SUSE Linux Enterprise Server 15 GA

Release Notes

This document provides guidance and an overview to high level general features and updates for SUSE Linux Enterprise Server 15 GA. Besides architecture or product-specific information, it also describes the capabilities and limitations of SUSE Linux Enterprise Server 15 GA.

This product will be released in June 2018.

Publication Date: 2018-01-15, Version: 15.0.20180115

1 About the Release Notes

These Release Notes are identical across all architectures, and the most recent version is always available online at https://www.suse.com/releasenotes.

Entries can be listed twice, if they are important and belong to more than one section.

Release notes usually only list changes that happened between two subsequent releases. Certain important entries from the release notes documents of previous product versions are repeated. To make these entries easier to identify, they contain a note to that effect.

However, repeated entries are provided as a courtesy only. Therefore, if you are skipping one or more service packs, check the release notes of the skipped service packs as well. If you are only reading the release notes of the current release, you could miss important changes.

2 SUSE Linux Enterprise Server

SUSE Linux Enterprise Server is a highly reliable, scalable, and secure server operating system, built to power mission-critical workloads in both physical and virtual environments. It is an affordable, interoperable, and manageable open source foundation. With it, enterprises can cost-effectively deliver core business services, enable secure networks, and simplify the management of their heterogeneous IT infrastructure, maximizing efficiency and value.

The only enterprise Linux recommended by Microsoft and SAP, SUSE Linux Enterprise Server is optimized to deliver high-performance mission-critical services, edge of network, and Web infrastructure workloads.

2.1 Interoperability and Hardware Support

Designed for interoperability, SUSE Linux Enterprise Server integrates into classical Unix and Windows environments, supports open standard interfaces for systems management, and has been certified for IPv6 compatibility.

This modular, general purpose operating system runs on four processor architectures and is available with optional extensions that provide advanced capabilities for tasks such as real time computing and high availability clustering.

SUSE Linux Enterprise Server is optimized to run as a high performing guest on leading hypervisors and supports an unlimited number of virtual machines per physical system with a single subscription. This makes it the perfect guest operating system for virtual computing.

2.2 Support and Life Cycle

SUSE Linux Enterprise Server is backed by award-winning support from SUSE, an established technology leader with a proven history of delivering enterprise-quality support services.

SUSE Linux Enterprise Server 15 has a 13-year life cycle, with 10 years of General Support and 3 years of Extended Support. The current version (GA) will be fully maintained and supported until 6 months after the release of SUSE Linux Enterprise Server 15 SP1.

If you need additional time to design, validate and test your upgrade plans, Long Term Service Pack Support can extend the support duration. You can buy an additional 12 to 36 months in twelve month increments. This means, you receive a total of 3 to 5 years of support per Service Pack.

For more information, check our Support Policy page https://www.suse.com/support/policy.html or the Long Term Service Pack Support Page https://www.suse.com/support/programs/long-term-service-pack-support.html.

2.3 What Is New?

SUSE Linux Enterprise Server 15 introduces many innovative changes compared to SUSE Linux Enterprise Server 12.

If you are upgrading from a previous SUSE Linux Enterprise Server release, you should review at least the following sections:

2.4 Documentation and Other Information

2.4.1 Available on the Product Media

  • Read the READMEs on the media.

  • Get the detailed change log information about a particular package from the RPM (where <FILENAME>.rpm is the name of the RPM):

    rpm --changelog -qp <FILENAME>.rpm
  • Check the ChangeLog file in the top level of the media for a chronological log of all changes made to the updated packages.

  • Find more information in the docu directory of the media of SUSE Linux Enterprise Server 15 GA.

2.4.2 Externally Provided Documentation

2.5 Support Statement for SUSE Linux Enterprise Server

To receive support, you need an appropriate subscription with SUSE. For more information, see https://www.suse.com/support/programs/subscriptions/?id=SUSE_Linux_Enterprise_Server.

The following definitions apply:

L1

Problem determination, which means technical support designed to provide compatibility information, usage support, ongoing maintenance, information gathering and basic troubleshooting using available documentation.

L2

Problem isolation, which means technical support designed to analyze data, reproduce customer problems, isolate problem area and provide a resolution for problems not resolved by Level 1 or prepare for Level 3.

L3

Problem resolution, which means technical support designed to resolve problems by engaging engineering to resolve product defects which have been identified by Level 2 Support.

For contracted customers and partners, SUSE Linux Enterprise Server 15 GA and its Modules are delivered with L3 support for all packages, except the following:

  • Technology Previews

  • sound, graphics, fonts and artwork

  • packages that require an additional customer contract

  • packages provided as part of the Software Development Kit (SDK)

SUSE will only support the usage of original (that is, unchanged and un-recompiled) packages.

