Bad pun aside, we are truly excited about being a launch partner for this new AWS Competency – Enterprise Container Management!

Containers are amazing for portability and a critical building block for modernization and digital transformation. This newly launched competency showcases partners – like SUSE that have products that integrate with AWS services to help customers run workloads on containers on AWS. That product, for SUSE – is of course SUSE Rancher.

Containers are wonderful, but, the management of your container environment is no piece of cake. To help customers address this, AWS created this new competency to showcase products that help customers deploy containers, provision and manage their container infrastructure as well as related AWS resources and surrounding constructs.

As one of the only five vendors highlighted in the launch of this new competency category, SUSE can aid customers increase operational efficiency and achieve observability, security, compliance, and governance at enterprise scale. It’s time to step on the gas for your modernization journey. SUSE Rancher is happy to serve as your faithful navigator, for every step of this journey.

AWS Summits are back! And I for one, can not be happier! Post-COVID, Post-Pandemic, we all would like to see more live, in person events.

AWS Summits are free events that bring the cloud computing community together to connect, collaborate, and learn about AWS. It’s a wonderful opportunity to deepen your cloud knowledge and gain new skills to design and deploy solutions in the cloud to accelerate your digital transformation.

SUSE is delighted to be a sponsor for many of these events around the world. We look forward to seeing you at our booth and connect on your SAP or Container initiatives! Here’s a list of AWS Summits that SUSE will be participating in:

April: Paris, London

May: Madrid, Berlin, Stockholm, Atlanta, DC

June: Hong Kong, Milan, Taipei

July: New York, Shanghai

See you there!

This actually should have been one of those beginning of the New Year blogs or even better published in Dec following reInvent. The topic summarizes all the oodles of goodness AWS announced that are highly relevant for any SAP customer. But for various reasons – it got delayed until now. But it’s chock-full of really good information that will definitely enrich your Tuesday, or even the whole year! So read on, 🙂

First of all, this is actually a guest blog, written by our close colleagues at AWS. Let me introduce David Rocha – Sr. Partner Solutions Architect and Soumya Das – Partner Solutions Architect. David’s specialty is SUSE and everything Linux. Soumya’s specialty is everything SAP.

So without further ado, here’s their blog:

New AWS features and services for SAP on AWS customers

In the words of Amazon CEO Andy Jassy, ‘there is no compression algorithm for experience’.

Since 2010, customers have benefited from both AWS and SUSE providing products and services that give enterprise customers fast, flexible access to the cloud for a variety of workloads. SUSE first published SUSE Linux Enterprise Server (SLES) on Amazon Web Services (AWS) in 2010 and SUSE Linux Enterprise Server for SAP Applications (SLES for SAP) on AWS in 2016.

The workloads have evolved in the last 16 years and includes mission critical applications like SAP. SAP applications represent the financial system of record and business process backbone for most of the world’s enterprises. SAP states that 77% of the world’s transaction revenue touches an SAP system and 91% of the Forbes Global 2000 are SAP customers. AWS and SUSE supported applications include SAP ERP Central Component (SAP ECC), SAP HANA Database, SAP S/4HANA and all its associated platforms like SAP S/4 Central Finance, SAP MDG(Master Data Governance), or SAP CAR(Customer Activity Repository).

AWS is the choice for 5000+ SAP customers and hundreds of partners. Whether you want to lift and shift your existing SAP workloads to reduce costs, re-factor your SAP ECC to SAP S/4HANA, or innovate and modernize with AWS services, you can count on AWS’s unmatched experience, infrastructure, and platform breadth to get more value out of your SAP investments.

