Merge pull request 'metal3: Stop filtering kernel drivers embeded in IPA ramdisk' (#291 ) from nbelouin/Factory:enable-irdma into main

Reviewed-on: suse-edge/Factory#291 Reviewed-by: Steven Hardy <steven.hardy@noreply.src.opensuse.org>
Merge pull request 'fix(metal3): Fix a typo in the media subchart' (#296 ) from nbelouin/Factory:fix-metal3-media-typo into main
2025-10-23 16:07:09 +02:00 · 2025-10-23 14:33:04 +02:00 · 2025-10-23 11:54:18 +02:00 · 2025-10-23 11:09:57 +02:00 · 2025-10-23 11:05:25 +02:00 · 2025-10-22 10:35:34 +02:00
20 changed files with 485 additions and 265 deletions
--- a/ironic-image/Dockerfile
+++ b/ironic-image/Dockerfile
@@ -1,6 +1,6 @@
 # SPDX-License-Identifier: Apache-2.0
-#!BuildTag: %%IMG_PREFIX%%ironic:29.0.4.3
+#!BuildTag: %%IMG_PREFIX%%ironic:29.0.4.4
-#!BuildTag: %%IMG_PREFIX%%ironic:29.0.4.3-%RELEASE%
+#!BuildTag: %%IMG_PREFIX%%ironic:29.0.4.4-%RELEASE%
 ARG SLE_VERSION
 FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro
@@ -41,8 +41,8 @@ LABEL org.opencontainers.image.description="Openstack Ironic based on the SLE Ba
 LABEL org.opencontainers.image.url="https://www.suse.com/products/server/"
 LABEL org.opencontainers.image.created="%BUILDTIME%"
 LABEL org.opencontainers.image.vendor="SUSE LLC"
-LABEL org.opencontainers.image.version="29.0.4.3"
+LABEL org.opencontainers.image.version="29.0.4.4"
-LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%ironic:29.0.4.3-%RELEASE%"
+LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%ironic:29.0.4.4-%RELEASE%"
 LABEL org.openbuildservice.disturl="%DISTURL%"
 LABEL com.suse.supportlevel="%%SUPPORT_LEVEL%%"
 LABEL com.suse.eula="SUSE Combined EULA February 2024"
--- a/ironic-image/ironic-config/apache2-vmedia.conf.j2
+++ b/ironic-image/ironic-config/apache2-vmedia.conf.j2
@@ -11,6 +11,19 @@ Listen [::]:{{ env.VMEDIA_TLS_PORT }}
    SSLCertificateFile {{ env.IRONIC_VMEDIA_CERT_FILE }}
    SSLCertificateKeyFile {{ env.IRONIC_VMEDIA_KEY_FILE }}
    {% if "IRONIC_VMEDIA_TLS_12_CIPHERS" in env and env.IRONIC_VMEDIA_TLS_12_CIPHERS %}
    SSLCipherSuite {{ env.IRONIC_VMEDIA_TLS_12_CIPHERS }}
    {% endif %}
    {% if "IRONIC_VMEDIA_TLS_13_CIPHERS" in env and env.IRONIC_VMEDIA_TLS_13_CIPHERS %}
    SSLCipherSuite TLSv1.3 {{ env.IRONIC_VMEDIA_TLS_13_CIPHERS }}
    {% endif %}
    {% if "IRONIC_VMEDIA_CURVES" in env and env.IRONIC_VMEDIA_CURVES %}
    SSLOpenSSLConfCmd Curves {{ env.IRONIC_VMEDIA_CURVES }}
    {% endif %}
    {% if env.IRONIC_VMEDIA_TLS_ENFORCE_SERVER_CIPHER_ORDER | lower == "true" %}
    SSLHonorCipherOrder on
    {% endif %}
    <Directory "/shared/html/">
        Options Indexes FollowSymLinks
        AllowOverride None
--- a/ironic-ipa-downloader-image/Dockerfile
+++ b/ironic-ipa-downloader-image/Dockerfile
@@ -1,6 +1,6 @@
 # SPDX-License-Identifier: Apache-2.0
-#!BuildTag: %%IMG_PREFIX%%ironic-ipa-downloader:3.0.9
+#!BuildTag: %%IMG_PREFIX%%ironic-ipa-downloader:3.0.10
-#!BuildTag: %%IMG_PREFIX%%ironic-ipa-downloader:3.0.9-%RELEASE%
+#!BuildTag: %%IMG_PREFIX%%ironic-ipa-downloader:3.0.10-%RELEASE%
 ARG SLE_VERSION
 FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro
@@ -18,11 +18,11 @@ FROM micro AS final
 LABEL org.opencontainers.image.authors="SUSE LLC (https://www.suse.com/)"
 LABEL org.opencontainers.image.title="SLE Based Ironic IPA Downloader Container Image"
 LABEL org.opencontainers.image.description="ironic-ipa-downloader based on the SLE Base Container Image."
-LABEL org.opencontainers.image.version="3.0.9"
+LABEL org.opencontainers.image.version="3.0.10"
 LABEL org.opencontainers.image.url="https://www.suse.com/solutions/edge-computing/"
 LABEL org.opencontainers.image.created="%BUILDTIME%"
 LABEL org.opencontainers.image.vendor="SUSE LLC"
-LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%ironic-ipa-downloader:3.0.9-%RELEASE%"
+LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%ironic-ipa-downloader:3.0.10-%RELEASE%"
 LABEL org.openbuildservice.disturl="%DISTURL%"
 LABEL com.suse.supportlevel="%%SUPPORT_LEVEL%%"
 LABEL com.suse.eula="SUSE Combined EULA February 2024"
--- a/ironic-ipa-downloader-image/Dockerfile.aarch64
+++ b/ironic-ipa-downloader-image/Dockerfile.aarch64
@@ -1,6 +1,6 @@
 # SPDX-License-Identifier: Apache-2.0
-#!BuildTag: %%IMG_PREFIX%%ironic-ipa-downloader-aarch64:3.0.9
+#!BuildTag: %%IMG_PREFIX%%ironic-ipa-downloader-aarch64:3.0.10
-#!BuildTag: %%IMG_PREFIX%%ironic-ipa-downloader-aarch64:3.0.9-%RELEASE%
+#!BuildTag: %%IMG_PREFIX%%ironic-ipa-downloader-aarch64:3.0.10-%RELEASE%
 ARG SLE_VERSION
 FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro
@@ -18,11 +18,11 @@ FROM micro AS final
 LABEL org.opencontainers.image.authors="SUSE LLC (https://www.suse.com/)"
 LABEL org.opencontainers.image.title="SLE Based Ironic IPA Downloader Container Image"
 LABEL org.opencontainers.image.description="ironic-ipa-downloader based on the SLE Base Container Image."
-LABEL org.opencontainers.image.version="3.0.9"
+LABEL org.opencontainers.image.version="3.0.10"
 LABEL org.opencontainers.image.url="https://www.suse.com/solutions/edge-computing/"
 LABEL org.opencontainers.image.created="%BUILDTIME%"
 LABEL org.opencontainers.image.vendor="SUSE LLC"
-LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%ironic-ipa-downloader:3.0.9-%RELEASE%"
+LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%ironic-ipa-downloader:3.0.10-%RELEASE%"
 LABEL org.openbuildservice.disturl="%DISTURL%"
 LABEL com.suse.supportlevel="%%SUPPORT_LEVEL%%"
 LABEL com.suse.eula="SUSE Combined EULA February 2024"
--- a/ironic-ipa-downloader-image/Dockerfile.x86_64
+++ b/ironic-ipa-downloader-image/Dockerfile.x86_64
@@ -1,6 +1,6 @@
 # SPDX-License-Identifier: Apache-2.0
-#!BuildTag: %%IMG_PREFIX%%ironic-ipa-downloader-x86_64:3.0.9
+#!BuildTag: %%IMG_PREFIX%%ironic-ipa-downloader-x86_64:3.0.10
-#!BuildTag: %%IMG_PREFIX%%ironic-ipa-downloader-x86_64:3.0.9-%RELEASE%
+#!BuildTag: %%IMG_PREFIX%%ironic-ipa-downloader-x86_64:3.0.10-%RELEASE%
 ARG SLE_VERSION
 FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro
@@ -18,11 +18,11 @@ FROM micro AS final
 LABEL org.opencontainers.image.authors="SUSE LLC (https://www.suse.com/)"
 LABEL org.opencontainers.image.title="SLE Based Ironic IPA Downloader Container Image"
 LABEL org.opencontainers.image.description="ironic-ipa-downloader based on the SLE Base Container Image."
