Announcing a new usage-based Rancher Prime listing on the AWS Marketplace

Monday, 4 December, 2023

AWS users can now find a usage-based Rancher Prime listing on the AWS Marketplace. Like the previous contract listing, this is a fully supported version on Rancher, but now offered on a pay-as-you-go basis.

Rancher Prime: Simplifying Container Orchestration

Rancher Prime, a widely acclaimed container management platform, has joined the AWS Marketplace, a solution to efficiently deploy, manage, and scale container applications from AWS.

What is Rancher?

Rancher is an open-source container management platform that facilitates the deployment and orchestration of containers within a Kubernetes environment. It acts as a centralized control plane, providing a user-friendly interface to manage clusters, applications, and infrastructure. Whether you’re a seasoned DevOps professional or a newcomer to containerization, Rancher’s intuitive design makes it accessible to all.

Key Features:

  1. Multi-Cluster Management: manage multiple Kubernetes clusters from a single interface.
  2. Application Catalog: Simplifying the deployment of applications, Rancher offers a wide range of pre-configured templates.
  3. Infrastructure Provisioning: From the AWS control plane, you can manage across infrastructure providers, This solves the common complications from hybrid and multi-cloud deployments.
  4. Monitoring and Logging: integrate with monitoring and logging tools, providing insight into resource usage, application performance, and potential issues.
  5. Security: provide role-based access control (RBAC), ensuring that only authorized users have access to specific resources.

Use Cases:

  1. Enterprise Deployments: Rancher is well-suited for large-scale enterprise deployments where managing multiple clusters and applications efficiently is essential. Its user-friendly interface and comprehensive features make it an attractive choice for organizations with diverse containerization needs.
  2. DevOps Pipelines: DevOps teams benefit from Rancher’s ability to streamline the deployment pipeline. With support for continuous integration and continuous deployment (CI/CD) practices, Rancher facilitates the automation of containerized application delivery.
  3. Hybrid and Multi-Cloud Environments: As businesses increasingly adopt hybrid and multi-cloud strategies, Rancher’s support for various infrastructure providers becomes a key advantage. It allows organizations to deploy and manage applications seamlessly across different cloud environments.

Rancher Prime benefits as an AWS Marketplace monetized offering:

  1. EDP Efficiency: Users can capitalize on EDP discounts, ensuring cost-effectiveness in orchestrating containers from AWS. Rancher’s integration with the marketplace ensures it aligns with AWS’s commitment to providing value-driven solutions.
  2. Streamlined Procurement: By choosing Rancher Prime from the marketplace, users benefit from a simplified procurement process. The already approved purchase method ensures a seamless experience in acquiring and implementing Rancher Prime for container orchestration.

Pricing Options:

Rancher Prime has a six tier pricing model, the same as the one used for data center implementations. This pricing approach is very cloud friendly and was designed to properly support bursting use-cases. Monetization is through AWS and leverages a monthly on-demand usage model based on the same average node count model.

The usage tiers that govern pricing discounts are:

  • 5-15 nodes:  $450 per node per month*
  • 16-50 nodes: $321 per node per month
  • 51-100 nodes: $221 per node per month
  • 101-250 nodes: $175 per node per month
  • 251-1000 nodes: $142 per node per month
  • >1000 nodes: $100 per node per month

* There is a 5 node minimum on monthly usage.

 

You can find the marketplace offers at:

Rancher Prime

https://aws.amazon.com/marketplace/pp/prodview-f2bvszurj2p2c?sr=0-10&ref_=beagle&applicationId=AWSMPContessa

Rancher Prime (EMEA Orders Only)

https://aws.amazon.com/marketplace/pp/prodview-ocgjwd5c2aj5i?sr=0-12&ref_=beagle&applicationId=AWSMPContessa

Deployment Flexibility

With this new usage-based marketplace offering, you have several deployment options, all of which take advantage of the inherent usage discounts. This is made possible by leveraging the control plane for each product that is installed into EKS. With the control plane within EKS, it is possible to manage downstream Kubernetes clusters everywhere. (Managed clusters can run anywhere, but will appear as a logical extension of the control plane in AWS EKS.)

