03.zero downtime and digital transformation
TRANSCRIPT
Zero downtime, rapid innovation and
control are mandatory with the
digital transformation
Roma 14 Marzo 2017 | Milano 16 Marzo 2017
Kai Dupke
Senior Product Manager SUSE Linux Enterprise 13
2
• Better Quality & Security
• Rapid Innovation
• Lower Cost
• No Vendor Lock-in
Open Source Solutions Can Help You Meet the Digital Economy Demands
3
Meet the Challenges of the Digital
Transformation with SUSE
It’s not just WHAT we do.
It’s HOW we do it.
• True to open source vision
• Flexible and adaptive
• Enterprise supportalways
open
4
SUSE Software-Defined Infrastructure An Open, Flexible Infrastructure Approach
Application Delivery
Custom Micro Service ApplicationsKubernetes / Magnum
Physical Infrastructure: Server, Switches, Storage
Public Cloud
SUSE Cloud Service Provider Program
ContainersSUSE CaaS Platform
Software Defined Everything
StorageSUSE Enterprise
Storage
NetworkingSDN and NFV
VirtualizationKVM, Xen, VMware,
Hyper-V, z/VM
Operating SystemSUSE Linux Enterprise Server
Platform as a ServiceCloud Foundry
Private Cloud / IaaSSUSE OpenStack Cloud
Management
Operations,
Monitor and
Patch
• SUSE Manager
• openATTIC
Cluster
Deployment
• Crowbar
• Salt
Orchestration
• Heat
• Kubernetes
5
SUSE Software-Defined Infrastructure An Open, Flexible Infrastructure Approach
Application Delivery
Custom Micro Service ApplicationsKubernetes / Magnum
Physical Infrastructure: Server, Switches, Storage
Public Cloud
SUSE Cloud Service Provider Program
ContainersSUSE CaaS Platform
Software Defined Everything
StorageSUSE Enterprise
Storage
NetworkingSDN and NFV
VirtualizationKVM, Xen, VMware,
Hyper-V, z/VM
Operating SystemSUSE Linux Enterprise Server
Platform as a ServiceCloud Foundry
Private Cloud / IaaSSUSE OpenStack Cloud
Management
Operations,
Monitor and
Patch
• SUSE Manager
• openATTIC
Cluster
Deployment
• Crowbar
• Salt
Orchestration
• Heat
• Kubernetes
6
SUSE Software-Defined Infrastructure An Open, Flexible Infrastructure Approach
Application Delivery
Custom Micro Service ApplicationsKubernetes / Magnum
Physical Infrastructure: Server, Switches, Storage
Public Cloud
SUSE Cloud Service Provider Program
ContainersSUSE CaaS Platform
Software Defined Everything
StorageSUSE Enterprise
Storage
NetworkingSDN and NFV
VirtualizationKVM, Xen, VMware,
Hyper-V, z/VM
Operating SystemSUSE Linux Enterprise Server
Platform as a ServiceCloud Foundry
Private Cloud / IaaSSUSE OpenStack Cloud
Management
Operations,
Monitor and
Patch
• SUSE Manager
• openATTIC
Cluster
Deployment
• Crowbar
• Salt
Orchestration
• Heat
• Kubernetes
77
Everything starts with a solid base:SUSE Linux Enterprise Lifecycle / Roadmap
8
GA
SP1
SP2
2018 2020 2021
SUSE Container as Service Platform
powered by MicroOS
Needs of the container focused world
Small and easy to manage/ upgrade OS
Fast way to setup a cluster and to
manage multiple nodes
Always up-to-date OS
Micro(Services)OS
• Single purpose OS – focus: Containers
and Micro Services
• Size follows function
• Transactional Update
• Made for cloud, Kubernetes, PaaS
• Reduced end-user interactions
• Focused on large deployments
SUSE CaaSP (MicroOS based)
2019
Confidential—For Internal Use Only. Information is forward looking and subject to change at any time.