-LABEL org.opencontainers.image.version="3.0.9"
+LABEL org.opencontainers.image.version="3.0.10"
 LABEL org.opencontainers.image.url="https://www.suse.com/solutions/edge-computing/"
 LABEL org.opencontainers.image.created="%BUILDTIME%"
 LABEL org.opencontainers.image.vendor="SUSE LLC"
-LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%ironic-ipa-downloader:3.0.9-%RELEASE%"
+LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%ironic-ipa-downloader:3.0.10-%RELEASE%"
 LABEL org.openbuildservice.disturl="%DISTURL%"
 LABEL com.suse.supportlevel="%%SUPPORT_LEVEL%%"
 LABEL com.suse.eula="SUSE Combined EULA February 2024"
--- a/ironic-ipa-ramdisk/config.sh
+++ b/ironic-ipa-ramdisk/config.sh
@@ -16,7 +16,7 @@ baseSetupBuildDay
 #==========================================
 # remove unneded kernel files
 #------------------------------------------
-suseStripKernel
+#suseStripKernel
 baseStripLocales en_US.utf-8 C.utf8
 #======================================
--- a/ironic-ipa-ramdisk/ironic-ipa-ramdisk.kiwi
+++ b/ironic-ipa-ramdisk/ironic-ipa-ramdisk.kiwi
@@ -28,68 +28,6 @@
      <source path="dir:///.build.binaries"/>
    </repository>
    <drivers>
        <file name="crypto/*"/>
        <file name="drivers/acpi/*"/>
        <file name="drivers/acpi/dock.ko"/>
        <file name="drivers/ata/*"/>
        <file name="drivers/block/brd.ko"/>
        <file name="drivers/block/cciss.ko"/>
        <file name="drivers/block/loop.ko"/>
        <file name="drivers/block/virtio_blk.ko"/>
        <file name="drivers/cdrom/*"/>
        <file name="drivers/char/hw_random/virtio-rng.ko"/>
        <file name="drivers/char/lp.ko"/>
        <file name="drivers/char/ipmi/*"/>
        <file name="drivers/firmware/iscsi_ibft.ko"/>
        <file name="drivers/firmware/edd.ko"/>
        <file name="drivers/gpu/drm/*"/>
        <file name="drivers/hid/*"/>
        <file name="drivers/hv/*"/>
        <file name="drivers/hwmon/*"/>
        <file name="drivers/ide/*"/>
        <file name="drivers/input/keyboard/*"/>
        <file name="drivers/input/mouse/*"/>
        <file name="drivers/md/*"/>
        <file name="drivers/message/fusion/*"/>
        <file name="drivers/misc/hpilo.ko"/>
        <file name="drivers/net/*"/>
        <file name="drivers/parport/*"/>
        <file name="drivers/scsi/*"/>
        <file name="drivers/staging/hv/*"/>
        <file name="drivers/target/*"/>
        <file name="drivers/thermal/*"/>
        <file name="drivers/usb/*"/>
        <file name="drivers/virtio/*"/>
        <file name="fs/binfmt_aout.ko"/>
        <file name="fs/binfmt_misc.ko"/>
        <file name="fs/overlayfs/*"/>
        <file name="fs/btrfs/*"/>
        <file name="fs/exportfs/*"/>
        <file name="fs/ext4/*"/>
        <file name="fs/fat/*"/>
        <file name="fs/fuse/*"/>
        <file name="fs/hfs/*"/>
        <file name="fs/jbd2/*"/>
        <file name="fs/nfs/*"/>
        <file name="fs/mbcache.ko"/>
        <file name="fs/nls/nls_cp437.ko"/>
        <file name="fs/nls/nls_iso8859-1.ko"/>
        <file name="fs/nls/nls_utf8.ko"/>
        <file name="fs/quota_v1.ko"/>
        <file name="fs/quota_v2.ko"/>
        <file name="fs/squashfs/*"/>
        <file name="fs/udf/*"/>
        <file name="fs/vfat/*"/>
        <file name="fs/xfs/*"/>
        <file name="fs/isofs/*"/>
        <file name="lib/crc-t10dif.ko"/>
        <file name="lib/crc16.ko"/>
        <file name="lib/libcrc32c.ko"/>
        <file name="lib/zlib_deflate/zlib_deflate.ko"/>
        <file name="net/packet/*"/>
    </drivers>
    <packages type="delete">
        <package name="gpg2"/>
        <package name="libcairo2"/>
--- a/ironic-ipa-ramdisk/ironic-ipa-ramdisk.spec
+++ b/ironic-ipa-ramdisk/ironic-ipa-ramdisk.spec
@@ -19,7 +19,7 @@
 Name:           ironic-ipa-ramdisk
-Version:        3.0.7
+Version:        3.0.8
 Release:        0
 Summary:        Kernel and ramdisk image for OpenStack Ironic
 License:        SUSE-EULA
--- a/kiwi-builder-image/Dockerfile
+++ b/kiwi-builder-image/Dockerfile
@@ -1,8 +1,8 @@
-#!BuildTag: %%IMG_PREFIX%%kiwi-builder:10.2.12.0-%RELEASE%
+#!BuildTag: %%IMG_PREFIX%%kiwi-builder:10.2.29.0-%RELEASE%
-#!BuildTag: %%IMG_PREFIX%%kiwi-builder:10.2.12.0
+#!BuildTag: %%IMG_PREFIX%%kiwi-builder:10.2.29.0
 # Base image version, should match the tag above
-ARG KIWIVERSION="10.2.12"
+ARG KIWIVERSION="10.2.29"
 FROM registry.suse.com/bci/kiwi:${KIWIVERSION}
 ARG KIWIVERSION
--- a/kiwi-builder-image/SL-Micro.kiwi
+++ b/kiwi-builder-image/SL-Micro.kiwi
@@ -30,16 +30,13 @@
        <profile name="x86-self_install" description="Raw disk for x86_64 - uEFI" arch="x86_64">
            <requires profile="bootloader"/>
        </profile>
        <profile name="aarch64" description="Raw disk for aarch64 - uEFI" arch="aarch64">
            <requires profile="bootloader"/>
        </profile>
        <profile name="aarch64-self_install" description="Raw disk for aarch64" arch="aarch64">
            <requires profile="bootloader"/>
        </profile>
        <profile name="aarch64-rt" description="Raw disk for aarch64 with RT kernel" arch="aarch64">
            <requires profile="bootloader"/>
        </profile>
-        <profile name="aarch64-rt-rpi" description="Raw disk for aarch64 with RT kernel on Raspberry Pi" arch="aarch64">
+        <profile name="aarch64-rt-encrypted" description="Raw disk for aarch64 with RT kernel" arch="aarch64">
            <requires profile="bootloader"/>
        </profile>
        <profile name="aarch64-rt-self_install" description="Raw disk for aarch64 with RT kernel" arch="aarch64">
@@ -60,6 +57,15 @@
        <profile name="rpi" description="Raw disk for Raspberry Pi" arch="aarch64">
            <requires profile="bootloader"/>
        </profile>
        <profile name="rpi-self_install" description="Raw disk for Raspberry Pi" arch="aarch64">
            <requires profile="bootloader"/>
        </profile>
        <profile name="aarch64" description="Raw disk for Raspberry Pi" arch="aarch64">
            <requires profile="bootloader"/>
        </profile>
        <profile name="aarch64-encrypted" description="Raw disk for Raspberry Pi" arch="aarch64">
            <requires profile="bootloader"/>
        </profile>
        <profile name="x86-qcow" description="qcow2 for x86_64 - uEFI" arch="x86_64">
            <requires profile="bootloader"/>
        </profile>
@@ -90,6 +96,15 @@
        <profile name="ppc64le-4096ss-self_install" description="Raw disk for PPc64 - 4096 sector size" arch="ppc64le">
            <requires profile="bootloader"/>
        </profile>
        <profile name="aarch64-64kb" description="Build 64K page size aarch64 images" arch="aarch64">
            <requires profile="bootloader"/>
        </profile>
        <profile name="aarch64-64kb-encrypted" description="Build 64K page size aarch64 images" arch="aarch64">
            <requires profile="bootloader"/>
        </profile>
        <profile name="aarch64-64kb-self_install" description="Build 64K page size aarch64 images" arch="aarch64">
            <requires profile="bootloader"/>
        </profile>
        <!-- Images (flavor + platform) -->
        <profile name="Default" description="SL Micro with Podman and KVM as raw image with uEFI boot" arch="x86_64">
            <requires profile="full"/>
@@ -154,18 +169,10 @@
            <requires profile="full"/>
            <requires profile="aarch64"/>
        </profile>
        <profile name="Default-RPi" description="SL Micro with Podman and KVM as raw image with uEFI boot" arch="aarch64">
            <requires profile="full"/>
            <requires profile="rpi"/>
        </profile>
        <profile name="Base" description="SL Micro with Podman as raw image with uEFI boot" arch="aarch64">
            <requires profile="container-host"/>
            <requires profile="aarch64"/>
        </profile>
        <profile name="Base-RPi" description="SL Micro with Podman as raw image with uEFI boot" arch="aarch64">
            <requires profile="container-host"/>
            <requires profile="rpi"/>
        </profile>
        <profile name="Base-RT" description="SL Micro with Podman as raw image with uEFI boot" arch="x86_64">
            <requires profile="container-host"/>
            <requires profile="x86-rt"/>
@@ -179,10 +186,6 @@
            <requires profile="container-host"/>
            <requires profile="aarch64-rt"/>
        </profile>
        <profile name="Base-RT-RPi" description="SL Micro with Podman as raw image with uEFI boot" arch="aarch64">
            <requires profile="container-host"/>
            <requires profile="aarch64-rt-rpi"/>
        </profile>
        <profile name="Base-RT-SelfInstall" description="SL Micro with Podman as raw image with uEFI boot - SelfInstall" arch="aarch64">
            <requires profile="container-host"/>
            <requires profile="aarch64-rt-self_install"/>
@@ -277,10 +280,42 @@
            <requires profile="ppc64le-4096ss-self_install"/>
            <requires profile="self_install"/>
        </profile>
 	<profile name="Default-64kb-SelfInstall" description="SL Micro with 64K page size images" arch="aarch64">
            <requires profile="full"/>
            <requires profile="aarch64-64kb-self_install"/>
        </profile>
 	<profile name="Base-64kb-SelfInstall" description="SL Micro with 64K page size images" arch="aarch64">
            <requires profile="container-host"/>
            <requires profile="aarch64-64kb-self_install"/>
        </profile>
 	<profile name="Default-64kb" description="SL Micro with 64K page size images" arch="aarch64">
            <requires profile="full"/>
            <requires profile="aarch64-64kb"/>
        </profile>
 	<profile name="Base-64kb" description="SL Micro with 64K page size images" arch="aarch64">
            <requires profile="container-host"/>
            <requires profile="aarch64-64kb"/>
        </profile>
 	<profile name="Default-64kb-encrypted" description="SL Micro with 64K page size images" arch="aarch64">
            <requires profile="full"/>
            <requires profile="aarch64-64kb-encrypted"/>
        </profile>
 	<profile name="Base-64kb-encrypted" description="SL Micro with 64K page size images" arch="aarch64">
            <requires profile="container-host"/>
            <requires profile="aarch64-64kb-encrypted"/>
        </profile>
 	<profile name="RaspberryPi-SelfInstall" description="SL Micro for Rapsberry Pi" arch="aarch64">
            <requires profile="full"/>
            <requires profile="rpi-self_install"/>
        </profile>
 	<profile name="RaspberryPi" description="SL Micro for Raspberry Pi" arch="aarch64">
            <requires profile="full"/>
            <requires profile="rpi"/>
        </profile>
    </profiles>
    <preferences profiles="x86-encrypted,x86-rt-encrypted">
-        <version>6.1</version>
+        <version>6.2</version>
        <packagemanager>zypper</packagemanager>
        <bootsplash-theme>SLE</bootsplash-theme>
        <bootloader-theme>SLE</bootloader-theme>
@@ -291,7 +326,8 @@
            initrd_system="dracut"
            filesystem="btrfs"
            firmware="uefi"
