This SUSE product includes materials licensed to SUSE under the GNU General Public License (GPL). The GPL requires that SUSE makes available certain source code that corresponds to the GPL-licensed material. The source code is available for download.
Version revision history
June 21st, 2021: 4.2 GA
About SUSE Manager 4.2
SUSE Manager 4.2, the latest release from SUSE based on SLES 15 SP3 and the Uyuni Project, further delivers best-in-class open source systems management and automation that lowers costs, identifies risk, enhances availability and reduces complexity.
As a key component of a Hybrid Cloud IT infrastructure, SUSE Manager for 4.2 delivers the following new or enhanced capabilities to your Edge, Cloud & Datacenter environments.
Integration of Ansible into a SUSE Manager automation environment to protect customer investment and ease migration (Technology Preview)
Configuration and automation platforms have become increasingly important to control an organization’s ever-growing IT landscape. There are a variety of popular tools in the market and companies may have already made investments in a particular tool, one of them being Ansible.
Adopting SUSE Manager, or migrating to it, does not mean that you should necessarily renounce your previous configuration management systems investment. SUSE Manager 4.2 provides support for Ansible packages on SLE and connects to the Ansible control nodes on any supported client operating system to gather inventory, playbooks and manage clients with SUSE Manager.
SUSE Manager 4.2 allows you to simply re-use and run your Ansible playbooks, saving time and resources by consolidating tools while keeping existing automation investments. This means you do not have to re-implement your Ansible automation solution, making migration to the SUSE landscape easier.
Combined with its strong Salt capabilities, it enhances SUSE Manager’s configuration and automation capabilities helping you to orchestrate even the largest environments – across cloud and on-premise.
Enhanced Security and Compliance by providing OpenSCAP content for SLE and other Linux operating systems
OpenSCAP assists administrators and auditors with assessment, measurement, and enforcement of security baseline through audit scans by using content produced by SUSE (for SUSE Linux Enterprise Server) and other Linux operating systems.
Easily checks system security configuration settings and examine systems for signs of compromise by using rules based on standards and specifications. Use the OpenSCAP feature to assess the compliance level of your client systems according to the selected profile and apply remediation scripts and Ansible playbooks to achieve better compliance when needed.
Knowing what is the precise configuration being applied to a system when you are managing many of them can be challenging: configuration may come from your organization, one of the many system groups, formulas, configuration and state channels or even be assigned directly to the system. Usability enhancements across the SUSE Manager WebUI now provide a clear and direct way of knowing exactly where your configuration states and channels are coming from and easily assign them.
Conveniently find all your systems in the SUSE Customer Center thanks to SUSE Manager 4.2 forwarding the client names, as if they had been directly connected with SUSEconnect, RMT or SMT.
Other usability improvements include better user interface components, configuring commonly-used parameters such as the FQDN of the system and enhanced filter lists.
Enhanced patch management functionality to help customers streamline the use of Live Patching
Live Patching helps customers to bring down reboot cycles to once a year which saves companies a time, resources and availability compared to not using live patching at all.
Customers need to prepare for reboot ahead of time before the live kernel approaches the end of life. The implementation of the kernel lifecycle and live kernel patch installation feature in SUSE Manager 4.2 enhances its patch management functionality to help customers streamline the use of Live Patching. Customers can now easily identify when a live kernel is approaching the end of life and define a corrective action, for example, schedule a reboot during a maintenance window, all from the UI.
Optimized performance with virtual machine tuning
Virtual Machines can be created quickly and easily but the default configuration settings may not be the best ones for VM performance. To ensure best performance proper VM configuration is needed. With SUSE Manager 4.2 customer can easily configure VMs (for example according to SAP best practices) through the UI. Tuning parameters will include CPU pinning and memory settings to name but a few.
Simplification of openSUSE Leap to SLES migration – Migrate from openSUSE Leap to SLES in just a few clicks
SUSE Manager now enables changing the repository where a package comes from with a simple product migration. This allows you to easily migrate your system from openSUSE Leap to the respective SLES version in just a few clicks. Instead of replacing the repositories and manually re-installing packages, you can now do the migration in a single action.
Expanded operating system support
With more and more workloads moving to cloud, SUSE Manager caters to where your workloads are going. It is silicone and platform agnostic and provides powerful content control – across hypervisors, clouds, or architectures. SUSE Manager 4.2 enhances its cloud capabilities by adding to its extensive list of Linux distributions.
SUSE Manager 4.2 introduces support for Amazon Linux 2 and AlmaLinux 8, further enabling the management of all your Enterprise Linux distributions from a single tool – no matter where they are located. SUSE Manager now supports the management of SLE, RHEL, openSUSE, Oracle Linux, CentOS, AlmaLinux, Ubuntu, Debian, and Amazon Linux.
