1

BOV1419

SUSE Linux Enterprise A-Z

Matthias G. EckermannDirector Product Managementmge@suse.com2020-06-09

2

AArchitectures“A” to “Z”

● AMD/Intel – x86-64● ARM – aarch64● Power – ppc64le● Z – s390x

Common Code Base● Same source code across all

architectures and delivery formats

Ubiquity● Deployments: Physical, Virtual,

Cloud, Container, WSL, ...

Benefits● The right architecture for a

specific application● Freedom of choice● Flexibility● Reduced training efforts due to

identical administrator experience across all instances of SUSE Linux Enterprise

3

BBuilding and MaintainingOpen Build Service

● Builds from sources, outputs containers, packages, ISOs, ...

● Builds on all architectures● Many Linux distributions● Stores all assets

– sources, binaries, signing keys

● Free and Open Source● Reproducible builds

Benefits● Full visibility in how SUSE

builds and maintains● Enables Community to build

and maintain● Enables and Enforces process;

“toolified” production process ● Other processes and

certifications built upon● TrustSource Package Image

OBS user submits sourceto OBS and gets a product

OB S

4

CCertifications, Security, ComplianceCertification Types

● Cryptography– FIPS

● Security Compliance– Common Criteria

● Hardening– DISA STIG– CIS

● Industry Standards– IPv6 / USGv6

● Safety

Benefits● Security conscious

Development, Building and Maintenance

● Security as integral part of the whole Lifecycle

– during development and deployment– be it via patching, redeployment, rebuilding

containers …

● Certifications to show that this is done right

5

DDevOps – Overview on SUSE Solutions

PLANSUSE Linux Enterprise

openSUSE

CODEOBS, PackageHub, SUSE Manager, Portus, GitHub

BUILDOBS, SUSE

Studio, SUSE Manager, KIWI,

Docker open source project

TEST & RELEASEopenQA, Jenkins

OPERATE & MONITORSUSE Manager, SUSE

Enterprise Storage, SUSE Application Delivery,

Kubernetes

DEPLOYSUSE Application Delivery, SUSE Public Cloud, SUSE Manager, Salt, Kubernetes

6

EEdge Computing – SUSE Edge OSBenefits

● Open and proven software platform for EDGE Computing

● Deep expertise to achieve critical certifications for Linux

● Openness of Linux helps attract software Developers and speed up development

Small footpri

nt

Trans-actional updates OR Live Patching

Real Time

Long Term

Support

Focus on performance (outside the data center)

Scalability/ Manage-

ability

Stable Minor

versions

SecurityFunctional

Safety Certification

Build Service

7

FFilesystems (local)Benefits

● The right filesystem for the application / data type

● Customer has freedom of choice and support

● Scalability (up and down)● Enhanced Features via Btrfs

– Checksums– Compression– Snapshots / Rollback– Deduplication– Transactional Updates

Use Case btrfs ext4 xfs

++ -- --

Container Host ++ + +

Database +¹ + ++

Fileserver (NFS, Samba) ++ + ++

Home Directory ++ ++ ++

Operating System ++ + +

Need for Snapshots ++ o² o²

VM Host +¹ + ++

+¹ with NoCoW

o² Snapshots via DM/LVM

Need for Deduplication (Backup Server)

8

HHigh Availability HighlightsSAP/Oracle integration

● Cluster file system OCFS2● SAP reference HA design

Virtualization Agnostic● Virtual cluster on all

hypervisorsScale Network Services

● IPv4 / IPv6 load-balancing

Disaster tolerance● Data replication via IP (DRBD)● Node recovery (ReaR)

User friendly tools● Graphical user interface● Unified command line

Geo Clustering● Cluster across unlimited

distance

Availability of data and services as needed

9

IImmutable OS… a topic SUSE is looking into

● Is predictable– Is not altered during runtime– Will run the same artifacts consistently on

every boot

● Is scalable– Eliminates efforts in configuring individual

instances during runtime– Can be rolled out easily repeatedly with

predictable outcome

● Is reliable– Automated recovery from faulty updates

See also: Transactional Updates

Benefits● Remote, small locations

– Mobile Base Stations– EDGE/IoT

● Always up-to-date(security)

