Our articles in this issue fall into two categories: information about some of the latest SUSE technology for storage and servers and insight into SUSE support processes, including our handling of unexpected security vulnerabilities. We hope this information helps you get greater value from your SUSE solutions and subscriptions.

Happy reading!

Marjorie Westerman
Editor-in-Chief


Breaking News

SUSE Enterprise Storage Now Available. SUSE announced the general availability of SUSE Enterprise Storage, powered by Ceph. A self-managing, self-healing, distributed software-based storage solution for enterprise customers, SUSE Enterprise Storage enables organizations to build cost-efficient and highly scalable storage using commodity off-the-shelf servers and disk drives. For more information, click here.

Register Now for SUSECon 2015 Global Conference and Get Your 30 Percent Early Bird Rate! Registration is now open for SUSECon 2015, the annual SUSE global end-user conference. Early registrants receive a discount of 30 percent off the regular conference rate. The conference will be held November 2-6 in Amsterdam and will include:

  • Intensive training on the latest SUSE solutions based on Linux, OpenStack and Ceph
  • Expert keynotes and demos of open source solutions from SUSE and its partners
  • Complimentary certification exams

Get more information and register today  


Storage Redefined: An Introduction to Software-Defined Storage

Author: As Head of Product and Solutions Marketing for SUSE, Jason Phippen is responsible for leading SUSE product and solutions marketing efforts globally. Jason is also the product marketing lead for SUSE Enterprise Storage, the new software-defined storage offering from SUSE. Jason has more than 15 years of product and solution marketing experience previously working with companies such as VERITAS, Computer Associates and Emulex prior to joining SUSE in 2014.

Software-defined Storage: Why Now?
Migratory creatures such as stingrays have an innate response to changes that are reliable indicators of a changing season. Certain changes signal the onset of the migratory season, and more immediate factors, such as water temperature, determine the precise day they will migrate. Similarly, circumstances are signaling to enterprise IT organizations that a change in season is on the way for data center infrastructure, and a few important factors are triggering a mass migration to software-defined data centers.

In a typical enterprise data center today, IT organizations are rapidly breaking free from server vendor lock-in with hypervisors, which can virtualize any server using an x86 processor. However, most networking and storage environments remain silos of restrictive and expensive vendor-specific hardware and software.

Software-defined data centers allow IT organizations to transform their networking and storage infrastructure from expensive, proprietary, vendor-specific hardware into open source-based software and low-cost, commodity hardware—all of which are important factors driving the migration.

Traditional enterprise-class storage can be described simply as file, block and object storage systems including software embedded on expensive, proprietary system controllers, along with server-based storage management software. Transform both types of software into open source software running on industry-standard servers and commodity storage, and you have software-defined storage. This software-defined storage, within a software-defined data center, provides a flexible, cost-effective, high-performance, highly-available and massively scalable storage environment.

SUSE Enterprise Storage, Powered by Ceph
The best choice for open software-defined storage is Ceph. It is also the most popular software-defined storage solution for OpenStack-based clouds. Using inexpensive commodity off-the-shelf hardware, Ceph efficiently scales from tens of terabytes to multiple exabytes. Ceph provides industry-leading storage functionality such as erasure coding for space-efficient resilience and fault tolerance; cache tiering for performance and optimized data placement, combining HDDs and SSDs as needed; a unified block, file and object interface; as well as thin provisioning for capacity optimization. Ceph storage clusters are also self-healing and self-managing, which significantly reduces operational costs.

Powered by Ceph, and available as a stand-alone storage solution that can also be easily deployed as part of SUSE OpenStack Cloud, SUSE Enterprise Storage is a highly scalable and resilient software-based storage solution. SUSE Enterprise Storage enables organizations to build cost-efficient and highly scalable storage solutions using very cost-effective commodity off-the-shelf servers and disk drives.