SUSE Manager is easier than ever to use in the public cloud with usability and user experience improvements, further simplifying the management of your cloud deployments and client onboarding through cloud-init, Terraform and other cloud native mechanisms.
EDGE: SLE Micro Support (Tech preview)
SLE Micro is an ultra-reliable, lightweight operating system purpose built for edge computing. It leverages the enterprise hardened security and compliance components of SUSE Linux Enterprise and merges them with a modern, immutable, developer-friendly OS platform.
SUSE Manager 4.2 provides initial support for SLE Micro 5.0 clients. Not all SUSE Manager functionalities are initially available for SLE Micro.
SUSE Manager Server 4.2 is provided through SUSE Customer Center and can be installed with the unified installer for SUSE Linux Enterprise 15 Service Pack 3. It is available for x86-64, POWER (ppc64le), or IBM Z (s390x).
With the adoption of a unified installer in SUSE Linux Enterprise 15, system roles are used to customize the installation for each product. The unified installer provides an easier way to install the operating system and the SUSE Manager Server application together with specific pre-configured system settings. This addresses the need for enterprise deployments to standardize on the base operating system as well as on specific storage setups.
PostgreSQL is the only supported database. Using a remote PostgreSQL database is not supported.
Update from previous versions of SUSE Manager Server
In-place update from SUSE Manager Server 4.0 and 4.1 is supported.
All connected clients will continue to run and remain unchanged.
For detailed upgrading instructions, see the Upgrade Guide on https://documentation.suse.com/suma/4.2/.
Migrating from Red Hat Satellite
Migrating from Red Hat Satellite 5.x or Spacewalk 2.x to SUSE Manager Server 4.2 is conditionally supported.
To perform this migration, we strongly recommend you get in contact with a SUSE sales engineer or consultant before starting the migration.
Scaling SUSE Manager
The default configuration of SUSE Manager will scale around one thousand clients, when deployed according to the instructions in the Installation Guide on https://documentation.suse.com/suma/4.2/. Scaling beyond that number needs special consideration.
For more information and instructions on large-scale deployments, see the Large Deployments Guide.
Before you begin, you should always get advice from a SUSE partner, sales engineer, or consultant.
SUSE Manager can be deployed in a highly-available setup but specific configuration and tuning for each use case is needed. Please get in touch with SUSE Consulting for the details.
Major changes since SUSE Manager Server 4.1
New products enabled
SUSE Linux Enterprise 15 SP3
SUSE Linux Enterprise Micro 5.0 (tech preview)
openSUSE Leap 15.3
Amazon Linux 2
MicroFocus Open Enterprise Server 2018 SP3
Technology Preview: SLE Micro
SLE Micro is an ultra-reliable, lightweight operating system purpose built for edge computing. It leverages the enterprise hardened security and compliance components of SUSE Linux Enterprise and merges them with a modern, immutable, developer-friendly OS platform.
SUSE Manager 4.2 provides limited support for SLE Micro 5.0 clients. The following features work:
Salt remote commands
Formulas and Formulas with Forms
Installed software packages, updates, patches, etc are listed
Refreshing installed package list
Package installation, update, patching, removal
Content Lifecycle Management
State and configuration channels
Autoinstallation with AutoYaST and Yomi
transactional-updateversions 3.2.2-1.1 or older contain a bug and will not work properly with Salt. A fix will be shipped (in SLE Micro 5.0) soon, which will enable it with Salt and SUSE Manager 4.2.
Package and patch installation, removal and update work but after installation, the WebUI will not show the actual patch state of the system, and it will not notify a reboot is required for those changes to be enabled. As a workaround, you can manually schedule a reboot.
Action chains will fail
Container management. SUSE Manager cannot manage podman containers at the moment but you can use Salt remote commands for that.
Maintenance windows in SLE Micro are currently independent from SUSE Manager’s
First releases of SLE Micro 5.0 contained a broken
salt-minionpackage. Please make sure you use the latest version available in the SLE Micro Update channel.
SLE Micro is only supported as a Salt minion. The traditional stack will not be supported.
The missing features will be added in upcoming releases of SUSE Manager.
Amazon Linux 2
SUSE Manager is now able to manage Amazon Linux 2 clients as salt-minion or salt-ssh clients, as well as all other features that work for RHEL 7. Check the Client Configuration Guide for information about how to configure SUSE Manager Server to work with Amazon Linux 2 clients.
Support for Amazon Linux 2 is currently only available for the x86_64 architecture. New architectures will be added in a future release of SUSE Manager.
SUSE Manager is now able to manage AlmaLinux 8 clients as salt-minion or salt-ssh clients, as well as all other features that work for RHEL 8. Check the Client Configuration Guide for information about how to configure SUSE Manager Server to work with AlmaLinux clients.
AlmaLinux 8 is currently only available for the x86_64 architecture. Support for AlmaLinux 8 will continue to improve, including support for other architectures as they are added to AlmaLinux.
