openSUSE

How To Install Incus on openSUSE

r00t

Install Incus on openSUSE

Container virtualization has revolutionized modern computing infrastructure, offering developers and system administrators powerful tools for application deployment and system management. Incus stands out as a next-generation system container and virtual machine manager that provides a unified experience for both containers and VMs through its intuitive REST API.

openSUSE, renowned for its stability and innovative features, offers excellent compatibility with container technologies like Incus. Whether you’re running openSUSE Tumbleweed for cutting-edge features or openSUSE Leap for enterprise stability, this comprehensive guide will walk you through multiple installation methods for Incus.

This tutorial covers four distinct installation approaches, post-installation configuration, troubleshooting techniques, and optimization strategies. By the end of this guide, you’ll have a fully functional Incus environment ready for container and virtual machine management on your openSUSE system.

Understanding Incus and openSUSE Compatibility

What is Incus?

Incus represents the community-driven evolution of container and virtual machine management technology. Born from the need for a truly open-source alternative to Canonical’s LXD, Incus provides a comprehensive platform for managing system containers and virtual machines.

The platform offers several key advantages. Its unified management interface allows administrators to handle both containers and VMs through the same API and command-line tools. The REST API architecture enables seamless integration with automation tools and custom applications. Additionally, Incus maintains full compatibility with existing LXC containers while adding enhanced VM support.

Why Choose Incus on openSUSE?

openSUSE’s rolling release model (Tumbleweed) ensures access to the latest container technologies and kernel features. The distribution’s enterprise-grade stability (Leap) provides a reliable foundation for production container workloads. openSUSE’s comprehensive package ecosystem includes extensive support for container runtimes, networking tools, and storage backends.

The SUSE ecosystem integration offers additional benefits for enterprise users, including compatibility with SUSE Linux Enterprise Server and access to commercial support options. openSUSE’s Btrfs filesystem support provides advanced features like snapshots and subvolumes that complement container workflows perfectly.

Learning Outcomes

This guide will equip you with practical skills for Incus deployment across different scenarios. You’ll master multiple installation methods to choose the approach that best fits your environment. The tutorial includes comprehensive configuration guidance for storage, networking, and security settings. Advanced troubleshooting techniques will help you resolve common issues and optimize performance.

Prerequisites and System Requirements

System Requirements

openSUSE version compatibility is crucial for successful Incus installation. openSUSE Tumbleweed provides the latest Incus versions with cutting-edge features. openSUSE Leap 15.5 and newer versions offer stable, well-tested Incus packages suitable for production environments.

Hardware specifications should meet minimum requirements for container and VM workloads. A 64-bit processor with virtualization extensions (VT-x/AMD-V) enables full VM support. At least 4GB of RAM ensures smooth operation, though 8GB or more is recommended for multiple containers. 20GB of available disk space provides room for container images and storage pools.

Kernel requirements include support for cgroups v2, namespaces, and overlay filesystems. openSUSE’s default kernel configurations include these features, but custom kernels may require additional modules.

Required Privileges

Administrative access is essential for Incus installation and configuration. Root privileges or sudo access allows package installation and system service management. Understanding of zypper package manager commands facilitates troubleshooting and maintenance tasks.

Group membership management becomes important post-installation for user access control. The installation process creates specific groups that users must join to interact with Incus services.

Network and Storage Considerations

Available disk space planning depends on your intended container workloads. Container images typically range from 50MB to 500MB each. VM images require significantly more space, often 1GB to 10GB per virtual machine.

Network configuration planning should consider bridge networking for container communication. Default configurations work for most scenarios, but complex network topologies may require additional planning.

Pre-installation Checklist

System updates verification ensures compatibility and security. Run zypper refresh && zypper update to bring your system current before proceeding.

Backup recommendations include creating system snapshots if using Btrfs, backing up important data, and documenting current network configurations. These precautions enable quick recovery if issues arise during installation.

Installation Method 1: Official openSUSE Repositories

Checking Package Availability

Verifying Incus availability in official repositories ensures you’re installing supported packages. openSUSE Tumbleweed typically includes the latest Incus versions, while Leap versions may offer slightly older but more stable releases.

Execute the following command to check package availability:

zypper search incus

This command displays available Incus packages, their versions, and repository sources. Version differences between Tumbleweed and Leap reflect different update policies and stability requirements.

Installation Steps

Repository refresh ensures access to the latest package information:

sudo zypper refresh

Package installation with dependency resolution:

sudo zypper install incus

The zypper package manager automatically resolves dependencies and presents a summary of packages to be installed. Review the list carefully and confirm the installation when prompted.

Additional packages may be suggested during installation, including container runtime dependencies and networking tools. Accept these recommendations unless you have specific reasons to exclude them.

