No beta blockers for SUSE Manager 3.1. So let’s get ready for containers!
Managing content and compliance in hybrid cloud and container infrastructures is our main design goal for the upcoming SUSE Manager 3.1 release. This is in line with our strategy for the Container as a Service Platform. With Beta 3 and its further improved support for building container images we reached a critical milestone towards that goal earlier this month.
But back to the beta blockers. No, I didn’t run out of medication, and I don’t take beta blockers in the first place. For me, as a product manager there are days when I’m close to a heart attack, but luckily only in the literal sense.
At SUSE, “beta blockers” have a slightly different meaning. Those are bugs that block the release of a beta version of one of our products. Well, for SUSE Manager 3.1 there weren’t any. So we could ship our third and last beta that gives everyone who is part of the beta program a first idea of what to expect with Manager 3.1 this summer.
If you weren’t on the beta program, but are interested in joining next time: Just reach out to your SUSE contact in sales or customer care. With the new yearly release cycles for SUSE Manager, the next beta phase is just a few months out!
Manager 3.1 is coming with the latest SUSE-hardened Salt 2016.11.4 (with updates to the latest Salt versions planned on a regular cadence), is based on SUSE Linux Enterprise 12 Service Pack 2, and will ship with an improved user interface with a new approach to page navigation:
The user interface isn’t finalized in Beta 3, so I’m going to cover more of those aspects in a later post.
Today I’d like to focus on containers:
One of the reasons why Docker is so popular with developers is that there are thousands of ready-to-use containers available in the public registry. But now that the container hype has reached the datacenter, just picking containers that someone built on the Internet isn’t an option any more. You want the same rigid controls over what software (or content) goes into your containers that you’ve implemented with tools like SUSE Manager for your package-based physical server and virtual machine installations in the datacenter or the cloud.
SUSE Manager 3.1 is going to make this really easy, as you can see from these screenshots:
First, you add your container registry to SUSE Manager. If you are looking for an authenticated registry, give Portus a try! You can find it on the SUSE Linux Enterprise 12 Container Module.
Now you can create an Image Profile. Currently we support Dockerfiles. In later versions you’ll be able to build images completely from Salt states without having to write a Dockerfile!
At this point you also assign a SUSE Manager Activation Key to the profile. And that’s where the magic happens: Just like an activation key assigns software channels to your physical systems and virtual machines, this assigns software channels to your image build profile. Any image built with that particular profile will be built from the software channels the activation key specifies.
Yes, that also means that by just picking another Activation Key you can switch between using your QA channels to using your Production channels!
Finally you can trigger the actual build. Of course we are also going to support building via the SUSE Manager API, so you can nicely integrate image building into your continuous integration.
Wait a moment! It’s asking for a Build Host. How do I create one? Again, Activation Keys come to the rescue! Just like you can make any SUSE Linux Enterprise Server a virtualization host by selecting “Virtualization Host” as an Add-On System Type, you can now convert it into a “Container Build Host”. This will add the necessary Salt states to the system, so that next time the system’s state is updated SUSE Manager will install Docker and the other dependencies needed for image building.
Of course you need to make sure your build host has the SUSE Linux Enterprise Server 12 Containers Module assigned as a software channel.
Just like you can check on the Systems page whether your Linux systems need any updates, you can now check on the Images page whether the images you are using are fully patched. If not, just trigger a rebuild!
We’ve even integrated this with the CVE Audit in SUSE Manager, so your compliance reports include your container images!
To learn more about SUSE Manager 3.1, join one of our upcoming webinars:
- June 28 – Getting ready for a world of compliant containers with SUSE Manager
- July 6 – Compliant containers with SUSE Manager – Grow Your Technical Knowledge
This is Joachim Werner blogging from sunny Nuremberg, where nothing is blocking us from making containers compliant. But you may need some sun blocker. 😉
We are deperatey waiting for SUSE Manager to support docker technologies. Any release dates available, yet?
In Manager 3.1, we are going to support building, rebuilding, and inspecting images built with the docker Dockerfile toolchain. There are no immediate plans for adding in-depth Docker support into SUSE Manager. Our “master plan” for running containers is through our Container as a Service Platform, which is using Kubernetes for orchestrating Docker.
SUSE Manager 3.1 will get support for setting up and integrating with CaaSP soon.
You can also use the Docker support in Salt from SUSE Manager in your own Salt states of course. So, for example, if you have set up a SLES system with the Docker from the SLES container module, it should be possible today to have a Salt state rolled out from SUSE Manager that starts certain containers on that system for you.
If you have more questions, feel free to contact me directly on Twitter (@joesusecom) or via e-mail “email@example.com”.