Multimodal Operating SystemSUSE Linux Enterprise Server
Software-Defined Infrastructure
Platform as a ServiceSUSE Cloud Application Platform
SUSE Manager
Infrastructure & Lifecycle
Management
Application Delivery
SUSE Global ServicesConsulting Services
Select ServicesPremium Support Services
Services
Machine Learning
BusinessAnalytics
High PerformanceComputing
Traditional IT & Applications
Internet of Things
Open, Secure, Proven
Public Cloud
SUSE Cloud Service Provider
Program
SUSE: Underpinning Digital Transformation
Container ManagementSUSE CaaS Platform
Business-critical Applications
Presenter
Presentation Notes
Slide Owners – Slide Owners - Terri Schlosser, Brent Schroeder & Product Management (Pete Chadwick & Larry Morris) - Speaker notes for discussing the overall portfolio (Sept 2019) SUSE has been successful in delivering an enterprise grade Linux operating system for over 25 years. The mission that we defined for ourselves 25 years ago was simple: Enable customers to deploy an operating system that was open and secure while also providing the support to ensure they could meet enterprise level SLAs. Our continued success over that 25 year period has proven that our model works and we remain committed to the basic ideals of delivering open and secure solutions even as we expand into new offerings. If we step back and look at what SUSE Linux Enterprise Server provides – it is a set of APIs and services that abstract away the details of the underlying hardware infrastructure to make it possible to write applications that can work with the widest range of architectures, servers, storage and network options available. Along with that we have provided tools such as SUSE Manager to simplify installation, operation and maintenance of the environment. We back all that up with a support lifecycle for stability. We are beginning to see the emergence of 2 new paradigms – the software defined infrastructure and the emergence of cloud-native applications. These new approaches require new tools and extend the role of the operating system. Building on our 25 years of experience, we introduced the concept of the multimodal operating system optimized to host containerized application as well as your traditional workloads with the release of SLE 15. This enables SUSE customers to manage their cloud native and traditional workloads in a consistent way on a single code base. The core components which enable compute, storage and networking in a software-defined infrastructure are delivered within SUSE Linux Enterprise Server. This includes two options for open hypervisors(Xen, KVM), various file system choices plus core technology to enable SUSE Enterprise Storage and key network components like Open vSwitch, Linux bridging components and acceleration like DPDK and SRIOV. Perhaps more importantly, SUSE has worked with a variety of 3rd party solution providers to provide a wide range of alternatives in customers’ software-defined data centers, including hypervisors and in the software-defined networking space working with Juniper, Cisco and VMware to ensure their offerings can work within the SUSE approach. SUSE Enterprise Storage provides an intelligent and unified (file, object & block) storage management solution, powered by Ceph, designed to scale to thousands of nodes and hundreds of petabytes. It provides a single storage solution to meet all of your application requirements no matter where they live, running natively in your data center or in containers running in the cloud. as we’ve seen recently, all organizations have become software centric, and the speed with which they can develop and deploy new applications has become critical. This has driven many to move toward cloud native application development, and most view Kubernetes as the technology to enable this transition. To help customers address this shift, SUSE is offering two closely related products – SUSE CaaS Platform which enables customers to easily deploy and operate Kubernetes clusters at scale across data centers and public clouds. However, a Kubernetes infrastructure is necessary but not sufficient to deploy applications efficiently. SUSE Cloud Application Platform provides automated deployment, application runtimes and pre-defined services to enable developers to quickly create and deliver new business services. SUSE Cloud Application Platform is a Kubernetes native implementation of the Cloud Foundry project – an integration that SUSE has led in the upstream community. More importantly, Cloud Application Platform can be deployed in public clouds as well as in your data center – enabling application portability in a mixed cloud environment. To help both operators and developers, SUSE has led the creation of the Stratos project as part of Cloud Foundry. The Stratos interface connects to multiple Cloud Foundry or Kubernetes deployments and provides operations with a consistent view of the infrastructure and provide developers with the ability to choose where applications run when the workloads are deployed, giving you multi-cloud management. From the beginning SUSE has provided tools to simplify deploying and operating complex systems. SUSE Manager provides the tracking and updating of systems to ensure that vulnerabilities and functional issues are patched and corrected quickly to ensure compliance and secure operations. At the same time, SUSE includes SELinux and AppArmor to provide additional levels of protection to keep your systems and applications secure. Whenever severe security vulnerabilities such as Spectre and Meltdown become known, thanks to our upstream involvement, SUSE is able to deliver remediating patches rapidly. Our