Let’s dive into some of the new announcements for 2021 – 2022:

New Instances

A number of new instances were released for SAP workloads including recent additions that were announced during re:Invent 2021 [1]:

• Amazon Elastic Compute Cloud R6i instances and Amazon EC2 M6i instances are powered by the latest generation Intel Xeon Scalable processors (code-named Ice Lake). The newer instance families provide up to 15% better compute price performance, up to 20% higher memory bandwidth per vCPU, up to 50GBps networking speed and up to 40 GBPS of bandwidth to the Amazon EBS compared to the previous generation instances. [2]
• AWS recently announced the Amazon EC2 M6a are powered by 3rd generation AMD EPYC (code named Milan) which is the latest AMD processor certified to run SAP workloads. [3]
• Amazon EC2 X2idn and X2iedn instances are SAP-Certified and are a great fit for workloads such as small-to large-scale traditional and in-memory databases,and analytics.  Amazon EC2 X2idn and X2iedn instances are powered by 3rd generation Intel Xeon Scalable processors with an all-core turbo frequency up to 3.5 GHz and deliver up to 50% higher compute price performance than comparable Amazon EC2 X1 instances. Additionally, these instances provide 45% more SAPS than comparable Amazon EC2 X1 instances. [4]
• Four new EC2 High Memory instances were launched in May 2021. The new EC2 High Memory instances with 6TB, 9TB, and 12TB of memory (u-6tb1.56xlarge, u-6tb1.112xlarge, u-9tb1.112xlarge, and u-12tb1.112xlarge) are available for usage with On-Demand (OD) and Savings Plan purchase options. This launch gives customers greater flexibility for instance usage and procurement.with up to 12TB of memory are now available with On-Demand and Savings Plan purchase options. [5]

New Tooling

AWS Launch Wizard now supports SAP S/4HANA 2021, SAP BW/4HANA 2021, and SAP HANA SPS06 deployments running on SUSE Linux Enterprise Server (SLES) and SUSE Linux Enterprise Server for SAP 15 SP3 (SLES for SAP). AWS Launch Wizard offers customers and partners a way of sizing, configuring, and deploying AWS resources for SAP S/4HANA or SAP BW/4HANA. This launch makes it easy for customers to deploy and scale these applications on the latest SUSE Linux versions in accordance with AWS, SAP, and SUSE best practices. [6]

AWS announced CloudWatch Application Insights for SAP HANA installed on SLES and SLES for SAP 15 or later. This allows CloudWatch Application Insights to analyze metric patterns using historical data to detect anomalies, and continuously track errors and exceptions from SAP HANA, operating systems, and infrastructure logs. This service creates dashboards that show the observations and problem severity information to help you prioritize your actions. For common problems in SAP HANA database, it provides additional insights to determine root cause and steps for resolution. It also sets up dynamic alarms on monitored metrics which are automatically updated based on anomalies detected on historical data. [7]

New version of Amazon Inspector automates vulnerability management at the Amazon EC2 instance level. For SAP workloads, Amazon Inspector supports operating systems like SLES and SLES for SAP. It delivers real-time findings by using AWS Systems Manager agent (SSM). [8]

Other Cool Stuff

Amazon Elastic File System (EFS) native replication can now be leveraged to automatically maintain copies of your Amazon EFS file systems for business continuity. It helps you to meet compliance requirements as part of your disaster recovery strategy. You can set this up in minutes for new or existing Amazon EFS file systems, with replication either within a single AWS region or between two AWS regions. [9]

SAP Lens for AWS Well Architected Framework can help customers make design decisions when architecting SAP on AWS. The SAP Lens is a collection of design principles and best practices and by utilizing it customers and partners can evaluate their SAP workloads against this best practices and principles. That makes sure that they are designed to align with the recommendations provided by SAP and AWS. In essence, SAP Lens is organized in 5 AWS Well-Architected pillars – Security, Reliability, Performance efficiency, cost optimization and Operational Excellence. [10]

AWS Training & Certification will launch an AWS Certified SAP on AWS Specialty (PAS-C01) in April 2022. This is a new AWS specialty certification that validates advanced technical skills and experience to design, implement, migrate, and operate SAP workloads optimally on AWS. [11]

Conclusion:

AWS and SUSE continue to provide products and services that give enterprise customers fast, flexible access to AWS for SAP applications. The announcements listed in the blog are not an all encompassing list. We recommend that you visit the links for each of the announcement to learn more about the features and benefits. Additionally, AWS has a blog [12] category that focuses on SAP applications that you can follow to learn more about recent launches, as well as blogs that cover new design recommendations and service integrations.