Verification Process

Version checking confirms successful installation:

incus version

Service status verification ensures the Incus daemon is running:

sudo systemctl status incus

Initial system checks validate basic functionality:

incus list

If the service isn’t running, start it manually:

sudo systemctl start incus
sudo systemctl enable incus

Advantages of Official Installation

Automatic security updates keep your Incus installation current with the latest patches. openSUSE’s update system includes Incus in regular system updates, reducing maintenance overhead.

Integration with system package management allows unified handling of all software components. This approach simplifies dependency management and reduces conflicts with other packages.

Official support and documentation provide reliable resources for troubleshooting and configuration guidance. openSUSE’s wiki and forums offer community support specifically for official packages.

Installation Method 2: Community Repositories (OBS)

Understanding OpenBuild Service (OBS)

OpenBuild Service represents openSUSE’s community package building infrastructure. The home:MaxxedSUSE repository maintains updated Incus packages that may offer newer versions than official repositories.

Community-maintained packages often provide cutting-edge features and faster updates. However, they require careful evaluation of maintainer reliability and update consistency.

Version availability and update frequency vary by community repository. Some maintainers provide daily builds, while others follow more conservative update schedules.

Adding Community Repository

Repository addition requires careful attention to your openSUSE version. For Tumbleweed:

sudo zypper addrepo https://download.opensuse.org/repositories/home:/MaxxedSUSE/openSUSE_Tumbleweed/home:MaxxedSUSE.repo

For Leap 15.5:

sudo zypper addrepo https://download.opensuse.org/repositories/home:/MaxxedSUSE/15.5/home:MaxxedSUSE.repo

Repository refresh and GPG key handling:

sudo zypper refresh

Accept the GPG key when prompted, but verify the key fingerprint matches published values on the repository website.

Priority configuration helps manage package selection when multiple repositories offer the same package:

sudo zypper modifyrepo --priority 99 home_MaxxedSUSE

Installation Process

Package installation from community repository:

sudo zypper install incus

Handling potential conflicts with official packages may require explicit repository specification:

sudo zypper install -r home_MaxxedSUSE incus

Version verification and comparison ensures you’ve installed the intended package version:

zypper info incus

Community Repository Considerations

Maintainer reliability assessment involves reviewing the repository’s update history and community feedback. The MaxxedSUSE project maintains a good reputation for timely updates and stability.

Update schedules and security patches may differ from official repositories. Monitor community channels for update announcements and security advisories.

When to choose community over official packages depends on your specific requirements. Choose community repositories for bleeding-edge features or when official packages lack needed functionality.

Installation Method 3: Docker/Podman Container Deployment

Container-Based Installation Benefits

Isolation from host system provides enhanced security and reduces potential conflicts with system packages. Container deployment simplifies testing different Incus versions without affecting the host system.

Easy updates and rollbacks enable rapid version management. Container images can be updated by pulling new versions and restarting containers.

Ideal for MicroOS deployments where the host system uses immutable architecture. Containers provide a perfect solution for deploying Incus on read-only root filesystems.

Docker Installation Steps

Docker/Podman prerequisites must be installed first:

sudo zypper install docker
sudo systemctl start docker
sudo systemctl enable docker
sudo usermod -a -G docker $USER

Log out and back in to activate group membership.

Pulling official Incus container images:

docker pull lxc/incus:latest

Container configuration and networking requires careful setup for proper operation:

docker run -d --name incus \
  --privileged \
  --network host \
  -v /var/lib/incus:/var/lib/incus \
  -v /var/cache/incus:/var/cache/incus \
  lxc/incus:latest

Persistent Storage Setup

Volume mounting for container data ensures persistence across container restarts. Create dedicated directories for Incus data:

sudo mkdir -p /opt/incus/{lib,cache}

Configuration file management requires mapping configuration directories:

docker run -d --name incus \
  --privileged \
  --network host \
  -v /opt/incus/lib:/var/lib/incus \
  -v /opt/incus/cache:/var/cache/incus \
  -v /opt/incus/config:/etc/incus \
  lxc/incus:latest

Backup strategies for containerized deployments involve backing up mounted volumes and container configurations.

Container Management

Starting and stopping Incus containers:

docker start incus
docker stop incus

Resource allocation and limits can be configured during container creation:

docker run -d --name incus \
  --privileged \
  --network host \
  --memory=2g \
  --cpus=2 \
  -v /opt/incus/lib:/var/lib/incus \
  lxc/incus:latest

Integration with host system services may require additional configuration for seamless operation.

Installation Method 4: Building from Source

When to Build from Source

Latest features and development versions become available immediately through source compilation. This approach suits developers who need cutting-edge functionality or want to contribute to Incus development.

Custom compilation options allow optimization for specific hardware or use cases. Source builds enable feature customization that pre-built packages cannot provide.

