Post on 25-Jul-2020
Senior Product ManagerSUSEjoe@suse.com
Senior Product ManagerSUSEpchadwick@suse.com
“The Cloud” promises a lot these days:
Choose images from a library
Start and stop workloads on demand
And who is going to patch those images?
6
“Rounding up, approximately 100% of cloud workloads run unpatched”
– The Guy a Colleague Ran Into at the OpenStack Summit
7
Heartbleed & Shellshock ...
Ooops!
You need
Lifecycle Management
SUSE® and Linux Workloads in the Enterprise
How to easily build a workload with SUSE®
12
How do I build it?The “not quite as hard” way ...
Kiwi open source project‒ Developed and hosted by openSUSE‒ Portal page: http://en.opensuse.org/Portal:KIWI‒ Can create for multiple architectures‒ Can create for multiple distributions ‒ Can be deployed to physical, virtual and cloud
‒ vmdk, qcow2, vhd, ovf, raw, lxc
‒ Very flexible‒ With flexibility comes complexity
SUSE® Studio
SUSE Studio Onsite is a web application for building and testing software appliances in a web browser
• build your own application images, or appliances based on SUSE Linux Enterprise
• test-drive your software appliances• acts as a web UI to KIWI image builder with multi-user support
How to manage your workloads with SUSE®
SUSE Manager:Operating System Lifecycle Management
Gain control Optimize operations Enable innovation
Firewall (and optional SMT)
How Does SUSE Manager Work?
SUSE ManagerProxy Server
Easy deployment of workloads with SUSE®
SUSE® Cloud
Private cloudinfrastructure solutionpowered by OpenStack
Integrated platform and tools for hybrid clouds
SUSE Linux Enterprisein public clouds
23
What is SUSE Cloud?
SUSE Cloud is an open source software solution based on the OpenStack and Crowbar projects that provides the fundamental capabilities for enterprises to deploy an Infrastructure-as-a-Service Private Cloud
End Users
Self Service Portal
Image Repository
APIs
Automated● Configuration● Optimized
Deployment
APIsPool of Virtualized Servers(Compute Storage Nodes)
24
Promise of Private Cloud Computing
● Lower Costs
● Increased Agility
● Greater Control and Security
25
OpenStack Directions
• Bare Metal (Ironic)‒ Ability to provision physical servers through OpenStack
• DNS Service (Designate)‒ Name resolution for guests and OpenStack services
• Shared file system (Manila)‒ Enable guests to access shared folders
• OpenStack Data Processing (Sahara)‒ Hadoop as a service
• Queue Service (Zaqar)‒ Message passing between VMs
• Key Management (Barbican)
Forrester: More and More Systems Are Considered Critical
Source: Forrester Research, Inc.
HA for the Cloud and HA in the Cloud
SUSE® and Linux Workloads in the Enterprise
Solutions for the Retail Industry and other Distributed Environments ...
31
SUSE® Linux Enterprise Point of Service
SUSE Linux Enterprise Point of Service 11 is the only enterprise-class Linux solution tailored specifically to the unique needs of the retail industry.
34
Build with SUSE® Studio
• Using SUSE Studio build an image base on one of the templates that come along with the SLEPOS solution
• Copy, unpack and register generated image to the SLEPOS Admin Server
35
Deploy with SUSE® Linux Enterprise Point of Service
• Synchronize all SLEPOS Branch Servers with its central Admin Server
• Reboot POS Terminals to pull updated images via PXE
36
Manage with SUSE® Manager
Once a POS terminal is registered within a SUSE Manager instance you are able to:
• List, verify and update RPM software packages centralized
• Run remote commands on selected terminals• Etc ...
Starting one Step Earlier ...
Solution Components
Open Build Service‒ Build your RPMs
SUSE Studio™
‒ Build a new appliance image‒ Deploy it to the Cloud
SUSE® Manager‒ Deploy RPM-based update‒ Run test suite
SUSE Cloud‒ Run test instances
Open Build Service (OBS)
• OBS builds binary packages for many distributions and platforms
• OBS makes them available for download
Traditional Collaboration
The DevOps Way
43
Continuous Delivery/Integration
45
What Is CI?
Automating an RPM Package QA
What else?
2020 will be very much like today:
• SLES 11 is still around; has another2 years of LTSS
• SLES 12 is still inGeneral Support phase
• Some customers are still running on the same contract they signed in 2013
But we should also expect a lot of change: Early 2010 ...
• OpenStack didn't exist• Cisco didn't build servers• SAP HANA didn't exist• no iPad!
Nobody wants to run an OS!
The OS is a commodity used as part of providing a Service
Just a part ...