Common Code Base
Classical SLES (LeanOS based) +
Modules + Extensions
• Multiple use cases: physical
installation, virtual host/guest,
container host
• Solves multiple problems
• Focused on one-off upgrade, manual
upgrade, auto update, and major
version upgrades
Always up OS
LeanOS
• General purpose OS
• Minimal packaging
• Full control of the installed packages,
updates, upgrades
• Full set of deployment and
• management options
• Availability of all extensions
Classical SLES (LeanOS based)
Ubiquity
Everything across all architectures(
aarch64, x86-64, ppc64le, s390x)
Designed for clouds and containers
Ready for IoT
Security
Cryptography (TLS 1.3)
Trusted Computing
Prep for Certifications
Ease of use
Quarterly updates of installation media
SUSE Linux Enterprise 13Release availability: Q2 CY
9
Online Upgrade PathsSUSE Linux Enterprise 12 SP2
One-step Migration (SP n to SP n+1)
• Standard online migration path supported since SUSE
Linux Enterprise 10.
• SP2 follows the standards
• Option available via all tools (SCC, SUSE Manager, etc.)
Skipping a Service Pack (SP n to SP n+2)
• Provide fully tested, supported and maintain path from
SUSE Linux Enterprise 12 GA to SUSE Linux Enterprise 12
SP2
• Exception: SUSE Linux Enterprise Desktop
• Option available via all tools (SCC, SUSE Manager, etc.)
10
SUSE Linux Enterprise Server 12 Lifecycle
13-year Lifecycle• 10 years general support
• 3 years extended support
• Different Lifecycle for
Desktop and Modules
• Not committed
• Subject to change
Long Term Service Pack Support• Available for all versions, including GA
• Up to 3 years extended support
Information is forward looking and subject to change at any time.
1111
Digital transformation requires rapid
innovation: SUSE Linux Enterprise Modules
12
Deploy New Features Without Changing the Core OSwith SUSE Linux Enterprise 12 Modules
13
SUSE Package Hub
Broaden the software choices for enterprise users
25,000+Upstream Packages
SUSEPackage Hub
EnterpriseUser
OBS
http://packagehub.suse.com
1414
Digital transformation requires Zero
Downtime
15
Undo OS Changes: Full System Rollback
• Rollback to a good state with one click for faster
recovery from planned or unplanned downtime
• Support for service pack rollback
• Support for kernel upgrade
• Based on btrfs and Snapper, bootloader integration
Full system rollback is a
feature in SUSE Linux
Enterprise Server 12.
SUSE Linux Enterprise
Server 11 SP2 and later
provides a similar
snapshot and rollback
feature, without
bootloader integration.
16
Sound Familiar?
17
In the Data Center, Not So Long Ago…
Linux Kernel
Dec-11, 2015
Linux Kernel
Jan-15, 2016
CVE-2013-7446
CVE-2015-8019
CVE-2015-8539
CVE-2015-8660
CVE-2013-7446
CVE-2015-8019
CVE-2015-8539
CVE-2015-8660
CVE-2016-0728
CVE-2013-7446
CVE-2015-6937
CVE-2015-7872
CVE-2015-7990
CVE-2015-8019
CVE-2015-8539
CVE-2015-8660
CVE-2015-8709
CVE-2015-8812
CVE-2015-8816
CVE-2016-0728
CVE-2016-0758
CVE-2016-0774
CVE-2016-1583
CVE-2016-2053
CVE-2016-2384
CVE-2016-3134
CVE-2016-4470
CVE-2016-4565
CVE-2016-4997
CVE-2016-5829
CVE-2016-6480
Linux Kernel
Feb-10, 2016
CVE-2015-8709
CVE-2015-8812
CVE-2015-8816
CVE-2016-0758