This means that the downstream clusters will monetize through the AWS marketplace regardless of where they are deployed. If they are all in EKS, all is good. But even if they are not, with managed clusters on-premise, in a hybrid deployment, or elsewhere, the marketplace control plane will still govern and monetize all managed clusters. The bottomline, with this new usage-based marketplace offering, you get to take advantage of the node usage discounts and apply them to your entire federated deployment, and monetize through the marketplace regardless of the deployment scenario.

Take the leap towards enhanced container management and orchestration on AWS by exploring Rancher Prime on the Marketplace today.

SUSE NeuVector and Rancher on AWS: Best Integrated Kubernetes Management and Security Solution Gets Even Better for AWS Customers

Wednesday, 29 November, 2023

There’s big news from SUSE and Amazon Web Services (AWS) this week, as SUSE extends its commitment to AWS and our joint customers.

First, SUSE NeuVector Prime has achieved Amazon Elastic Kubernetes Service (Amazon EKS) Ready designation from AWS. This prestigious designation recognizes full-lifecycle container security solution NeuVector Prime, which is currently available on AWS Marketplace, as a validated software solution, ensuring flawless integration with Amazon EKS and Amazon EKS Anywhere. Amazon EKS customers can now easily identify and have access to an AWS architect-validated security solution that is ready to run on premises or the edge, with proven architecture and adherence to best practices. Customers spend less time evaluating solutions and more time scaling their use of solutions on AWS.

In addition, SUSE Rancher Prime is now available on AWS Marketplace (US/ROW users | EU/UK users). Top Kubernetes management solution Rancher Prime allows customers to take full control of clusters on Amazon EKS as they import, observe, secure and configure all clusters from the Rancher management console. Rancher Prime provides best-in-class security with end-to-end auditing of clusters under management to ensure compliance, along with GitOps-based cluster management and provisioning.

Achievement of the Amazon EKS Ready designation and the availability of the best integrated Kubernetes management and security solution in Rancher and NeuVector on AWS Marketplace is a testament to SUSE’s commitment to delivering high-quality solutions that cater to the evolving needs of AWS customers. SUSE remains dedicated to helping businesses achieve and maintain their technology goals by leveraging the agility, extensive service offerings, and rapid pace of innovation provided jointly by SUSE and AWS.

SUSE’s Amazon EKS Ready designation and growing portfolio of offerings on AWS Marketplace are significant milestones in the ongoing collaboration between SUSE and AWS. They not only showcase SUSE’s commitment to providing top-tier solutions, but they also reinforce our dedication to empowering businesses with the tools they need to thrive in the rapidly evolving landscape of cloud computing. As businesses increasingly turn to Kubernetes for their container orchestration needs, SUSE ensures that customers have a trusted, proven partner to navigate the complexities of Kubernetes deployments on AWS, on premises or at the edge.

As customers continue to invest in important business technology — such as launching a new consumer-facing app, developing a business line built around AI, or expanding into a new market — they all  inadvertently create cyber vulnerabilities.  According to PWC, over the next five years, cyber risks join climate change, inflation, macroeconomic volatility and geopolitical conflict in the top tier of risk exposure.

Top 3 Reasons to find SUSE at AWS re:Invent

Tuesday, 14 November, 2023

 

SUSE, is a global leader in innovative, reliable and secure enterprise open source solutions, including SUSE Linux Enterprise (SLE), Rancher by SUSE and NeuVector by SUSE is pleased to be a Bronze sponsor for AWS re:Invent 2023, in Las Vegas .

Visit us at Booth #501 – where will have live demos, cool giveaways, and our SUSE experts will be on hand to learn about your IT challenges and priorities, and discuss how we can help you Accelerate, Optimize and Secure your Cloud Journey on Linux and Containers.

 

Here’s a snapshot of what’s going on:

1. Live Demos:

Rancher Prime – Available on AWS Marketplace

Rancher Prime makes it easy to manage Amazon EKS clusters across AWS regions, AWS accounts and around the globe.

Stop by our booth to see a demonstration on how to:

  • Ensure business continuity and optimize infrastructure workflows with the Rancher Prime platform.
  • Boost developer productivity and simplify application workflows.

