This SUSE product includes materials licensed to SUSE under the GNU General Public License (GPL). The GPL requires that SUSE makes available certain source code that corresponds to the GPL-licensed material. The source code is available for download.

For up to three years after SUSE’s distribution of the SUSE product, SUSE will mail a copy of the source code upon request. Requests should be sent by e-mail or as otherwise instructed here. SUSE may charge a fee to recover reasonable costs of distribution.

Version Revision History

  • July 2019: 4.0.1 release

  • June 26th, 2019: 4.0.0 release

About SUSE Manager 4

Now based on SUSE Linux Enterprise 15 Service Pack 1 and the Uyuni project, SUSE Manager 4 further delivers a best-in-class open source infrastructure management solution that lowers costs, enhances availability and reduces complexity.

As a key component of a software-defined infrastructure, SUSE Manager 4 allows our customers to:

Lower costs and simplify management

  • Simplify management and reduce operational expenditure with enhanced package staging through a new Content Lifecycle Management user interface and improved APIs for managing packages, patches, and configurations. Moving packages across multiple stages, like development, QA and production is now a simple UI-based task.

  • Ease virtual machine management with new Salt-based virtual machine management that allows near real-time management of hundreds of servers. This allows managing virtual machines not just through a UI, with start/stop buttons, but also by defining Salt states. For example, you can create a Salt state that always ensures that the same three virtual machines are created and running on all your branch servers. Advanced virtual machine management is a technology preview and will require a paid-for add-on subscription per virtualization host.

Increase availability and visibility with expanded monitoring and alerting capabilities

Gain better infrastructure insights and reduce downtime, with the ability to provision, configure, and automate a reliable and easy to use monitoring and alerting infrastructure built on the next generation Prometheus based monitoring stack. With a single tool, you can now deploy, configure and manage your Linux infrastructure, and also monitor the health of that infrastructure. Monitoring is a paid-for add-on subscription per managed system.

Reduce complexity and regain control

  • SUSE Manager now supports managing openSUSE Leap 15.1 and Ubuntu LTS 16.04 and 18.04 clients.

  • SUSE Manager 4 can be deployed from the unified SUSE Linux Enterprise 15 installer.

  • “Formulas with Forms” capabilities for SAP allow the easy set-up of SAP HANA nodes and HA cluster configuration according to best practices. Formulas are provided as a technology preview via SUSE Package Hub.

Keep Informed

You can stay up-to-date regarding information about SUSE Manager and SUSE products:

Installation

Requirements

SUSE Manager Server 4 is provided through SUSE Customer Center and can be installed with the unified installer for SUSE Linux Enterprise 15 Service Pack 1. It is available for x86-64, POWER (ppc64le), or IBM Z (s390x). No separate SUSE Linux Enterprise subscription is required.

With the adoption of a unified installer in SUSE Linux Enterprise 15, system roles are used to customize the installation for each product. The unified installer provides an easier way to install the operating system and the SUSE Manager Server application together with specific pre-configured system settings. This addresses the need for enterprise deployments to standardize on the base operating system as well as on specific storage setups.

PostgreSQL is the only supported database. Using a remote PostgreSQL database is not supported.

Update from previous versions of SUSE Manager Server

In-place updates from previous versions of SUSE Manager Server are not supported. The supported upgrade method is to migrate the data from your SUSE Manager Server 3.2 installation to SUSE Manager Server 4.0.

If your SUSE Manager Server 3.2 uses an older version of PostgreSQL, you need to upgrade to PostgreSQL 10 before performing the migration!

All connected clients will continue to run and remain unchanged.

For detailed upgrading instructions, see the Upgrade Guide on https://www.suse.com/documentation/suse-manager-4/.

Migrating from Red Hat Satellite

Migrating from Red Hat Satellite to SUSE Manager Server 4.0 is conditionally supported. To perform this migration, we strongly recommend you get in contact with a SUSE sales engineer or consultant before starting the migration.

Scaling SUSE Manager

The default configuration of SUSE Manager will scale around one thousand clients, when deployed according to the instructions in the Installation Guide on https://www.suse.com/documentation/suse-manager-4/. Scaling beyond that number needs special consideration.

For more information and instructions on large-scale deployments, see https://www.suse.com/documentation/suse-manager-4/4.0/suse-manager/administration/tuning-largedeploys.html.

Before you begin, you should always get advice from a SUSE partner, sales engineer, or consultant.