-            kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet systemd.show_status=1 net.ifnames=0"
+            efipartsize="512"
            kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 rd.kiwi.oem.luks.reencrypt rd.kiwi.oem.luks.reencrypt_randompass quiet systemd.show_status=1"
            bootpartition="false"
            bootkernel="custom"
            devicepersistency="by-uuid"
@@ -323,7 +359,7 @@
        </type>
    </preferences>
    <preferences profiles="x86,x86-rt">
-        <version>6.1</version>
+        <version>6.2</version>
        <packagemanager>zypper</packagemanager>
        <bootsplash-theme>SLE</bootsplash-theme>
        <bootloader-theme>SLE</bootloader-theme>
@@ -334,7 +370,8 @@
            initrd_system="dracut"
            filesystem="btrfs"
            firmware="uefi"
-            kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet systemd.show_status=1 net.ifnames=0"
+            efipartsize="512"
            kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet systemd.show_status=1"
            bootpartition="false"
            bootkernel="custom"
            devicepersistency="by-uuid"
@@ -359,7 +396,7 @@
    </preferences>
    <preferences profiles="x86-self_install,x86-rt-self_install">
-        <version>6.1</version>
+        <version>6.2</version>
        <packagemanager>zypper</packagemanager>
        <bootsplash-theme>SLE</bootsplash-theme>
        <bootloader-theme>SLE</bootloader-theme>
@@ -374,7 +411,8 @@
            installboot="install"
            install_continue_on_timeout="false"
            firmware="uefi"
-            kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet systemd.show_status=1 net.ifnames=0"
+            efipartsize="512"
            kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet systemd.show_status=1"
            bootpartition="false"
            bootkernel="custom"
            devicepersistency="by-uuid"
@@ -397,9 +435,8 @@
            </systemdisk>
        </type>
    </preferences>
-
+    <preferences profiles="aarch64,aarch64-rt,aarch64-64kb">
-    <preferences profiles="rpi,aarch64-rt-rpi">
+        <version>6.2</version>
        <version>6.1</version>
        <packagemanager>zypper</packagemanager>
        <bootsplash-theme>SLE</bootsplash-theme>
        <bootloader-theme>SLE</bootloader-theme>
@@ -414,11 +451,96 @@
            install_continue_on_timeout="false"
            fsmountoptions="noatime"
            firmware="uefi"
-            kernelcmdline="security=selinux selinux=1 quiet systemd.show_status=1 net.ifnames=0"
+            efipartsize="512"
            kernelcmdline="security=selinux selinux=1 quiet systemd.show_status=1"
            bootpartition="false"
            devicepersistency="by-uuid"
            btrfs_root_is_snapshot="true"
            btrfs_root_is_readonly_snapshot="true"
            btrfs_quota_groups="false"
            disk_start_sector="8192"
        >
            <bootloader name="grub2" console="gfxterm" timeout="3" />
            <systemdisk>
                <volume name="home"/>
                <volume name="root"/>
                <!-- on tmpfs jsc#SMO-2                <volume name="tmp"/> -->
                <volume name="opt"/>
                <volume name="srv"/>
                <volume name="boot/grub2/arm64-efi" mountpoint="boot/grub2/arm64-efi"/>
                <volume name="boot/writable"/>
                <volume name="usr/local"/>
                <volume name="var" copy_on_write="false"/>
            </systemdisk>
        </type>
    </preferences>
    <preferences profiles="aarch64-encrypted,aarch64-rt-encrypted,aarch64-64kb-encrypted">
        <version>6.2</version>
        <packagemanager>zypper</packagemanager>
        <bootsplash-theme>SLE</bootsplash-theme>
        <bootloader-theme>SLE</bootloader-theme>
        <rpm-excludedocs>true</rpm-excludedocs>
        <locale>en_US</locale>
        <type
            image="oem"
            initrd_system="dracut"
            installiso="true"
            filesystem="btrfs"
            installboot="install"
            install_continue_on_timeout="false"
            fsmountoptions="noatime"
            firmware="uefi"
            efipartsize="512"
            kernelcmdline="security=selinux selinux=1 rd.kiwi.oem.luks.reencrypt rd.kiwi.oem.luks.reencrypt_randompass quiet systemd.show_status=1"
            bootpartition="false"
            devicepersistency="by-uuid"
            btrfs_root_is_snapshot="true"
            btrfs_root_is_readonly_snapshot="true"
            btrfs_quota_groups="false"
            disk_start_sector="8192"
            luks_version="luks2"
            luks="1234"
 	    luks_randomize="false"
 	    luks_pbkdf="pbkdf2"
        >
            <luksformat>
                <option name="--cipher" value="aes-xts-plain64"/>
            </luksformat>
            <bootloader name="grub2" console="gfxterm" use_disk_password="true" timeout="3" />
            <systemdisk>
                <volume name="home"/>
                <volume name="root"/>
                <!-- on tmpfs jsc#SMO-2                <volume name="tmp"/> -->
                <volume name="opt"/>
                <volume name="srv"/>
                <volume name="boot/grub2/arm64-efi" mountpoint="boot/grub2/arm64-efi"/>
                <volume name="boot/writable"/>
                <volume name="usr/local"/>
                <volume name="var" copy_on_write="false"/>
            </systemdisk>
        </type>
    </preferences>
    <preferences profiles="rpi">
        <version>6.2</version>
        <packagemanager>zypper</packagemanager>
        <bootsplash-theme>SLE</bootsplash-theme>
        <bootloader-theme>SLE</bootloader-theme>
        <rpm-excludedocs>true</rpm-excludedocs>
        <locale>en_US</locale>
        <type
            image="oem"
            initrd_system="dracut"
            installiso="true"
            filesystem="btrfs"
            installboot="install"
            install_continue_on_timeout="false"
            fsmountoptions="noatime"
            firmware="uefi"
            efipartsize="512"
            kernelcmdline="console=ttyS0,115200n8 console=tty0 security=selinux selinux=1 quiet systemd.show_status=1"
            bootpartition="false"
            devicepersistency="by-uuid"
            btrfs_root_is_snapshot="true"
            efipartsize="128"
            editbootinstall="editbootinstall_rpi.sh"
            btrfs_root_is_readonly_snapshot="true"
            btrfs_quota_groups="false"
@@ -438,9 +560,8 @@
            </systemdisk>
        </type>
    </preferences>
-
+    <preferences profiles="aarch64-self_install,aarch64-rt-self_install,aarch64-64kb-self_install">
-    <preferences profiles="aarch64,aarch64-rt">
+        <version>6.2</version>
        <version>6.1</version>
        <packagemanager>zypper</packagemanager>
        <bootsplash-theme>SLE</bootsplash-theme>
        <bootloader-theme>SLE</bootloader-theme>
@@ -450,19 +571,20 @@
            image="oem"
            initrd_system="dracut"
            installiso="true"
            installpxe="true"
            filesystem="btrfs"
            installboot="install"
            install_continue_on_timeout="false"
            fsmountoptions="noatime"
            firmware="uefi"
-            kernelcmdline="security=selinux selinux=1 quiet systemd.show_status=1 net.ifnames=0"
+            efipartsize="512"
            kernelcmdline="security=selinux selinux=1 quiet systemd.show_status=1"
            bootpartition="false"
            bootkernel="custom"
            devicepersistency="by-uuid"
            btrfs_root_is_snapshot="true"
            efipartsize="128"
            btrfs_root_is_readonly_snapshot="true"
-            btrfs_quota_groups="false"
+            btrfs_quota_groups="true"
-            disk_start_sector="4096"
+            disk_start_sector="8192"
        >
            <bootloader name="grub2" console="gfxterm" timeout="3" />
            <systemdisk>
@@ -478,8 +600,8 @@
            </systemdisk>
        </type>
    </preferences>
-    <preferences profiles="aarch64-self_install,aarch64-rt-self_install">
+    <preferences profiles="rpi-self_install">
-        <version>6.1</version>
+        <version>6.2</version>
        <packagemanager>zypper</packagemanager>
        <bootsplash-theme>SLE</bootsplash-theme>
        <bootloader-theme>SLE</bootloader-theme>
@@ -494,13 +616,14 @@
            installboot="install"
            install_continue_on_timeout="false"
            firmware="uefi"
-            efipartsize="128"
+            efipartsize="512"
-            kernelcmdline="security=selinux selinux=1 quiet systemd.show_status=1 net.ifnames=0"
+            kernelcmdline="console=ttyS0,115200n8 console=tty0 security=selinux selinux=1 quiet systemd.show_status=1"
            bootpartition="false"
            bootkernel="custom"
            devicepersistency="by-uuid"
            btrfs_root_is_snapshot="true"
            btrfs_root_is_readonly_snapshot="true"
            editbootinstall="editbootinstall_rpi.sh"
            btrfs_quota_groups="true"
            disk_start_sector="4096"
        >
@@ -520,7 +643,7 @@
    </preferences>
    <preferences profiles="s390-kvm">
-        <version>6.1</version>
+        <version>6.2</version>
        <packagemanager>zypper</packagemanager>
        <bootsplash-theme>SLE</bootsplash-theme>
        <bootloader-theme>SLE</bootloader-theme>
@@ -558,7 +681,7 @@
    <preferences profiles="s390-dasd">
-        <version>6.1</version>
+        <version>6.2</version>
        <packagemanager>zypper</packagemanager>
        <bootsplash-theme>SLE</bootsplash-theme>
        <bootloader-theme>SLE</bootloader-theme>
@@ -596,7 +719,7 @@
    <preferences profiles="s390-fba">
-        <version>6.1</version>
+        <version>6.2</version>
        <packagemanager>zypper</packagemanager>
        <bootsplash-theme>SLE</bootsplash-theme>
        <bootloader-theme>SLE</bootloader-theme>
@@ -631,7 +754,7 @@
    </preferences>
    <preferences profiles="s390-fcp">
-        <version>6.1</version>
+        <version>6.2</version>
        <packagemanager>zypper</packagemanager>
        <bootsplash-theme>SLE</bootsplash-theme>
        <bootloader-theme>SLE</bootloader-theme>
@@ -670,7 +793,7 @@
    </preferences>
    <preferences profiles="x86-vmware">
-        <version>6.1</version>
+        <version>6.2</version>
        <packagemanager>zypper</packagemanager>
        <bootsplash-theme>SLE</bootsplash-theme>
        <bootloader-theme>SLE</bootloader-theme>
@@ -681,6 +804,7 @@
            filesystem="btrfs"
            format="vmdk"
            firmware="uefi"
            efipartsize="512"
            bootpartition="false"
            bootkernel="custom"
            devicepersistency="by-uuid"
@@ -701,11 +825,11 @@
                <volume name="var" copy_on_write="false"/>
            </systemdisk>
            <size unit="G">24</size>
-            <machine memory="1024" HWversion="10" guestOS="suse-64"/>
+            <machine memory="1024" HWversion="17" guestOS="suse-64"/>
        </type>
    </preferences>
    <preferences profiles="x86-qcow">
-        <version>6.1</version>
+        <version>6.2</version>