2.6 Modules, Extensions, and Related Products

This section comprises information about modules and extensions for SUSE Linux Enterprise Server 15 GA. Modules and extensions add parts or functionality to the system.

2.6.1 Available Modules

SUSE Linux Enterprise Server is made up of modules of packages. Each module has a clearly defined scope. Different modules can have a different life cycles and update timelines.

The following modules are available for SUSE Linux Enterprise Server 15 GA:

Name and Content

Dependencies on Other Modules

Available with

Support1

Base System

SLE base system

None

SLES, SLES for SAP, SLED, SLE RT, SLE HPC (default on all)

life cycle: 10 years

additional: 3 years of LTSS

support level: L3

Containers

Docker, tools, prepackaged images

Base System

SLES, SLES for SAP, SLE HPC

life cycle: 10 years

additional: no

support level: L3

Desktop Applications

Basic desktop functionality

Base System

SLED (default), SLE-WE (default), SLES, SLES for SAP, SLED, SLE RT, SLE HPC

life cycle: 10 years

additional: no

support level: L3

Desktop Productivity

Office tools and multimedia

Base System, Desktop Applications

SLED, SLE-WE

life cycle: 10 years

additional: no

support level: L3

Development Tools

Helps in developing applications, replaces the SLE SDK

Base System, Desktop Applications

SLES, SLES for SAP, SLED, SLE RT, SLE HPC

life cycle: 10 years

additional: 3 years of LTSS

support level: L3

High Availability

HA tools such as Hawk, crm, Pacemaker, Corosync

Base System

SLE HA (default)

life cycle: 10 years

additional: 3 years of LTSS

support level: L3

High Performance Computing

Tools and libraries related to High Performance Computing (HPC)

Base System

SLE HPC

life cycle: 10 years

additional: 3 years of LTSS, 12 months of ESPOS

support level: L3

Legacy

Packages for migration purposes with limited support timeframe

Base System

Public Cloud

Public cloud initialization code and tools

Base System

SLES, SLES for SAP, SLE HPC

support level: L3

SAP Applications

Packages specific to SLES for SAP

Base System

SLES for SAP (default)

life cycle: 10 years

additional: 3 years of LTSS, 12 months of ESPOS

support level: L3

Server Applications

Web server, NVDIMM support, OFED

Base System

SLES, SLES for SAP, SLE RT, SLE HPC

life cycle: 10 years

additional: 3 years of LTSS

support level: L3

1 ESPOS: Extended Service Pack Overlay Support, LTSS: Long-Term Service Pack Support

2.6.2 Available Extensions

Extensions add extra functionality to the system and require their own registration key, usually at additional cost. Usually, extensions have their own release notes documents that are available from https://www.suse.com/releasenotes.

The following extensions are available for SUSE Linux Enterprise Server 15 GA:

Additionally, there is the following extension which is not covered by SUSE support agreements, available at no additional cost and without an extra registration key:

2.6.3 Derived and Related Products

This sections lists derived and related products. Usually, these products have their own release notes documents that are available from https://www.suse.com/releasenotes.

3 Installation and Upgrade

SUSE Linux Enterprise Server can be deployed in several ways:

  • Physical machine

  • Virtual host

  • Virtual machine

  • System containers

  • Application containers

3.1 Installation

This section includes information related to the initial installation of SUSE Linux Enterprise Server 15 GA.

Important
Important: Installation Documentation

The following release notes contain additional notes regarding the installation of SUSE Linux Enterprise Server. However, they do not document the installation procedure itself.

For installation documentation, see Deployment Guide at http://beta.suse.com/private/documentation/sles-15/singlehtml/book_sle_deployment/book_sle_deployment.html.

3.1.1 Handling of Extension Repositories in AutoYaST

Starting with SLE 15, AutoYaST handles extension repositories in a more user-friendly way:

  • AutoYaST automatically reorders extension repositories according to their dependent repositories during registration. That means the order of extensions in the AutoYaST profile is not important anymore.

  • If dependent extensions are missing from the AutoYaST profile, AutoYaST will automatically register them. However, this only works for extensions that do not require a registration key. Extensions that require a registration key must be listed in the AutoYaST profile, including the registration key.

3.2 Upgrade-Related Notes

This section includes upgrade-related information for SUSE Linux Enterprise Server 15 GA.

Important
Important: Upgrade Documentation

The following release notes contain additional notes regarding the upgrade of SUSE Linux Enterprise Server. However, they do not document the upgrade procedure itself.

For upgrade documentation, see http://beta.suse.com/private/documentation/sles-15/singlehtml/book_sle_deployment/book_sle_deployment.html#cha.update.sle.