Red Hat Enterprise Linux 6
SUSE Linux Enterprise Server Expanded Support 6
Oracle Linux 6
Ubuntu 16.04 LTS
The support policy of SUSE Manager clients can be summarized as: "if the operating system is under general support by its vendor, then SUSE Manager supports it as a client".
RHEL 6 (and clones: CentOS 6, Oracle Linux 6, SLES ES 6) ended upstream general support on November 30th, 2020. After a grace period of 7 months, we are now ending support for these operating systems.
Ubuntu 16.04 LTS ended upstream general support on April 30th, 2021. After a grace period of 3 months, we are now ending support for these operating systems.
Please note "end of support" from the SUSE Manager side means these products and their client tools remain available in the SUSE Manager product tree and can still be added, mirrored and used. But in case they stop working at some point in time, support will only be provided as on a best-effort basis (which in general means if the issue can be reproduced with a supported operating system, it will be fixed; but if the issue is specific to the unsupported operating system, a fix should not be expected).
Salt has been upgraded to upstream version 3002, plus a number of patches, backports and enhancements by SUSE, for the SUSE Manager Server, Proxy and Client Tools (where the client operating system supports Python 3.5+; otherwise Salt 3000 or 2016.11 are used).
Salt 3002 only works with Python 3.5+, therefore:
Salt 3002 is only available on SLE 15, RHEL 8 (and clones: CentOS, Oracle Linux, SLES Expanded Support and AlmaLinux), Ubuntu 18.04 and 20.04, and Debian 10. Only a Python 3 version is provided.
Salt 3000 is still the version of Salt for SLE 12, RHEL 7 (and clones: CenOS, Oracle Linux, SLES Expanded Support, Amazon Linux and Alibaba Cloud Linux) and Debian 9. Only a Python 2 version is provided. SLE 12 additionally provides a Python 3 version.
Salt 2016.11 is still the version of Salt for SLE 11 SP4. Only a Python 2 version is provided.
We intend to regularly upgrade Salt to more recent versions, including those which are still on Salt 3000.
For more details about changes in your manually-created Salt states, see the Salt 3002 upstream release notes.
Technology Preview: Ansible integration
SUSE Manager uses Salt internally, with the SUSE Manager Server acting as a salt-master, and supports Salt clients both as salt-minion (with agent) and salt-ssh (agentless) clients.
Ansible is another popular automation tool, mainly promoted by other vendors and tools. To lower the barrier of entry for users who want to migrate to SUSE Manager, we have now integrated Ansible in SUSE Manager:
Ansible 2.9 (current LTSS version) is provided in the SUSE Manager Client Tools channel for SLE15
A new system type "Ansible Control Node" has been added. This will automatically install the
ansiblepackage and make an
Ansibletab show in the System Details
SUSE does not provide Ansible packages for non-SUSE operating systems. Use third-party packages in that case
The "Ansible Control Nodes" must be registered as Salt clients (salt-minon or salt-ssh) in SUSE Manager
Multiple Ansible Control Nodes are supported
Configure the paths to Ansible playbooks and inventories in the
Ansibletab of the Ansible Control Nodes to explore and display them
Schedule Ansible playbook execution in your Ansible control nodes as you would do with any other action in SUSE Manager
SUSE Manager uses the AnsibleGate Salt module to execute Ansible playbooks natively.
In SUSE Manager 4.2 GA, Ansible integration is a technology preview that supports a limited subset of functionality and will be enhanced in upcoming maintenance updates and releases. Namely, the following features are not yet supported in this technology preview:
Adding or editing Ansible playbooks from SUSE Manager. Do that in the Ansible control node.
Job templates (passing parameters to Ansible playbooks). You can do that via Salt states using AnsibleGate.
Conditional execution. You can do that via Salt states using AnsibleGate.
Migrate clients from openSUSE Leap to SUSE Linux Enterprise Server
The "Service Pack Migration" feature has been renamed "Product Migration".
In SUSE Manager 4.2, the Product Migration feature allows two different use cases:
Migration from one service pack to another within the same major version of SUSE Linux Enterprise (e. g. from SLE 15 SP2 to SLE 15 SP3)
Migration from openSUSE Leap to the equivalent version of SLES (e. g. from Leap 15.3 to SLES 15 SP3). A registration key for openSUSE Leap is required, which can be obtained from SCC for free.
Migration between different SUSE Linux Enterprise codestreams (e. g. SLE 12 to SLE 15) is not possible using the Product Migration feature. Use autoinstallation profiles for that.
Migration between non-SUSE products (e. g. from CentOS to AlmaLinux) is not available at the moment.
"Migrate" has been renamed to "Transfer" to avoid confusion.
Client systems forwarded to SUSE Customer Center
Until SUSE Manager 4.1, the SUSE Manager Server was listed in SCC but the managed clients were not. This surprised users, who did not understand why clients connected via SUSEconnect, RMT or SMT would show in SCC, but clients connected with SUSE Manager would not.