CVE-2016-0774
CVE-2016-1583
CVE-2016-2053
CVE-2016-2384
CVE-2016-3134
CVE-2016-4470
CVE-2016-4565
CVE-2016-4997
CVE-2016-5829
CVE-2016-6480
CVE-2015-8709
CVE-2015-8812
CVE-2015-8816
CVE-2016-0774
CVE-2016-1583
CVE-2016-2384
CVE-2016-3134
CVE-2016-4470
CVE-2016-4565
CVE-2016-4997
CVE-2016-5829
CVE-2016-6480
Linux Kernel
Mar-22, 2016
CVE-2016-1583
CVE-2016-3134
CVE-2016-4470
CVE-2016-4565
CVE-2016-4997
CVE-2016-5829
CVE-2016-6480
CVE-2013-7446
CVE-2015-8019
CVE-2015-8539
CVE-2015-8660
CVE-2015-8709
CVE-2015-8812
CVE-2015-8816
CVE-2016-0728
CVE-2016-0758
CVE-2016-0774
CVE-2016-1583
CVE-2016-2053
CVE-2016-2384
CVE-2016-3134
CVE-2016-4470
CVE-2016-4565
CVE-2016-4997
CVE-2016-5829
CVE-2016-6480
Linux Kernel
Jun-09, 2016
CVE-2016-0758
CVE-2016-2053
CVE-2016-4470
CVE-2016-4565
CVE-2016-4997
CVE-2016-5829
CVE-2016-6480
Linux Kernel
Aug-16, 2016
CVE-2016-0758
CVE-2016-2053
CVE-2016-4470
CVE-2016-4565
CVE-2016-5829
CVE-2016-6480
Linux Kernel
Sep-12, 2016
Reboot
CVE-2016-6480
Sample data taken
on Sept-15, 2016
18
In a SUSE Data Center—TodayLinux Kernel
Nov-11, 2015
December
2015
January
2016February
2016
March
2016
April
2016
May
2016June
2016
July
2016August
2016
September
2016
Linux Kernel
Dec-11, 2015
Linux Kernel
Jan-15, 2016
Linux Kernel
Feb-10, 2016
Linux Kernel
Mar-22, 2016
Linux Kernel
Jun-09, 2016
Linux Kernel
Aug-16, 2016
Linux Kernel
Sep-12, 2016
CVE-2013-7446
CVE-2015-6937
CVE-2015-7872
CVE-2015-7990
CVE-2015-8019
CVE-2015-8539
CVE-2015-8660
CVE-2015-8709
CVE-2015-8812
CVE-2015-8816
CVE-2016-0728
CVE-2016-0758
CVE-2016-0774
CVE-2016-1583
CVE-2016-2053
CVE-2016-2384
CVE-2016-3134
CVE-2016-4470
CVE-2016-4565
CVE-2016-4997
CVE-2016-5829
CVE-2016-6480
CVE-2013-7446
CVE-2015-8019
CVE-2015-8539
CVE-2015-8660
CVE-2015-8709
CVE-2015-8812
CVE-2015-8816
CVE-2016-0728
CVE-2016-0758
CVE-2016-0774
CVE-2016-1583
CVE-2016-2053
CVE-2016-2384
CVE-2016-3134
CVE-2016-4470
CVE-2016-4565
CVE-2016-4997
CVE-2016-5829
CVE-2016-6480
CVE-2013-7446
CVE-2015-8019
CVE-2015-8539
CVE-2015-8660
CVE-2015-8709
CVE-2015-8812
CVE-2015-8816
CVE-2016-0758
CVE-2016-0774
CVE-2016-1583
CVE-2016-2053
CVE-2016-2384
CVE-2016-3134
CVE-2016-4470
CVE-2016-4565
CVE-2016-4997
CVE-2016-5829
CVE-2016-6480
CVE-2015-8709
CVE-2015-8812
CVE-2015-8816
CVE-2016-0758
CVE-2016-0774
CVE-2016-1583
CVE-2016-2053
CVE-2016-2384
CVE-2016-3134
CVE-2016-4470
CVE-2016-4565
CVE-2016-4997
CVE-2016-5829
CVE-2016-6480
CVE-2016-0758
CVE-2016-1583
CVE-2016-2053
CVE-2016-3134
CVE-2016-4470
CVE-2016-4565
CVE-2016-4997
CVE-2016-5829
CVE-2016-6480
CVE-2016-0758
CVE-2016-2053
CVE-2016-4470
CVE-2016-4565
CVE-2016-4997
CVE-2016-5829
CVE-2016-6480
CVE-2016-6480
CVE-2016-0758
CVE-2016-2053
CVE-2016-4470
CVE-2016-4565
CVE-2016-5829
CVE-2016-6480
19
SUSE Linux EnterpriseLive Patching
Improve business continuity, increase service
availability and enhance security and compliance
by reducing system downtimes.
www.suse.com/products/live-patching/
• Reduce planned and unplanned downtimes by live patching your systems.
• Increase service availability and enable services to run without interruption.
• Ensure systems stay up-to-date with security patches in real time.
