package was installed when technical wriiting was selected as a page category, but currently it does not install unless selected specifically after the installation from a USB image. This is a very large package with long download time.
Add apache if used as web server
Add php and packages if used as web server
Add gsl and gsl-devel
Add celestia (kde-celestia)
Add gnome-disk-utility (previously palimpsest)
Add hdf5 (required by Python Pynpoint-exoplanet)
Add libatlas3 (optional required by astromatic software)
Add libatlas3-devel (optional required by astromatic software)
Add nasm (used by openh264)
Add pavucontrol (pulse audio control to work around problems with defaults)
Add plplot-devel (optionally other plplot packages as needed)
Opensuse Leap installs python 2.7 and python 3.4. The default system python command in /etc/alternatives points to python 2.7, but the default "pip" points to python 3.4. The following packges will go to Python 3.4. Equivalent packages are available for Python 2 without the "3" in the package name. An end user running "python" needs to explicitly call "python3", or change the alternative link. We are currently moving all python code to Python 3 and installing the following optional packages on new systems.
Add python3-certifi (optional, may cause other issues)
Optionally add python3-matplotlib and related packages. Perhaps better to use pip in order to have the latest. In one test case, the package installation for Leap 42.3 was incomplete and had to be removed and installed through pip.
Add python3-numpy or use pip.
Add python3-numpy-devel or use pip.
Add python3-scipy or use pip for this and related packages to get the most recent versions.
Add fftw3-devel, fftw3-threads, and fftw3-threads-devel
Add gphoto but not gphotofs
Add other motif libraries if they are not installed by default
Remove all virtualbox rpm's installed from OpenSuse
If using Grace earlier than 5.1.25 deselect libpng16-compat-devel and select libpng12-compat-devel
Add fxload (used by SBIG cameras)
Disable modemmanager because it interferes with serial ports used for instruments
Disable avahi as unnecessary in our environment
Edit /etc/sysconfig to set locate default search to root
Use YAST to set NTP servers for your domain rather than Opensuse's defaults
On a longer term, routine updates can be done from the command line with
From source in /usr/local
For rpm packages use
zypper --non-interactive install package.rpm
or add --no-gpg-checks if necessary.
Install nedit from rpm to /usr/bin and link to /usr/local/bin
Add lame and lame library packages for mp3 audio
Install cfitsio and manually copy lib64 and include installation directories to /usr/local/lib64 and /usr/local/include
Install grace (build from source with local FFT modifications for normalization)
Copy the XEphem source from the licensed archive to a temporary directory. Install each disk by default in /usr/local. Remove all the ._ files which are created on a Mac OS and remove the execute permissions on many files that come from the source. Copy the xephem.sites list with augmented sites into the auxil directory. Update the Soft* catalogs. Copy XEphem to the /etc directory for global defaults to the home observatory. Optionally, recompile the source code and copy it to /usr/local/bin/, removing the default pre-compiled version in /usr/bin/ . Copy xephem.man (not xephem.1) to /usr/local/man/man1.
Download the latest stable package from the git repository. It does not allow configuring with the configure script and it will work as is. In OpenSuse 42.2 you will have to install netpbm. Since astrometry uses swig and looks at the python system command, it requires numpy and astropy packages installed in Python 2.7. Python 2.7 is reserved for system use and in our installations we use Python 3.4. To add to 2.7, first install pip for 2.7, the add packages as needed to get astrometry to work. Also netpbm will not be found with the out-of-the-box configuration. Edit the file util/makefile.netpbm to have these lines
NETPBM_INC = -I/usr/include/netpbm NETPBM_LIB ?= -L/usr/lib64 -lnetpbm
Astrometry.net by default installs in /usr/local/astrometry. Add /usr/local/astrometry/bin to the $PATH in /etc/profile.local. Replace the data directory with a soft link to the system archive of astrometry data files, currently the 4200 series.
Install psfex (current release does not build in Opensuse Leap due to cblas package incompatibility)
Install moodle (depends on mysql, apache, and php) on educational servers
Install mediawiki on servers as needed
For OpenSuse Leap both Python-2.7 and Python-3.4 are installed. By default /usr/bin/python points to Python-2.7, while pip uses pip3.4. For the most part, leave the 2.7 installation alone and augment the Python3 installation for our software. The exception is for Astrometry.net which does not have a compile-time flag to select Python3 and will see the alternatives link to Python2.7.