Responding to this often-asked question and feature request, we have now implemented client list forwarding to SCC in SUSE Manager 4.2.
By default, all the clients (even non-SUSE operating systems) managed by SUSE Manager Server (connected directly or via Proxy or Retail Branch Server) will be listed in SCC. When a client is removed from SUSE Manager, it will also be removed from SCC.
The information transferred is limited to that which is already collected and transferred by SUSEconnect, RMT and SMT:
Client OS name and version
Number of CPU sockets
UUID of the system
Hypervisor and cloud provider information
Login: SUSE Manager insance id + client system id
Password: random string generated by SUSE Manager. Not used.
This information is used for statisical and product research purposes only.
In case you want to completely disable client list submission to SCC, set this parameter in
/etc/rhn/rhn.conf and restart SUSE Manager (
server.susemanager.forward_registration = 0
Display of the client operating system name and version in SCC is pending an upcoming update in SCC.
Configuration state summary
In SUSE Manager, configuration may come from many different places: SUSE Manager itself, configuration channels assigned to your organization, configuration channels assigned to the system groups your clients belong to, configuration channels assigned directly to a client system or formulas with forms.
When managing a large number of clients distributed across several organizations, with multiple system groups, channels, etc, knowing what is exactly the configuration that will be applied may become a daunting task.
In SUSE Manager 4.2, we have added the configuration state summary to the Highstate page of the client. With this, you can see exactly where state is coming from.
Live patching made easy with filter templates
SUSE Linux Enterprise Live Patching helps customers to bring down reboot cycles to once a year which saves companies a time, resources and availability compared to not using live patching at all.
Setting up Live Patching requires installing specific kernel versions which are enabled for live patches, and installing the specific live patches.
SUSE Manager 4.2 implements filter templates, which are a set of pre-defined filters for a specific use case. The first filter template we are including in SUSE Manager 4.2 makes it easy to configure live patching for a specific SUSE product (e. g. SLE 15 SP2). New filter templates and additional information about the lifecycle of the live kernel will be added in upcoming versions of SUSE Manager.
Allow setting system primary FQDN
The System > Details > Hardware page allows to view and set the primary FQDN of a client system.
This feature is useful when managing clients which do not know their own external IP address or DNS name, such as client systems on public cloud, or routed clients. The primary FQDN is used to configure the default target address for monitoring.
Calendar widget for maintenance windows
The raw iCal output that was displayed when creating maintenance windows has been replaced with a graphical control ("widget"), making scheduling maintenance windows easier:
An interactive calendar has replaced the display of the iCalendar file in the details view
An interactive web calendar replaces the list of upcoming maintenance windows in the details of a maintenance schedule, and events associated with that schedule are displayed.
Easier system group and configuration channel assignment
We have simplified the screens where system groups and configuration channels were assigned by removing the tabs and subtabs. All the information and actions are now in the same screen.
Enhanced CLM filter list
The Content Lifecycle Management filter list screen how allows filter selection, deletion and sorting and search by project.
Notify beacon for DEB-based clients
While the recommended way to manage clients is to install, remove, patch, etc from SUSE Manager, which triggers the correct actions, sometimes users run the package managers directly. When doing this on Debian and Ubuntu clients, the WebUI showed an outdated package list for some time.
SUSE Manager now hooks directly into the package manager database on the client to identify local package management and trigger a package refresh from the Server to make sure the list of packages is always up to date.
mgr-create-bootstrap-repo will now log under /var/log/rhn/mgr-create-bootstrap-repo and will rotate the log files daily, keeping an history of 30 days. Clean up any leftover log file in /var/log/rhn/mgr-create-bootstrap-repo.* by archiving or deleting them.
Security: OpenSCAP enhancements
The OpenSCAP auditing feature has been in SUSE Manager for years, relying on content provided externally.
In SUSE Manager 4.2, SUSE is providing SCAP profiles to audit SLES, openSUSE, RHEL, CentOS, Oracle Linux, Ubuntu and Debian. Remediation scripts and Ansible playbooks are also provided.
Check the Administration Guide for more details on how to use this feature:
Additionally, OpenSCAP auditing is now possible for multiple Salt clients at the same time using the Systems Set Manager.
Ubuntu Universe repository changes
Ubuntu 20.04 LTS provides the OpenSCAP scanner in the Universe repository, which made mirroring Universe a requirement for OpenSCAP analysis to work on Ubuntu 20.04 LTS clients. We are now providing the OpenSCAP scanner package in the SUSE Manager Client Tools for Ubuntu 20.04 LTS channel, therefore mirroring Ubuntu Universe is no longer required and has become an optional channel.
For users who still want to mirror Ubuntu Universe, we have added the
universe-security repositories to the Product Wizard, as optional.