3.2.1 /etc/SuSE-release Has Been Removed

With SLE 15, the file /etc/SuSE-release has been removed. Previously, this file contained information on the version of SUSE Linux Enterprise that you were using.

Version information can now be found in /etc/os-release. The advantages of /etc/os-release are:

  • The the file exists across all major Linux distributions

  • its format is well-specified and easily parseable

  • it can be sourced by a shell script

For more information, see the man page of os-release: man 5 os-release in the installed system or online at https://www.freedesktop.org/software/systemd/man/os-release.html.

3.2.2 qemu-kvm Wrapper Not Installed by Default

By default, the qemu-kvm wrapper binary is no longer installed on SLE 15. This change is transparent in new installations. However, in pre-SLE 15 environments, there may be VM configurations which use the legacy qemu-kvm wrapper. Migrating such a VM to a SLE 15 host will fail because the legacy wrapper qemu-kvm is not available.

Instead of using qemu-kvm, use QEMU by directly starting the qemu-system-ARCH binary.

To resolve the issue during migration:

  • Change the VM configuration on the original host to use the qemu-system-ARCH emulator directly (preferred).

  • Manually install the package qemu-kvm on the destination SLE 15 host.

3.2.3 cryptconfig Has Been Removed

Previous versions of SLE supported encrypting home directories individually via cryptconfig. This feature and the cryptconfig package have been removed in SLE 15.

To encrypt user data on SLE 15, encrypt the whole partition or volume which contains the home directories.

Important
Important: Decrypt Before Upgrading

Before performing an upgrade from SLE 12, encrypted home directory images need to be decrypted. Otherwise, users will not have access to them after the upgrade.

3.2.4 ReiserFS Support Removed

ReiserFS support for new installations was removed from YaST in SUSE Linux Enterprise 12 but upgrades were still supported.

With SUSE Linux Enterprise 15, support for ReiserFS will be completely removed from YaST and the installer will block the upgrade when it detects a ReiserFS file system.

For existing data partitions formatted with ReiserFS, we suggest converting them to Btrfs before migrating your system to SUSE Linux Enterprise 15.

3.2.5 System-wide Locale/Keymap/Font Settings are not read from /etc/sysconfig/ anymore

Previously, there were different places for configuring a given setting.

For example, to set the system-wide locale, you could either:

  • write the settings in /etc/locale.conf

  • use localectl

  • write ROOT_USES_LANG in /etc/sysconfig/language if LANG was not already configured in /etc/locale.conf.

This could be confusing, especially since settings in /etc/sysconfig/language usually override the locale settings used by users's shells only and therefore should not influence the system-wide locale.

Similar situations and similar problems could also be seen for the keymap/font settings:

  • The keyboard layout could be configured in both /etc/vconsole.conf and /etc/sysconfig/keyboard, the former having a higher priority.

  • the font used by virtual consoles could be read from both /etc/vconsole.conf and /etc/sysconfig/console.conf, the former having a higher priority.

With SLE 15, systemd does not read certain settings from the following files anymore:

  • /etc/sysconfig/language for the system-wide locale settings (ROOT_USES_LANG)

  • /etc/sysconfig/keyboard for the keyboard layout used by the virtual consoles (CONSOLE_FONT, CONSOLE_SCREENMAP, CONSOLE_UNICODEMAP)

  • /etc/sysconfig/console for the font used by the virtual consoles (KEYTABLE)

All variables defined in /etc/sysconfig/language will still be used to override the system-wide locale and to define a different locale settings for users's shells as it is currently described in the official documentation.

To keep backward compatibility with the old systems, during the update of the systemd package, all variables mentioned will be migrated from sysconfig to their final destinations if they are not already defined there.

Replacement settings:

Locale:

  • The system-wide locale can be changed via localectl(1) or YaST.

  • The settings are stored in /etc/locale.conf, see man 5 locale.conf.

Virtual Consoles: The settings can instead be written directly in /etc/vconsole.conf. Also see man 5 vconsole.conf.

Keyboard:

  • The system-wide locale can be changed via localect(1).

  • The settings are stored in /etc/vconsole.conf, see man vconsole.conf(5).

3.3 For More Information

For more information, see Section 4, “Architecture Independent Information” and the sections relating to your respective hardware architecture.

4 Architecture Independent Information

Information in this section pertains to all architectures supported by SUSE Linux Enterprise Server 15 GA.

4.1 Kernel

4.1.1 Intel Resource Director Technology Interface Update and Skylake Errata

Due to CPU defects identified in the Intel Skylake platform, most of the Resource Director Technology features are switched off by default on Skylake. Additionally, the mainline kernel is adopting a new interface for the resource management functions.

