public cloud devops team - suse linux · sles12-sp3-azure -> azure on-demand (basic)...
TRANSCRIPT
Public Cloud DevOps TeamProjects
Public Cloud Goals
Public Cloud ProjectsAccommodate increased growth
Image support for existing public cloud business
• Images for new point releases and SPs
Support for CSP expansion
• New data centers• New instance types• Improvements to
their platform
Portfolio expansion within the public cloud
• New products• New images
Images
Images Released in 2018
90+ unique images released across all three cloud frameworks
Updated 272 of our servers across all three frameworks
No infrastructure downtime
AWS Images
SLES 12 SLES for SAP 12 SLES 11 SLES 15 Other
SLES12-SP3-EC2 -> EC2 PV on-demand
SLES12-SP2-SAP-EC2-HVM -> EC2 SLES4SAP on-demand
SLES11-SP4-EC2-BYOS -> EC2 PV BYOS
SLES15-EC2-ECS-HVM SLES12-SP3-CaaSP-2-1-Admin-EC2-HVM-BYOS -> EC2 CaaSPAdmin BYOS
SLES12-SP3-EC2-BYOS -> EC2 PV BYOS
SLES12-SP2-SAP-EC2-HVM-BYOS -> EC2 SLES4SAP BYOS
SLES11-SP4-EC2-HVM -> EC2 HVM on-demand
SLES15-EC2-HVM SLES12-SP3-CaaSP-2-1-Cluster-EC2-HVM-BYOS -> EC2 CaaSPCluster BYOS
SLES12-SP3-EC2-ECS-HVM -> EC2 on-demand for ECS
SLES12-SP3-SAP-EC2-HVM -> EC2 SLES4SAP on-demand
SLES11-SP4-EC2-HVM-BYOS -> EC2 HVM BYOS
SLES15-EC2-HVM-BYOS
SLES12-SP3-EC2-HVM -> EC2 HVM on-demand
SLES12-SP3-SAP-EC2-HVM-BYOS -> EC2 SLES4SAP BYOS
SLES11-SP4-EC2-RightScale -> EC2 PV on-demand with RightScaleagent
SLES15-SAP-EC2-HVM
SLES12-SP3-EC2-EKS-HVM -> EC2 on-demand for EKS*
SLES11-SP4-EC2-RightScale-HVM -> EC2 HVM on-demand with RightScale agent
SLES15-SAP-EC2-HVM-BYOS
SLES12-SP3-EC2-HVM-BYOS -> EC2 HVM BYOS
SLES11-SP4-EC2-SAPCAL-HVM -> EC2 HVM on-demand for SAPCAL
SLES15-EC2-EKS-HVM*
Azure Images
SLES 12 SLES for SAP 12 SLES 11 SLES 15 OtherSLES12-SP3-Azure -> Azure on-demand (basic)
SLES12-SP1-Azure-SAPCAL -> Azure on-demand for SAPCAL
SLES11-SP4-Azure -> Azure on-demand (basic)
SLES15-Azure-Basic SLES12-SP3-CaaSP-2-1-Admin-Azure-HVM-BYOS
SLES12-SP3-Azure-Standard -> Azure on-demand (STD)*
SLES12-SP2-SAP-Azure -> Azure SLES4SAP on-demand
SLES11-SP4-Azure-BYOS -> Azure BYOS
SLES15-Azure-Standard SLES12-SP3-CaaSP-2-1-Cluster-Azure-HVM-BYOS
SLES12-SP3-Azure-Priority-> Azure on-demand (priority)
SLES12-SP2-SAP-Azure-BYOS -> Azure SLES4SAP BYOS
SLES11-SP4-Azure-Priority -> Azure on-demand (Priority)
SLES15-Azure-Priority
SLES12-SP3-Azure-BYOS -> Azure BYOS
SLES12-SP3-SAP-Azure -> Azure SLES4SAP on-demand
SLES11-SP4-Azure-SAPCAL -> Azure on-demand for SAPCAL
SLES15-Azure-BYOS
SLES12-SP3-Azure-HPC-Priority -> Azure on-demand HPC (priority)
SLES12-SP3-SAP-Azure-BYOS -> Azure SLES4SAP BYOS
SLES15-Azure-HPC-Standard*
SLES15-Azure-HPC-Priority*
SLES15-SAP-Azure
SLES15-SAP-Azure-BYOS
GCE Images
SLES 12 SLES for SAP 12 SLES 11 SLES 15 Other
SLES12-SP3-GCE -> GCE on-demand
SLES12-SP1-GCE-SAPCAL -> GCE on-demand for SAPCAL
SLES11-SP4-GCE -> GCE on-demand
SLES15-GCE SLES12-SP3-CaaSP-2-1-Admin-GCE-HVM-BYOS
SLES12-SP3-GCE-BYOS -> GCE BYOS
SLES12-SP2-SAP-GCE -> GCE SLES4SAP on-demand
SLES11-SP4-GCE -> GCE on-demand
SLES15-GCE-BYOS SLES12-SP3-CaaSP-2-1-Cluster-GCE-HVM-BYOS
SLES12-SP2-SAP-GCE-BYOS -> EC2 SLES4SAP BYOS
SLES15-SP3-SAP-GCE
SLES12-SP3-SAP-GCE -> GCE SLES4SAP on-demand
SLES15-SP3-SAP-GCE-BYOS
SLES12-SP3-SAP-GCE-BYOS -> GCE SLES4SAP on-demand
SUMa BYOS Images
AWS Azure GCE
SLES12-SP3-Manager-3-1-Proxy-EC2-HVM-BYOS SLES12-SP3-Manager-3-1-Proxy-Azure-BYOS SLES12-SP3-Manager-3-1-Proxy-GCE-BYOS