We’re looking forward to 2022 and the new product and services that will continue to focus on your success!

Now that everyone is on the Cloud, Cost Optimization is a big topic. When it comes to AWS, there are actually myriad options for buying SUSE software. Do you know the differences between Pay-As-You-Go, RIs, BYOS and Private Offers? What’s the best option for you or your customer? If you don’t have 100% certainty on this question, then this webinar is just for you: bit.ly/AWSPartnerCastSUSE 

See you on March 1^st!

This CIO.com webinar features AWS, SUSE and Trilio along with IDC Associate Research Director, Archana Venkatraman: Creating Today’s Immutable Cloud-Native Environments

Join us live Thu, Jan 13 12:30 pm ET, 6:30 pm CET

Today’s IT environment is shifting to cloud native solutions focused on containerized applications in Kubernetes clusters running everywhere – from on-premises data centers, to the cloud and at the edge. Ensuring business continuity in this application-centric world requires new approaches to application hardening and quick operational recovery of cloud native workloads.

Guest IDC analyst, Archana Venkatraman, will provide the latest analysis of:

• The state of the container market, Kubernetes and its rapid adoption
• Benefits and challenges of containerized applications and workloads
• Emergence of multi-cluster Kubernetes management control planes
• Importance of workload & application protection and data recovery capabilities

SUSE, Trilio, and Amazon Web Services (AWS) will join the discussion on tools and best practices to successfully deploy, manage, and protect cloud-native applications while enabling very rapid operational recovery of both workloads and data.

Featured technologies:
• SUSE Rancher – most widely deployed multi-cluster Kubernetes management solution
• TrilioVault for Kubernetes – a holistic, cloud native data protection technology
• AWS S3 – a scalable, highly available, highly secure storage service

Join us!

2021 is drawing to a close, seems like it just flew by!

I know, so much has happened, and I don’t mean all the craziness in the news + our pandemic blues. I was actually, specifically thinking about AWS land. In December, we have just reached our 11^th year working together with AWS, delivering solutions in the cloud. And what a year it has been!

1. Going Next Level with Co-Innovation

2021 was a big, big year as far as co-innovation goes. Our two outstanding technical teams worked closely together to deliver some amazing achievements in these last 12 months.

AWS Service Ready Programs – AWS Service Ready Program is designed to validate software products built by AWS Partners that work with specific AWS services. These software products are technically validated by AWS Partner Solution Architects for their sound architecture and adherence to AWS best practices, and market adoption including customer successes. So what are the shiny new Service Ready “Badges” we won this year?

• AWS Graviton Service Ready – SUSE Linux Enterprise Server is fully certified for Graviton, blazing fast custom built 64-bit Arm processors that helps to optimize price performance for a variety of cloud workloads running in Amazon EC2.
• AWS Outposts – SUSE Linux Enterprise Server and SUSE Linux Enterprise Server for SAP Applications have demonstrated successful integration with AWS Outposts deployments. AWS Outposts is a fully managed service that extends AWS infrastructure, AWS services, APIs, and tools to virtually any datacenter, co-location space, or on-premises facility.