● Self healing(automatic rollback)

● Small– Boot/update via LTE– Cheap, small devices– Mass-Devices

10

JJupyter NotebooksGPUS, AI/ML and beyond

● Jupyter Notebooks ~ “Literate Programming” for Data Scientists

● Part of PackageHub● Building an AI/ML stack● GPU enablement

Benefits● Ready to run stack● SUSE Linux Enterprise natively

and via WSL● Easy to start● Easy to scale to a full cluster

(SUSE Linux Enterprise HPC)● Going forward: Integrated from

Design to Deployment

11

KKernel and Userland Live PatchingKernel Live Patching!

● Provides fixes for Kernel bugs which affect

– Security– Stability– Data Integrity

Userland Live Patching?● Customers and partners want

to be able to live patch userland (selected bins/libs)

● SLE Live Patching “SDK” for partners

Benefits● “Non stop“ availability for

systems and services● Align work on the system level

with business priorities● Meet SLAs with internal and

external customers● Planned downtime instead of

unplanned downtime

12

LLife CycleUp to 16 years support in total

● 10 years general support per code stream

● Up to 3+3 years LTSS/XLSS● Up to 3 years LTSS for SPs

Benefits● Customer choice

– Quickly adapt new technology or– Keep one installation very long

● Plan ahead according to your specific business cycles

● Security and Compliance

General Support Extended Support

Year 1 Year 2 Year 3 Year 4 Year 5 Year 6 Year 7 Year 8 Year 9 Y 10 Y 11 Y 12 Y 13

GA LTSS

SP1 LTSS

SP2 LTSS

SP3 LTSS

SP4 LTSS

SP5 LTSS

13

MModularity / MultiModal OS

14

NNVDIMM & Persistent Memory

Technology● NVDIMM (Non-Volatile In-line

Memory Module) technology used to achieve Persistent Memory

● NV-DIMM supports 3 types of memory access

– Memory addressable– Block device– Block device + filesystem

Benefits● Instant database recovery● Persistent memory supported

in SLES for SAP Applications● Technology may drive more

innovation

Speed of memory with Persistence of storage Persistent Memory

15

OopenSUSE – Closing the Leap GapBring more closely together

● developer communities,by focusing on openSUSE Leap as a development platform for communities and industry partners;

● user communities,by leveraging the benefits of both a stable Enterprise code base and the speed of community contributions;

● the code bases of openSUSE Leap and SUSE Linux Enterprise,

by not only sharing sources, but also offering the SUSE Linux Enterprise binaries for inclusion in openSUSE Leap.

Three Step Approach1. Merge the code bases

for the intersection of openSUSE Leap 15.2 and SUSE Linux Enterprise 15 SP2 as much as possible without loss of functionality or stability.

2. Create a flavor leveraging SLE binaries in parallel to classic openSUSE Leap 15.2

3. Build openSUSE Leap 15.3with SLE binaries included by default (assuming community agreement)

16

PPackage- and Partner-HubPackage Hub

● Collection of supplemental open source software for SUSE Linux Enterprise

● Built and maintained by the community, approved by SUSE

● → Broaden the package choices for enterprise users

Partner Hub● “App Store“ like approach● Simplify installation of third

party software on SUSE Linux Enterprise

● Integration into SUSE Systems Management Stack

Ease of use – Software fromOpen source andISV Communities

17

QQualityOpenQA

● Automated test infrastructure● openSUSE and SUSE ● Ability to test various code

paths / installation options● Basic concepts: “jobs,”