container optimized OS solution provides an additional level of security through the use of a read-only file system which prevents malicious code from making changes to production workloads. SUSE Manager is a key part of this process as it can assess which systems are affected by these vulnerabilities and alert operators. Going one step further, SUSE Manager can automate patching of systems based on the severity of these vulnerabilities. And as SUSE provides new solutions we will continue to provide the same level of security and management capabilities while also adding deployment tools to automate and simplify rolling out new capabilities such as Kubernetes and Cloud Foundry. But we do not intend this to be a monolithic, all or nothing approach. The SUSE commitment to openness means that we will continue to work with partners to provide customers with options at multiple layers in the stack – physical infrastructure and public cloud as well as development and deployment tools. If needed, customers can engage our professional services organization or services partners to help integrate SUSE offerings within customers’ existing environments or include other products to deliver a combined solution. SUSE recognizes that public cloud is an important part of all customers’ data center transformations. To help with that integration, SUSE created our Cloud Provider Program. Initially designed around on-demand consumption of SLES in offerings such as Amazon EC2/Microsoft Azure/Google Cloud Platform, this has expanded to cover other products from SUSE including SLES for SAP Applications and SUSE Cloud Application Platform, which include capabilities enabling customers to create and deploy containerized workloads across public and private infrastructure - delivering true multi-cloud capability. This enables customers to use public cloud in different layers in the stack depending on the specific workload demand. SUSE also permits the transfer of existing subscriptions from the data center to the public cloud – a feature we call “Bring your own Subscription”. And to help you design and quickly deploy your solutions into your unique environment, SUSE Global Services offers several different types of approaches to help you meet your business needs including consulting services to help with designing, implementing, upgrading or optimizing your solutions, Premium Support services for an additional level of personalized support from folks who will have an intimate knowledge of your infrastructure and relationship with your team and Select Services a fixed-cost combination of implementation, consulting and premium support services that can help jumpstart your implementations. Our services team has the technical expertise to assist in transforming and supporting your infrastructure with our full set of offerings or customized services and a focus on your success.
Trends
Software is the competitive advantage...
Car, software on wheels Bank, software house Telecom, software for communication SDN, Software Defined Network SDS, Software Defined Storage …
Software is the competitive advantage...
Car, software on wheels Bank, software house Telecom, software for communication SDN, Software Defined Network SDS, Software defined Storage …
-Higher flexibility and less enforcement of standards-Higher control
Presenter
Presentation Notes
With SUSE CAP, this is the level of automation and control over the infrastructure you will now be selling. This will provide you with a big new set of capabilities you can bring to your prospects, and it will appeal to a whole new audience within our customers and prospects.
Containers are:A great way to deliver softwareReplacing virtual machines for a lot of use cases
Kubernetes:Is the most widely adopted orchestrator for containersDisrupting and elevating IaaS platforms like OpenStack
So, should we all just use Kubernetes and call it a day?
Presenter
Presentation Notes
Google developer advocate Kelsey Hightower Not just about running containers. You need monitoring, service fabrics, logging, etc
What happened to PaaS?
We forgot about PaaS…BECAUSE CONTAINERS!!!...and now we are (often manually) adding PaaS functionality back into a CaaS…using (expensive) DevOps engineers
Or using CI/CD systems instead
For modern application delivery, containers + a CaaS is not enough
Presenter
Presentation Notes
CI + CD, Effort DevOps Engineers – ops background moving into a dev world We Overengineered things, because we can, Next slide: use cases
New app delivery tools for Kubernetes
OR
Cloud Foundry Application Runtime
SUSE Cloud Application PlatformSupport for public cloud Kubernetes infrastructure
SUSE Cloud Application PlatformAWSAzure
GoogleAnd more…
Broker … … Volume
SLE SLE SLE SLE
SLE SLE SLE
Workloads Workloads Workloads Workloads
MariaDB
Redis
Public CloudAmazon, Google, Microsoft
SUSE CaaS PlatformKubernetes + Helm
Public Cloud K8s-as-a-ServiceAmazon EKS, Azure AKS, Google GKE
SLESUSE Enterprise
StorageCeph
Virtual MachinesKVM, Xen, VMware, Microsoft
Bare MetalSLES Supported Hardware
MongoDB
Presenter
Presentation Notes
In addition to running in SUSE CaaS Platform, SUSE Cloud Application Platform can also run on a variety of public cloud Kubernetes services, include Amazon EKS, Azure AKS, and Google GKE. Support for additional providers will follow as customer demand dictates. SUSE Cloud Application Platform is hybrid and extensible to AWS or Azure services, so no matter where it’s deployed, the included AWS and Azure Service Brokers allows applications to bind to and consume services hosted by AWS, including Amazon RDS for MariaDB, MySQL, Oracle, PostgreSQL, SQL Server, and more.