Prometheus and the Prometheus formulas now support TLS and basic authentication for HTTP endpoints. This provides a way to securely transfer metrics data.
Prometheus has been updated from version 2.21.1 to version 2.26.0, which brings a number of bugfixes and improvements (such as securing connections using TLS).
For details on what changed in each version between 2.21.1 and 2.26.0, see:
Grafana has been updated from version 7.1.5 to version 7.4.2 in the Client Tools channels.
Check the upstream documentation for details on what has changed:
Updated Node Exporter
The Prometheus Node Exporter has been update from version 1.0.1 to version 1.1.2.
Check the upstream documentation for details on what has changed:
Updated Prometheus Exporters formula
The Prometheus Exporters formula can now be used to configure the Prometheus Exporter Exporter (reverse proxy) on Ubuntu clients.
Virtualization in SUSE Manager has received a number of enhancements:
Fine-tuning: CPU pinning and special memory configurations, such as those required when running SAP under KVM, can now be configured with SUSE Manager.
Virtual networks: it is now possible to create, remove and edit virtual networks from the WebUI, and also using Salt states.
Autostart: automatically start needed networks and storage pools when creating/starting a VM
Virtual console: the virtual console monitors virtual machine state changes and can be opened even when the virtual machine is powered off. This helps in debugging startup issues, and allows to manage the VM even when it is running on another virtualization host.
The virtpoller beacon is now removed a replaced by a refresh action.
Custom data as pillar
Traditional stack clients could receive some custom information via macros but this feature was missing on Salt clients.
In SUSE Manager 4.2, we have implemented passing any custom information to Salt clients (both salt-minion and salt-ssh) via pillars:
salt \* pillar.get custom_info:key1 minion: val1
When an operating system vendor releases a new patch, it might happen that the patch has undesirable side effects (security, stability, boot no longer working, etc) on some scenario that was not identified by testing. When that happens (very rarely), vendors typically release a new patch, which may take from hours to days, depending on the internal processes in place by that vendor.
SUSE has introduced a new mechanism called "retracted patches" to take back such patches in minutes by simply removing the bad patch from the repository metadata and resorting to the previously working patch. These patches receive the advisory status "retracted" (instead of the usual "final" or "stable").
SUSE Manager now supports retracted paches across all the lifecycle:
Retracted patches can be synchronized
When a patch is retracted, it will be noted as such with its own specific icon and status
Retracted patches can be cloned
Following the behavior defined in
Once a retracted patch is installed, it will not be uninstalled unless you uninstall it explicitly. SUSE Manager will never automatically uninstall anything from your systems on its own.
Once a patch has been retracted by the vendor, the retracted patch cannot be installed via normal patch, update and installations.
Retracted patches remain available in the software channels and can be forcefully-installed/updated-to by speficying the exact version you want to install (e. g. by using
zypperdirectly or by using the exact version in a Salt state).
To protect our users, the behaviour when cloning retracted patches is slightly different than usual:
When a Content Lifecycle Management project uses a source channel which contains a now-retracted patch, a warning is displayed so that you are aware you should build and propagate the patch as soon as possible.
When a retracted patch is synchronized, it will not be cloned to the cloned channels by default. You will need to propagate it explicitly, like any other patch.
In contrast, once a retracted patch has been added one Content Lifecycle Management project and the project software channels built, the retracted patch will be automaticaly propagated all the other projects where that (now retracted) patch is available.
The API documentation is now available in HTML format, in addition to the existing PDF document.
The new HTML API documentation includes a search engine too:
New API calls
New API calls have been added:
Enhanced config channel API with list assigned groups
Enhanced server group API with config channel and formula access methods
Added an API endpoint to allow/disallow scheduling irrelevant patches
Added APIs to manage retracted patches
Added APIs to set and get the primary FQDN of a given system (system.getNetworkForSystems/system.setPrimaryFqdn)
Removed API calls
The following API functions were deprecated for a long time and have been removed in SUSE Manager 4.2:
addPackageNames(User loggedInUser, String key, List packageNames)
removePackageNames(User loggedInUser, String key, List packageNames)
listAllPackages(User loggedInUser, String channelLabel, String startDate, String endDate)
listAllPackages(User loggedInUser, String channelLabel, String startDate)
listAllPackagesByDate(User loggedInUser, String channelLabel, String startDate, String endDate)
listAllPackagesByDate(User loggedInUser, String channelLabel, String startDate)
listAllPackagesByDate(User loggedInUser, String channelLabel)
setSystemChannels(User loggedInUser, Integer sid, List<String> channelLabels)
listErrata(User loggedInUser, String channelLabel, String startDate)
listErrata(User loggedInUser, String channelLabel, String startDate, String endDate)
subscribeSystem(User loggedInUser, Integer sid, List<String> labels)
unsubscribeChannels(User user, List<Integer> sids, String baseChannel, List<String> childLabels)
listByDate(User loggedInUser, String channelLabel)
listKickstartableTrees(User loggedInUser, String channelLabel)
listBaseChannels(User loggedInUser, Integer sid)
listChildChannels(User loggedInUser, Integer sid)
applyErrata(User loggedInUser, Integer sid, List<Integer> errataIds)
getLoggedInTime(User loggedInUser, String login)
setChildChannels(User loggedInUser, Integer sid, List channelIdsOrLabels)
setBaseChannel(User loggedInUser, Integer sid, Integer cid)
setBaseChannel(User loggedInUser, Integer sid, String channelLabel)
The spacecmd commandset has been modified to match the current features of the product:
Add group_addconfigchannel and group_removeconfigchannel
Add group_listconfigchannels and configchannel_listgroups
Deprecated "Software Crashes" commands
SUSE Manager 4.2 is available in English, Simplified Chinese, Japanese and Korean. Additional languages may be available as community translations, which need to be enabled explicitly by a SUSE Manager administrator.