SLES12-SP3-Manager-3-1-Server-EC2-HVM-BYOS SLES12-SP3-Manager-3-1-Server-Azure-BYOS SLES12-SP3-Manager-3-1-Server-GCE-BYOS
SLES12-SP3-Manager-3-2-Proxy-EC2-HVM-BYOS SLES12-SP3-Manager-3-2-Proxy-Azure-BYOS SLES12-SP3-Manager-3-2-Proxy-GCE-BYOS
SLES12-SP3-Manager-3-2-Server-EC2-HVM-BYOS SLES12-SP3-Manager-3-2-Server-Azure-BYOS SLES12-SP3-Manager-3-2-Server-GCE-BYOS
SLES12-SP4-Manager-3-1-Proxy-EC2-HVM-BYOS* SLES12-SP4-Manager-3-1-Proxy-Azure-BYOS* SLES12-SP4-Manager-3-1-Proxy-GCE-BYOS*
SLES12-SP4-Manager-3-1-Server-EC2-HVM-BYOS* SLES12-SP4-Manager-3-1-Server-Azure-BYOS* SLES12-SP4-Manager-3-1-Server-GCE-BYOS*
SLES12-SP4-Manager-3-2-Proxy-EC2-HVM-BYOS* SLES12-SP4-Manager-3-2-Proxy-Azure-BYOS* SLES12-SP4-Manager-3-2-Proxy-GCE-BYOS*
SLES12-SP4-Manager-3-2-Server-EC2-HVM-BYOS* SLES12-SP4-Manager-3-2-Server-Azure-BYOS* SLES12-SP4-Manager-3-2-Server-GCE-BYOS*
Upcoming Oracle Cloud Infrastructure Images
SLES BYOS SLES for SAP BYOS
SLES 15-SP1 SLES for SAP 15-SP1
SLES15 SLES for SAP 15
SLES12-SP4 SLES for SAP 12-SP4
* new images in-process
Project Roadmap
Project Description Target // Project Plan
SLES 12 SP5 (or current SP) Images SLES 12 SP4 images all frameworks (+15 images)
FCS
SLES 15 SP1(or current SP) Images SLES 15 SP1 images all frameworks (+15 images)
FCS
SLES for SAP ESPOS lifecycle support Support images for an additional 3.5 years (tripled active image support for SAP on CSPs)
Longer image support (Brings back 12 SP1 and forward to "ACTIVE")
CaaSP 3.1 (BYOS) Images for launching CaaSP on Azure, GCE, and AWS
Now
SUMa BYOS (current SP continuous) SUSE Manager Server and Proxy images based on SLES 15 SP1
FCS
SLES 15 HPC (Azure and AWS) Create HPC images for SLES 15 w/ new product infrastructure
Post update infrastructure
Images that support existing public cloud business
Project Description Target // Project Plan
Azure L image Images for Azure's large bare-metal instances for HANA
12 SP3 in production, 12 SP4 and 15 upcoming anytime
Azure Very Large Image Images for Azure's large bare-metal instances for HANA
VL TBD pending MS (image dev builds are in-progress) // in-process
AWS A1 Image Support Support for AWS ARM instances Just finished and live
Oracle BYOS Images Support for Oracle public cloud Q2 2019 // in-process
SLES EKS Worker Node On-demand image-SLES EKS worker node Q3 2019
Azure Tuned Kernel Produce a special kernel with updates included for Azure
Ongoing
CAP public cloud template Working w/ CAP engineering, produce an automated repeatable builds for CAP templates on AWS EKS, Azure AKS, Google GKE
Q3 2019
New Images for portfolio and CSP expansion
Project Description Target // Project Plan
IPv6 Add IPv6 to update infrastructure Client will be addressed with the RMT update, server-side TBD
Major infrastructure update Touch all 300 plus update infrastructure servers
Throughout Summer 2019
Infrastructure updates
Infrastructure UpgradeCovers images update infrastructure Azure, AWS, and Google
Lifecycle 2019 UpdatesCovers images built for Google, Oracle, AWS, Azure
Four Lifecycle Status Indicators
Active images- active images are on a 3 months rolling refresh cycle (more on this in a minute)
Inactive images- inactive images will only get refreshed for critical security updates, think shellshock, heartbleed, or the more recent Specter and Meltdown issues.