The features can be re-enabled using the kernel parameter rdt. For information on its usage, see /usr/src/linux/Documentation/admin-guide/kernel-parameters.txt. The old perf-based interface has been deprecated in favor of the new resctrl file system.

4.2 Kernel Modules

An important requirement for every enterprise operating system is the level of support available for specific environments. Kernel modules are the most relevant connector between hardware (controllers) and the operating system.

For more information about the handling of kernel modules, see the SUSE Linux Enterprise Administration Guide.

4.2.1 IPVS Has Been Moved From the HA Extension to the Base OS

IPVS (IP Virtual Server) implements transport-layer load balancing (Layer 4 LAN switching) in the Linux kernel. In SLES 12 and prior versions, IPVS was shipped only with the SUSE Linux Enterprise High Availability extension. However, IPVS is increasingly outside the HA context, for example by Docker.

With SLES 15, IPVS has been moved into the base system. Other HA-related functionality that relies on IPVS remains part of the HA extension.

4.3 Security

4.3.1 GnuPG Uses SHA-2 Family of Digests by Default

Research was published that showed weakesses in the SHA-1 family of hashes for some applications. The use of stronger digests is advised for most applications.

The default behavior for GnuPG (gpg2) has been changed to use SHA-2 family digests for key certificates, default preferences stored in keys, and signature generation in the absense of a configuration file. GnuPG no longer generates a new configuration when called in an empty home. Existing GnuPG configurations are not altered. GnuPG continues to support SHA-1 digest generation and verification as mandated by OpenPGP standards.

4.4 Networking

4.4.1 Open vSwitch Has Been Updated to Version 2.8

Open vSwitch has been updated to version 2.8. Major changes are:

  • ovs-ofctlt can now accept and display port names in place of numbers. By default it always accepts names and in interactive use it displays them; use --names or --no-names to override. For more information, see ovs-ofctl(8) for details.

  • ovs-ofctl dump-flows now accepts --no-stats to omit flow statistics.

  • New ovs-dpctl command ct-stats-show to show connection tracking stats.

  • DPDK log messages are redirected to the OVS logging subsystem. The log level can be changed by using ovs-appctl vlog commands for the >dpdk module (as for other modules). The lower bound can still be configured via extra arguments for DPDK EAL.

  • dpdkvhostuser ports are marked as deprecated. They will be removed in an upcoming release.

  • Support for DPDK v17.05.1.

  • New support for multiple VLANs (802.1ad or "QinQ"), including a new dot1q-tunnel port VLAN mode.

  • Added NAT support for user-space data path.

  • Added FTP and TFTP support with NAT for user-space data path.

  • Experimental NSH (Network Service Header) support in user-space data path.

  • Tracing with ofproto/trace now traces through recirculation.

  • New support for role-based access control

  • New commands stp/show and rstp/show

  • All features required by OpenFlow 1.4 are now implemented, so ovs-vswitchd now enables OpenFlow 1.4 by default (in addition to OpenFlow 1.0 to 1.3).

  • Better support for OpenFlow 1.6 (draft).

  • The learn action now supports a limit option

  • OpenFlow 1.5 packet-out is now supported.

  • Support for OpenFlow 1.5 field packet_type and packet-type-aware pipeline (PTAP).

  • Added generic encapsulation and decapsulation actions (EXT-382). First supported use case is encapsulation/decapsulation for Ethernet.

  • Added NSH (Network Service Header) support in userspace Used generic encap and decap actions to implement encapsulation and decapsulation of NSH header. For more infoprovider, see the IETF NSH draft at https://datatracker.ietf.org/doc/draft-ietf-sfc-nsh/.

  • ovs-vswitchd and ovsdb-server run as non-root users by default.

  • Add --cleanup option to command ovs-appctl exit

  • Use new tunnel port option packet_type to configure L2 vs. L3.

  • In conjunction with PTAP tunnel ports can handle a mix of L2 and L3 payload.

  • New vxlan tunnel extension gpe to support VXLAN-GPE tunnels.

  • New support for non-Ethernet (L3) payloads in GRE and VXLAN-GPE.

  • Added experimental support for hardware offloading.

  • Hardware offloading is disabled by default.

  • Hardware offloading is done through the TC interface.

  • The next major version of OVS will introduce a change in the Conntrack API. Conntrack state is only available to the processing path that follows the recirc_table argument of the ct() action. Starting in OVS 2.9, this state will be cleared for the current processing path whenever ct() is called.

4.4.2 Support for the IDNA2008 Standard for Internationalized Domain Names

The original method for implementing Internationalized Domain Names was IDNA2003. This has been replaced by the IDNA2008 standard, the use of which is mandatory for some top-level domains.