Language selection is per user and can be set in the User Preferences. There are separate settings for the WebUI and the documentation. Command-line tools are displayed in the language defined by the user locale settings.
At the moment, Formulas with Forms are only available in English.
As the main language of SUSE Manager, software and documentation are available in English first.
The English documentation is always the most up-to-date and considered authoritative in case of conflict between translation and English.
The WebUI, command-line tools and basic documentation (Installation Guide, Upgrade Guide and Client Configuration Guide) are available in Chinese.
The WebUI, command-line tools and basic documentation (Installation Guide, Upgrade Guide and Client Configuration Guide) are available in Japanese.
The WebUI, command-line tools and basic documentation (Installation Guide, Upgrade Guide and Client Configuration Guide) are available in Korean.
The upstream Uyuni Community has translated Uyuni and SUSE Manager to more languages, which have not been reviewed by SUSE.
Since these additional translations have not been reviewed by SUSE, they are shipped in SUSE Manager but disabled by default. Please note these translations may be incomplete and quality may be lower than the official translations.
You need to specify the full list of languages you want to make available to users, including official translations. For instance, to enable community translations for Slovak and Czech, add the following line to
A restart of Tomcat is required.
As of SUSE Manager 4.2 GA, the most complete community translations are:
Brazilian Portuguese (pt_BR)
You can enhance the community translations, or start a new translation to your language, by translating Uyuni in the openSUSE WebLate instance: https://l10n.opensuse.org/projects/uyuni/
Cobbler has been updated to version 3.1.2, which enhances support for ppc64le, s390x, aarch64 and newer Linux distributions.
You can find a list of changes in the upstream site: https://cobbler.github.io/blog/2020/01/02/cobbler_3.1.1_released.html https://cobbler.github.io/blog/2020/05/27/cobbler_3.1.2_released.html
The database engine has been updated from PostgreSQL 12 to PostgreSQL 13, which brings a number of performance and reliability improvements. A detailed changelog is available upstream.
To prevent inconsistent configurations and data on upgrade or update, SUSE Manager 4.2 will refuse to start until the database migration from PostgreSQL 12 (or 10, if upgrading from SUSE Manager 4.0) to PostgreSQL 13 has completed successfully.
Please note the database migration from PostgreSQL 10 (if migrating from SUSE Manager 4.0) or PostgreSQL 12 (if migrating from SUSE Manager 4.1) will rebuild the database indices. This may take several hours if you have thousands of software channels.
SUSE Manager for Retail
SLEPOS 15 SP3 clients
Pre-defined templates for SLEPOS 15 SP3 are now provided. SLEPOS 15 SP3 is supported for 7.5 years since the release date.
SLEPOS 15 aarch64 clients
The 64-bit ARM aarch64 architecture is now supported for SLEPOS clients, in addition to the existing x86_64 architecture.
Base system upgrade
The base system was upgraded to SUSE Linux Enterprise 15 SP3.
Activation key dropped from system details
Activation keys can be used when registering new clients, or re-registering existing clients, to make sure the correct software entitlements, software channels, system groups, etc are applied when they come under SUSE Manager management.
After a client is registered to SUSE Manager, activation keys serve no purpose. Software channels, groups, etc can be changed independently from the activation key.
The fact the activation key remained in the System Details led users to think editing the activation key (e. g. changing the software channels assigned to that activation key) would change what was assigned to that client system. This is not true. To avoid that confusion, the Activation Key field has been removed from the System Details of registered clients.
Activation keys can still be used during client registration.
The Software Crashes feature, based on the ABRT library, has been dropped in SUSE Manager 4.2. This was a very old feature which only worked on a limited set of clients and required careful configuration to actually submit crash reports to the SUSE Manager Server instead of upstream projects.
After a consultation period with users both in the upstream Uyuni community and the SUSE Manager community, we received no feedback against the removal and executed on it.