Deprecated images- deprecated images do not get refreshed. Images in the deprecated state have entered the last 6 months of their life-cycle and are subject to removal at the end of the 6 months period.
Deleted- images no longer available
Rolling Refresh Cycle
• Images are refreshed every three months
• Security updates count as an out-of-cycle refresh, this resets the refresh cycle
Example:• An image is released on May 1st• On June 15th there is a major security issue that forces a
release of an image update• This resets the refresh clock to 0 on June 15th• The next image refresh will now be on September 15
Put together this makes up the 3 month rolling refresh cycle.
Note: Image names are date coded in the format “vYYYYMMDD” which allows you to see which images are the most current.
Details for On-Demand Images
Refresh cycle:• On-demand images follow the 3 months rolling refresh cycle• Critical security issues, affecting instance function, are determined on a case-by-case basis can trigger a
refresh
Update availability:• Instances connect to the SUSE provisioned and operated local update infrastructure.• Updates are available for images in active, inactive, and deprecated states• No new updates become available once an image reaches the end of the deprecation period
Image state transitions:• When an image is refreshed during the regular 3 months rolling refresh cycle the image that is being
replaced immediately enters the deprecated state• All images except SLES for SAP images follow use this process
Changes to the SLES for SAP Applications Offering
In November 2018 SUSE announced a change to the SLES for SAP Applications support:
• All SLES for SAP Applications 12 and higher will be supported during the General Availability (GA) of a codestream for 4.5 years with 3 years of ESPOS (Extended Service Pack Overlap Support) now included.
• This replaces the purchased option of LTSS.
These changes are reflected in the SLES for SAP public cloud images:
• There are two different lifecycle changes, one for on-demand images, one for BYOS images
Details for On-Demand ImagesSLES for SAP
Image state transitions for SLES for SAP:• Transition from one SP to the next marks the transition from active to inactive• At the SP transition the SP enters an ESPOS period• Six months prior to the end of ESPOS, SLES For SAP transitions from the inactive state to the
deprecated state
For the Final SP of a release:• At the transition, SLES and SLES for SAP are same, images enter the deprecated state six months prior to
EOL
Image availability:• On-demand images will be available for launch until the end of the deprecation period.
Details for BYOS Images
Refresh cycle:• BYOS images follow the 3 months rolling refresh cycle.• Only critical security issues or instance boot issues are considered as out of band refresh events.
Update availability:• BYOS instances are registered to the SUSE Customer Center, a Repository Mirroring Tool server, a
Subscription Management Tool server, or be managed with SUSE Manager in order to receive updates.• The availability of updates and repositories is governed by your product selection just like it is in the data
center.• Any new deployments of your own management and patch solution should be completed using SUSE
Manager or RMT.
Image state transitions:• When an image is refreshed during the regular 3 months rolling refresh cycle the image that is being
replaced immediately enters the deprecated state.
Details for BYOS ImagesSLES for SAP
Image state transitions for SLES for SAP:• At Service Pack transition points the behavior between SLES and SLES For SAP is differentOn-demand SLES changes to deprecatedOn-demand SLES for SAP changes to inactive• Inactive state is maintained until 6 months prior to the end of LTSS or ESPOS as applicable at which point
the image enters the deprecated state
Image availability:• BYOS images will be available for launch until the end of LTSS or ESPOS support (deprecated state)• SUSE has started refreshing SLES for SAP images that fall within the new longer ESPOS support
timeframe• Images from SLES 12 SP1* will be updated
* AWS ESPOS will support 12 SP2 and forward
27
Unpublished Work of SUSE LLC. All Rights Reserved.This work is an unpublished work and contains confidential, proprietary and trade secret information of SUSE LLC. Access to this work is restricted to SUSE employees who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of SUSE. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability.
General DisclaimerThis document is not to be construed as a promise by any participating company to develop, deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. SUSE makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for SUSE products remains at the sole discretion of SUSE. Further, SUSE reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All SUSE marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.