The network utilities wget and curl have been updated to support IDNA2008 through the use of libidn2. This update also affects consumers of the libcurl library.

4.5 Systems Management

4.5.1 Better AutoYaST Device Resize Handling

In SLE 12 and earlier, AutoYaST only supported resizing partitions but not logical volumes. Moreover, specifying the new size was quite limited, as values like max or auto were not allowed. Additionally, when using a percentage as the value of a resizing operation, the percentage was assumed to refer to the previous size of the partition. This was different from creating a partition where percentages refer to device size.

AutoYaST now supports resizing both partitions and logical volumes. Additionally, the size element will behave the same way, no matter whether a partition or logical volume is being created or resized: Percentages always refer to size of the whole device.

4.5.2 Zypper Return Code for Non-Fatal Failures

Similarly to other commands, Zypper signifies success exits with a return code of 0 and signifies failures with an error-specific non-zero return code. Prior to SLE 15 GA, Zypper would return 0 for some non-fatal failures. For example, this happened when a package was installed but there were issues with a post-installation script.

In cases of such non-fatal failures, Zypper now returns exit code 100 or higher. The list of exit codes is available in the man page (man zypper).

4.5.3 New SAP Applications Module

This module contains the specialized tools for SAP Applications administration provided by the SLES for SAP product. The module will be accessible through the SLES for SAP Applications product subscription only, but can be installed from the installer ISO without a registration code.

Important
Important

The default installation workflow of SLES for SAP module depends on a graphical environment. If you decide to proceed with the "SLES for SAP" system role without installing the Desktop Applications Module, the message "Failed to select default product pattern gnome_basic. Pattern has not been found." will appear.

4.5.4 Support for Floppy Disks Has Been Removed from YaST

Starting with the version shipped in SLE 15, YaST does not have support for floppy disks anymore. For example, this means, that you can no longer install the boot loader to floppy disk or use AutoYaST files from floppy disk.

4.6 Performance Related Information

4.6.1 NFS Tuning

On systems with a high NFS load, connections may block.

To work around such performance regressions with NFSv4, you can open more than one TCP connection to the same physical host. This can be accomplished with the following mount options that will request that the transport is not shared:

mount -o sharetransport=N server:/path /mountpoint

In this case, N must be unique. If N is different for two mounts, they will not share the transport. If N is the same, they might (if they are for the same server, etc).

4.7 Storage

4.7.1 lvmlockd Has Been Added As an Alternative to clvm

clvm, the clustered LVM implementation shipped with SLE 12 has functional limitations, For example, it does not allow managing LVM transparently in a cluster and does not support lvmetad.

SLE 15 ships wih lvmlockd. lvmlockd is simpler to configure than clvm, enables new functionality (such as managing LVM transparently with sanlock or dlm and support for lvmetad) and provides better performance. For more information about lvmlockd, see the man page lvmlockd(8).

4.8 Miscellaneous

4.8.1 MariaDB: Dates After 2038

In MariaDB, the data type TIMESTAMP is limited to dates until 2038.

For dates beyond 2038, use the data type DATETIME.

4.8.2 MariaDB: Default Encoding and Collation Changed to utf8mb4

The utf8 encoding of MariaDB only support Unicode codepoints up to three bytes. The string would be truncated at the first encountered codepoint that would be encoded with four bytes.

The default encoding and collation of MariaDB was changed to utf8mb4 which supports all codepoints.

4.8.3 MariaDB: Support for TokuDB Storage Engine

The version of MariaDB shipped with SLE 15 on Intel 64/AMD64 now supports TokuDB. TokuDB is a high-performance storage engine focused on scalability and operational efficiency.

Note that the TokuDB storage engine cannot be used when the transparent hugepages feature of the Linux kernel is enabled. To disable transparent hugepages, follow the instructions at https://mariadb.com/kb/en/library/enabling-tokudb/#check-for-transparent-hugepage-support-on-linux.

4.8.4 No Default Compose Key Combination

In previous versions of SLE, the compose key combination allowed typing characters that were not part of the regular keyboard layout. For example, to produce "å", you could press and release Shift-Right Ctrl and then press a twice.

Starting with SLE 15, there is no longer a predefined compose key combination because Shift-Right Ctrl does not work as expected anymore.

  • To define a system-wide custom compose key combination, use the file /etc/X11/Xmodmap and look for the following lines:

    [...]
    !! Third example: Change right Control key to Compose key.
    !! To do Compose Character, press this key and afterwards two
    !! characters (e.g. `a' and `^' to get 342).
    !remove  Control  = Control_R
    !keysym Control_R = Multi_key
    !add     Control  = Control_R
    [...]