        <packagemanager>zypper</packagemanager>
        <bootsplash-theme>SLE</bootsplash-theme>
        <bootloader-theme>SLE</bootloader-theme>
@@ -716,7 +840,8 @@
            format="qcow2"
            filesystem="btrfs"
            firmware="uefi"
-            kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet systemd.show_status=1 net.ifnames=0 ignition.platform.id=qemu"
+            efipartsize="512"
            kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet systemd.show_status=1 ignition.platform.id=qemu"
            bootpartition="false"
            bootkernel="custom"
            devicepersistency="by-uuid"
@@ -742,7 +867,7 @@
    </preferences>
    <preferences profiles="aarch64-qcow">
-        <version>6.1</version>
+        <version>6.2</version>
        <packagemanager>zypper</packagemanager>
        <bootsplash-theme>SLE</bootsplash-theme>
        <bootloader-theme>SLE</bootloader-theme>
@@ -753,8 +878,8 @@
            format="qcow2"
            filesystem="btrfs"
            firmware="uefi"
-            efipartsize="128"
+            efipartsize="512"
-            kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet systemd.show_status=1 net.ifnames=0 ignition.platform.id=qemu"
+            kernelcmdline="security=selinux selinux=1 quiet systemd.show_status=1 ignition.platform.id=qemu"
            bootpartition="false"
            bootkernel="custom"
            devicepersistency="by-uuid"
@@ -777,7 +902,7 @@
    </preferences>
    <preferences profiles="ppc64le-512ss">
-        <version>6.1</version>
+        <version>6.2</version>
        <packagemanager>zypper</packagemanager>
        <bootsplash-theme>SLE</bootsplash-theme>
        <bootloader-theme>SLE</bootloader-theme>
@@ -788,7 +913,7 @@
            image="oem"
            filesystem="btrfs"
            firmware="ofw"
-            kernelcmdline="console=hvc0,115200 security=selinux selinux=1 quiet systemd.show_status=1 net.ifnames=0 ignition.platform.id=metal"
+            kernelcmdline="console=hvc0,115200 security=selinux selinux=1 quiet systemd.show_status=1 ignition.platform.id=metal"
            bootpartition="false"
            bootkernel="custom"
            devicepersistency="by-uuid"
@@ -810,7 +935,7 @@
        </type>
    </preferences>
    <preferences profiles="ppc64le-4096ss">
-        <version>6.1</version>
+        <version>6.2</version>
        <packagemanager>zypper</packagemanager>
        <bootsplash-theme>SLE</bootsplash-theme>
        <bootloader-theme>SLE</bootloader-theme>
@@ -824,7 +949,7 @@
            target_blocksize="4096"
            filesystem="btrfs"
            firmware="ofw"
-            kernelcmdline="console=hvc0,115200 security=selinux selinux=1 quiet systemd.show_status=1 net.ifnames=0 ignition.platform.id=metal"
+            kernelcmdline="console=hvc0,115200 security=selinux selinux=1 quiet systemd.show_status=1 ignition.platform.id=metal"
            bootpartition="false"
            bootkernel="custom"
            devicepersistency="by-uuid"
@@ -847,7 +972,7 @@
    </preferences>
    <preferences profiles="ppc64le-512ss-self_install">
-        <version>6.1</version>
+        <version>6.2</version>
        <packagemanager>zypper</packagemanager>
        <bootsplash-theme>SLE</bootsplash-theme>
        <bootloader-theme>SLE</bootloader-theme>
@@ -860,7 +985,7 @@
            installpxe="true"
            filesystem="btrfs"
            firmware="ofw"
-            kernelcmdline="console=hvc0,115200 security=selinux selinux=1 quiet net.ifnames=0 ignition.platform.id=metal"
+            kernelcmdline="console=hvc0,115200 security=selinux selinux=1 quiet ignition.platform.id=metal"
            bootpartition="false"
            bootkernel="custom"
            devicepersistency="by-uuid"
@@ -887,7 +1012,7 @@
        </type>
    </preferences>
    <preferences profiles="ppc64le-4096ss-self_install">
-        <version>6.1</version>
+        <version>6.2</version>
        <packagemanager>zypper</packagemanager>
        <bootsplash-theme>SLE</bootsplash-theme>
        <bootloader-theme>SLE</bootloader-theme>
@@ -903,7 +1028,7 @@
            target_blocksize="4096"
            filesystem="btrfs"
            firmware="ofw"
-            kernelcmdline="console=hvc0,115200 security=selinux selinux=1 quiet systemd.show_status=1 net.ifnames=0 ignition.platform.id=metal"
+            kernelcmdline="console=hvc0,115200 security=selinux selinux=1 quiet systemd.show_status=1 ignition.platform.id=metal"
            bootpartition="false"
            bootkernel="custom"
            devicepersistency="by-uuid"
@@ -936,20 +1061,17 @@
    </repository>
    <packages type="image" profiles="full">
-        <namedCollection name="base_transactional"/>
+        <namedCollection name="transactional_base"/>
-        <package name="patterns-base-transactional"/>
+        <package name="patterns-base-transactional_base"/>
        <namedCollection name="salt_minion"/>
 	<package name="patterns-base-salt_minion"/>
        <namedCollection name="kvm_host"/>
-	<package name="patterns-base-kvm_host"/>
+	<package name="patterns-micro-kvm_host"/>
 	<package name="lzop"/>
        <namedCollection name="container_runtime_podman"/>
        <package name="patterns-container-runtime_podman"/>
        <namedCollection name="cockpit"/>
-        <package name="patterns-base-cockpit"/>
+        <package name="patterns-cockpit"/>
        <namedCollection name="selinux"/>
        <package name="patterns-base-selinux"/>
        <package name="policycoreutils-python-utils"/>
        <package name="suseconnect-ng"/>
        <package name="SL-Micro-release"/>
        <package name="grub2-branding-SLE" arch="x86_64,aarch64"/>
@@ -959,7 +1081,7 @@
 	<package name="libpwquality-tools"/>
    </packages>
-    <packages type="image" profiles="x86-encrypted,x86-rt-encrypted">
+    <packages type="image" profiles="x86-encrypted,x86-rt-encrypted,aarch64-encrypted,aarch64-rt-encrypted,aarch64-64kb-encrypted">
        <!-- full disk encryption stuff -->
        <package name="device-mapper"/>
        <package name="cryptsetup"/>
@@ -972,13 +1094,12 @@
    </packages>
    <packages type="image" profiles="container-host">
-        <namedCollection name="base_transactional"/>
+        <namedCollection name="transactional_base"/>
-        <package name="patterns-base-transactional"/>
+        <package name="patterns-base-transactional_base"/>
        <namedCollection name="container_runtime_podman"/>
        <package name="patterns-container-runtime_podman"/>
        <namedCollection name="selinux"/>
        <package name="patterns-base-selinux"/>
        <package name="policycoreutils-python-utils"/>
        <package name="suseconnect-ng"/>
        <package name="SL-Micro-release"/>
        <package name="grub2-branding-SLE" arch="x86_64,aarch64"/>
@@ -1002,16 +1123,16 @@
 	<package name="jeos-firstboot"/>
    </packages>
-    <packages type="image" profiles="x86-qcow,x86-vmware,aarch64-qcow">
+    <packages type="image" profiles="x86-qcow,x86-vmware,aarch64-qcow,ppc64le-512ss,ppc64le-4096ss,s390-dasd,s390-fcp">
        <package name="cloud-init"/>
        <package name="cloud-init-config-suse"/>
    </packages>
    <packages type="image">
-        <namedCollection name="base_transactional"/>
+        <namedCollection name="transactional_base"/>
-        <package name="patterns-base-transactional"/>
+        <package name="patterns-base-transactional_base"/>
        <namedCollection name="hardware"/>
-        <package name="patterns-base-hardware"/>
+        <package name="patterns-micro-hardware"/>
        <package name="grub2"/>
        <package name="glibc-locale-base"/>
        <package name="ca-certificates"/>
@@ -1033,6 +1154,7 @@
 	<!-- FIXME does not build without control file which is obsolete
 	<package name="live-add-yast-repos"/> -->
 	<package name="parted"/> <!-- seems missing to deploy the image -->
 	<package name="iptables"/> <!-- needed by RKE2 -->
    </packages>
    <packages type="image" profiles="bootloader">
@@ -1049,11 +1171,15 @@
 	    <package name="kpartx" arch="s390x"/>--> <!-- previous releases picked it always, now kiwi picks partx instead -->
    </packages>
    <!-- rpi kernel-default-base does not provide all necessary drivers -->
-    <packages type="image" profiles="rpi,aarch64-self_install,x86,x86-encrypted,x86-legacy,x86-self_install,x86-vmware,x86-qcow,aarch64,aarch64-qcow,s390-kvm,s390-dasd,s390-fba,s390-fcp,ppc64le-512ss,ppc64le-4096ss,ppc64le-512ss-self_install,ppc64le-4096ss-self_install">
+    <packages type="image" profiles="aarch64,rpi,rpi-self_install,aarch64-self_install,x86,x86-encrypted,aarch64-encrypted,x86-legacy,x86-self_install,x86-vmware,x86-qcow,aarch64-qcow,s390-kvm,s390-dasd,s390-fba,s390-fcp,ppc64le-512ss,ppc64le-4096ss,ppc64le-512ss-self_install,ppc64le-4096ss-self_install">
        <package name="kernel-default"/>
        <package name="kernel-firmware-all"/>
    </packages>
-    <packages type="image" profiles="x86-rt,x86-rt-self_install,x86-rt-encrypted,aarch64-rt,aarch64-rt-rpi,aarch64-rt-self_install">
+    <packages type="image" profiles="aarch64-64kb,aarch64-64kb-encrypted,aarch64-64kb-self_install">
        <package name="kernel-64kb"/>
        <package name="kernel-firmware-all"/>
    </packages>
    <packages type="image" profiles="x86-rt,x86-rt-self_install,x86-rt-encrypted,aarch64-rt,aarch64-rt-encrypted,aarch64-rt-self_install">
        <package name="kernel-rt"/>
        <package name="kernel-firmware-all"/>
 	<!-- FIXME intentionally removed from ALP code stream
@@ -1068,17 +1194,18 @@
    <packages type="image" profiles="s390-fcp">
        <package name="multipath-tools"/>
    </packages>
-    <packages type="image" profiles="x86,x86-encrypted,x86-rt-encrypted,x86-self_install,x86-legacy,x86-vmware,x86-rt,x86-rt-self_install,x86-qcow,aarch64,aarch64-qcow,rpi,aarch64-self_install,aarch64-rt,aarch64-rt-rpi,aarch64-rt-self_install,ppc64le-512ss,ppc64le-4096ss,ppc64le-512ss-self_install,ppc64le-4096ss-self_install">
+    <!-- "oem" images uses kiwi for partition/fs resize (-repart) and SelfInstall images in addition for deployment (-dump). -->
    <packages type="image" profiles="x86,x86-encrypted,x86-rt-encrypted,x86-self_install,x86-legacy,x86-vmware,x86-rt,x86-rt-self_install,x86-qcow,aarch64-qcow,aarch64,aarch64-encrypted,aarch64-64kb-encrypted,rpi,rpi-self_install,aarch64-self_install,aarch64-64kb,aarch64-64kb-self_install,aarch64-rt,aarch64-rt-self_install,ppc64le-512ss,ppc64le-4096ss,ppc64le-512ss-self_install,ppc64le-4096ss-self_install">
        <package name="dracut-kiwi-oem-repart"/>
        <package name="dracut-kiwi-oem-dump"/>
    </packages>
-    <packages type="image" profiles="rpi,aarch64-self_install,aarch64-rt,aarch64-rt-rpi,aarch64-rt-self_install">
+    <packages type="image" profiles="rpi,rpi-self_install">
        <package name="raspberrypi-firmware" arch="aarch64"/>
        <package name="raspberrypi-firmware-config" arch="aarch64"/>
        <package name="raspberrypi-firmware-dt" arch="aarch64"/>
        <package name="u-boot-rpiarm64" arch="aarch64"/>
    </packages>
-    <packages type="image" profiles="rpi,aarch64-self_install,aarch64-rt,aarch64-rt-self_install">