Channels with a large number of packages

Some channels, like SUSE Linux Enterprise Server with Expanded Support or Red Hat Enterprise Linux, come with a very large number of packages that may cause taskomatic to run out of memory. If this occurs, we recommended that you increase the maximum amount of memory allowed for taskomatic by editing /etc/rhn/rhn.conf and adding this line:

taskomatic.java.maxmemory=4096

You will need to restart taskomatic after this change.

This grants taskomatic up to 4 GB of memory (up from the default of 2GB). If taskomatic continues to run out of memory, you can increase the number further. However, keep in mind that this will affect the total memory required by SUSE Manager Server.

Major changes since SUSE Manager Server 4.0 GA

Features and changes

Version 4.0.1

New products supported
  • SLES12 SP3 LTSS

  • openSUSE Leap 15.1

Patches

The SUSE Patch Finder is a simple online service to view released patches.

Version 4.0.1

spacewalk-backend:

  • Do not duplicate "http://" protocol when using proxies with "deb" repositories (bsc#1138313)

  • Fix reposync when dealing with RedHat CDN (bsc#1138358)

  • Fix for CVE-2019-10136. An attacker with a valid, but expired, authenticated set of headers could move some digits around, artificially extending the session validity without modifying the checksum. (bsc#1136480)

spacewalk-web:

  • Change WebUI version 4.0.1

susemanager-doc-indexes:

  • Updated wording for Prometheus section

  • JeOS VM update

  • Port 8050 for graphical console display

  • Content life-cycle docs are not enough for customer to understand (bsc#1137955)

  • Salt boot formula fails for SLES11 SP3 terminal (bsc#1136857)

  • Certificate verify failed when using vmware esxi virtual host gatherer (bsc#1136561)

susemanager-docs_en:

  • Updated wording for Prometheus section

  • JeOS VM update

  • Port 8050 for graphical console display

  • Content life-cycle docs are not enough for customer to understand (bsc#1137955)

  • Salt boot formula fails for SLES11 SP3 terminal (bsc#1136857)

  • Certificate verify failed when using vmware esxi virtual host gatherer (bsc#1136561)

susemanager-sync-data:

  • Add channel family definitions for SLES12 SP3 LTSS (bsc#1139693)

  • Add OPENSUSE to allowed channel_families to make openSUSE Leap product visible in the product list (bsc#1138364)

Major changes since SUSE Manager Server 3.2

Prometheus Monitoring

We now include packages for the latest version of Prometheus, as well as self-monitoring capabilities for SUSE Manager. The SUSE Manager Monitoring entitlement is required for all systems that have monitoring with Prometheus enabled.

Prometheus is a monitoring tool that is used to record real-time metrics in a time-series database.

For more information about Prometheus, see Prometheus in the Administration Guide

Exporters

Exporters convert existing metrics into the format Prometheus requires. We are now providing the following Prometheus Exporters as packages, for SLE12 and SLE15 as well as openSUSE Leap 15.1:

In addition we provide JMX exporter on SUSE Manager Server.

Monitoring is not yet available for other operating system platforms like Red Hat Enterprise Linux or Ubuntu.

Self-monitoring features in SUSE Manager

SUSE Manager provides metrics about its health to Prometheus. Both Server and Proxy can expose metrics. Self-monitoring can be enabled via the Web UI. For that purpose, some Prometheus exporters are pre-installed on SUSE Manager Server and Proxy.

A new formula is also included, to install and manage Node and PostgreSQL exporters on clients managed by Salt. This formula can be configured in the SUSE Manager Web UI.

Content lifecycle management

The content lifecycle management feature allows you to clone software channels through a lifecycle of several environments. You are able to create content projects, select a custom set of software channels as sources, and promote software channels through a pre-defined lifecycle of environments.

You can define filters to exclude specific packages and patches. More filters will be added in a later release.

Once you have selected your sources you can build the selected set which will populate the first environment. After the first environment is built, you can promote it through the environment lifecycle to the next environment in the loop. You can see the status of the build at any time throughout the process.

The result of the build, and the content of every environment, is a channel tree made of cloned software channels of the selected sources, to which systems can be assigned.

Virtualization management for Salt minions

The existing virtualization features have been enhanced for Salt-based systems. This is a technology preview and will require an additional Virtualization Management entitlement. Pricing will be announced soon.

Salt-based virtualization host systems can also create virtual machines using a pre-built disk image.

These features have been added:

  • Deleting virtual machines.

  • Editing virtual machines to add or remove network interfaces or disk, change CPU and memory allocation or the display type.

  • Quick update of the list and state of virtual machines.

  • Displaying virtual machines graphical display in a new tab.