    To uncomment the example code, remove the ! characters at the beginning of lines. However, note that the setup from Xmodmap will be overwritten if you are using setxkbmap.

  • To define a user-specific compose key combination, use your desktop's keyboard configuration tool or the command-line tool setxkbmap:

    setxkbmap [...] -option compose:COMPOSE_KEY

    For the variable COMPOSE_KEY, use your preferred character, for example ralt, lwin, rwin, menu, rctl, or caps.

  • Alternatively, use an IBus input method that allows typing the characters you need without a Compose key.

4.8.5 MariaDB Has Been Upgraded to 10.2

MariaDB package has been upgraded to 10.2 series that brings many new features and bugfixes. The list of major changes can be found at https://mariadb.com/kb/en/library/changes-improvements-in-mariadb-102/.

The update to the new MariaDB package should be painless. However, there are some incompatible changes that need to be considered during this process (for example, InnoDB is the default storage engine now, some options changed default values, some options have been removed/renamed etc.). For more infromation about upgrading, see the upgrade notes at https://mariadb.com/kb/en/library/upgrading-from-mariadb-100-to-mariadb-101/ and https://mariadb.com/kb/en/library/upgrading-from-mariadb-101-to-mariadb-102/.

MariaDB now uses the libmariadb3 client library instead of the libmysqlclient library. The libmariadb3 library is provided by the mariadb-connector-c package.

5 AMD64/Intel 64 (x86_64) Specific Information

Information in this section pertains to the version of SUSE Linux Enterprise Server 15 GA for the AMD64/Intel 64 architectures.

5.1 System and Vendor Specific Information

5.1.1 TPM 2.0 Software Stack Has Been Updated

The upstream projects for Intel's TPM 2.0 Software Stack have introduced major changes to the project structure. Notably, the resource manager daemon has been replaced by a new implementation that fixes stability and security issues.

The packaging has been adjusted to the upstream changes. The previous resource manager daemon, resourcemgr, which was previously part of the tpm2-0-tss package has been dropped. The new package tpm2.0-abrmd provides the new resource manager implementation (tpm2-abrmd / tabrmd).

6 POWER (ppc64le) Specific Information

Information in this section pertains to the version of SUSE Linux Enterprise Server 15 GA for the POWER architecture.

6.1 Support for POWER9 Radix Page Tables When Running as KVM Guest

Using hash memory page tables is not efficient when running as a KVM guest.

With SLES 15, radix page tables are supported on POWER9.

7 IBM z Systems (s390x) Specific Information

Information in this section pertains to the version of SUSE Linux Enterprise Server 15 GA for the IBM z Systems architecture. For more information, see https://www.ibm.com/developerworks/linux/linux390/documentation_novell_suse.html

IBM zEnterprise 196 (z196) and IBM zEnterprise 114 (z114), subsequently called z196 and z114.

7.1 Storage

7.1.1 DASD Channel-Path Aware Error Recovery

The DASD driver can now exclude paths from normal operation if other channel paths are available.

7.1.2 No dasd_reload During Installation

In previous versions of SLES, when a DASD was activated during the installation, other DASDs may be renumbered. This renumbering could be confusing to users.

Starting with SLES 15, the call to dasd_reload has been removed from the installation. For addressing disks on z Systems, YaST now uses udev device names primarily. This prevents issues with disk name changes and is similar to the behavior on other hardware architectures.

8 ARM 64-Bit (AArch64) Specific Information

Information in this section pertains to the version of SUSE Linux Enterprise Server 15 GA for the AArch64 architecture.

8.1 Cavium ThunderX2 CRB Firmware Requirements

Unlike SUSE Linux Enterprise Server 12 SP3, SUSE Linux Enterprise Server 15 relies on the firmware to indicate which SMMU version is available in hardware. Early versions of the Cavium ThunderX2 "Sabre" reference boards did not indicate the SMMU model in the IORT ACPI table.

Update the firmware of boards that do not correctly report the SMMU model:

  • For the ThunderX2 "Sabre" reference board, make sure the AMI firmware version is 0ACKL006 or newer.

  • For ThunderX CRB systems, make sure the AMI firmware version is 0ACGA018 or newer.

9 Packages and Functionality Changes

This section comprises changes to packages, such as additions, updates, removals and changes to the package layout of software. It also contains information about modules available for SUSE Linux Enterprise Server. For information about changes to package management tools, such as Zypper or RPM, see Section 4.5, “Systems Management”.

9.1 New Packages

9.1.1 ntpd Has Been Replaced With Chrony

The time server synchronization daemon ntpd has been replaced with the more modern daemon Chrony.