+    <packages type="image" profiles="aarch64,rpi,rpi-self_install,aarch64-self_install,aarch64-rt,aarch64-64kb,aarch64-rt-self_install,aarch64-encrypted,aarch64-rt-encrypted,aarchte-64kb-encrypted">
        <package name="dracut-kiwi-oem-repart"/>
        <package name="bcm43xx-firmware"/>
        <package name="wireless-regdb"/>
@@ -1104,12 +1231,12 @@
    </packages>
    <!-- jsc#PED-8599 -->
-    <packages type="image" profiles="Base,Base-encrypted,Base-RT,Base-RT-encrypted,Base-fba,Base-dasd,Base-fcp,Base-512,Base-4096,Default,Default-encrypted,Default-fba,Default-dasd,Default-fcp,Default-512,Default-4096">
+    <packages type="image" profiles="Base,Base-encrypted,Base-RT,Base-RT-encrypted,Base-fba,Base-dasd,Base-fcp,Base-512,Base-4096,Default,Default-encrypted,Default-fba,Default-dasd,Default-fcp,Default-512,Default-4096,Base-64kb-encrypted,Default-64kb-encrypted">
        <package name="usbguard"/>
    </packages>
    <!-- jsc#PED-8788 -->
-    <packages type="image" profiles="Base-RT,Base-RT-encrypted,x86-rt-encrypted,x86-rt,x86-rt-self_install,aarch64-rt,aarch64-rt-self_install">
+    <packages type="image" profiles="Base-RT,Base-RT-encrypted,x86-rt-encrypted,x86-rt,x86-rt-self_install,aarch64-rt,aarch64-rt-encrypted,aarch64-rt-self_install">
        <package name="stalld"/>
    </packages>
 </image>
--- a/kiwi-builder-image/SL-Micro.kiwi.4096
+++ b/kiwi-builder-image/SL-Micro.kiwi.4096
@@ -30,16 +30,13 @@
        <profile name="x86-self_install" description="Raw disk for x86_64 - uEFI" arch="x86_64">
            <requires profile="bootloader"/>
        </profile>
        <profile name="aarch64" description="Raw disk for aarch64 - uEFI" arch="aarch64">
            <requires profile="bootloader"/>
        </profile>
        <profile name="aarch64-self_install" description="Raw disk for aarch64" arch="aarch64">
            <requires profile="bootloader"/>
        </profile>
        <profile name="aarch64-rt" description="Raw disk for aarch64 with RT kernel" arch="aarch64">
            <requires profile="bootloader"/>
        </profile>
-        <profile name="aarch64-rt-rpi" description="Raw disk for aarch64 with RT kernel on Raspberry Pi" arch="aarch64">
+        <profile name="aarch64-rt-encrypted" description="Raw disk for aarch64 with RT kernel" arch="aarch64">
            <requires profile="bootloader"/>
        </profile>
        <profile name="aarch64-rt-self_install" description="Raw disk for aarch64 with RT kernel" arch="aarch64">
@@ -60,6 +57,15 @@
        <profile name="rpi" description="Raw disk for Raspberry Pi" arch="aarch64">
            <requires profile="bootloader"/>
        </profile>
        <profile name="rpi-self_install" description="Raw disk for Raspberry Pi" arch="aarch64">
            <requires profile="bootloader"/>
        </profile>
        <profile name="aarch64" description="Raw disk for Raspberry Pi" arch="aarch64">
            <requires profile="bootloader"/>
        </profile>
        <profile name="aarch64-encrypted" description="Raw disk for Raspberry Pi" arch="aarch64">
            <requires profile="bootloader"/>
        </profile>
        <profile name="x86-qcow" description="qcow2 for x86_64 - uEFI" arch="x86_64">
            <requires profile="bootloader"/>
        </profile>
@@ -90,6 +96,15 @@
        <profile name="ppc64le-4096ss-self_install" description="Raw disk for PPc64 - 4096 sector size" arch="ppc64le">
            <requires profile="bootloader"/>
        </profile>
        <profile name="aarch64-64kb" description="Build 64K page size aarch64 images" arch="aarch64">
            <requires profile="bootloader"/>
        </profile>
        <profile name="aarch64-64kb-encrypted" description="Build 64K page size aarch64 images" arch="aarch64">
            <requires profile="bootloader"/>
        </profile>
        <profile name="aarch64-64kb-self_install" description="Build 64K page size aarch64 images" arch="aarch64">
            <requires profile="bootloader"/>
        </profile>
        <!-- Images (flavor + platform) -->
        <profile name="Default" description="SL Micro with Podman and KVM as raw image with uEFI boot" arch="x86_64">
            <requires profile="full"/>
@@ -154,18 +169,10 @@
            <requires profile="full"/>
            <requires profile="aarch64"/>
        </profile>
        <profile name="Default-RPi" description="SL Micro with Podman and KVM as raw image with uEFI boot" arch="aarch64">
            <requires profile="full"/>
            <requires profile="rpi"/>
        </profile>
        <profile name="Base" description="SL Micro with Podman as raw image with uEFI boot" arch="aarch64">
            <requires profile="container-host"/>
            <requires profile="aarch64"/>
        </profile>
        <profile name="Base-RPi" description="SL Micro with Podman as raw image with uEFI boot" arch="aarch64">
            <requires profile="container-host"/>
            <requires profile="rpi"/>
        </profile>
        <profile name="Base-RT" description="SL Micro with Podman as raw image with uEFI boot" arch="x86_64">
            <requires profile="container-host"/>
            <requires profile="x86-rt"/>
@@ -179,10 +186,6 @@
            <requires profile="container-host"/>
            <requires profile="aarch64-rt"/>
        </profile>
        <profile name="Base-RT-RPi" description="SL Micro with Podman as raw image with uEFI boot" arch="aarch64">
            <requires profile="container-host"/>
            <requires profile="aarch64-rt-rpi"/>
        </profile>
        <profile name="Base-RT-SelfInstall" description="SL Micro with Podman as raw image with uEFI boot - SelfInstall" arch="aarch64">
            <requires profile="container-host"/>
            <requires profile="aarch64-rt-self_install"/>
@@ -277,10 +280,42 @@
            <requires profile="ppc64le-4096ss-self_install"/>
            <requires profile="self_install"/>
        </profile>
 	<profile name="Default-64kb-SelfInstall" description="SL Micro with 64K page size images" arch="aarch64">
            <requires profile="full"/>
            <requires profile="aarch64-64kb-self_install"/>
        </profile>
 	<profile name="Base-64kb-SelfInstall" description="SL Micro with 64K page size images" arch="aarch64">
            <requires profile="container-host"/>
            <requires profile="aarch64-64kb-self_install"/>
        </profile>
 	<profile name="Default-64kb" description="SL Micro with 64K page size images" arch="aarch64">
            <requires profile="full"/>
            <requires profile="aarch64-64kb"/>
        </profile>
 	<profile name="Base-64kb" description="SL Micro with 64K page size images" arch="aarch64">
            <requires profile="container-host"/>
            <requires profile="aarch64-64kb"/>
        </profile>
 	<profile name="Default-64kb-encrypted" description="SL Micro with 64K page size images" arch="aarch64">
            <requires profile="full"/>
            <requires profile="aarch64-64kb-encrypted"/>
        </profile>
 	<profile name="Base-64kb-encrypted" description="SL Micro with 64K page size images" arch="aarch64">
            <requires profile="container-host"/>
            <requires profile="aarch64-64kb-encrypted"/>
        </profile>
 	<profile name="RaspberryPi-SelfInstall" description="SL Micro for Rapsberry Pi" arch="aarch64">
            <requires profile="full"/>
            <requires profile="rpi-self_install"/>
        </profile>
 	<profile name="RaspberryPi" description="SL Micro for Raspberry Pi" arch="aarch64">
            <requires profile="full"/>
            <requires profile="rpi"/>
        </profile>
    </profiles>
    <preferences profiles="x86-encrypted,x86-rt-encrypted">
-        <version>6.1</version>
+        <version>6.2</version>
        <packagemanager>zypper</packagemanager>
        <bootsplash-theme>SLE</bootsplash-theme>
        <bootloader-theme>SLE</bootloader-theme>
@@ -291,7 +326,8 @@
            initrd_system="dracut"
            filesystem="btrfs"
            firmware="uefi"
-            kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet systemd.show_status=1 net.ifnames=0"
+            efipartsize="512"
            kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 rd.kiwi.oem.luks.reencrypt rd.kiwi.oem.luks.reencrypt_randompass quiet systemd.show_status=1"
            bootpartition="false"
            bootkernel="custom"
            devicepersistency="by-uuid"
@@ -325,7 +361,7 @@
        </type>
    </preferences>
    <preferences profiles="x86,x86-rt">
-        <version>6.1</version>
+        <version>6.2</version>
        <packagemanager>zypper</packagemanager>
        <bootsplash-theme>SLE</bootsplash-theme>
        <bootloader-theme>SLE</bootloader-theme>
@@ -336,7 +372,8 @@
            initrd_system="dracut"
            filesystem="btrfs"
            firmware="uefi"
-            kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet systemd.show_status=1 net.ifnames=0"
+            efipartsize="512"
            kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet systemd.show_status=1"
            bootpartition="false"
            bootkernel="custom"
            devicepersistency="by-uuid"
@@ -363,7 +400,7 @@
    </preferences>
    <preferences profiles="x86-self_install,x86-rt-self_install">
-        <version>6.1</version>
+        <version>6.2</version>
        <packagemanager>zypper</packagemanager>
        <bootsplash-theme>SLE</bootsplash-theme>
        <bootloader-theme>SLE</bootloader-theme>
@@ -378,7 +415,8 @@
            installboot="install"
            install_continue_on_timeout="false"
            firmware="uefi"
-            kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet systemd.show_status=1 net.ifnames=0"
+            efipartsize="512"
            kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet systemd.show_status=1"
            bootpartition="false"
            bootkernel="custom"
            devicepersistency="by-uuid"
@@ -403,9 +441,8 @@
            </systemdisk>
        </type>
    </preferences>
-
+    <preferences profiles="aarch64,aarch64-rt,aarch64-64kb">
-    <preferences profiles="rpi,aarch64-rt-rpi">
+        <version>6.2</version>
        <version>6.1</version>
        <packagemanager>zypper</packagemanager>
        <bootsplash-theme>SLE</bootsplash-theme>
        <bootloader-theme>SLE</bootloader-theme>
@@ -420,11 +457,98 @@
            install_continue_on_timeout="false"
            fsmountoptions="noatime"
            firmware="uefi"
-            kernelcmdline="security=selinux selinux=1 quiet systemd.show_status=1 net.ifnames=0"
+            efipartsize="512"
            kernelcmdline="security=selinux selinux=1 quiet systemd.show_status=1"
            bootpartition="false"
            devicepersistency="by-uuid"
            btrfs_root_is_snapshot="true"
            btrfs_root_is_readonly_snapshot="true"
            btrfs_quota_groups="false"
            disk_start_sector="8192"
            target_blocksize="4096"
        >
            <bootloader name="grub2" console="gfxterm" timeout="3" />
            <systemdisk>