 

NeuVector Prime – Available on AWS Marketplace

Learn how NeuVector can help you gain insights into your AWS EKS container environment. We will be showing:

  • How NeuVector can help with container threats and vulnerabilities
  • Why Layer7 container traffic visibility is critical to security and how NeuVector implements a true zero-trust model.

 

SUSE Manager – Available on AWS Marketplace

We will illustrate how SUSE Manager offers full lifecycle management for Linux workloads and empowers IT teams to secure, manage,  patch and configure Linux instances on AWS and beyond.  These demos will show:

  • Linux patch management, Any Linux, Anywhere on AWS.
  • Configuration Management

 

2. Meet the experts

SUSE experts in every area of the cloud Infrastructure will be on-hand to answer your questions and share insights about game-changing infrastructure solutions that will drive your digital transformation. Stop by our booth for a chance to ask your toughest questions. Ask us about Live Patching the Linux Kernel, ask us about Zero Downtime for SAP Applications, ask us about Kubernetes Cluster Management across multiple clouds! Want a deeper discussion? Request a meeting now!

 

 

3. Giveaways and Cool Gear

We love cool games and giveaways.  The theme for SUSE this year is Secure Kubernetes Everywhere.  Drop by the booth and see if you can ‘secure’ your prize by entering our ‘Connect 4 in a Row’ game.  We’re also giving away our much sought-after soft chameleons. So stop by and claim your cool prize!

 

Join us for Dinner

Want to join us for dinner at TAO?*  We’d love to meet you.  Chat with peers and some of our senior SUSE team.  For your personal invitation please send us an email.

 

*Strictly by personal invite only

 

In summary –  there is a lot happening with SUSE at AWS re:Invent, so come see us when you fly into Vegas! ? Have a safe trip and a healthy conference!

SUSE Linux Enterprise Server for SAP Applications on AWS Marketplace, Annual Subscriptions and OS upgrades

Monday, 25 September, 2023

When customers run SAP workloads on AWS many choose to purchase SUSE Linux Enterprise Server for SAP Applications (SLES for SAP) via the AWS Marketplace.

This gives the advantage of a single vendor for purchasing and support.  Other benefits include EDP drawdown from your AWS spend commitment along with entitlement to additional SUSE products (i.e. SUSE Live Patching and SUSE Manager).  Once an environment is deployed and stable, customers look to purchase Annual Subscriptions to help save on their subscription costs.

This blog isn’t about all the various purchasing options, this is already comprehensively covered in detail in an AWS blog – https://aws.amazon.com/blogs/awsforsap/optimize-cost-for-sap-workloads-on-suse-on-aws-suse-buying-options-from-aws/

What I wanted to talk about here was how upgrading the running Operating System on an instance can affect how you purchase Annual Subscriptions and how purchasing the wrong subscription may incur unplanned costs.

When purchasing an annual subscription via the AWS Marketplace, you need to specify which version of SLES for SAP the subscription is for.  In the example below, we’ve selected SLES for SAP 15 SP3.

But what happens if you update the SLES for SAP OS after launching the instance?

What happens if you deploy a new Service Pack (SP3 -> SP4), or even update to the next version of SLES.  (i.e. SLES for SAP 12 -> SLES for SAP 15)?

When it comes to renewal, which version of SLES for SAP do you purchase via the AWS Marketplace?

 

The answer is in the Metadata….

When an on-demand SLES for SAP instance is started from the AWS Marketplace, immutable metadata is embedded into the running instance which defines the AWS product version (version of SLES for SAP Applications).

You can find this metadata with the following command:

 

‘curl http://169.254.169.254/latest/dynamic/instance-identity/document’

 

The output should look similar to the following image.  The highlighted text is the marketplaceProductCode, this is the key to determining which version to purchase.