SUSE Enterprise Storage gives customers confidence that the enterprise storage solutions they deploy now and in the future are tightly integrated with SUSE Linux Enterprise Server. SUSE Linux Enterprise Server has a long history of delivering leading data storage functionality to enterprise customers. SUSE Linux Enterprise Server provided the first journaling file system with XFS followed by first to market support for EXT3 and ReiserFS. It was also the first to support an upstream clustered file system with OCSF2. And, most recently, it is the first to market with support for the scalable, copy-on-write, B-tree file system BtrFS. With more than two decades of experience, SUSE delivers the data integrity enterprise customers demand.

SUSE Enterprise Storage customers benefit from the flexibility to deploy enterprise storage solutions on a wide selection of SUSE certified, industry-standard hardware platforms combined with best-in-class, worldwide, enterprise and 24-hour support services.

What is Happening Now and in the Future?
With hyperscale and large enterprise companies leading the way, the enterprise storage migration from proprietary hardware-centric products to software-defined storage solutions is underway. Revenue for traditional enterprise storage peaked in 2014 and will gradually decline as it is displaced by spending on enterprise software-defined storage and hyperscale software-defined storage. In 2015, a catalyst for the acceleration of enterprise adoption of software-defined storage will be the general availability of open source-based software-defined storage suites from Linux vendors like SUSE. Six years from now, revenue for enterprise software-defined storage will surpass revenue for traditional enterprise storage and become the dominant class of storage through our visible horizon of 2027.

The general availability of open source-based, software-defined solutions from Linux vendors like SUSE marks the beginning of a new era of more agile, scalable and cost-effective storage. The change has begun, and soon software-defined storage will displace the traditional data center.

How SUSE Helps Keep Your Systems Secure

Author: Kerry Kim has been marketing open source technologies for more than ten years. Currently, he is Director of Corporate Communications at SUSE.

IT security is a persistent, growing business risk. According to a recent Price Waterhouse Coopers survey of 9,700 companies worldwide, 42.8 million security incidents were detected in 2014, up 48 percent over 2013. The average annual reported financial loss attributed to each of these cybersecurity incidents was $2.7 million, a jump of 34 percent over 2013. The recent Heartbleed defect was estimated to have impacted almost two-thirds of all web servers worldwide. Last year, Community Health Systems reported that nearly 4.5 million of its patient records had been compromised through the Heartbleed vulnerability.

One of the challenges associated with computer security is that achieving it is like hitting a moving target. Because the IT security landscape is constantly changing, SUSE recommends treating IT security as a continuous process rather than an end state. In other words, SUSE recommends that you combine secure hardware and software systems with a holistic information security management program to mitigate the risk of IT security breaches.

SUSE helps you mitigate the risk of IT security breaches in several ways. First, we include features in our operating systems products (for example, binaries compiled with hardening features like memory protection, randomized address spaces, packet filtering, seccomp, strong cryptography, system auditing, tools like AppArmor and SELinux, etc.) designed to help you better secure your IT environments. Next, we offer consulting services to help you adopt good security practices. SUSE offers products, like SUSE Manager, to help you easily identify which of your systems are compromised by comparing patch levels to known security vulnerabilities, and then quickly patch them. Finally, dedicated SUSE security engineers collaborate with other relevant IT technology partners to qualify the impact and severity of common security vulnerabilities and minimize the time it takes from zero day (the day a vulnerability is discovered) to patch day (the day patches are available that secure your impacted computer systems).

You can do your part to help ensure IT system security and minimize risk. By signing up for proactive security updates, you will be notified the minute SUSE releases an update for a potential vulnerability. SUSE security advisories provide relevant information to help you assess the risk to your particular environment. Should circumstances warrant, you can quickly patch and update your systems using tools like SUSE Manager. And for those customers using SUSE Linux Enterprise Server 12, a live kernel patching service is available to dynamically update and secure your system kernels without having to shut down and reboot.

For more information or to learn more about the products and services that are available to help secure your environment, please contact your local sales rep or visit here.