• AWS ECS- Anywhere – SUSE Linux Enterprise Server is fully certified for ECS-Anywhere, so customers can run containers anywhere, both on AWS and outside AWS and maximize their CapEx investments

Other Major Integration Work:

• Control Tower – SUSE’s Control Tower integration eases the deployment of SUSE Linux Enterprise Server for SAP Applications across AWS accounts . The integrated solution automates the creation of grants for accounts with in selected Organizational Units (OUs) – also, it leverages AWS Control Tower lifecycle events to automatically create the grants when a new AWS Account is created in those OUs using Account Factory.
• Inspector integration – SUSE now uses AWS Inspector to scan for security vulnerabilities in SUSE Linux Enterprise Server powered workloads
• SUSE Manager fully supports Amazon Linux – hear more about this in an upcoming webinar!
• TrilioVault Solution Stack – an amazing new solution stack from SUSE. AWS and Trilio – never worry about RansomeWare attack again, more details in a new webinar, coming in January!

In addition, the solution architects on our team (shout out to Stephen and Kevin!) did a ton of work, creating white papers, new demos, enablement sessions, workshops, webinars and so much more! All to support our customers and our vibrant and growing partner ecosystem!

2. Marketing Engine on Full Blast

In addition to technical marketing, what has the “marketing” marketing team been up to in these 12 months? Kicking butt and taking names with a whole bunch of fun marketing activities, that’s what!

Let’s just list a few:

• Webinars Galore! – I know, I know, you are suffering from webinar fatigue, I guess we are, a little bit too. Big and small, global and local, we delivered almost 2 dozen webinars in 2021, everything is archived and available to watch on-demand!
• Say “hello” to virtual events! – Adding a new dimension to our online marketing mix, we did a bunch of virtual events this year that really amps up the fun factor! Everything from Guinness Party for St. Paddys, to Summer BBQ, to Chocolate Tasting for Oktoberfest – we tried it all! All of these fun events are recorded and available for your viewing pleasure on SUSE’s YouTube channel.
• Did you check out our YouTube Playlist? – Speaking of YouTube, we created a brand new AWS specific playlist and here it is! Bookmark it for informative videos that are also fun and refreshing!
• Collateral Up the Wazoo! – We know that when you research a vendor and a new project, you’ll want to look at different things, whitepapers, infographics, videos and of course, customer case studies, so we delivered a number of these in various flavors, some even in local languages. (Hello Korea!)
• Who could forget – reInvent! reinvent just wrapped up, and what an amazing event! SUSE was a gold sponsor for the first time this year, and we had a great booth, right across from SAP! Our racing game at the booth drew a huge crowded all week, with rave reviews from winners and participants! And the energy level for the event was incredible! You sorta have to be there to know what I’m really talking about. I’ll do my best to describe – the overall energy level for the show was Off-The-Charts! People were so happy to be out and about again (we really do want Covid to just say bye bye already!), there were so many smiles, people’s eyes were lit up! Hugs even! You couldn’t find a more attentive audience. There is a great willingness, on everyone’s part, to socialize, to learn, to do business! Kudos to AWS for holding this wonderful event for us – can’t think of a better way to cap off the year. And a shout out to everyone who stopped by our booth this year. We definitely hope to see you again in 2022!

3. Revenue

I was told we are not allowed to be too specific about this one. Suffice it to say, it was a great, great year for our revenue growth! Thanks so much to the entire team, especially highest growth regions like EMEA and APJ! The increased customer count and the revenue growth percentage indicates that our customers know – as we do – that the #1 cloud platform and the #1 OS for SAP really does make for an amazing team! So thanks to all of our customers too, this would not have been the outstanding year that it was, without you guys!

4. Other Noteworthy Developments

These 2 things do not fit neatly in the categories above, so they warrant their own section, last certainly does NOT mean least in this regard!

Launching Professional Services on AWS Market Place: This is our first new product/solution listing in quite a few years, so it certainly is a major milestone! More importantly, customers have been asking for an easier way to procure SUSE services – consulting, training, premium support etc – on the market place, so we made their wish come true in April of this year!

SUSE, AWS, ARM are new board member of the Software Defined Vehicle Initiative:  Through our earlier launch with Elektrobit, SUSE proudly announced to the world – hey, we have something special to say in the automotive space! Joining forces with AWS, ARM and other key companies on the governing board of the Software Defined Vehicle Initiative is the next chapter of that story. And this is just the beginning, we have a lot of ambitious plans for the automotive space, as well as the broad Edge Ecosystem. So definitely watch this space!