Upgrading with SUSE Manager Proxy
SUSE Manager Server 4.2 works with SUSE Manager Proxy 4.1/4.0 and SUSE Manager Retail Branch Server 4.1/4.0 but only for upgrade purposes. The product is not intented to be used in a mixed-version scenario in production. When upgrading, upgrade the SUSE Manager Server first, followed by the SUSE Manager Proxy and Retail Branch Servers.
For instructions on upgrading when SUSE Manager Proxy or SUSE Manager Retail Branch Servers are in use, see the Upgrade Guide on https://documentation.suse.com/suma/4.2/.
Upgrading with inter-server synchronization
When upgrading, upgrade the ISS master first, followed by the ISS slaves.
Supportconfig confidentiality disclaimer
When handling Service Requests, supporters and engineers may ask for the output of the
supportconfig tool from SUSE Manager Server or clients.
This disclaimer applies:
Detailed system information and logs are collected and organized in a manner that helps reduce service request resolution times. Private system information can be disclosed when using this tool. If this is a concern, please prune private data from the log files. Several startup options are available to exclude more sensitive information. Supportconfig data is used only for diagnostic purposes and is considered confidential information.
When you run
supportconfig on the SUSE Manager Server, the output will contain information about your clients as well as about the Server.
In particular, debug data for the subscription matching feature contains a list of registered clients, their installed products, and some minimal hardware information (such as the CPU socket count).
It also contains a copy of the subscription data available from the SUSE Customer Center.
If this is a concern, please prune data in the
subscription-matcher directory in the
spacewalk-debug tarball before sending it to SUSE.
Supportability of embedded software components
All software components embedded into SUSE Manager, like Cobbler for PXE booting or Ansible for automation, are only supported in the context of SUSE Manager. Stand-alone usage (e. g. Cobbler command-line) is not supported.
Support for older products
The SUSE Manager engineering team provides 'best effort' support for products past their end-of-life date. For more information about product support, see Product Support Lifecycle.
Support for products that are considered past their end-of-life is limited to assisting you to bring production systems to a supported state. This could be either by migrating to a supported service pack or by upgrading to a supported product version.
Support for RHEL, CentOS and Oracle Linux Clients
SUSE Manager supports only the latest RHEL 7 and 8 minor release clients. Older minor releases might still work but will only be supported on a limited and reasonable-effort basis.
The same rule applies to CentOS, Oracle Linux, AlmaLinux and SLES Expanded Support.
CentOS Stream is explicitly not supported by SUSE. To register CentOS 8 Stream clients, use the
spacewalk-common-channels command-line tool to add and mirror the product, and the CentOS Stream client tools from the upstream Uyuni Project.
Support for Ubuntu Clients
SUSE Manager supports Ubuntu 18.04 LTS and 20.04 LTS clients using Salt. Traditional clients are not supported.
Support for Ubuntu is limited to a growing list of specific features. For a detailed list of supported features, check the Client Configuration Guide.
Support for Debian Clients
SUSE Manager supports Debian 9 "Stretch" and Debian 10 "Buster" clients using Salt. Traditional clients are not supported.
Support for Debian is limited to a growing list of specific features. For a detailed list of supported features, check the Client Configuration Guide.
For RHEL and CentOS clients on the ppc64le architecture, SUSE Manager offers the same functionality that is supported for the x86_64 architecture. Client tools are not available yet from SCC but the CentOS 7 and CentSOS 8 client tools from Uyuni can be enabled using
RHEL and CentOS ppc64le are only supported at L1 level support. L1 support is limited to problem determination, which means technical support designed to provide compatibility information, usage support, on-going maintenance, information gathering, and basic troubleshooting using available documentation. At the time of writing, any problems or bugs specific to RHEL and CentOS on ppc64le will only be fixed on a best-effort basis.
Please contact your Sales Engineer or SUSE Consulting if you need additional support or features for these operating systems.
Microsoft Internet Explorer fails to render some parts of the SUSE Manager Web UI and is therefore not a supported browser, in any version.
Please refer to the General Requirements for a list of supported browsers.
SUSE Manager installation
The SUSE Unified Installer, and installing SUSE Manager on top of SLE JeOS, are the only supported mechanisms to install SUSE Manager.
Installing SUSE Manager 4.2 on top of an existing SUSE Linux Enterprise Server 15 SP3 is known to generate an incomplete installation. If you require such a setup, please contact SUSE Consulting.
SLE Micro is only partially supported. Some WebUI features, such as showing the patch status of the system, or action chains, will not work properly.
This will be fixed in an upcoming release of SUSE Manager.
Formulas with Forms are only available in English for the time being. This will be solved in an upcoming version of SUSE Manager.
In some cases, translated documentation might not be up to the most recent changes in the English version.
Channels with a large number of packages
Some channels, like SUSE Linux Enterprise Server with Expanded Support
or Red Hat Enterprise Linux, come with a very large number of packages
that may cause
taskomatic to run out of memory.