SUSE Spotlight: A Conversation with Director of Global Resolution Mike Radford

Mike Radford has been with the SUSE team for more than 11 years and has worked for other high-tech companies. He has more than 20 years of management experience in high-tech support. Mike has also served on the Board of Directors for TSANet and several small software companies. He has a degree in Electrical Engineering and calls Utah his home.

What is SUSE Support?
The following lists some key facts and figures:

  • The SUSE support organization has approximately 120 people worldwide: 60 percent of the support team resides in support centers, and the other 40 percent is located near customers, “in the field.”
  • SUSE support has three main support centers: Provo, Utah, in the United States; Nuremberg, Germany; and Shenzhen, China.
  • We have the ability to verbally communicate in any language.
  • Our current average response time to engage with a support center person is about two minutes. Our targets and committed response times are in hours, but in most situations, we generally respond more quickly.
  • We currently resolve about 30 percent of SUSE incidents within one day, 50 percent within three days and about 75 percent within a week. Other tickets take longer due to many factors, including customers’ ability to work the issue, the need for a code fix, etc.
  • We pride ourselves in our outstanding support center customer satisfaction ratings. Currently 95 percent of our customers are totally satisfied with the interaction—well above the industry average.

How Will SUSE Support be Affected by the Micro Focus Merger?
The merger with Micro Focus allows SUSE to utilize many more employees, in many more locations. These additional resources will benefit the support team and customers.

How Does Support Work with Partners?
Our partners are vital to SUSE business. Helping SUSE deliver services, including support, is an important part of overall business. We have a great relationship with our partners—including aiding in their training and in delivering support and other services to our mutual customers. We interact with many partners on a daily basis and ensure they have the highest level of support.

One of the key value-adds that we deliver to our partners and all customers is our relationship with many vendors through the TSANet. We are a founding member of this organization, which is the world’s largest cooperative support community with legal and procedural policies in place to help members resolve multi-vendor complex issues daily. The TSANet program allows us to help on many issues that span many products so that we provide our customers with better service.

How Does Support Work with Engineering to Improve Products?
There are several ways that we coordinate with SUSE engineering to improve products:

  • Daily working of defects through our defect tool and via the phone. Our development team has dedicated contacts and developers who we work with on complex customer issues.
  • Development and support have a regular training cadence established. Our teams interact on a weekly basis to discuss troubleshooting practices, new product features and what tools are needed to more quickly serve our customers.
  • We have what is called a Customer Impact Analysis (CIA) process. We provide engineering with a very detailed quarterly report related to the incidents we have resolved. We give them data such as: how many tickets we resolved, what area of the code needs focus, how many defects we are finding and what are customers are saying about quality. We use the CIA to set a course for product improvement.

What is the Most Interesting Support Issue You've Encountered?
We get many interesting support issues each day! One of the most interesting was a police department asking us to help construct data on the hard drive. This data was being recovered as part of a fraud and capital-crime case. We were able to help and bring justice to a case. This was a very interesting issue that went on for about a month.

 


The Evolution of Linux Containers and Their Integration with Docker in SUSE Linux Enterprise Server 12

Author: Flavio Castelli is a senior engineer at SUSE. He has been following Docker since its early days and has focused on its integration within the openSUSE® and SUSE ecosystems. Flavio gained experience in creating and managing systems while working on products such as SUSE Studio™ and SUSE Manager. He is also a contributor to various open source projects.

Linux Containers at a Glance
In the, technologically speaking, distant past of 2012, SUSE Linux Enterprise SP2 was released. One of the features it introduced was support for Linux Containers using the LXC toolset.

Linux Containers are an operating, system-level virtualization method for running multiple isolated Linux systems on a single host. They differ from traditional virtualization solutions because they do not require the guest OS to run inside of a hypervisor. In fact, a Linux Container runs on the same level as any other application running on the host OS.

Linux Containers are implemented using Linux Control Groups (cgroups) and the Linux namespaces features, which are built into the Linux kernel. Using them enables you to isolate all the processes running inside of the guest OS from the ones running on the host OS, as happens with traditional virtualization. The only resource shared between the host and the guest is the kernel.

