DevOps is an IT management philosophy that requires speed, efficiency and confidence. A DevOps environment is constantly evolving: Containers spin up, new applications appear, tools are tested and updates happen—all without stoppages or significant downtime.
The professionals who work in the supercharged DevOps space need tools that are powerful, secure and precise. Decisive actions transform the network, implementing services and adapting configurations to respond to changes. The DevOps environment requires tools that lock down security and promote automation. DevOps engineers keep their focus on:
- System images: You will need a way to create and manage images for fast and efficient rollout of bare metal, virtual or container-based Linux systems.
- Automated configuration: The DevOps world runs on automation. Why waste valuable time retyping the same few commands to repeat a common task?
- Automation also helps to prevent errors that could lead to insecurity and downtime.
- Patches and updates: Informal and imprecise package policies lead to misconfiguration and insecurity, requiring intervention that could lead to lost productivity.
- Security audits: Keep ahead of problems by scanning managed systems and images to discover vulnerabilities and unauthorized software.
SUSE® Manager 4 is a single tool that can manage the complete lifecycle of your Linux systems in a DevOps environment. Use SUSE® Manager 4 to manage images, oversee configuration, initiate audits, lock down software updates and much more. Read on for more information about SUSE Manager and the DevOps edge.
What Is SUSE® Manager 4?
SUSE® Manager 4 is a best-in-class open source infrastructure management solution that lowers costs, enhances availability and reduces complexity for lifecycle management of Linux systems in large, complex and dynamic IT landscapes. You can use SUSE® Manager 4 (Figure 1) to configure, deploy and administer thousands of Linux systems running on hypervisors, as containers, on bare metal systems, on IoT devices, and on third-party cloud platforms. SUSE® Manager 4 also allows you to manage virtual machines, containers, and many of the tools and services that empower your DevOps pipeline.
Figure 1: The SUSE® Manager 4 user interface lets you control a comprehensive collection of essential management tasks from a single user interface.
Creating and Managing Images
The DevOps edge depends on flexible automation and granular control of system images. SUSE® Manager 4 manages the version-controlled deployment templates at the core of your continuous-integration environment. The KIWI image builder included with SUSE® Manager 4 (Figure 2) helps you create system images for easy and seamless deployment. You can create templates for standard image types and customize the templates to adapt to specific needs. SUSE® Manager 4 supports easy testing, patching, storing and rebuilding of system images. You can even run a Common Vulnerabilities and Exposures (CVE) security audit on a system image to ensure that the image meets known security requirements before you install it.
Efficient rollout, deployment and configuration are at the core of the DevOps vision. The open source Salt configuration framework included with SUSE® Manager 4 (Figure 3) enables you to predefine a complete configuration for a system or critical application, allowing for effortless, automated configuration across the network. Salt provides a rich context for remote installation and reconfiguration. As your environment evolves through cycles of development, testing and deployment, Salt lets you adapt your systems swiftly and securely through automated, remote configuration.
SUSE® Manager 4 eases the management of virtual machines by way of Salt. This new paid-for add-on feature allows near real-time management of hundreds of servers, all through Salt State definitions and an efficient UI. For example, you can create a Salt State that always ensures the same three virtual machines are created and running on all of your retail branch servers.
Salt Formulas are pre-written Salt States that contain generic parameter fields and can be installed from either RPM packages or an external Git repository. With these formulas, SUSE® Manager can reproduce a specific configuration over and over, to make it even easier to set up SAP HANA nodes, HA cluster configurations and implement SAP’s best practices for installing SAP HANA on SUSE Linux Enterprise.
The use of Formulas with Forms has been simplified with an improved content-staging UI and APIs. This revamped content staging makes it even easier to build patch-staging environments for Linux updates without having to create your own custom scripting.
All Your Linux Systems
SUSE® Manager 4 looks after all your Linux systems, including SUSE, Red Hat and Ubuntu systems running on metal, in a container or in a virtual machine (Figure 4). Managing all your Linux systems from a single tool simplifies the admin experience, leading to fewer errors and a reduced learning curve for new staff. SUSE® Manager 4 also offers close integration with OpenStack and Kubernetes for managing Linux in cloud and container environments.
DevOps extends the power of a single admin through centralized administration and fluid, flexible management tools that lock down control. SUSE® Manager 4 gives you the tight control over patches and software installation that you will need for rapid integration, without the risk. You can define a software channel for pushing patches, packages and updates to managed systems.
Use a software channel to update a single system or a group of systems. For instance, you could push out an update to all web servers (Figure 5).
Software channels save time and reduce duplicated efforts. They also provide an efficient means for imposing uniformity and security. By restricting the system to receive only updates through the channel, you can keep unauthorized packages off the network and maintain a disciplined system for testing and auditing prior to installation.
Software and Security Audits
A major source of errors and downtime is employees configuring Linux systems in a careless or inconsistent manner. The audit features in SUSE® Manager 4 enable you to enforce company rules, as well as external standards and licensing policies. Use SUSE® Manager 4 to inventory your Linux systems. Once the inventory is complete, it will report on any deviation from the authorized configuration, desired patch levels and security requirements. You can also use SUSE® Manager 4 to check security policies imposed through the Open Security Content Automation Protocol (OpenSCAP) or to search out vulnerabilities defined in the CVE list (Figure 6).
With the SUSE® Manager 4 audit tools, a single admin can do the work that would take hours of labor, or might even require a full-time security employee, in a conventional environment.
The secret to DevOps is automation. The auditing tools and Salt configuration framework are examples of the automation power you get with SUSE® Manager 4.
SUSE® Manager 4 also supports roll-your-own automation through its API and full-featured scripting interface. The spacecmd command-line tool enables you to build almost any SUSE® Manager 4 function into a script.
SUSE® Manager 4 also includes an XML-RPC-based API for building SUSE® Manager 4 functions into any programming language that offers XML-RPC client support. You can use it to access SUSE® Manager 4 features from programs written in Perl, Python or Ruby.
If you administer Linux systems in a DevOps environment and are looking for a single tool that brings the DevOps edge to image management, deployment, configuration, auditing and automation, take a closer look at SUSE® Manager 4.