“needles,” (png + json)● Output: log files, pictures, video

Benefits● Fully open source● Cross architecture● Matches the needs of SUSE

and the openSUSE community in full-product testing

● Use also by other communities●

https://en.opensuse.org/openSUSE:OpenQA

18

RRMT – The package proxyRMT

● Repository Mirror● Fully disconnected work● Staging support● Registration Proxy● Reporting & Management

Benefits● Maintain Security compliance for

package mirroring

– Even works in highly secure environments physically disconnected from the Internet(needs two RMTs)

● Save Bandwidth● Fast access to updates● Prepared for upgrade to SUSE

Manager for enhanced management capabilities

RMT

19

SSystem RolesPredefined Installation Options Benefits

● Make “best practices” available to all customers

● Scalable / Extensible● Change the experience of

“installation” to a quasi-imaging model without losing flexibility

20

TTransactional UpdatesAutomatic

● Keep Kubernetes up-to-date without manual intervention

Atomic ● Eliminate failures due to partial

updatesRecoverable

● Roll back easily to any previous release

Transparent ● Continue to run workloads

while updating your system(s)

Benefits● Improve reliability of updates

→ Trust → more frequent updates

● Suitable for Datacenter and Edge

● Better automation

21

UUnified InstallerOne for all

● The Unified Installer install all SUSE Linux Enterprise 15 products from a single medium

One small● The Unified Installer medium is

small. It allow easier handling, remote use, and faster refresh cycle.

Beyond SUSE Linux Enterprise● SUSE Manager included

Benefits● Simplify the access to SUSE

Linux Enterprise and SUSE Manager also on premises

● Show the benefits of a Common Code Base in real life:integration, compatility

● Good Day 1 administrator experience

● Platform for more integration going forward

22

UUpgrade PathsMajor version upgrades

● Migration from SLES to SLES for SAP Applications is supported

● SLES 12 SP5 is the last release in SLES 12 codestream

● Keep architecture

Benefits● Change introduces risk – Avoid

risk!● Service Pack Rollback possible

based on Snapshot/Rollback technology

● Peace of mind

23

WWSL – Windows Subsystem for LinuxHow we provide SUSE Linux Enterprise for WSL

● No Windows system required for building SUSE on WSL; we use OBS

● WSL can be built fully automated and reproducible

● Automated QA included● The rpm packages are exactly

identical to the native SUSE Linux Enterprise

Benefits● Provides a Container / VM with

a Linux Userland● Predefined applications /

containers could be delivered● Great to start some Linux

applications quickly when running Windows

● Easy to migrate to a native Linux system

24

YYet ...YaST? YOMI! Yet One More Installer

● New type of installer– Parallel, unattended – Simple (YAML) and smart (Jinja2)

configuration files– Easy to orchestrate

(single decision point)

● Idempotent (Salt states)● Can work alone or integrated

into a big solution / Cluster● Currently used by

– openSUSE Kubic with kubic-control– SUSE Manager (Work in progress)

Benefits● Unattended installation on a

cluster with different profiles– Roles like: control plane, storage,

computation (OpenStack, k8s)– Certain nodes needs to wait until other

nodes are installed

● Integration with Salt – DevOps oriented (Git, CMS, …)– Easy to integrate and extend

● Ready to scale

25

ZZero DowntimeBenefits

● A complete solution set● Peace of mind● Compliance● Choice: Customer selects

according to business needs● Integration: Functionality

based on Common Code Base● Available wherever you deploy

SUSE Linux Enterprise

The stack● Full System Rollback● RAS● High Availability and Geo

Clustering● Live Patching ● SUSE Manager

26

General Disclaimer

This document is not to be construed as a promise by any participating company to develop, deliver, or market a product.  It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions.  SUSE makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose.  The development, release, and timing of features or functionality described for SUSE products remains at the sole discretion of SUSE.  Further, SUSE reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All SUSE marks referenced in this presentation are trademarks or registered trademarks of SUSE, LLC, Inc. in the United States and other countries.  All third-party trademarks are the property of their respective owners.