                <volume name="home"/>
                <volume name="root"/>
                <!-- on tmpfs jsc#SMO-2                <volume name="tmp"/> -->
                <volume name="opt"/>
                <volume name="srv"/>
                <volume name="boot/grub2/arm64-efi" mountpoint="boot/grub2/arm64-efi"/>
                <volume name="boot/writable"/>
                <volume name="usr/local"/>
                <volume name="var" copy_on_write="false"/>
            </systemdisk>
        </type>
    </preferences>
    <preferences profiles="aarch64-encrypted,aarch64-rt-encrypted,aarch64-64kb-encrypted">
        <version>6.2</version>
        <packagemanager>zypper</packagemanager>
        <bootsplash-theme>SLE</bootsplash-theme>
        <bootloader-theme>SLE</bootloader-theme>
        <rpm-excludedocs>true</rpm-excludedocs>
        <locale>en_US</locale>
        <type
            image="oem"
            initrd_system="dracut"
            installiso="true"
            filesystem="btrfs"
            installboot="install"
            install_continue_on_timeout="false"
            fsmountoptions="noatime"
            firmware="uefi"
            efipartsize="512"
            kernelcmdline="security=selinux selinux=1 rd.kiwi.oem.luks.reencrypt rd.kiwi.oem.luks.reencrypt_randompass quiet systemd.show_status=1"
            bootpartition="false"
            devicepersistency="by-uuid"
            btrfs_root_is_snapshot="true"
            btrfs_root_is_readonly_snapshot="true"
            btrfs_quota_groups="false"
            disk_start_sector="8192"
            luks_version="luks2"
            luks="1234"
 	    luks_randomize="false"
 	    luks_pbkdf="pbkdf2"
            target_blocksize="4096"
        >
            <luksformat>
                <option name="--cipher" value="aes-xts-plain64"/>
            </luksformat>
            <bootloader name="grub2" console="gfxterm" use_disk_password="true" timeout="3" />
            <systemdisk>
                <volume name="home"/>
                <volume name="root"/>
                <!-- on tmpfs jsc#SMO-2                <volume name="tmp"/> -->
                <volume name="opt"/>
                <volume name="srv"/>
                <volume name="boot/grub2/arm64-efi" mountpoint="boot/grub2/arm64-efi"/>
                <volume name="boot/writable"/>
                <volume name="usr/local"/>
                <volume name="var" copy_on_write="false"/>
            </systemdisk>
        </type>
    </preferences>
    <preferences profiles="rpi">
        <version>6.2</version>
        <packagemanager>zypper</packagemanager>
        <bootsplash-theme>SLE</bootsplash-theme>
        <bootloader-theme>SLE</bootloader-theme>
        <rpm-excludedocs>true</rpm-excludedocs>
        <locale>en_US</locale>
        <type
            image="oem"
            initrd_system="dracut"
            installiso="true"
            filesystem="btrfs"
            installboot="install"
            install_continue_on_timeout="false"
            fsmountoptions="noatime"
            firmware="uefi"
            efipartsize="512"
            kernelcmdline="console=ttyS0,115200n8 console=tty0 security=selinux selinux=1 quiet systemd.show_status=1"
            bootpartition="false"
            devicepersistency="by-uuid"
            btrfs_root_is_snapshot="true"
            efipartsize="128"
            editbootinstall="editbootinstall_rpi.sh"
            btrfs_root_is_readonly_snapshot="true"
            btrfs_quota_groups="false"
@@ -444,9 +568,8 @@
            </systemdisk>
        </type>
    </preferences>
-
+    <preferences profiles="aarch64-self_install,aarch64-rt-self_install,aarch64-64kb-self_install">
-    <preferences profiles="aarch64,aarch64-rt">
+        <version>6.2</version>
        <version>6.1</version>
        <packagemanager>zypper</packagemanager>
        <bootsplash-theme>SLE</bootsplash-theme>
        <bootloader-theme>SLE</bootloader-theme>
@@ -456,19 +579,21 @@
            image="oem"
            initrd_system="dracut"
            installiso="true"
            installpxe="true"
            filesystem="btrfs"
            installboot="install"
            install_continue_on_timeout="false"
            fsmountoptions="noatime"
            firmware="uefi"
-            kernelcmdline="security=selinux selinux=1 quiet systemd.show_status=1 net.ifnames=0"
+            efipartsize="512"
            kernelcmdline="security=selinux selinux=1 quiet systemd.show_status=1"
            bootpartition="false"
            bootkernel="custom"
            devicepersistency="by-uuid"
            btrfs_root_is_snapshot="true"
            efipartsize="128"
            btrfs_root_is_readonly_snapshot="true"
-            btrfs_quota_groups="false"
+            btrfs_quota_groups="true"
-            disk_start_sector="4096"
+            disk_start_sector="8192"
            target_blocksize="4096"
        >
            <bootloader name="grub2" console="gfxterm" timeout="3" />
            <systemdisk>
@@ -484,8 +609,8 @@
            </systemdisk>
        </type>
    </preferences>
-    <preferences profiles="aarch64-self_install,aarch64-rt-self_install">
+    <preferences profiles="rpi-self_install">
-        <version>6.1</version>
+        <version>6.2</version>
        <packagemanager>zypper</packagemanager>
        <bootsplash-theme>SLE</bootsplash-theme>
        <bootloader-theme>SLE</bootloader-theme>
@@ -500,13 +625,14 @@
            installboot="install"
            install_continue_on_timeout="false"
            firmware="uefi"
-            efipartsize="128"
+            efipartsize="512"
-            kernelcmdline="security=selinux selinux=1 quiet systemd.show_status=1 net.ifnames=0"
+            kernelcmdline="console=ttyS0,115200n8 console=tty0 security=selinux selinux=1 quiet systemd.show_status=1"
            bootpartition="false"
            bootkernel="custom"
            devicepersistency="by-uuid"
            btrfs_root_is_snapshot="true"
            btrfs_root_is_readonly_snapshot="true"
            editbootinstall="editbootinstall_rpi.sh"
            btrfs_quota_groups="true"
            disk_start_sector="4096"
        >
@@ -526,7 +652,7 @@
    </preferences>
    <preferences profiles="s390-kvm">
-        <version>6.1</version>
+        <version>6.2</version>
        <packagemanager>zypper</packagemanager>
        <bootsplash-theme>SLE</bootsplash-theme>
        <bootloader-theme>SLE</bootloader-theme>
@@ -564,7 +690,7 @@
    <preferences profiles="s390-dasd">
-        <version>6.1</version>
+        <version>6.2</version>
        <packagemanager>zypper</packagemanager>
        <bootsplash-theme>SLE</bootsplash-theme>
        <bootloader-theme>SLE</bootloader-theme>
@@ -602,7 +728,7 @@
    <preferences profiles="s390-fba">
-        <version>6.1</version>
+        <version>6.2</version>
        <packagemanager>zypper</packagemanager>
        <bootsplash-theme>SLE</bootsplash-theme>
        <bootloader-theme>SLE</bootloader-theme>
@@ -637,7 +763,7 @@
    </preferences>
    <preferences profiles="s390-fcp">
-        <version>6.1</version>
+        <version>6.2</version>
        <packagemanager>zypper</packagemanager>
        <bootsplash-theme>SLE</bootsplash-theme>
        <bootloader-theme>SLE</bootloader-theme>
@@ -676,7 +802,7 @@
    </preferences>
    <preferences profiles="x86-vmware">
-        <version>6.1</version>
+        <version>6.2</version>
        <packagemanager>zypper</packagemanager>
        <bootsplash-theme>SLE</bootsplash-theme>
        <bootloader-theme>SLE</bootloader-theme>
@@ -687,6 +813,7 @@
            filesystem="btrfs"
            format="vmdk"
            firmware="uefi"
            efipartsize="512"
            bootpartition="false"
            bootkernel="custom"
            devicepersistency="by-uuid"
@@ -707,11 +834,11 @@
                <volume name="var" copy_on_write="false"/>
            </systemdisk>
            <size unit="G">24</size>
-            <machine memory="1024" HWversion="10" guestOS="suse-64"/>
+            <machine memory="1024" HWversion="17" guestOS="suse-64"/>
        </type>
    </preferences>
    <preferences profiles="x86-qcow">
-        <version>6.1</version>
+        <version>6.2</version>
        <packagemanager>zypper</packagemanager>
        <bootsplash-theme>SLE</bootsplash-theme>
        <bootloader-theme>SLE</bootloader-theme>
@@ -722,15 +849,14 @@
            format="qcow2"
            filesystem="btrfs"
            firmware="uefi"
-            kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet systemd.show_status=1 net.ifnames=0 ignition.platform.id=qemu"
+            efipartsize="512"
            kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet systemd.show_status=1 ignition.platform.id=qemu"
            bootpartition="false"
            bootkernel="custom"
            devicepersistency="by-uuid"
            btrfs_root_is_snapshot="true"
            btrfs_root_is_readonly_snapshot="true"
            btrfs_quota_groups="true"
            target_blocksize="4096"
            efipartsize="200"
        >
            <bootloader name="grub2" console="gfxterm" timeout="3" />
            <systemdisk>
@@ -750,7 +876,7 @@
    </preferences>
    <preferences profiles="aarch64-qcow">
-        <version>6.1</version>
+        <version>6.2</version>
        <packagemanager>zypper</packagemanager>
        <bootsplash-theme>SLE</bootsplash-theme>
        <bootloader-theme>SLE</bootloader-theme>
@@ -761,8 +887,8 @@
            format="qcow2"
            filesystem="btrfs"
            firmware="uefi"
-            efipartsize="128"
+            efipartsize="512"
-            kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet systemd.show_status=1 net.ifnames=0 ignition.platform.id=qemu"
+            kernelcmdline="security=selinux selinux=1 quiet systemd.show_status=1 ignition.platform.id=qemu"
            bootpartition="false"
            bootkernel="custom"
            devicepersistency="by-uuid"
@@ -785,7 +911,7 @@
    </preferences>
    <preferences profiles="ppc64le-512ss">
-        <version>6.1</version>
+        <version>6.2</version>
        <packagemanager>zypper</packagemanager>
        <bootsplash-theme>SLE</bootsplash-theme>
        <bootloader-theme>SLE</bootloader-theme>
@@ -796,7 +922,7 @@
            image="oem"
            filesystem="btrfs"
            firmware="ofw"
-            kernelcmdline="console=hvc0,115200 security=selinux selinux=1 quiet systemd.show_status=1 net.ifnames=0 ignition.platform.id=metal"
+            kernelcmdline="console=hvc0,115200 security=selinux selinux=1 quiet systemd.show_status=1 ignition.platform.id=metal"
            bootpartition="false"
            bootkernel="custom"
            devicepersistency="by-uuid"
@@ -818,7 +944,7 @@
        </type>
    </preferences>
    <preferences profiles="ppc64le-4096ss">
-        <version>6.1</version>
+        <version>6.2</version>
        <packagemanager>zypper</packagemanager>
        <bootsplash-theme>SLE</bootsplash-theme>
        <bootloader-theme>SLE</bootloader-theme>
@@ -832,7 +958,7 @@
            target_blocksize="4096"
            filesystem="btrfs"
            firmware="ofw"