The System Description in Machinery is like a “Makefile for Linux instances”
Deployment Options
Image DeploymentImage Deployment Scripted Deployment “Hybrid” Deployment
Image
Contains allsoftware, data,
and basicconfiguration
Configuration
InstallationSystem
Installation &Configuration
Script
Installs andconfigures all
software
Basic Image
Only contains coresoftware commonto most instances
ConfigurationScript
Installs andconfigures the
rest of thesoftware
Manual Installation
InstallationSystem
InteractiveInstaller
The Machinery Approach
frees you from having to choose a deployment paradigm upfront (scripted installation vs. image-based deployments)
is the only round-trip-capable approach(it's not a one-way street to the Cloud)
doesn't lock you in
gives you a maximum amount of automation while retaining full control
58
SUSE Linux Enterprise 12Automated Deployment Model
Develop.…...........Build.....................Test................Deploy
59
60
What is Infrastructure as a Service
Data
Runtime
Middleware
OS
Virtual Machine
Servers
Storage
Networking
Applications
Data
Runtime
Middleware
OS
Virtual Machine
Servers
Storage
Networking
Applications
Data
Runtime
Middleware
OS
Virtual Machine
Servers
Storage
Networking
Applications
Infrastructure (IaaS) Platform (PaaS) Software (SaaS)
IT
Line
of B
usin
ess
Hypervisor HypervisorHypervisor
IT
ITLi
ne o
f Bus
ines
s
61
Where Containers fit in ...
Data
Runtime
Middleware
OS
Servers
Storage
Networking
Applications
Data
Runtime
Middleware
OS
Virtual Machine
Servers
Storage
Networking
Applications
Data
Runtime
Middleware
OS
Virtual Machine
Servers
Storage
Networking
Applications
Container Platform Software
IT
Line
of B
usin
ess
HypervisorHypervisor
IT
ITLi
ne o
f Bus
ines
s
Data
Runtime
Middleware
OS
Virtual Machine
Servers
Storage
Networking
Applications
Infrastructure
Line
of B
usin
ess
Hypervisor
IT
Docker is available for SLES 12!
A service is a means of delivering value to customers by facilitating outcomes customers want to achieve without the ownership of specific costs or risks.
ITIL
Ultimately it's all about Services!
• Nobody wants to manage systems, configurations etc.• What you want is to deploy and operate services• Services are what end users are paying for• Delivering a service can mean running one or more
servers, instances of one or more software application, other services etc.
Service Delivery in the Cloud Age
Bare Metal Bare Metal
Hypervisor Hypervisor
Cloud Infrastructure
Application Application
Service Instance
• Deploy hypervisor on bare metal hardware• Deploy cloud infrastructure components• Deploy application instances (workloads) into the cloud• Configure and connect applications to deliver service• Scale up/down as needed
67
How do I deploy it?The “hard up-front, but totally easier in the end” way
“Heat is a service to orchestrate multiple composite cloud applications using the AWS Cloud Formation template format, throughboth an OpenStack-native ReST API and a CloudFormation-compatible Query API.”
68
How do I deploy it?The “hard up-front, but totally easier in the end” way
“Heat is a service to orchestrate multiple composite cloud applications using the AWS Cloud Formation template format, throughboth an OpenStack-native ReST API and a CloudFormation-compatible Query API.”
69
How do I deploy it?The “hard up-front, but totally easier in the end” way
Heat allows you to pre-define a set of compute, network, and storage requirements to provide a specific service, and deploy the whole thing automagically.
TOSCA
Topology Management
• Manage (or import) a “topology tree” with hardware and services and their dependencies
• Centrally provide and manage credentials for third party management APIs (VMware vCenter, SUSE Cloud, Public Cloud accounts)
• Manage and monitor Patch/Security Compliance and Subscription/Licence Compliance across physical, virtual, and Cloud deployments
• Integrate with your Monitoring solution
Buzzword Bingo
• Computing Everywhere• The Internet of Things• Advanced Analytics• Context-Rich Systems• Smart Machines• Cloud/Client Computing• Software-Defined Applications & Infrastructure
• Web-Scale IT• Risk-Based Security andSelf-Protection
Big Data
Cloud
and the
Internet of Things
Two (seemingly) contradicting trends
Software-defined
DatacenterNetworking
Storage...
SUSE Storage
SUSE Storage Sweet Spots
HardwareAppliances
What they have in common:
• Hardware is being highly standardized(example: “AEGIS moves to COTS”)
• Value add is in the software stack
• The only difference is the buying model‒ Buy a bundle from a hardware vendor‒ Buy hardware and software separately and
build your own stacks
ComplianceStabilityReliability
“10+3”
Go-to-MarketAgility
Growth at Scale
“Cloud”, “DevOps”
86
The marriage of DevOps with ITIL and Compliance• Agile and Enterprise• Two ways of looking at it:
‒ Make DevOps fully compliant‒ Make ITIL processes so fast and agile that they meet today's
demands‒ The key is “reliable automation”
SUSE Master Builder
Customers build
Downstream Distributions
From
Productto
Process
Maintaining an Operating System/Application Stack
“Golden Master”should be fun for all parties involved!
SUSE Product Portfolio
Operating SystemSUSE Linux Enterprise
InfrastructureSUSE Cloud (OpenStack)
SUSE Storage (Ceph/Rados)
WorkloadsSUSE Linux Enterprise
SUSE StudioOperations
ManagementSUSE Manager
SUSE Cloud
Corporate HeadquartersMaxfeldstrasse 590409 NurembergGermany
+49 911 740 53 0 (Worldwide)www.suse.com
Join us on:www.opensuse.org
93
Unpublished Work of SUSE. All Rights Reserved.This work is an unpublished work and contains confidential, proprietary and trade secret information of SUSE. Access to this work is restricted to SUSE employees who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of SUSE. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability.
General DisclaimerThis document is not to be construed as a promise by any participating company to develop, deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. SUSE makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for SUSE products remains at the sole discretion of SUSE. Further, SUSE reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All SUSE marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.