 

Simply match your code against the following list to determine which AWS Product version to purchase an annual subscription for:

 

AWS Marketplace Product Listing Name marketplaceProductCodes
SUSE Linux Enterprise Server for SAP Applications 12 SP2 dgdq2f6vrm6evuoncsy2kouzw
SUSE Linux Enterprise Server for SAP Applications 12 SP3 cxn3s45ssdf4pzyw9bi131msw
SUSE Linux Enterprise Server for SAP Applications 12 SP4 8hsxzwupam9ru0oiuf86cgcgg
SUSE Linux Enterprise Server for SAP Applications 12 SP5 4ahriiqjtpu71834m4md9d3n5
SUSE Linux Enterprise Server for SAP Applications 15 6ajp9738nmxhrsj68dvuwztp9
SUSE Linux Enterprise Server for SAP Applications 15 SP1 37nxkx8p59derdjkq3bcvxdtj
SUSE Linux Enterprise Server for SAP Applications 15 SP2 dtiu2w0ef1urb9ucbu7pc60nv
SUSE Linux Enterprise Server for SAP Applications 15 SP3 7rb4pogbusm1ce7xt95b27fd8
SUSE Linux Enterprise Server for SAP Applications 15 SP4 2ivquqrnm6u68aog13cf80ruf

 

Why share this?

It is important to remain on a supported OS version, so with a running instance, you are free to upgrade the operating system, apply support packs, even upgrade the major release version.  …. but the important thing to note is that this product code in the metadata will not change once the instance is launched.

 

Take this example:

An instance running for a while may have started life as SLES for SAP 15 SP3, but after maintenance and updates over that time, the running OS version is now SLES for SAP 15 SP4.

The marketplaceCodes value in the metadata will always be the value for SLES for SAP 15 SP3.  When it comes to renewing annual subscriptions via the AWS Console, you need to purchase the version that matches the marketplaceproductCodes value, not the running OS.

 

The challenge with getting it wrong ….

In our simple example, if you purchase an annual subscription for SLES for SAP 15 SP4 via the AWS Marketplace, it will not apply to the running instance, so you may end up paying more than you need to.

This is far from ideal, so it’s important to select the correct product when setting up the annual subscription in the AWS Marketplace.

 

Finally, If you don’t have access to a terminal session on the instance, you can also use the AWS Console to check the AMI used to launch the instance and base your annual subscription from that product version.

 

I hope this has been useful, as always if you have questions regarding your annual subscriptions, feel free to get in touch with your AWS or SUSE account representatives.

Keep an eye out for an upcoming blog on the AWS website which goes further into this topic.

References:

How Instance Metadata Service Version 2 works

 

NeuVector now Available on AWS Marketplace!

Thursday, 24 August, 2023

Cue the fireworks, the long awaited unveiling of NeuVector on AWS Marketplace is finally here!

We all know that security is one of the top keywords for everyone’s digital transformation projects in 2023. NeuVector delivers true Zero Trust Security and can be seamlessly deployed on AWS! Buy directly from the marketplace, and retire your EDP.  Added to the current robust security features of AWS, NeuVector ensures the highest level of protection, guaranteeing your peace of mind while focusing on your core transformation objectives.

To get more info on this:

Read Ron’s great blog!

Datasheet. 

And here’s a fun infographic – What You Are Getting Wrong About Kubernetes Security on AWS

Tags: ,,,,, Category: Uncategorized Comments (0)

Introducing NeuVector with Enterprise Support on the AWS Marketplace

Wednesday, 23 August, 2023

As we all know, application containerization is prevalent and the preferred application deployment architecture of the day. However, with increased container adoption comes the crucial responsibility of securing these dynamic environments. To help enterprises manage this challenge, SUSE has NeuVector, and per this announcement, is making NeuVector available on the AWS Marketplace as a fully supported enterprise offering.

NeuVector is a market leading container security platform that focuses on protecting applications running in containers and Kubernetes environments. Its value lies in its ability to provide real-time threat detection, vulnerability management, and network segmentation for containerized applications. By ensuring the security of containers and Kubernetes, NeuVector helps organizations prevent unauthorized access, data breaches, and other security risks, ultimately safeguarding their applications and sensitive information.

With today’s listing on the AWS marketplace, SUSE is answering the numerous requests on how enterprises like to do business in the cloud. This is due, in large part, to the prevalence of AWS customers using marketplace purchases to draw down AWS Enterprise Discount Program (EDP) quota. In addition, when using the marketplace to acquire NeuVector, AWS customers can leverage their existing AWS buying programs without having to get approvals for additional vendor specific purchase agreements. This both simplifies the purchase while auto-applying the purchase to the customer’s AWS EDP quota.