-            kernelcmdline="console=hvc0,115200 security=selinux selinux=1 quiet systemd.show_status=1 net.ifnames=0 ignition.platform.id=metal"
+            kernelcmdline="console=hvc0,115200 security=selinux selinux=1 quiet systemd.show_status=1 ignition.platform.id=metal"
            bootpartition="false"
            bootkernel="custom"
            devicepersistency="by-uuid"
@@ -855,7 +981,7 @@
    </preferences>
    <preferences profiles="ppc64le-512ss-self_install">
-        <version>6.1</version>
+        <version>6.2</version>
        <packagemanager>zypper</packagemanager>
        <bootsplash-theme>SLE</bootsplash-theme>
        <bootloader-theme>SLE</bootloader-theme>
@@ -868,7 +994,7 @@
            installpxe="true"
            filesystem="btrfs"
            firmware="ofw"
-            kernelcmdline="console=hvc0,115200 security=selinux selinux=1 quiet net.ifnames=0 ignition.platform.id=metal"
+            kernelcmdline="console=hvc0,115200 security=selinux selinux=1 quiet ignition.platform.id=metal"
            bootpartition="false"
            bootkernel="custom"
            devicepersistency="by-uuid"
@@ -895,7 +1021,7 @@
        </type>
    </preferences>
    <preferences profiles="ppc64le-4096ss-self_install">
-        <version>6.1</version>
+        <version>6.2</version>
        <packagemanager>zypper</packagemanager>
        <bootsplash-theme>SLE</bootsplash-theme>
        <bootloader-theme>SLE</bootloader-theme>
@@ -911,7 +1037,7 @@
            target_blocksize="4096"
            filesystem="btrfs"
            firmware="ofw"
-            kernelcmdline="console=hvc0,115200 security=selinux selinux=1 quiet systemd.show_status=1 net.ifnames=0 ignition.platform.id=metal"
+            kernelcmdline="console=hvc0,115200 security=selinux selinux=1 quiet systemd.show_status=1 ignition.platform.id=metal"
            bootpartition="false"
            bootkernel="custom"
            devicepersistency="by-uuid"
@@ -944,20 +1070,17 @@
    </repository>
    <packages type="image" profiles="full">
-        <namedCollection name="base_transactional"/>
+        <namedCollection name="transactional_base"/>
-        <package name="patterns-base-transactional"/>
+        <package name="patterns-base-transactional_base"/>
        <namedCollection name="salt_minion"/>
 	<package name="patterns-base-salt_minion"/>
        <namedCollection name="kvm_host"/>
-	<package name="patterns-base-kvm_host"/>
+	<package name="patterns-micro-kvm_host"/>
 	<package name="lzop"/>
        <namedCollection name="container_runtime_podman"/>
        <package name="patterns-container-runtime_podman"/>
        <namedCollection name="cockpit"/>
-        <package name="patterns-base-cockpit"/>
+        <package name="patterns-cockpit"/>
        <namedCollection name="selinux"/>
        <package name="patterns-base-selinux"/>
        <package name="policycoreutils-python-utils"/>
        <package name="suseconnect-ng"/>
        <package name="SL-Micro-release"/>
        <package name="grub2-branding-SLE" arch="x86_64,aarch64"/>
@@ -967,7 +1090,7 @@
 	<package name="libpwquality-tools"/>
    </packages>
-    <packages type="image" profiles="x86-encrypted,x86-rt-encrypted">
+    <packages type="image" profiles="x86-encrypted,x86-rt-encrypted,aarch64-encrypted,aarch64-rt-encrypted,aarch64-64kb-encrypted">
        <!-- full disk encryption stuff -->
        <package name="device-mapper"/>
        <package name="cryptsetup"/>
@@ -980,13 +1103,12 @@
    </packages>
    <packages type="image" profiles="container-host">
-        <namedCollection name="base_transactional"/>
+        <namedCollection name="transactional_base"/>
-        <package name="patterns-base-transactional"/>
+        <package name="patterns-base-transactional_base"/>
        <namedCollection name="container_runtime_podman"/>
        <package name="patterns-container-runtime_podman"/>
        <namedCollection name="selinux"/>
        <package name="patterns-base-selinux"/>
        <package name="policycoreutils-python-utils"/>
        <package name="suseconnect-ng"/>
        <package name="SL-Micro-release"/>
        <package name="grub2-branding-SLE" arch="x86_64,aarch64"/>
@@ -1010,16 +1132,16 @@
 	<package name="jeos-firstboot"/>
    </packages>
-    <packages type="image" profiles="x86-qcow,x86-vmware,aarch64-qcow">
+    <packages type="image" profiles="x86-qcow,x86-vmware,aarch64-qcow,ppc64le-512ss,ppc64le-4096ss,s390-dasd,s390-fcp">
        <package name="cloud-init"/>
        <package name="cloud-init-config-suse"/>
    </packages>
    <packages type="image">
-        <namedCollection name="base_transactional"/>
+        <namedCollection name="transactional_base"/>
-        <package name="patterns-base-transactional"/>
+        <package name="patterns-base-transactional_base"/>
        <namedCollection name="hardware"/>
-        <package name="patterns-base-hardware"/>
+        <package name="patterns-micro-hardware"/>
        <package name="grub2"/>
        <package name="glibc-locale-base"/>
        <package name="ca-certificates"/>
@@ -1041,6 +1163,7 @@
 	<!-- FIXME does not build without control file which is obsolete
 	<package name="live-add-yast-repos"/> -->
 	<package name="parted"/> <!-- seems missing to deploy the image -->
 	<package name="iptables"/> <!-- needed by RKE2 -->
    </packages>
    <packages type="image" profiles="bootloader">
@@ -1057,11 +1180,15 @@
 	    <package name="kpartx" arch="s390x"/>--> <!-- previous releases picked it always, now kiwi picks partx instead -->
    </packages>
    <!-- rpi kernel-default-base does not provide all necessary drivers -->
-    <packages type="image" profiles="rpi,aarch64-self_install,x86,x86-encrypted,x86-legacy,x86-self_install,x86-vmware,x86-qcow,aarch64,aarch64-qcow,s390-kvm,s390-dasd,s390-fba,s390-fcp,ppc64le-512ss,ppc64le-4096ss,ppc64le-512ss-self_install,ppc64le-4096ss-self_install">
+    <packages type="image" profiles="aarch64,rpi,rpi-self_install,aarch64-self_install,x86,x86-encrypted,aarch64-encrypted,x86-legacy,x86-self_install,x86-vmware,x86-qcow,aarch64-qcow,s390-kvm,s390-dasd,s390-fba,s390-fcp,ppc64le-512ss,ppc64le-4096ss,ppc64le-512ss-self_install,ppc64le-4096ss-self_install">
        <package name="kernel-default"/>
        <package name="kernel-firmware-all"/>
    </packages>
-    <packages type="image" profiles="x86-rt,x86-rt-self_install,x86-rt-encrypted,aarch64-rt,aarch64-rt-rpi,aarch64-rt-self_install">
+    <packages type="image" profiles="aarch64-64kb,aarch64-64kb-encrypted,aarch64-64kb-self_install">
        <package name="kernel-64kb"/>
        <package name="kernel-firmware-all"/>
    </packages>
    <packages type="image" profiles="x86-rt,x86-rt-self_install,x86-rt-encrypted,aarch64-rt,aarch64-rt-encrypted,aarch64-rt-self_install">
        <package name="kernel-rt"/>
        <package name="kernel-firmware-all"/>
 	<!-- FIXME intentionally removed from ALP code stream
@@ -1076,17 +1203,18 @@
    <packages type="image" profiles="s390-fcp">
        <package name="multipath-tools"/>
    </packages>
-    <packages type="image" profiles="x86,x86-encrypted,x86-rt-encrypted,x86-self_install,x86-legacy,x86-vmware,x86-rt,x86-rt-self_install,x86-qcow,aarch64,aarch64-qcow,rpi,aarch64-self_install,aarch64-rt,aarch64-rt-rpi,aarch64-rt-self_install,ppc64le-512ss,ppc64le-4096ss,ppc64le-512ss-self_install,ppc64le-4096ss-self_install">
+    <!-- "oem" images uses kiwi for partition/fs resize (-repart) and SelfInstall images in addition for deployment (-dump). -->
    <packages type="image" profiles="x86,x86-encrypted,x86-rt-encrypted,x86-self_install,x86-legacy,x86-vmware,x86-rt,x86-rt-self_install,x86-qcow,aarch64-qcow,aarch64,aarch64-encrypted,aarch64-64kb-encrypted,rpi,rpi-self_install,aarch64-self_install,aarch64-64kb,aarch64-64kb-self_install,aarch64-rt,aarch64-rt-self_install,ppc64le-512ss,ppc64le-4096ss,ppc64le-512ss-self_install,ppc64le-4096ss-self_install">
        <package name="dracut-kiwi-oem-repart"/>
        <package name="dracut-kiwi-oem-dump"/>
    </packages>
-    <packages type="image" profiles="rpi,aarch64-self_install,aarch64-rt,aarch64-rt-rpi,aarch64-rt-self_install">
+    <packages type="image" profiles="rpi,rpi-self_install">
        <package name="raspberrypi-firmware" arch="aarch64"/>
        <package name="raspberrypi-firmware-config" arch="aarch64"/>
        <package name="raspberrypi-firmware-dt" arch="aarch64"/>
        <package name="u-boot-rpiarm64" arch="aarch64"/>
    </packages>
-    <packages type="image" profiles="rpi,aarch64-self_install,aarch64-rt,aarch64-rt-self_install">
+    <packages type="image" profiles="aarch64,rpi,rpi-self_install,aarch64-self_install,aarch64-rt,aarch64-64kb,aarch64-rt-self_install,aarch64-encrypted,aarch64-rt-encrypted,aarchte-64kb-encrypted">
        <package name="dracut-kiwi-oem-repart"/>
        <package name="bcm43xx-firmware"/>
        <package name="wireless-regdb"/>
@@ -1112,12 +1240,12 @@
    </packages>
    <!-- jsc#PED-8599 -->
-    <packages type="image" profiles="Base,Base-encrypted,Base-RT,Base-RT-encrypted,Base-fba,Base-dasd,Base-fcp,Base-512,Base-4096,Default,Default-encrypted,Default-fba,Default-dasd,Default-fcp,Default-512,Default-4096">
+    <packages type="image" profiles="Base,Base-encrypted,Base-RT,Base-RT-encrypted,Base-fba,Base-dasd,Base-fcp,Base-512,Base-4096,Default,Default-encrypted,Default-fba,Default-dasd,Default-fcp,Default-512,Default-4096,Base-64kb-encrypted,Default-64kb-encrypted">
        <package name="usbguard"/>
    </packages>
    <!-- jsc#PED-8788 -->
-    <packages type="image" profiles="Base-RT,Base-RT-encrypted,x86-rt-encrypted,x86-rt,x86-rt-self_install,aarch64-rt,aarch64-rt-self_install">
+    <packages type="image" profiles="Base-RT,Base-RT-encrypted,x86-rt-encrypted,x86-rt,x86-rt-self_install,aarch64-rt,aarch64-rt-encrypted,aarch64-rt-self_install">
        <package name="stalld"/>
    </packages>
 </image>
--- a/kiwi-builder-image/build-image.sh
+++ b/kiwi-builder-image/build-image.sh
@@ -28,7 +28,7 @@ LARGEBLOCK=false
 usage(){
  cat <<-EOF
  =====================================
-  SUSE Linux Micro 6.1 Kiwi SDK Builder
+  SUSE Linux Micro 6.2 Kiwi SDK Builder
  =====================================
  Usage: ${0} [-p <profile>] [-b]
@@ -36,13 +36,12 @@ usage(){
  Profile Options (-p):
  * Default: RAW Disk Image with default packages (incl. Podman & KVM)
  * Default-SelfInstall: SelfInstall ISO with default packages
  * Default-RPi: RAW Disk Image for Raspberry Pi (aarch64 only with MBR)
  * Base: RAW Disk Image with reduced package set (no KVM)
  * Base-SelfInstall: SelfInstall ISO with reduced packages
  * Base-RT: RAW Disk Image with reduced packages and kernel-rt
  * Base-RT-SelfInstall: SelfInstall ISO with reduced packages and kernel-rt
-  * Base-RT-RPi: RAW Disk image for Raspberry Pi with kernel-rt (aarch64 only with MBR)
+  * RaspberryPi: RAW Disk Image for Raspberry Pi with default packages (aarch64 only with MBR)
-  * Base-RPi: RAW Disk Image for Raspberry Pi with reduced packages (aarch64 only with MBR)
+  * RaspberryPi-SelfInstall: SelfInstall ISO for Raspberry Pi with default packages (aarch64 only with MBR)