That was a lightning round recap, it’s time to raise the glass and toast to an even better 2022! See you on the other side!

SUSE, a global leader in innovative, reliable and enterprise-grade open source solutions is pleased to a gold sponsor for AWS re:Invent this year,  in the fabulous city of Las Vegas no less! Yes – travel, finally, after 18 months of pandemic gloom. Meeting customers, sharing insights, all face to face!

Can you tell I’m a little too excited? 😛

If you are coming to Vegas, we’d love to meet you! We want to hear about your IT challenges and priorities; how you are adapting to win in your industry; your 2022 SAP and Kubernetes Strategies and how SUSE can help you accelerate your digital transformation while smoothing any bumps.

Less than 2 weeks away, here are 5 more reasons why you would want to come check out SUSE at AWS re:Invent, Nov 19 – Dec 3^rd.

1. Hot Session – Spotlight on SAP

On Wednesday Dec 1^st, 11:45 am, in the Atlas Partner Theatre, Sherry Yu, Director of SAP Architecture  at SUSE, will host his a session around Overcoming Challenges to Delivering on the Promise of SAP. In this session, Sherry will detail some of the key challenges on the journey to SAP S/4HANA and how you can:

• Select the best S/4HANA deployment option for you
• Reduce deployment time of SAP landscape
• Address HA configuration errors before deployment
• Avoid service problems by proactively monitoring your SAP infrastructure
• Reduce or even eliminate planned and unplanned downtime
• Best practice guide to Day 2 operations, maintenance, and optimization

Sherry has over 10 years of experience helping customers migrate to the cloud, that’s about how long SAP has been in the cloud. So don’t miss the opportunity to learn from her amazing background helping hundreds of customers with challenges just like you. Session ID: DEM065-S. Wed 11:45, Atlas Partner Theatre

2. Demos of the latest and greatest SAP and Kubernetes Management solutions 

During the week-long event, attendees will have a chance to see up close and in person 2 flagship products offered by SUSE on AWS. #1 OS for SAP, check! Most deployed Kubernetes Management solution, check!  We are #1 for very good reasons, 30k customers (in the case of SAP) and 100M downloads (in the case of Rancher) can’t be wrong. So come by booth 754 and see what all the buzz is about!

3. Meet the experts

SUSE experts in every area of the cloud Infrastructure will be on-hand at he Sands Expo to answer your questions and share insights about game-changing infrastructure solutions that will drive your digital transformation. Stop by our booth for a chance to ask your toughest questions. Ask us about Live Patching the Linux Kernel, ask us about Zero Downtime for SAP Applications, ask us about Kubernetes Cluster Management across multiple clouds! Want a deeper discussion? Request a meeting now!

4. Giveaways and Cool Gear

We love cool giveaways, especially tied into a fun theme. The theme for SUSE this year is speed and racing! We are giving away all kinds of fun stuff, pens, stickers, chameleons, and even radio controlled monster trucks! ? So stop by and claim a cool prize!

5. Fun and Games

Speaking of racing and monster trucks, stop by the SUSE booth for a racing game! The fastest speedster of the day will win a mega RC car package, valued at more than $500! Also, we have a fun little scavenger hunt planned with our booth neighbour (and very strategic partner!) SAP – play and win a $50 Amazon Card!

In summary –  there is a lot happening with SUSE at AWS re:Invent, so come see us when you fly into Vegas! ? Have a safe trip and a healthy conference!

This article applies to customers running on-demand/PAYG instances in AWS deployed from AMIs published by SUSE.

The need to patch.

Patching is an important part of managing any OS infrastructure with updates providing security related enhancements along with stability improvements.  SUSE recommend patching your systems as soon as updates are available.  So where, and how can SUSE instances on the AWS Cloud consume patches?