If this occurs, we recommended that you increase the maximum amount of memory allowed for
taskomatic by editing
/etc/rhn/rhn.conf and adding this line:
You will need to restart
taskomatic after this change.
taskomatic up to 8 GB of memory (up from the default of 4 GB).
taskomatic continues to run out of memory, you can increase the number further.
However, keep in mind that this will affect the total memory required by SUSE Manager Server.
Single Sign On, API and CLI tools
Single Sign On can be used to authenticate in the Web UI but not with the API or CLI tools.
EPEL and Salt packages
Using the Extra Packages for Enterprise Linux directly on RHEL clients (or compatible: SLES ES, CentOS, Oracle Linux, etc) will install the Salt packages from EPEL, which miss some features available in the SUSE Manager-provided Salt packages. This is especially important since it will result in the bootstrap repository containing the non-SUSE Salt packages. Therefore, this is an unsupported scenario.
If you need to enable the EPEL repository, make sure you filter out the Salt packages from EPEL in advance (for example, by removing the Salt packages in Software > Manage > Channels > EPEL > Packages).
RHEL native clients
When autogenerating bootstrap repositories for native RHEL clients, some errors may be logged from the moment the official Red Hat channels are added until the moment those channels are fully synchronized for the first time.
This does not affect SLES Expanded Support, CentOS, Oracle Linux or AlmaLinux.
Registering Spacewalk 2.x/Red Hat Satellite 5.x clients to SUSE Manager as Salt minions
If a client machine is running the Red Hat Satellite 5.x agent, registering it to SUSE Manager as a Salt minion will fail due to package conflicts.
Registering a RH Satellite 5.x client as a SUSE Manager traditional client works fine.
Registering a SUSE Manager traditional client as a SUSE Manager Salt minion will also work.
RH Satellite 5.x ⇒ SUSE Manager traditional
RH Satellite 5.x ⇒ SUSE Manager Salt minion
SUSE Manager traditional ⇒ SUSE Manager Salt minion
In order to register Red Hat Satellite 5.x clients to SUSE Manager as Salt minions, you will need to modify the bootstrap script to remove the Satellite agent packages first.
Spacewalk 2.x and Oracle Spacewalk 2.x clients will show the same behavior as Red Hat Satellite 5.x clients
Latest product documentation: https://documentation.suse.com/suma/4.2/.
Technical product information for SUSE Manager: https://www.suse.com/products/suse-manager/
These release notes are available online: https://www.suse.com/releasenotes/
Visit https://www.suse.com for the latest Linux product news from SUSE.
Visit https://www.suse.com/download-linux/source-code.html for additional information on the source code of SUSE Linux Enterprise products.
SUSE LLC Maxfeldstr. 5 D-90409 Nürnberg Tel: +49 (0)911 740 53 - 0 Email: email@example.com Registrierung/Registration Number: HRB 36809 AG Nürnberg Geschäftsführer/Managing Director: Felix Imendörffer Steuernummer/Sales Tax ID: DE 192 167 791 Erfüllungsort/Legal Venue: Nürnberg
SUSE makes no representations or warranties with regard to the contents or use of this documentation, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, SUSE reserves the right to revise this publication and to make changes to its content, at any time, without the obligation to notify any person or entity of such revisions or changes.
Further, SUSE makes no representations or warranties with regard to any software, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, SUSE reserves the right to make changes to any and all parts of SUSE software, at any time, without any obligation to notify any person or entity of such changes.
Any products or technical information provided under this Agreement may be subject to U.S. export controls and the trade laws of other countries. You agree to comply with all export control regulations and to obtain any required licenses or classifications to export, re-export, or import deliverables. You agree not to export or re-export to entities on the current U.S. export exclusion lists or to any embargoed or terrorist countries as specified in U.S. export laws. You agree to not use deliverables for prohibited nuclear, missile, or chemical/biological weaponry end uses. Please refer to the SUSE Legal information page for more information on exporting SUSE software. SUSE assumes no responsibility for your failure to obtain any necessary export approvals.
Copyright © 2012-2021 SUSE LLC.
This release notes document is licensed under a Creative Commons Attribution-NoDerivatives 4.0 International License (CC-BY-ND-4.0). You should have received a copy of the license along with this document. If not, see https://creativecommons.org/licenses/by-nd/4.0/.
SUSE has intellectual property rights relating to technology embodied in the product that is described in this document. In particular, and without limitation, these intellectual property rights may include one or more of the U.S. patents listed at https://www.suse.com/company/legal/ and one or more additional patents or pending patent applications in the U.S. and other countries.
For SUSE trademarks, see SUSE Trademark and Service Mark list (https://www.suse.com/company/legal/). All third-party trademarks are the property of their respective owners.
Thank you for using SUSE Manager Server in your business.
Your SUSE Manager Server Team.