Updated Documentation Structure

In this release, we have reorganized our documentation and updated our tooling to make it clearer where information is, and make it easier for you to find the content you need, when you need it.

Old Naming Format

  • Getting Started

  • Best Practices

  • Reference

  • Advanced Topics

New Naming Format

  • Installation Guide (Requirements, supported platforms, installation methods, etc)

  • Client Configuration Guide (Configuring and connecting clients to SUSE Manager)

  • Upgrade Guide (Migrate and update clients and SUSE Manager)

  • Reference Guide (Comprehensive guide to the Web UI)

  • Administration Guide (Maintenance and administration tasks in SUSE Manager)

  • Salt Guide (A comprehensive guide to Salt for system administrators)

  • Retail Guide (A guide to using SUSE Manager for Retail)

Improved logging for Salt Remote Command Page

The Salt Remote Command Page log now every command executed in a separate logfile (/var/log/rhn/rhn_salt_remote_commands.log). In addition to this, an entry in the System History is generated for every minion where the command was executed.

Salt 2019.2.0

Salt has been upgraded to the 2019.2.0 release.

We intend to regularly upgrade Salt to more recent versions.

For more detail about changes in your manually-created Salt states, see the Salt upstream release notes 2019.2.0.

Update of Traditional Client Tools and Package renames

The traditional Client Tools were updated to Uyuni version 4.0. This required some package renames.

Table 1. Package renames
Old Name New Name

osad

mgr-osad

python2-osa-common

python2-mgr-osa-common

python2-osad

python2-mgr-osad

python3-osa-common

python3-mgr-osa-common

python3-osad

python3-mgr-osad

python2-rhncfg-actions

python2-mgr-cfg-actions

python2-rhncfg-client

python2-mgr-cfg-client

python2-rhncfg-management

python2-mgr-cfg-management

python2-rhncfg

python2-mgr-cfg

python3-rhncfg-actions

python3-mgr-cfg-actions

python3-rhncfg-client

python3-mgr-cfg-client

python3-rhncfg-management

python3-mgr-cfg-management

python3-rhncfg

python3-mgr-cfg

python2-rhn-virtualization-common

python2-mgr-virtualization-common

python2-rhn-virtualization-host

python2-mgr-virtualization-host

python3-rhn-virtualization-common

python3-mgr-virtualization-common

python3-rhn-virtualization-host

python3-mgr-virtualization-host

python2-rhnpush

python2-mgr-push

python3-rhnpush

python3-mgr-push

rhn-custom-info

mgr-custom-info

rhn-virtualization-common

mgr-virtualization-common

rhn-virtualization-host

mgr-virtualization-host

rhncfg

mgr-cfg

rhncfg-actions

mgr-cfg-actions

rhncfg-client

mgr-cfg-client

rhncfg-management

mgr-cfg-management

rhnpush

mgr-push

spacewalksd

mgr-daemon

Please update your bootstrap scripts, bootstrap repositories, and activation keys if any of the packages are part of them.

Base system upgrade

The base system was upgraded to SUSE Linux Enterprise 15 SP1. As a result, all code was ported to run with Python 3 and OpenJDK 11.

Technical preview: Single Sign-On (SSO)

SUSE Manager supports Single Sign-On authentication by implementing the Security Assertion Markup Language (SAML) 2 protocol. Mandatory requirement: an already existing and configured SAML Identity Service Provider (IdP). SUSE Manager must be reconfigured to use the IdP as the source of authentication and post-login mapped users must be already created before enabling SSO.

For more on configuring SSO, see the Authentication Methods chapter in the Administration guide.

Upgrading with SUSE Manager Proxy

SUSE Manager Server 4.0 works with SUSE Manager Proxy 3.2. When upgrading, upgrade the Server first, followed by the Proxies.

For instructions on upgrading with Proxies, see the Upgrade Guide on https://www.suse.com/documentation/suse-manager-4/.

Upgrading with inter-server synchronization

When upgrading, upgrade the ISS master first, followed by the ISS slaves.

Support

Supportconfig confidentiality disclaimer

When handling Service Requests, supporters and engineers may ask for the output of the supportconfig tool from SUSE Manager Server or clients.

This disclaimer applies:

Detailed system information and logs are collected and organized in a
manner that helps reduce service request resolution times.
Private system information can be disclosed when using this tool.

If this is a concern, please prune private data from the log files.

Several startup options are available to exclude more sensitive
information. Supportconfig data is used only for diagnostic purposes
and is considered confidential information.