Install pyephem (pip install pyephem)
Install astropy which repalces pytfits and pywics and may require python source code modifications.
Install healpy (healpix)
Install reproject (image reprojection for fits conversion)
Install quantities (physical constants)
Install emcee (MCMC)
Install pyastronomy (pip install pyastronomy) or from source on github pyastronomy
Install scikit-image (pip install scikit-image).
Lastly, install the software chain for data visualization with Python
Install pandas (pip install pandas)
Install scrapy (pip install scrapy)
Install requests (pip install requests)
Complete Data Visualization Chain
Where needed, to accompany Pandas we also need MongoDB. This is not a standard package, but it is available from the Opensuse repository. For manual installation
zypper install mongodb
From local software in /usr/local
Install AstroImageJ and update to the latest daily build. Copy the current best practice configuration from a working system.
Install Alsvid updated for Python3
Install xmtel (if needed)
Install xmccd (if needed, also provides libcfitsio and xpa)
Optionally install astrometry.net (see above for details)
Add entries to /etc/rc.d/boot.local
Edit /etc/dnsmasq.conf as needed
Settings for the network
Configure network as needed for additional cards defined for internal zone
Configure dnsmasq as needed to service one or more cards
Add masquerade to firewall settings if internal zone present (required for dnsmasq ip forwarding)
Start the firewall if using dnsmasq or needing the security it provides
Run services manager and turn off unused services
Run lsof -i to confirm there are no insecure open ports
Reboot the system
With Opensuse's use of the wicked network daemon, a configured network device will not show its IP until it is physically connected to an active network. The yast configuration option "at boot time" for network configuration means that these ports must see a live connection when the system is booted to find their configuration. This is not a bug, it is a "feature". The alternative option "on cable connection" is not useful for a fixed instrument controller. If a device is physically connected and does not show its IP in ifconfig, try "systemctl restart network.service" or a reboot.
Run nvidia-settings to set display for a system with Nvidia hardware if the Nvidia drivers are installed. The latest community Nvidia support is adequate for most purposes without installing the proprietary Nvidia driver and kernel module. The system is more easily maintained if it runs using the community supported package which is improving quickly.
OpenGL with Nvidia
Users should be members of the video group to have access to opengl applications. If they are not, the application may run slowly (glxgears) or crash (celestia). For some applications with older hardware the Nouveau open source driver will suffice and be less likely to interfere with system updates later. This driver is compatible with randr and allows command line setting of multiple displays. For example if there are two displays on the graphics card, a command line such as
- xrandr -q
will list the available displays and their capabilities, while one such as
- xrandr --output DVI-I-2 --right-of DVI-I-1
will configure them as one screen providing acceleration across the desktop.
Newer Nvidia cards and all of the Quadro family require loading the lastest nvidia driver and the kernel modification. Add Nvidia as a repository and use YAST to manage the updates. Reboot the system afterwards. Run nvidia-settings to configure the desktop. If needed, save the xorg.conf file and copy it to /etc/X11 so that it applies on the next restart of the X server.
Install the Chrome public keys
- wget https://dl.google.com/linux/linux_signing_key.pub
- sudo rpm --import linux_signing_key.pub
and then with the Firefox browser retrieve the latest 64-bit rpm package of Chrome and install it
- zypper --non-interactive install google-chrome-stable_current_x86_64.rpm
Installation of Google Earth is similar
- zypper --non-interactive install google-earth-stable_current_x86_64.rpm
Until late 2016 Adobe had stopped supporting Flash on Linux. While Adobe now has resumed security updates for Flash that will work with Firefox, a better solution is to install Google Chrome. This provides full support for the remaining Flash websites and reliable security plus DRM management when needed. Both Chrome and Firefox block Flash content when HTML5 alternatives are available.
The gphoto2 application runs Nikon DSLR cameras for real-time observing, scripted imaging, and called by cgi routines from a web server. To give the USB device the proper permissions without invoking unwanted software (the default for a Gnome installation in OpenSuse), we make sure that libgphoto2 is installed, but not the file system. In OpenSuse 13.2 there will not be a udev rules file installed by default.