This change means that AutoYaST files with an ntp_client section need to be updated to a new format for this section. For more information about the new AutoYaST ntp_client format, see AutoYaST Guide, section NTP Client.

9.2 Updated Packages

9.2.1 Squid Has Been Updated to Version 4

Squid has been updated to the 4.x branch. Current users updating from squid 3.5.x (and earlier) should update their configuration files and get acquainted with the new features.

For more information, see the Squid 4 Release Notes at http://www.squid-cache.org/Versions/v4/RELEASENOTES.html.

9.2.2 Wireshark Qt UI Replaces Deprecated GTK+ UI

The GTK+ user interface of the Wireshark network protocol analyzer has been deprecated by the upstream project.

The Wireshark Qt interface is now shipped in the package wireshark-ui-qt.

9.3 Modules

This section contains information about important changes to modules. For more information about available modules, see Section 2.6.1, “Available Modules”.

9.3.1 OpenSSL 0.9.8 Has Been Removed

In December 2015, OpenSSL 0.9.8 reached its end of life. The code was maintained via source backports in the SUSE Linux Enterprise Server 12 Legacy Module.

With SLE 15, OpenSSL 0.9.8 has been removed from the product. Users of OpenSSL must upgrade code to version 1.0 or 1.1, both of which which bring many improvements such updated protocol support.

10 Technical Information

This section contains information about system limits, technical changes and enhancements for experienced users.

When talking about CPUs, we use the following terminology:

CPU Socket

The visible physical entity, as it is typically mounted to a mainboard or an equivalent.

CPU Core

The (usually not visible) physical entity as reported by the CPU vendor.

On IBM z Systems, this is equivalent to an IFL.

Logical CPU

This is what the Linux Kernel recognizes as a CPU.

We avoid the word thread (which is sometimes used), as the word thread would also become ambiguous subsequently.

Virtual CPU

A logical CPU as seen from within a virtual machine.

10.1 Kernel Limits

http://www.suse.com/products/server/technical-information/#Kernel

This table summarizes the various limits which exist in our recent kernels and utilities (if related) for SUSE Linux Enterprise Server 15 GA.

SLES 15 GA (Linux 4.12) AMD64/Intel 64 (x86_64)IBM z Systems (s390x)POWER (ppc64le)AArch64 (ARMv8)

CPU bits

64

64

64

64

Maximum number of logical CPUs

8192

256

2048

128

Maximum amount of RAM (theoretical/certified)

> 1 PiB/64 TiB

10 TiB/256 GiB

1 PiB/64 TiB

256 TiB/n.a.

Maximum amount of user space/kernel space

128 TiB/128 TiB

n.a.

512 TiB 1/2 EiB

256 TiB/128 TiB

Maximum amount of swap space

Up to 29 * 64 GB (x86_64) or 30 * 64 GB (other architectures)

Maximum number of processes

1048576

Maximum number of threads per process

Upper limit depends on memory and other parameters (tested with more than 120,000)2

Maximum size per block device

Up to 8 EiB on all 64-bit architectures

FD_SETSIZE

1024

1 By default, the user space memory limit on the POWER architecture is 128 TiB. However, you can explicitly request mmaps up to 512 TiB.

2 The total number of all processes and all threads on a system may not be higher than the maximum number of processes.

10.2 KVM Limits

SLES 15 GA Virtual Machine (VM) Limits

Maximum VMs per host

Unlimited (total number of virtual CPUs in all guests being no greater than 8 times the number of CPU cores in the host)

Maximum Virtual CPUs per VM

240

Maximum Memory per VM

4 TiB

Virtual Host Server (VHS) limits are identical to those of SUSE Linux Enterprise Server.

10.3 Xen Limits

Since SUSE Linux Enterprise Server 11 SP2, we removed the 32-bit hypervisor as a virtualization host. 32-bit virtual guests are not affected and are fully supported with the provided 64-bit hypervisor.

SLES 15 GA Virtual Machine (VM) Limits

Maximum number of virtual CPUs per VM

64

Maximum amount of memory per VM

16 GiB x86_32, 511 GiB x86_64

SLES 15 GA Virtual Host Server (VHS) Limits

Maximum number of physical CPUs

256

Maximum number of virtual CPUs

256

Maximum amount of physical memory

5 TiB

Maximum amount of Dom0 physical memory

500 GiB

Maximum number of block devices

12,000 SCSI logical units

  • PV:  Paravirtualization

  • FV:  Full virtualization

For more information about acronyms, see the virtualization documentation provided at https://www.suse.com/documentation/sles-12/.