When you run supportconfig on the SUSE Manager Server, the output will contain information about your clients as well as about the Server. In particular, debug data for the subscription matching feature contains a list of registered clients, their installed products, and some minimal hardware information (such as the CPU socket count). It also contains a copy of the subscription data available from the SUSE Customer Center.

If this is a concern, please prune data in the subscription-matcher directory in the spacewalk-debug tarball before sending it to SUSE.

Supportability of embedded software components

All software components embedded into SUSE Manager, like Cobbler for PXE booting, are only supported in the context of SUSE Manager. Stand-alone usage is not supported.

Support for older products

The SUSE Manager engineering team provides 'best effort' support for products past their end-of-life date. For more information about product support, see Product Support Lifecycle.

Support for products that are considered past their end-of-life is limited to assisting you to bring production systems to a supported state. This could be either by migrating to a supported service pack or by upgrading to a supported product version.

Support for Ubuntu Clients

Support for Ubuntu Clients was added in SUSE Manager 3.2. Currently, Salt minions running Ubuntu 16.04 LTS and 18.04 LTS are supported. Support for Ubuntu is limited to specific features. For a detailed list of supported features, see the Client Configuration Guide at https://www.suse.com/documentation/suse-manager-4/4.0/suse-manager/client-configuration/clients-ubuntu.html.

spacewalk-utils

All commands need expertise to operate and can potentially create problems with your installation. The spacewalk-utils package is a packaged set of command line tools. We consider the spacewalk-utils tools valuable enough to be included, but are not able to fully support them.

These spacewalk-utils tools are fully supported:

  • spacewalk-clone-by-date

  • spacewalk-sync-setup

  • spacewalk-manage-channel-lifecycle

All other spacewalk-utils tools are supported at L1 level support only. L1 support is limited to problem determination, which means technical support designed to provide compatibility information, usage support, on-going maintenance, information gathering and basic troubleshooting using available documentation.

Providing feedback

If you encounter a bug in any SUSE product, please report it through your support contact.

Resources

Technical product information for SUSE Manager: http://www.suse.com/products/suse-manager/technical-information

These release notes are available online: http://www.suse.com/releasenotes

Further information about SUSE Manager is available on the Wiki: http://wiki.microfocus.com/index.php/SUSE_Manager

Visit http://www.suse.com for the latest Linux product news from SUSE.

Visit http://www.suse.com/download-linux/source-code.html for additional information on the source code of SUSE Linux Enterprise products.

SUSE Linux GmbH
Maxfeldstr. 5
D-90409 Nürnberg
Tel: +49 (0)911 740 53 - 0
Email: feedback@suse.com
Registrierung/Registration Number: HRB 21284 AG Nürnberg
Geschäftsführer/Managing Director: Felix Imendörffer, Mary Higgins, Sri Rasiah
Steuernummer/Sales Tax ID: DE 192 167 791
Erfüllungsort/Legal Venue: Nürnberg

SUSE makes no representations or warranties with regard to the contents or use of this documentation, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, SUSE reserves the right to revise this publication and to make changes to its content, at any time, without the obligation to notify any person or entity of such revisions or changes.

Further, SUSE makes no representations or warranties with regard to any software, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, SUSE reserves the right to make changes to any and all parts of SUSE software, at any time, without any obligation to notify any person or entity of such changes.

Any products or technical information provided under this Agreement may be subject to U.S. export controls and the trade laws of other countries. You agree to comply with all export control regulations and to obtain any required licenses or classifications to export, re-export, or import deliverables. You agree not to export or re-export to entities on the current U.S. export exclusion lists or to any embargoed or terrorist countries as specified in U.S. export laws. You agree to not use deliverables for prohibited nuclear, missile, or chemical/biological weaponry end uses. Please refer to the SUSE Legal information page for more information on exporting SUSE software. SUSE assumes no responsibility for your failure to obtain any necessary export approvals.

Copyright © 2012-2019 SUSE LLC.

This release notes document is licensed under a Creative Commons Attribution-NoDerivatives 4.0 International License (CC-BY-ND-4.0). You should have received a copy of the license along with this document. If not, see https://creativecommons.org/licenses/by-nd/4.0/.

SUSE has intellectual property rights relating to technology embodied in the product that is described in this document. In particular, and without limitation, these intellectual property rights may include one or more of the U.S. patents listed at https://www.suse.com/company/legal/ and one or more additional patents or pending patent applications in the U.S. and other countries.

For SUSE trademarks, see SUSE Trademark and Service Mark list (https://www.suse.com/company/legal/). All third-party trademarks are the property of their respective owners.

Colophon

Thank you for using SUSE Manager Server in your business.

Your SUSE Manager Server Team.