On-demand customers have two choices, use SUSE’s Public Cloud Update Infrastructure (PCUI) or deploy their own private repository.

SUSE’s Public Cloud Update Infrastructure

The easiest and the default solution is to use the Public Cloud Update Infrastructure (PCUI).  This is a global fleet of update servers maintained by SUSE on the AWS Cloud which provides low latency access to patches from the on-demand instances.   Access to this update infrastructure is provided at no additional cost to the customer.

Customers have the option of connecting to the PCUI either via an internet gateway in a public subnet, nat gateway in a private subnet, or via a local data center.  The outbound firewall and network security need to allow this.

SUSE On-demand instances in AWS will automatically connect to the PCUI on boot.

The following blog [1] investigates the mechanics of this process in more detail.

When might you need to deploy a private repository server?

The second option is to deploy a private repository, this is a customer maintained SUSE solution residing in either the customer VPC on AWS or an “on premises” data center.

This may be needed in several scenarios:

• Add-ons.
  If a SUSE on-demand customer requires additional add-on products from SUSE (e.g. LTSS – Long Term Service Pack Support), where the updates are not provided via the Public Cloud Update Infrastructure.
  In depth detail can be found at the following blog [2]
• Connectivity/Security.
  This is the most common reason, in that the SUSE Instances which require patching have absolutely no outbound connectivity to the internet, by any route. In this example a Private Repository server is used as the proxy and is the only instance with outbound/internet connectivity.  The rest of the SUSE instances can consume patches from this repository.
• Staging.
  When mission critical production workloads need a fixed, curated and consistent set of patches deployed to them, it’s important to deploy a solution to support this.   Both the SCC and PCUI will see the repository manifest change as new updates are released which may lead to inconsistency across the production fleet.  By introducing a private repository that supports staging, production workloads can be kept in a consistent state.  New updates can be tested without impacting production environments.

Private Repository Options

Customers have two options available from SUSE.

SUSE Manager

The recommended option is SUSE Manager. This is more than a local ‘Repository’.  SUSE Manager [3] is a best-in-class Linux management solution designed for enterprise DevOps and IT operations teams. Providing the ability to patch, configure and audit your systems. It also supports staging.

Repository Management Tool (RMT)

RMT  [4] allows customers to build a simple private repository of SUSE Updates and acts as a proxy to the SUSE Customer Center, mirroring new content as it is released.

For customers interested in using AWS Server Manager (SSM), it is possible to use RMT as the patch repository behind this management tool.

How does the private repo mirror patches?

The private repository instance will mirror content from the SUSE Customer Center (SCC) or with the new functionality in SUSE Manager, the Public Cloud Update Infrastructure. Connectivity to the SCC (or Update Infrastructure Servers) can either be via an AWS Internet Gateway in a public subnet or traffic can flow via the customer data center.

It is worth noting that both these solutions connect directly to SUSE’s Customer Center, there are three key prerequisites in order for PAYG customers to be able to connect a private repo to the SCC.

• Outbound connectivity as illustrated above.
• An account in the SUSE Customer Center
• In the case of RMT, SUSE Subscription entitlement needs to exist in the SCC for the products that need to be patched. When needed, customers choose to buy this subscription entitlement and use a BYOS instance as the private repository.
  Exactly what subscriptions are required and how these are purchased depends on which versions of SUSE Linux are running (SLES or SLES for SAP) and which Private Repository Tool is used (SUSE Manager or RMT).
  Customers / partners are welcome to contact their local SUSE Sales Teams for assistance with this.

Connecting instances to the Private Repository.

Customers first need to prepare the on-demand instances for connection to a private Repo   This involves removing a small number of packages and configuration entries.

Remove packages that automate the configuration of the Amazon EC2 instance to connect to the SUSE Public Cloud Update Server.

zypper rm cloud-regionsrv-client

zypper rm regionServiceClientConfigEC2

Remove the /etc/hosts entry for smt-ec2.susecloud.net. The client automation software adds the host file entry for smt-ec2.susecloud.net which is the SUSE Public Cloud Update Server. Since a private repository server is being created, the entry will not be needed.