Learning and development purposes benefit from the deep understanding that comes with building software from source.

Development Dependencies

Required build tools installation:

sudo zypper install -t pattern devel_basis
sudo zypper install git make pkg-config autoconf

Go language environment setup:

sudo zypper install go
export GOPATH=$HOME/go
export PATH=$PATH:$GOPATH/bin

Additional library requirements:

sudo zypper install liblxc-devel libacl-devel libcap-devel libuv-devel sqlite3-devel

Source Compilation Process

Repository cloning and preparation:

git clone https://github.com/lxc/incus.git
cd incus

Build configuration and compilation:

make deps
make

Installation and path configuration:

sudo make install
sudo ldconfig

Post-Build Configuration

Environment variables setup ensures proper library linking:

echo 'export LD_LIBRARY_PATH=/usr/local/lib:$LD_LIBRARY_PATH' >> ~/.bashrc
source ~/.bashrc

Binary path configuration adds Incus to system PATH:

echo 'export PATH=/usr/local/bin:$PATH' >> ~/.bashrc

Service integration considerations may require creating custom systemd service files for source-built installations.

Post-Installation Configuration

User and Group Management

Understanding groups is crucial for proper Incus operation. The installation creates incus and incus-admin groups with different permission levels.

Adding users to appropriate groups:

sudo usermod -a -G incus-admin $USER
sudo usermod -a -G incus $USER

Group activation requires logging out and back in, or using:

newgrp incus-admin

Incus Initialization

Interactive initialization provides comprehensive setup options:

incus admin init

This command presents a series of configuration questions covering storage backends, network configuration, and access controls.

Automated minimal setup for quick deployment:

incus admin init --minimal

Configuration options explained:

  • Storage backend selection (directory, ZFS, Btrfs)
  • Network bridge configuration
  • Clustering options
  • Security settings

Storage Backend Configuration

Default storage pool setup creates a basic storage environment:

incus storage create default dir source=/var/lib/incus/storage-pools/default

ZFS backend configuration for advanced features:

sudo zypper install zfs
incus storage create zfs-pool zfs source=/dev/sdb

BTRFS backend optimization leverages openSUSE’s filesystem strengths:

incus storage create btrfs-pool btrfs source=/var/lib/incus/btrfs-pool

Storage pool optimization for openSUSE includes considering filesystem-specific features and performance characteristics.

Network Configuration

Bridge network creation and management:

incus network create incusbr0
incus network set incusbr0 ipv4.address 10.0.0.1/24
incus network set incusbr0 ipv4.nat true

Firewall configuration for container access requires opening necessary ports:

sudo firewall-cmd --zone=public --add-port=8443/tcp --permanent
sudo firewall-cmd --reload

IPv6 considerations and setup enable dual-stack networking:

incus network set incusbr0 ipv6.address fd00::1/64
incus network set incusbr0 ipv6.nat true

Security Considerations

Subuid and subgid configuration enables unprivileged containers:

echo "root:1000000:1000000000" | sudo tee -a /etc/subuid /etc/subgid

Unprivileged container security provides isolation without elevated privileges. This configuration reduces security risks while maintaining full functionality.

Access control and authentication setup includes configuring certificates and access policies:

incus config set core.https_address [::]:8443
incus config set core.trust_password mypassword

First Steps and Testing Installation

Verifying Installation

Service status checking confirms all components are operational:

sudo systemctl status incus
incus info

Basic connectivity tests validate network configuration:

incus network list
incus storage list

Version and feature verification ensures full functionality:

incus version
incus info --resources

Launching First Container

Image list browsing shows available container images:

incus image list images: | grep debian

Container creation and launch:

incus launch images:debian/12 my-first-container
incus list

Container access and basic management:

incus exec my-first-container -- bash
incus stop my-first-container
incus start my-first-container

Testing Virtual Machine Support

VM launch process requires specific image types:

incus launch images:debian/12 debian-vm --vm

Hardware virtualization verification ensures proper VM support:

incus info debian-vm
incus exec debian-vm -- cat /proc/cpuinfo

Performance testing and optimization helps tune VM configurations:

incus config set debian-vm limits.cpu 2
incus config set debian-vm limits.memory 2GB

Basic Container Operations

Container lifecycle management includes creation, running, stopping, and deletion:

incus launch images:alpine/3.18 test-container
incus exec test-container -- apk add htop
incus snapshot test-container snap1
incus restore test-container snap1
incus delete test-container --force

Resource monitoring and adjustment:

incus info test-container --resources
incus config set test-container limits.cpu 1
incus config set test-container limits.memory 512MB