As root user,
/usr/lib64/libgphoto2/print-camera-list udev-rules version 175 group video mode 0666 > 90-gphoto.rules
where the version given has to be high enough to work with udev and still be recognized by libgphoto2.
Add the video group to users who will be observers, and to the user wwwrun by editing /etc/group or by using YAST.
When a camera is connected or turned on, it will accessible by any user in the video group, including the cgi applications used for remote operations.
Add fuse-exfat from OpenSuse package search, currently version 1.1.0
- zypper --non-interactive install fuse-exfat-1.1.0-2.1.x86_64.rpm
This provides support where needed for SDXC memory cards through the Microsoft exfat filesystem.
The version of VLC that can be installed with Yast lacks all proprietary codecs necessary for many common uses. The OpenSuse version should not be installed. To build from source --
- Install lua and lua-devel if not already installed
- Download the latest source tarball from VLC (currently 2.2.1)
- Use the latest x264 source also from VLC, compile, and install
- Use the latest ffmpeg source tar file best taken from mplayer, compile, and install
- Untar ffmpeg
- ./configure --enable-pic --libdir=/usr/local/lib64 --enable-libmp3lame --enable-libx264 -enable-gpl
- make install
- Untar vlc
- ./configure --disable-mad --disable-a52
- make install
Mplayer and ffmpeg
- Install the source code in /usr/local/src/ --
- svn checkout svn://svn.mplayerhq.hu/mplayer/trunk mplayer
- Untar the codecs and skin files into /usr/local . We use a collection saved in mplayer_codecs.tar.gz that installs into share/mplayer and lib/codecs
- In the source directory, ./configure --enable-gui then make, make install
If ffmpeg is needed elsewhere (as it would be for Blender and other video editing applications), copy the internal version of ffmpeg from mplayer into its own /usr/local/src/ directory, compile the executables, and install system-wide. In this use it can be reconfigured to add x264, so do that as well with these steps:
Remove the obsolete Opensuse NASM package if it has been installed, and get the most recent NASM from http://www.nasm.us/pub/nasm/ . This is currently version 2.13 and is required to build x264. Build and install it with the defaults. It will go into /usr/ rather than /usr/local if you forget to select "local" explicitly. This will not matter until you rebuild the system with updated Opensuse files.
Get x264 (it may be better than openH264, which currently does not compile on Opensuse) with git clone http://git.videolan.org/git/x264.git . Build it using the configuration options for creating static and shared libraries, and install it.
Lastly, in the cloned copy of ffmpeg from mplayer, ./configure --enable-libx264 --enable-gpl, make, and make install.
Simple Screen Recorder
This very effective tool for making on-line instructional videos and lecture content is included in the Opensuse distribution. However, the distributed version lacks many useful codecs. Retrieve the source code, probably best from Packman where it will have been prepared for Opensuse. Compile it as an unprivileged user with the configuration flags ./configure --without-jack --oldincludedir=/usr/local/include that currently make it work without jack and with x264 on Opensuse. Install it as root with "make install". This version will have the codecs of ffmpeg and be broadly useful without needing subsequent file conversions.
VirtualBox as supplied by OpenSuse cannot be updated using the Oracle site. Instead of installing their version, we use the latest Oracle RPM which is currently version 5.1.18. Version 5.0 and higher supports USB3 in the host OS, and is therefore advisable for camera or storage drive use.
- Set the BIOS to allow virtualization technology and to allow advanced I/O for sharing resources.
- Retrieve the packages from https://www.virtualbox.org/wiki/Linux_Downloads .
- Retrieve the repo file from http://download.virtualbox.org/virtualbox/rpm/opensuse/13.2/virtualbox.repo
- Retrieve the public key from https://www.virtualbox.org/download/
- Install the public key with rpm --import public_key.asc
- Install the repository with zypper ar -f ./file.repo
- zypper --non-interactive install VirtualBox-5.1-5.1.18_114002_openSUSE132-1.x86_64.rpm
- Retrieve the extension pack from Oracle's download site.