Remove the following directories before you register your Amazon EC2 instance to your private repository server.

rm /etc/SUSEConnect

rm /etc/zypp/credentials.d/*

rm /etc/zypp/services.d/*

rm /var/lib/cloudregister/*

The links to the documentation for each of the private repository options will document how to register the SUSE instance to the private repository of choice.

SUSE Manager Client Configuration

https://documentation.suse.com/suma/4.2/en/suse-manager/client-configuration/clients-pubcloud.html#_prepare_on_demand_images

RMT (SUSEConnect)

https://documentation.suse.com/sles/15-SP1/single-html/SLES-rmt/index.html#cha-rmt-mirroring

References

[1] https://www.suse.com/c/accessing-the-public-cloud-update-infrastructure-via-a-proxy/

[2] https://www.suse.com/c/add-ons-in-the-public-cloud/

[3] https://www.suse.com/products/suse-manager/

[4] https://documentation.suse.com/sles/15-SP1/single-html/SLES-rmt/index.html

Referencing SUSE Images in AWS Parameter Store

Thanks to the AWS Systems Manager Parameter Store it is now easier to reference the latest SUSE images in AWS. SUSE image information still exists in the Public cloud INformation Tracker (pint) tool as mentioned in the “Riddle me this” blog post. That being said, the goal here is to make it easier for you to find and use the most up-to-date versions of SUSE images in EC2.

If you are not familiar with the Parameter Store it provides hierarchical storage for config data, strings, and other values. As well as being used for storing private information the parameter store provides a public namespace for SUSE, /aws/service/suse, which is now being leveraged to provide the latest image id’s for all active SUSE images.

As it was discussed in the “Life Cycle” blog post all active images get refreshed at least every three months. This can happen more frequently if any security issue comes up. Given the AMI (image) id’s are different in every region and there’s a constant flow of new images it can be difficult to follow the bouncing ball.

SUSE Public Parameters

To make this easier, especially in automation workflows or in scripts you can now reference a single parameter which will always point to the latest image. The name of the parameter is based on the offer type, sku and architecture. The format for these parameters is as follows:

/aws/service/suse/{offer}/{sku}/{architecture}/latest

For example, the image id for the most recent version of SLES BYOS 15-SP2 is stored in the following namespace:

/aws/service/suse/sles-byos/15-sp2/x86_64/latest

SUSE Offers

As mentioned this is now available for most SUSE offers. This currently includes (not limited to):

sles
sles-byos
manager-proxy-byos
manager-server-byos
sles-sapcal
sles-sap-byos
sles-hpc
sles-ecs

Also, the available skus include (not limited to):

12-sp5
15-sp4
4.3 (SUSE Manager)

Combining these, along with the desired architecture will produce the parameter name or namespace:

SLES 12-SP5 x86_64:      /aws/service/suse/sles/12-sp5/x86_64/latest
SLES 15-SP2 arm64:       /aws/service/suse/sles/15-sp2/arm64/latest
SLES 12-SP5 BYOS x86_64: /aws/service/suse/sles-byos/12-sp5/x86_64/latest
SUSE Manager Proxy 4.1:  /aws/service/suse/manager-proxy-byos/4.1/x86_64/latest
SLES SAP 12-SP5 x86_64:  /aws/service/suse/sles-sap/12-sp5/x86_64/latest
SLES HPC 15-SP2 x86_64:  /aws/service/suse/sles-hpc/15-sp2/x86_64/latest

To see all the available parameters in the SUSE namespace see the AWS CLI section below. This will be available for most new images. For example when the new images are released for a new sku such as 15-sp4, the latest SLES-BYOS image will be SLES 15-SP4 BYOS and the x86_64 image id will map to /aws/service/suse/sles-byos/15-sp4/x86_64/latest.