Linux Containers have several advantages over traditional virtualization. First, they are lightweight: using the same hardware, it is possible to run more Linux Containers than traditional virtual machines. Linux Containers perform better and essentially equal to the performance of the host machine. This is possible because Linux Containers do not introduce any significant overhead; they basically share the same I/O as the host system. It is also possible to apply changes to a running Linux Container without having to reboot it, which would be necessary with a traditional virtual machine. (Think about CPU priority, dedicated memory, etc.) Moreover, it is possible to combine traditional virtualization with the Linux Containers without decreasing performance.

However, there are some limitations. First, the operating system running inside of the container must be a Linux operating system with the same architecture as the host OS because the host and guest share the kernel. As a result, a kernel crash affects both the host OS and all of its Linux Containers. Similarly, kernel security issues affect both the host OS and its Linux Containers.

Introducing Docker—and How It Works with Linux Containers
SUSE Linux Enterprise 12, released a few months ago, includes Docker support for the first time. Docker operates on Linux Containers using the same kernel facilities as traditional Linux Containers tools. However, its focus is completely different. As stated on its official website, Docker's goal is to “build, ship and run any app, anywhere.” With Docker, it is possible to take an application, put it inside of a dedicated image, ship that image to other systems and then run the application within the image. It doesn't matter if the container is running on a physical machine, on a traditional virtual machine or even inside of a cloud; the application will always behave in the same way. This lowers the friction among the development, testing and production environments. Most importantly, it provides consistency and reproducibility across the entire development process.

In other words, Docker takes a complex technology (Linux Containers) and makes it easy to use. The Docker execution engine comes with helpful default settings that make it incredibly easy to start using Linux Containers. Additionally, Docker focuses on assisting users during the complete life cycle of an image.

Docker offers an integrated build system that makes it trivial to build new images. Working with these images feels like managing source code using a version control system: it is possible to version them, commit changes and even create forks. This makes collaboration really easy.

The deployment of the images is also easy and fast because of their internal structure. Once the images are deployed, you can start Docker containers by either using the default or custom settings. Monitoring and handling running Docker containers is simple as well. It is even possible to look into a running container and see how it changed from its original image. Everything is implemented using a single command line tool named “Docker.” Users familiar with “git” will feel immediately at ease because the two tools share many commands, behaviors and workflows.

Finally, there is also a “social” aspect of Docker: the “Docker Hub.” This is a place where anyone can upload their Docker images and download those shared by other users. The number of Docker images available on the Docker Hub is constantly growing.

Starting with SUSE Linux Enterprise 12, Docker containers can be run without a special kernel or configuration; everything has been designed to work out-of-the-box. SUSE also provides official Docker images for SUSE Linux Enterprise 11 SP2 and SP3. These images can be further customized using Docker's integrated build system to run all the software available for SUSE.

We also created a YaST® module to ease the approach with Docker.

These are just the first steps toward Docker's integration. Stay tuned for more exciting news during the year. In the meantime, a Quick Start Guide to Docker on SUSE can be found here. It provides more details about Docker's architecture, how to build custom Docker images and how to get started with the “Docker” command line tool.

 


Certifications Update

Marjorie Westerman is a Marketing writer at SUSE. She edits the SUSE Insider and SUSE News.

Steven Canova joined the SUSE ISV (Independent Software Vendor) Relations team in 2013 to manage the SSO (Strategic/Specific Sales Opportunity) program. He responds to field sales requests for ISV application support and works with software partners to help them certify their products on SUSE. Previously, Steven held alliances and sales leadership positions at Wind River, Caldera/SCO, CA and Synopsys. In 2012, he designed and authored the "Collaborative Selling" curriculum for Microsoft's original equipment manufacturer (OEM) Embedded Device business.