ZeroInterruption when
patching systems
MinimizeExposure to
malicious attacks
ReducePlanned and
unplanned downtimes
21
SUSE Linux Enterprise High Availability ExtensionKey Use Cases—Mission-critical Services
• Active/Active Services OCFS2, databases,
Samba file servers
• Active/Passive Service Fail-over Traditional databases, SAP setups, regular
services
• High Availability Across Guests Fine
granular monitoring and HA on top of virtualization
• Network Load Balancing with transparent
fail-over
• All Topologies Local, metro and geographical
area clusters
22
SUSE Linux Enterprise High Availability ExtensionFrom Local to GEO
Local Cluster
• Negligible network latency
• Typically synchronous concurrent storage access
Metro Area (Stretched) Cluster
• Network latency <15ms (~20mls)
• Unified / redundant network between sites
• Usually some form of replication at the storage level
GEO Clustering
• High network latency, limited bandwidth
• Asynchronous storage replication
2323
Digital transformation requires control of IT:
tame the 3 ”C.” monsters
24
SUSE Software-Defined Infrastructure An Open, Flexible Infrastructure Approach
Application Delivery
Custom Micro Service ApplicationsKubernetes / Magnum
Physical Infrastructure: Server, Switches, Storage
Public Cloud
SUSE Cloud Service Provider Program
ContainersSUSE CaaS Platform
Software Defined Everything
StorageSUSE Enterprise
Storage
NetworkingSDN and NFV
VirtualizationKVM, Xen, VMware,
Hyper-V, z/VM
Operating SystemSUSE Linux Enterprise Server
Platform as a ServiceCloud Foundry
Private Cloud / IaaSSUSE OpenStack Cloud
Management
Operations,
Monitor and
Patch
• SUSE Manager
• openATTIC
Cluster
Deployment
• Crowbar
• Salt
Orchestration
• Heat
• Kubernetes
25
The Three “Cs” of Management (Challenge)
Transform your approach to infrastructure to enable the
business to capitalize on new innovations of data”
Cost Complexity Compliance
27
SUSE Manager
Asset
Management
Provisioning
Redeployment
Configuration
Management Package
Management
Patch
Management
SUSE Manager
HEALTH MONITORING
COMPLIANCESECURITY
Open source infrastructure
management solution that empowers IT to: • Optimize operations while reducing costs
• Reduce complexity and regain control of
IT assets
• Ensure compliance with internal security policies
and external regulations
• Manage multiple enterprise Linux distributions with
a single tool
Much more in the break-out session “Doma i sistemi in
tempo reale con SUSE Manager e Salt”
28
SUSE Software-Defined Infrastructure An Open, Flexible Infrastructure Approach
Application Delivery
Custom Micro Service ApplicationsKubernetes / Magnum
Physical Infrastructure: Server, Switches, Storage
Public Cloud
SUSE Cloud Service Provider Program
ContainersSUSE CaaS Platform
Software Defined Everything
StorageSUSE Enterprise
Storage
NetworkingSDN and NFV
VirtualizationKVM, Xen, VMware,
Hyper-V, z/VM
Operating SystemSUSE Linux Enterprise Server
Platform as a ServiceCloud Foundry
Private Cloud / IaaSSUSE OpenStack Cloud
Management
Operations,
Monitor and
Patch
• SUSE Manager
• openATTIC
Cluster
Deployment
• Crowbar
• Salt
Orchestration
• Heat
• Kubernetes
2929
Unpublished Work of SUSE LLC. All Rights Reserved.This work is an unpublished work and contains confidential, proprietary and trade secret information of SUSE LLC.
Access to this work is restricted to SUSE employees who have a need to know to perform tasks within the scope of their
assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated,
abridged, condensed, expanded, collected, or adapted without the prior written consent of SUSE.
Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability.
General DisclaimerThis document is not to be construed as a promise by any participating company to develop, deliver, or market a
product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making
purchasing decisions. SUSE makes no representations or warranties with respect to the contents of this document, and
specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The
development, release, and timing of features or functionality described for SUSE products remains at the sole discretion
of SUSE. Further, SUSE reserves the right to revise this document and to make changes to its content, at any time,
without obligation to notify any person or entity of such revisions or changes. All SUSE marks referenced in this
presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-
party trademarks are the property of their respective owners.