  4096 Blocksize (-b): If specified, use a 4096 blocksize (rather than 512) when generating the image.
@@ -83,9 +82,15 @@ if $LARGEBLOCK; then
  mv /micro-sdk/defs/SL-Micro.kiwi.4096 /micro-sdk/defs/SL-Micro.kiwi
 fi
 # Create temporary directory that supports seclabel
 dir=$(mktemp -d)
 mkdir -p /tmp/output/tmp-dir
 mount -t tmpfs $dir /tmp/output/tmp-dir
 # Build the image
-kiwi-ng --debug --profile $PROFILE system build \
+kiwi-ng --temp-dir /tmp/output/tmp-dir --debug --profile $PROFILE \
-    --description /micro-sdk/defs --target-dir /tmp/output --ignore-repos-used-for-build $REPOS
+    system build --description /micro-sdk/defs --target-dir /tmp/output \
    --ignore-repos-used-for-build $REPOS
 # Print output
 RESULT=$?
--- a/kiwi-builder-image/config.sh
+++ b/kiwi-builder-image/config.sh
@@ -188,7 +188,6 @@ cat >/etc/fstab.script <<"EOF"
 #!/bin/sh
 set -eux
 /usr/sbin/setup-fstab-for-overlayfs
 # If /var is on a different partition than /...
 if [ "$(findmnt -snT / -o SOURCE)" != "$(findmnt -snT /var -o SOURCE)" ]; then
 	# ... set options for autoexpanding /var
--- a/metal3-chart/Chart.yaml
+++ b/metal3-chart/Chart.yaml
@@ -1,7 +1,7 @@
-#!BuildTag: %%CHART_PREFIX%%metal3:%%CHART_MAJOR%%.0.17_up0.12.7
+#!BuildTag: %%CHART_PREFIX%%metal3:%%CHART_MAJOR%%.0.19_up0.12.9
-#!BuildTag: %%CHART_PREFIX%%metal3:%%CHART_MAJOR%%.0.17_up0.12.7-%RELEASE%
+#!BuildTag: %%CHART_PREFIX%%metal3:%%CHART_MAJOR%%.0.19_up0.12.9-%RELEASE%
 apiVersion: v2
-appVersion: 0.12.6
+appVersion: 0.12.9
 dependencies:
 - alias: metal3-baremetal-operator
  name: baremetal-operator
@@ -10,7 +10,7 @@ dependencies:
 - alias: metal3-ironic
  name: ironic
  repository: file://./charts/ironic
-  version: 0.11.4
+  version: 0.11.6
 - alias: metal3-mariadb
  condition: global.enable_mariadb
  name: mariadb
@@ -20,9 +20,9 @@ dependencies:
  condition: global.enable_metal3_media_server
  name: media
  repository: file://./charts/media
-  version: 0.7.0
+  version: 0.7.1
 description: A Helm chart that installs all of the dependencies needed for Metal3
 icon: https://github.com/cncf/artwork/raw/master/projects/metal3/icon/color/metal3-icon-color.svg
 name: metal3
 type: application
-version: "%%CHART_MAJOR%%.0.17+up0.12.7"
+version: "%%CHART_MAJOR%%.0.19+up0.12.9"
--- a/metal3-chart/charts/ironic/Chart.yaml
+++ b/metal3-chart/charts/ironic/Chart.yaml
@@ -3,4 +3,4 @@ appVersion: 29.0.4
 description: A Helm chart for Ironic, used by Metal3
 name: ironic
 type: application
-version: 0.11.4
+version: 0.11.6
--- a/metal3-chart/charts/ironic/templates/configmap.yaml
+++ b/metal3-chart/charts/ironic/templates/configmap.yaml
@@ -52,3 +52,6 @@ data:
  {{- else }}
  IRONIC_USE_MARIADB: "false"
  {{- end }}
  {{- with .Values.ironicExtraEnv -}}
  {{ toYaml . | nindent 2 }}  
  {{- end -}}
--- a/metal3-chart/charts/ironic/values.yaml
+++ b/metal3-chart/charts/ironic/values.yaml
@@ -64,11 +64,11 @@ images:
  ironic:
    repository: registry.opensuse.org/isv/suse/edge/metal3/containers/images/ironic
    pullPolicy: IfNotPresent
-    tag: 29.0.4.3
+    tag: 29.0.4.4
  ironicIPADownloader:
    repository: registry.opensuse.org/isv/suse/edge/metal3/containers/images/ironic-ipa-downloader
    pullPolicy: IfNotPresent
-    tag: 3.0.9
+    tag: 3.0.10
 nameOverride: ""
 fullnameOverride: ""
@@ -138,6 +138,8 @@ baremetaloperator:
 debug:
  ironicRamdiskSshKey: ""
 ironicExtraEnv: {}
 tlscerts:
  cacert: ""
  key: ""
--- a/metal3-chart/charts/media/Chart.yaml
+++ b/metal3-chart/charts/media/Chart.yaml
@@ -3,4 +3,4 @@ appVersion: 1.21.0
 description: A Helm chart for Media, used by Metal3
 name: media
 type: application
-version: 0.7.0
+version: 0.7.1
--- a/metal3-chart/charts/media/values.yaml
+++ b/metal3-chart/charts/media/values.yaml
@@ -42,8 +42,8 @@ serviceAccount:
 podAnnotations: {}
 podSecurityContext:
-  runAsUser: 10475
+  runAsUser: 499
-  fsGroup: 10475
+  fsGroup: 486
 securityContext:
  allowPrivilegeEscalation: false
@@ -102,11 +102,16 @@ volumes:
  - name: assets
    persistentVolumeClaim:
      claimName: media
  - name: run
    emptyDir:
      sizeLimit: 10Mi
 # volume mounts
 volumeMounts:
  - mountPath: /srv/www/htdocs
    name: assets
  - mountPath: /run
    name: run
 # media volume settings
 mediaVolume:
--- a/release-manifest-image/release_manifest.yaml
+++ b/release-manifest-image/release_manifest.yaml
@@ -171,7 +171,7 @@ spec:
        - prettyName: Metal3
          releaseName: metal3
          chart: '%%CHART_REPO%%/%%CHART_PREFIX%%metal3'
-          version: '%%CHART_MAJOR%%.0.17+up0.12.7'
+          version: '%%CHART_MAJOR%%.0.19+up0.12.9'
        - prettyName: RancherTurtles
          releaseName: rancher-turtles
          chart: '%%CHART_REPO%%/%%CHART_PREFIX%%rancher-turtles'
Author	SHA256	Message	Date
Nicolas Belouin	c4dea6361d	Merge pull request 'metal3: Stop filtering kernel drivers embeded in IPA ramdisk' (#291 ) from nbelouin/Factory:enable-irdma into main Reviewed-on: suse-edge/Factory#291 Reviewed-by: Steven Hardy <steven.hardy@noreply.src.opensuse.org>	2025-10-23 16:07:09 +02:00
Nicolas Belouin	4a6119ca82	Merge pull request 'fix(metal3): Fix a typo in the media subchart' (#296 ) from nbelouin/Factory:fix-metal3-media-typo into main Reviewed-on: suse-edge/Factory#296 Reviewed-by: Steven Hardy <steven.hardy@noreply.src.opensuse.org>	2025-10-23 14:33:04 +02:00
Nicolas Belouin	b69a806fed	fix(metal3): Fix a typo in the media subchart Signed-off-by: Nicolas Belouin <nicolas.belouin@suse.com>	2025-10-23 11:54:18 +02:00
Nicolas Belouin	cd217a73f8	Bump versions Signed-off-by: Nicolas Belouin <nicolas.belouin@suse.com>	2025-10-23 11:09:57 +02:00
Nicolas Belouin	28f7c4b074	Remove kernel modules filter Signed-off-by: Nicolas Belouin <nicolas.belouin@suse.com>	2025-10-23 11:05:25 +02:00
Rhys Oxenham	a9079e0bfc	Adding support for SL Micro 6.2 builds	2025-10-22 10:35:34 +02:00
Nicolas Belouin	69db0a0b16	Merge pull request 'metal3: Introduce TLS variables for ironic vmedia server' (#281 ) from nbelouin/Factory:ironic-tls-cipher into main Reviewed-on: suse-edge/Factory#281 Reviewed-by: Marco Chiappero <mchiappero@noreply.src.opensuse.org> Reviewed-by: Steven Hardy <steven.hardy@noreply.src.opensuse.org>	2025-10-14 15:04:32 +02:00
Nicolas Belouin	f60348562e	metal3: Introduce TLS variables for ironic vmedia server port of https://github.com/metal3-io/ironic-image/pull/759 Expose it in chart with a new `ironic.ironicExtraEnv` value that allows passing arbitrary extra environment variables to allow for advanced configuration we may not want to keep as not for the faint of heart. Signed-off-by: Nicolas Belouin <nicolas.belouin@suse.com>	2025-10-03 10:04:48 +02:00