10.4 File Systems

https://www.suse.com/products/server/technical-information/#FileSystem

10.4.1 Comparison of Supported File Systems

SUSE Linux Enterprise was the first enterprise Linux distribution to support journaling file systems and logical volume managers back in 2000. Later, we introduced XFS to Linux, which today is seen as the primary work horse for large-scale file systems, systems with heavy load and multiple parallel reading and writing operations. With SUSE Linux Enterprise 12, we went the next step of innovation and started using the copy-on-write file system Btrfs as the default for the operating system, to support system snapshots and rollback.

+ supported
unsupported

FeatureBtrfsXFSExt4OCFS 2 1

Support in products

SLE

SLE

SLE

SLE HA

Data/metadata journaling

N/A 2

– / +

+ / +

– / +

Journal internal/external

N/A 2

+ / +

+ / +

+ / –

Subvolumes

+

Offline extend/shrink

+ / +

– / –

+ / +

+ / – 3

Online extend/shrink

+ / +

+ / –

+ / –

– / –

Inode allocation map

B-tree

B+-tree

table

B-tree

Sparse files

+

+

+

+

Tail packing

Small files stored inline

+ (in metadata)

+ (in inode)

+ (in inode)

Defragmentation

+

+

+

Extended file attributes/ACLs

+ / +

+ / +

+ / +

+ / +

User/group quotas

– / –

+ / +

+ / +

+ / +

Project quotas

+

+

Subvolume quotas

+

N/A

N/A

N/A

Data dump/restore

+

Block size default

4 KiB 4

Maximum file system size

16 EiB

8 EiB

1 EiB

4 PiB

Maximum file size

16 EiB

8 EiB

1 EiB

4 PiB

1 OCFS 2 is fully supported as part of the SUSE Linux Enterprise High Availability Extension.

2 Btrfs is a copy-on-write file system. Instead of journaling changes before writing them in-place, it writes them to a new location and then links the new location in. Until the last write, the changes are not committed. Because of the nature of the file system, quotas are implemented based on subvolumes (qgroups).

3 To extend an OCFS 2 file system, the cluster must be online but the file system itself must be unmounted.

4 The block size default varies with different host architectures. 64 KiB is used on POWER, 4 KiB on other systems. The actual size used can be checked with the command getconf PAGE_SIZE.

Additional Notes

Maximum file size above can be larger than the file system's actual size because of the use of sparse blocks. All standard file systems on SUSE Linux Enterprise Server have LFS, which gives a maximum file size of 263 bytes in theory.

The numbers in the above table assume that the file systems are using a 4 KiB block size which is the most common standard. When using different block sizes, the results are different.

In this document: 1024 Bytes = 1 KiB; 1024 KiB = 1 MiB; 1024 MiB = 1 GiB; 1024 GiB = 1 TiB; 1024 TiB = 1 PiB; 1024 PiB = 1 EiB. See also http://physics.nist.gov/cuu/Units/binary.html.

NFSv4 with IPv6 is only supported for the client side. An NFSv4 server with IPv6 is not supported.

The version of Samba shipped with SUSE Linux Enterprise Server 15 GA delivers integration with Windows 7 Active Directory domains. In addition, we provide the clustered version of Samba as part of SUSE Linux Enterprise High Availability Extension 15 GA.

10.4.2 Supported Btrfs Features

The following table lists supported and unsupported Btrfs features across multiple SLES versions.

+ supported
unsupported

FeatureSLES 11 SP4SLES 12 SP3SLES 15 GA
Copy on Write+++
Snapshots/Subvolumes+++
Metadata Integrity+++
Data Integrity+++
Online Metadata Scrubbing+++
Automatic Defragmentation
Manual Defragmentation+++
In-band Deduplication
Out-of-band Deduplication+++
Quota Groups+++
Metadata Duplication+++
Multiple Devices++
RAID 0++
RAID 1++
RAID 10++
RAID 5
RAID 6
Hot Add/Remove++
Device Replace
Seeding Devices
Compression++
Big Metadata Blocks++
Skinny Metadata++
Send Without File Data++
Send/Receive++
Inode Cache
Fallocate with Hole Punch++

11 Obtaining Source Code

This SUSE product includes materials licensed to SUSE under the GNU General Public License (GPL). The GPL requires SUSE to provide the source code that corresponds to the GPL-licensed material. The source code is available for download at http://www.suse.com/download-linux/source-code.html. Also, for up to three years after distribution of the SUSE product, upon request, SUSE will mail a copy of the source code. Requests should be sent by e-mail to mailto:sle_source_request@suse.com or as otherwise instructed at http://www.suse.com/download-linux/source-code.html. SUSE may charge a reasonable fee to recover distribution costs.

Print this page