Note that all SUSE offers support x86_64 architecture. Additionally, arm64 based images exist for both the SLES and SLES BYOS images. Also, keep in mind that the image id’s are region specific thus the parameter value differs in every region for a given image.

With this all in mind you may be wondering how you can take advantage of the new information. Below are a few examples of how to get a specific image id through either AWS CLI or Python Boto3 SDK.

Using AWS CLI to Retrieve Parameters

To get the parameter information for a given image you can use the AWS CLI. To see what parameters are available in the SUSE namespace run the following AWS CLI command:

> aws ssm get-parameters-by-path --path /aws/service/suse --recursive --query 'Parameters[].Name'
[
    "/aws/service/suse/manager-proxy-byos/4.1/x86_64/latest",
    "/aws/service/suse/manager-proxy-byos/4.2/x86_64/latest",
    "/aws/service/suse/manager-proxy-byos/4.3/x86_64/latest",
    ...
]

With a chosen parameter you can get the data and AMI ID with the following command:

> aws ssm get-parameter --name "/aws/service/suse/sles-byos/15-sp2/x86_64/latest"
{
  "Parameter": {
    "Name": "/aws/service/suse/sles-byos/15-sp2/x86_64/latest",
    "Type": "String",
    "Value": "ami-071cda9799ca72a8d",
    "Version": 1,
    "LastModifiedDate": 1623786505.796,
    "ARN": "arn:aws:ssm:us-east-2::parameter/aws/service/suse/sles-byos/15-sp2/x86_64/latest",
    "DataType": "aws:ec2:image"
  }
}

The example above assumes that you have AWS CLI configured to return json formatted results (–output json) and it’s using the us-east-2 region (–region us-east-2). Since the images have different id’s in every region each parameter is region specific. To get the image id for the same image in us-east-1 you can provide the region option as part of the command:

> aws --region us-east-1 ssm get-parameter --name "/aws/service/suse/sles-byos/15-sp2/x86_64/latest"
{
  "Parameter": {
    "Name": "/aws/service/suse/sles-byos/15-sp2/x86_64/latest",
    "Type": "String",
    "Value": "ami-08fba030012141602",
    "Version": 1,
    "LastModifiedDate": 1623786505.503,
    "ARN": "arn:aws:ssm:us-east-1::parameter/aws/service/suse/sles-byos/15-sp2/x86_64/latest",
    "DataType": "aws:ec2:image"
  }
}

If you are using json output the value of the image id can be parsed using a tool like jq:

> aws ssm get-parameter --name "/aws/service/suse/sles-byos/15-sp2/x86_64/latest" | jq --raw-output '.Parameter.Value'
ami-071cda9799ca72a8d

To simplify usage you could create a shell function like the following:

get-latest-ami() {
  P=$(aws ssm get-parameter --name "/aws/service/suse/$1/latest" | jq -r '.Parameter.Value')
  echo "$P"
}
> get-latest-ami "sles-byos/15-sp2/x86_64"
ami-071cda9799ca72a8d

Using Boto3 and Python to Retrieve Parameters

Another option you can use for retrieving the parameters from AWS Systems Manager could be with Python and Boto3:

param_name = '/aws/service/suse/sles-byos/15-sp2/x86_64/latest'

client = boto3.client(
  service_name='ssm',
  region_name='us-east-2'
)
param = client.get_parameter(Name=param_name)

return param['Parameter']['Value']

This would return the id for the most recent SLES BYOS image in the us-east-2 region.

Of course you are not limited to the CLI or Python. You can retrieve the parameters from any of the AWS SDK’s. They can also be found through the web console.

One last thing to reiterate is that these parameters are dynamic. As the images get refreshed the value of each parameter will change to the new image id. Keep this mind when using the parameters as the values will be frequently changing.

We hope this new information will make your life easier and ensure you are always running the most up-to-date SUSE images.