Interoperability is one of the cornerstones of the SUSE product strategy. Our goal is to ensure that our customers have a wide range of compatible hardware and software solutions that are compatible with SUSE products, so they can implement the innovative solutions their business requires while leveraging their IT investments.

YES Certified Hardware
From November 17, 2014 to January 31, 2015, SUSE published Yes Certification bulletins for 291 hardware devices, including servers, workstations and storage area network (SAN) devices. These products came from a variety of high-tech companies worldwide, including SUSE Alliance partners that offer a broad range of systems such as Cisco, Dell, Fujitsu, HP, Hitachi, IBM, Intel, Lenovo, Oracle, SGI and Unisys as well as specialty vendors such as Wincor Nixdorf, which focuses on the retail and banking industry, and information and communications technology provider Huawei.
To find out which systems—and which configurations of those systems—have been YES Certified, go to the Certified Hardware Partners’ Product Catalog, search the systems and click on the bulletin number.

Highlights
Here are some trends and facts that stand out among YES Certifications completed in the period mentioned above:

  • System certifications on SUSE Linux Enterprise 12 constituted the vast majority of certifications. This included workstations certified on SUSE Linux Desktop 12. However, there are still several network servers certified on SUSE Linux Enterprise Server 11 SP3 and a few certifications for SANs on even earlier versions.
  • Lenovo certified more servers (90) during this period than any other hardware vendor with IBM coming in second. Most of these Lenovo servers were x86s that Lenovo purchased from IBM.
  • Another supercomputer—Sugon from China-based Dawning Information Industry—is now certified for SUSE Linux Enterprise Server 12. Since 1993, SUSE has made significant contributions to the advancement and tuning of the Linux kernel, and kernel-related performance technologies. Today, on the Top500.org website listing of leading supercomputers, more than a third of the top 50 and ten of the top 25 run a version or modified version of SUSE Linux Enterprise Server. SUSE also participates in the Intel Cluster Ready program, developed in conjunction with other hardware and software vendors, whose purpose is to simplify purchasing, deployment and management of high performance computing clusters.

To research specific systems, go to the Certified Hardware Partners’ Product Catalog. To better understand what you can learn from the Yes Certification bulletins, read a recent series of SUSE blogs that explain the various bulletin components: Part 1, Part 2 and Part 3.

SUSE Certification Update
The number of partner software packages supported on SUSE Linux Enterprise 12 is growing. This includes both software packages supported on SUSE for the first time as well as existing supported software packages that have been updated to the new release. At the same time, certifications on earlier releases continue.

Highlights
Here are a few ways SUSE and our partners collaborate to deliver real-world optimized solutions today:

  • Java: As of 2015, Java continues to be one of the most popular programming languages, used by millions of developers worldwide for applications and web sites. Oracle Java and IBM Java are now supported on SUSE Linux Enterprise Server 12 and viewable in the Software Partner Catalog.
    • For more information on IBM Java, click here
    • For more information on Oracle Java (JDK), click here
  • ThinLinc from Sendio: ThinLinc is now available on SUSE Linux Enterprise Desktop 12 and SUSE Linux Enterprise Server 12. It provides several industry-leading technologies and innovations that improve performance, increase security and decrease the cost of delivering Linux and Windows-based applications at the same desktop. For more information, click here
  • HyperWorks CAE from Altair Engineering: This certification has recently been updated to SUSE Linux Enterprise Server 11. The Altair HyperWorks CAE suite is an important design and simulation solution for manufacturers, particularly in the automotive industry, where rapid design exploration and decision making are required. Get more information on HyperWorks here

To research current SUSE-certified software packages, visit the Software Partner Catalog.

In This Issue

Join SUSE Conversations and
get free gifts.

Experienced user of SUSE products? Turn your knowledge
into Amazon gift cards!

Check out SUSE Shop online! Updated product range and more localized languages available!

Buy on-demand training videos

Get up-to-the-minute SUSE news
by following us on:

View past editions of the SUSE News and SUSE Insider

Contact us at susenews@suse.com with questions or feedback.