A few specifics of NeuVector on the AWS Marketplace

This is the first fully enterprise supported NeuVector presence on AWS’s Marketplace where support comes directly from SUSE. Monetization is through the AWS marketplace and leverages a monthly on-demand usage model. And to make the usage model cloud friendly, discount tiers are built-in to the pricing model and are automatically applied as usage grows.

There are six price tiers that govern the usage discounts. Note, usage is based on average monthly rate, not the maximum monthly count, keeping this is a cloud friendly and burst friendly usage model.

The usage tiers are:

  • 5-15 nodes:  $112 per node per month*
  • 16-50 nodes: $105 per node per month
  • 51-100 nodes: $98 per node per month
  • 101-250 nodes: $91 per node per month
  • 251-1000 nodes: $84 per node per month
  • >1000 nodes: $78 per node per month

* There is a 5 node minimum on monthly usage.

Deployment Flexibility

With the marketplace offering, you have several deployment options, all of which take advantage of the inherent usage discounts. This is made possible by leveraging NeuVector’s capability for federated deployments, the ability to deploy to and natively protect multiple Kubernetes clusters as a single logical deployment. Using federation, downstream clusters can run anywhere, but will appear as a logical extension of the master running in AWS EKS.

This means that as long as the primary (Master) cluster is running in EKS, the downstream clusters can monetize through the AWS marketplace regardless of where they are deployed. If they are all in EKS, all is good. If the downstream clusters are on AWS, but not in EKS, still good. Even if the downstream clusters are on-premise, in the data center for a hybrid deployment, good again. Regardless of the deployment model used, monetization will route through the AWS marketplace. The bottomline, you get to take advantage of the node usage discounts and apply them to your entire federated deployment regardless of the deployment scenario.

Conclusion

The collaboration between NeuVector and AWS Marketplace presents an exciting opportunity for businesses to elevate their container security while taking advantage of their EDP quota and the simplicity of transacting through the AWS marketplace.

In a world where security threats continue to evolve, NeuVector’s presence on AWS Marketplace serves as a beacon of hope, providing customers with the tools they need to safeguard their containerized applications effectively. As the digital landscape evolves, NeuVector remains committed to securing the future of containerization, one innovation at a time.

 

There are two NeuVector listings within the AWS marketplace:

For EU/UK/Norway locations: https://aws.amazon.com/marketplace/pp/prodview-xkfyjdvvkuohs?sr=0-2&ref_=beagle&applicationId=AWSMPContessa

For locations outside of EU/UK/Norway: https://aws.amazon.com/marketplace/pp/prodview-u2ciiono2w3h2?sr=0-3&ref_=beagle&applicationId=AWSMPContessa

Or simply go to the AWS marketplace and search for ‘NeuVector’.

 

AWS Summit New York & Sao Paulo!

Thursday, 6 July, 2023

With so much happening this year (did you see our NeuVector on AWS announcement?), I’ve been remiss in not giving a shout out to this year’s AWS Summits. Oops.

 

So here it is, Summits are back again and we want to see you in New York City and Sao Paulo! SUSE is proud to be a sponsor, and we have so much to talk about at the event!

 

Multi-cluster Kubernetes Management – Rancher, the #1 Enterprise Container Management Platform with over 140M downloads worldwide!Full Lifecycle Container Security – NeuVector, the only zero trust security solution that scans and secures your runtime workloads!Enterprise Linux for SAP – SUSE Linux Enterprise Server for SAP, the #1 OS for SAP + the #1 Public Cloud is a winning combination for any enterprise that runs SAP in the Cloud!

 

Business Critical Linux – SUSE Linux Enterprise Server is the most secure Linux Operating System available on the Marketplace. We participate in the AWS Savings Plan!

 

So look us up when you attend the Summits in the Big Apple and Sampa!