- VBoxManage extpack install .Oracle_VM_VirtualBox_Extension_Pack-5.1.18-114002.vbox-extpack
- In Opensuse YAST, add the Virtualbox guest kernel modules and guest tools, or use the guest additions from Oracle.
- Add the virtualbox group to the user(s) who will run it .
- Start the qt interface from the command line with virtualbox .
- Create a directory that will be shared with the guest OS and set this up in virtualbox when building a virtual machine .
- Once the guest OS is installed, add the guest additions to it also, to enable the shared directory and mouse/pointer integration .
- Lastly, read the Virtualbox on-line manual .
For access to the USB system the guest OS must have a driver installed. Virtualbox presents a virtual xHCI USB3 device to the guest. The driver provided by Intel has worked for us in a Windows 7 installation.
Users must belong to the video group to have access to OpenGL when NVidia drivers are in use.
While Skype is supported on Linux through its new Beta version that is under slow development, it does not at this time (2017-03-21) work with the default installation of Opensuse 42.2. The older version now obsolete will work if an rpm can be found for it, but alternatives include Google Hangouts and conferencing software such as Zoom and Ezuce-Viewme.
Laptops by default will have networkmanager running their hardware and wireless connections. Desktops will not. To enable desktop wireless with minimal need for configuration, use Yast, Network Settings, and Global Settings to select networkmanager rather than wickedd. With that change, there will be a desktop icon in the system tray and the interface may be selected by the user.
Few USB network adapters work with the Linux kernel in OpenSuse 13.1 . Only one we have found readily available new is the Buffalo Nfinity Wireless-N compact USB 2.0 adapter. It is recognized immediately and requires no additional configuration, other than the selection of networkmanager, and the user's choice of connection.
Static LAN and dnsmasq
We use dnsmasq to manage local area networks (LAN) from a second network device on telescope computers. Typically the device address is set to 192.168.0.1/24, or to 1.1/24 if there is another LAN operating. The configuration file for dnsmasq is set to point to the device, i.e. eth1, to which the switch is attached.
This works well if (a) there is a switch attached and turned on, and (b) the computer is running the wickedd manager which is the default in current Opensuse releases based on systemd. It is seeming not possible, or certainly not straightforward, to run a lan from a laptop which is configured with networkmanager.
To attach a networked instrument such as a camera to a laptop that by default is configured with network manager the options are
- Attach the device to a switch which itself is integrated into a LAN with DHCP provided by another computer system.
- Custom configure the wired network interface using nmcli.
- Change the laptop networking to run wickedd instead of networkmanager.
The second method using the powerful console commandline interface for Network Manager is the best solution but requires specific commands for each situation. We will provide additional help with this in a separate wiki entry.
The third option is the default for a desktop system. The disadvantage to the third option in the laptop world is that wickedd does not have the end-user support for wireless networking that networkmanager provides. Further, when switching from one system to another, there are inevitable configuration issues, particularly with the management of host resolution and the file /etc/resolv.conf.
The basic process is to use yast or yast2, select network device configuration, and change the manager to wickedd. This will allow editing the individual network devices. Set the static ip address for the device that will handle the LAN, edit the device entry, change it to "internal", and set it to activate on boot through the setting in the Global tab. Shutdown and reboot the system. The ethernet adapter must be inserted at boot time.
As superuser use "wicked show all" to see the status of the devices, or "wicked ifstatus eth1" to see the status of one network device. Each device has a configuration file in /etc/sysconfig/network/, such as ifcfg-eth1 for eth1. Within that file there should be a line which says
As of Opensuse 42.1, this line is not inserted by the yast2 configurator, and consequently the network device will stall and wickedd will report "setup-in-progress". The simple solution is to enter this by hand if you see this error and need a second network active on power up.
The system proxy settings are set globally in /etc/sysconfig/proxy . It is best to use yast to configure them. At USQ for normal use these fields are blank. However for installation through yast and zypper and for updates the fields have to be populated with http://proxy.usq.edu.au:8000. Also for use of curl where there is a proxy, it can be set in .curlrc for that user by adding a line such as
proxy = proxy.usq.edu.au:8080
without the "http" prefix.
Both Firefox and Chrome browsers will negotiate an automatic proxy server while curl, zypper, and yast will not.