Snapshot creation and management provides backup and versioning capabilities:

incus snapshot test-container backup-$(date +%Y%m%d)
incus info test-container

Troubleshooting Common Issues

Installation Problems

Repository access issues often stem from network connectivity or repository configuration problems. Verify internet connectivity and repository URLs:

zypper lr -u
curl -I https://download.opensuse.org/repositories/home:/MaxxedSUSE/

Dependency conflicts resolution requires careful package management:

zypper verify
zypper install --recommends incus

Permission and privilege errors typically indicate insufficient user rights:

sudo chown -R $USER:$USER ~/.config/incus
sudo usermod -a -G incus-admin $USER

Service and Daemon Issues

Incus daemon startup problems may require manual intervention:

sudo systemctl restart incus
sudo journalctl -u incus -n 50

Socket permissions and access issues can prevent client connections:

sudo chmod 666 /var/lib/incus/unix.socket
ls -la /var/lib/incus/

Systemd service configuration troubleshooting:

sudo systemctl daemon-reload
sudo systemctl status incus
sudo systemctl enable incus

Network and Storage Problems

Bridge network creation failures often relate to kernel modules or permissions:

sudo modprobe bridge
sudo modprobe br_netfilter
lsmod | grep bridge

Storage backend initialization issues require filesystem-specific troubleshooting:

incus storage info default
sudo zpool status  # For ZFS issues
sudo btrfs filesystem show  # For Btrfs issues

Container connectivity problems may involve firewall or routing issues:

incus network info incusbr0
sudo iptables -L -n
sudo ip route show

openSUSE-Specific Considerations

SELinux and AppArmor interactions can affect container operations:

sudo aa-status
sudo setsebool -P container_connect_any_port on  # If SELinux is enabled

Firewall configuration with firewalld or SuSEfirewall2:

sudo firewall-cmd --list-all
sudo firewall-cmd --zone=public --add-masquerade --permanent

Package manager conflicts resolution:

zypper dup --no-recommends
zypper verify --root

Community Support Resources

openSUSE forums and documentation provide platform-specific guidance. The openSUSE wiki contains extensive container documentation and troubleshooting guides.

Incus community channels include GitHub discussions, Matrix chat rooms, and mailing lists. These resources offer direct access to developers and experienced users.

Log analysis and debugging techniques help identify root causes:

sudo journalctl -u incus --since "1 hour ago"
incus info --show-log
sudo dmesg | grep incus

Best Practices and Optimization

Performance Optimization

Resource allocation strategies should balance container needs with host system requirements. Monitor resource usage patterns and adjust limits accordingly:

incus info --resources
incus config set container-name limits.cpu.allowance 50%
incus config set container-name limits.memory.swap false

Storage backend selection significantly impacts performance. ZFS provides excellent features but requires more memory. Btrfs offers good performance with snapshot capabilities. Directory storage provides simplicity but fewer features.

Network performance tuning includes optimizing bridge configurations and considering dedicated networking hardware for high-throughput scenarios.

Security Hardening

Regular update procedures maintain security posture:

sudo zypper update
incus image refresh
incus config set images.auto_update_interval 24

Access control implementation restricts unauthorized access:

incus config set core.trust_password $(openssl rand -base64 32)
incus config trust add client.crt

Container isolation best practices include using unprivileged containers, limiting capabilities, and implementing network segmentation.

Backup and Recovery

Container and VM backup strategies ensure data protection:

incus export container-name container-backup.tar.gz
incus snapshot container-name daily-$(date +%Y%m%d)

Configuration backup procedures preserve system settings:

tar -czf incus-config-backup.tar.gz /var/lib/incus/
incus admin export backup.yaml

Disaster recovery planning includes regular backup testing, documentation of recovery procedures, and maintenance of offline backup copies.

Maintenance Procedures

Regular system health checks prevent issues before they become critical:

incus info
incus storage info default
incus network info incusbr0
df -h /var/lib/incus/

Log rotation and cleanup manage disk space:

sudo journalctl --vacuum-time=30d
incus image list --format csv | grep -v "^|" | wc -l

Update management strategies balance stability with security. Test updates in development environments before applying to production systems.

Congratulations! You have successfully installed Incus. Thanks for using this tutorial for installing Incus container and virtual machine manager on openSUSE Linux system. For additional help or useful information, we recommend you check the official Incus website.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!
Tags
r00t
Photo of r00t

r00t

r00t is an experienced Linux enthusiast and technical writer with a passion for open-source software. With years of hands-on experience in various Linux distributions, r00t has developed a deep understanding of the Linux ecosystem and its powerful tools. He holds certifications in SCE and has contributed to several open-source projects. r00t is dedicated to sharing her knowledge and expertise through well-researched and informative articles, helping others navigate the world of Linux with confidence.
Copyright © 2025 idroot.us | All Rights Reserved | Follow us for more Linux tutorials!
Back to top button