 

7/26 – Booth 244, AWS Summit NYC

8/3 – Booth B7, AWS Summit Sao Paulo

 

And btw, we have a pre-event “Drinks and Discover” social on 7/25 that you might also want to RSVP for!

Just Before Sapphire – Your SUSE+AWS News Round Up for SAP

Monday, 8 May, 2023

Is it that time of the year again? Sapphire is right around the corner. The theme this year is how to be more future-proof. In a crazy financial year where there is a new “black swan” event every time you turn on the news, that is definitely an apt theme.

Since it’s been a while since I posted about SAP, here’s a quick round up of some of the significant SAP news on my block:

  • Would you like to connect to 200+ AWS services natively using the SAP ABAP language? Sure you would! Well now there is an amazing SDK for doing just that!
  • AWS Backup is now available for HANA Databases!
  • Observe Your Entire SAP Stack – From AWS Infrastructure all the way to your SAP Applications. Find out how here.
  • Have you seen the magic sauce that is Trento? You can now safeguard your SAP environment with amazing confidence, so check it out.
  • Last but not least, we are launching some new “pre-hardened” SLES for SAP Images on AWS – delivering even more value and greater security for your enterprise – stay tuned for that.

SAP Innovation never stops in the world of SUSE + AWS!  So stop by the SUSE Booth and join our session on Wed:

Three Keys to Successfully Moving Your On-Premise SAP Solution to the Cloud (PAR115)

Wednesday,  May 17, 2023

10:30 a.m. – 10:50 a.m.

Breakout Theater 12

 

Tags: ,,,, Category: Uncategorized Comments (0)

Hybrid Boot and SEV-SNP support in AWS EC2

Wednesday, 3 May, 2023

A while back AWS introduced UEFI support for specific instance types. Then in March of 2023 AWS enabled hybrid-boot for AMIs and in addition to the memory encryption that has already been supported in EC2, AWS announced the support of attestation, also known as SEV-SNP recently. Throughout this process AWS and SUSE have been working closely together to ensure the support of these features in SUSE Linux Enterprise.

SUSE Linux Enterprise and openSUSE images have been ready for UEFI boot from day 1 and anyone was able to create an image that uses UEFI secure boot. However SLE and openSUSE images published by SUSE reamained set to boot with BIOS, until a few days ago. Any SLE image published with a date stamp of 20230428 or later is set to use the relatively new “uefi-preferred” boot mode setting when an image gets registered. openSUSE images with a datestamp of 20230504 and later have the same setting. This setting indicates that the image is capable of hybrid-boot, more on hybrid-boot below.

With this the logical question is why there has not been a UEFI bootable image published by SUSE until now?

The answer is fairly simply, duplication of images. Until March 6, 2023 an image for x86_64 was either set up for BIOS or UEFI booting. A hybrid boot setup was not recognized by the platform. With the enablement of hybrid boot in EC2 SLE  images with date stamps of 20230428 or later will now boot with UEFI secure boot or BIOS depending on the instance type. For openSUSE images this applies for images with a datestamp of 20230504 or later.

What does hybrid-boot mean?

In general it means that a system can boot either with EFI (Extendable Firmware Interface) of BIOS (Basic Inout/Output System) as fimware. In EC2 the “uefi-preferred” setting means that an x86_64 image will boot using UEFI Secure Boot for instance types that support UEFI and will boot using BIOS for instance types that do not supporte UEFI. Both firmware implementations are supported with the same image.

Support for attestation, i.e. SEV-SNP

Attestation requires that you use SLE 15 SP4 or later Service Packs or openSUSE Leap 15.4 or later images for your instances. Before you can follow the validation process that is part of the AWS documentation some extra steps are required.

  1. Install necessary development packages
    1. zypper in git make gcc libopenssl-1_1-devel kernel-source linux-glibc-devel libuuid-devel automake autoconf gcc-c++
  2. Update the headers only needed in instances launched with images with a date stamp less than v20230719
    1. cd /usr/src/linux-$VERSION
    2. make headers_install ARCH=x86_64 INSTALL_HDR_PATH=/usr/

After this you can follow the instructions in the AWS Documentation.

We are working on providing the sev-guest tools as a package and the steps above will eventually boil down to a simple zypper install command.