SUSE Application Delivery Solutions
SUSE CaaS PlatformContainer Management
SUSE Cloud Application PlatformPlatform as a Service
Kubernetes for the Agile Enterprise Cloud Native Developer Experience
Accelerate development and deployment of applicationsto speed application delivery and increase business agility
Illustration Illustration
Best Kubernetes operator experience Proven productivity for Kubernetes
SUSE CAP - Public Cloud DeploymentAzure Open Service Broker / Cloud Provider Integration
Presenter
Presentation Notes
You are not locked into Azure – this could be pluggable with OpenStack, Azure, Google, AWS, etc
Architecture
23
Developer
Azure AKS
• AKS: Using Azure Kubernetes Services
• AKS Load Balancer
• 4 Vms: running kubernetes, 45 pods
• Helm Charts:
UAA-user authentication and authorization
Scf-SUSE Cloud Foundry
Stratos-Managment GUI
Metrics-Graphing
Service broker using minikube
Presenter
Presentation Notes
-installed CAP on AKS -Show kubectl get nodes kubectl get pod –all-namespaces kubectl get services --all-namespaces |grep Load
Demo god ritualFirst push and deployment
25
ZIP
cf pushuaa
Blobstore
Stage
Downloadbuildpacks
Store in db
Start container
Analyse
Downloaddeps
Builddroplet
Blobstore
Store in db
RemoveStage env
Startdroplet
Setuproutes
Done
Store in db
Presenter
Presentation Notes
Describe -cf packs the current directory in a zipped tar file -upload it to CAP blobstore -UAA authorize and authenticate -Analyse the archive -Download buildpack -Start a container that builds a droplet -Store the droplet in blobstore -Remove the container and start the droplet -Update routetable
Architecture
26
Developercf push
Azure AKS
User
Presenter
Presentation Notes
Wildcard domain If time�run host blabla.cap.suselinux.info
Demo troubleshooting
Logs and shell
Presenter
Presentation Notes
Logs from app “ssh” into a running diego container
Debugging and troubleshooting
Application logging
“ssh” into a running application container
29
Presenter
Presentation Notes
Collect logs Troubleshooting, debugging … “ssh” into an app Troubleshooting, debugging … Mention 12 factor app dev -Use stdout for logs -centralized logging like ELK, SPLUNK, prometheus, ...
DemoScaling and autohealing
Presenter
Presentation Notes
Have an app Scale out Crash some instances and show how CAP autostart
Scaling and autohealing
Scale out an existing application
Crash some instances and show how CAP autostart
31
Presenter
Presentation Notes
Mention autoscaling automatically -resilience
DemoStateful app
Stateful app
The 12 factor principle-Every micro service should be stateless → data stored outside the application
Show marketplaceCreate a redis servicePush a stateful app without starting Bind redis service to the applicationStart the application
36
Presenter
Presentation Notes
Lägg till en länk till agile manifesto
Cool technology but what is the value?
Plan Code Build Test Release Deploy Operate
Buildpipeline
DEVELOPMENT CI/CD OPS
Feedback loop
Competitive Advantage Yak Shaving
Presenter
Presentation Notes
Monolithic apps move through each lifecycle stage as a whole The whole cannot move from one stage to the next stage until every component is ready
With cloud native, time-to-market is accelerated
39
Before
Patch Image
Add artifactInstall extra packages
DB connections
Network
Download Base Image
Tests
After
> cf push
Presenter
Presentation Notes
In the traditional way, there were multiple steps to getting an application live in a test or production environment. Starting with installing a server or virtual machine, configuring it, installing an OS (configuring it), then the middleware like languages, frameworks, and all their dependencies (and configuring them), then the database and network and configuring all of it. Even with IaaS capabilities, you’re only part way there with automated provisioning of virtual machines. Even with IaaS, you’re not getting everything a developer or application needs to run in the cloud. With SUSE Cloud Application Platform, it’s simply one command – “cf push” – and the application and all the underlying dependencies like databases, messaging services, languages, frameworks – are all automatically provisioned and configured. So instead of taking weeks of manual, error-prone work, the platform handles all the work and is able to deploy applications within seconds – all self-service or through automated CI/CD tools. And when massive spikes of new visitors or users hit the application, the platform automatically spins up new instances to handle the volume and performance that your organization demands.
Modular Kubernetes Solution ArchitectureFlexible packaging to match your needs
SUSE Cloud Application Platform is flexible to meet the needs of both developers and operators. It does require Kubernetes to operate and the bottom of this diagram shows options for the best operator experience: SUSE CaaS Platform is offered as software that you operate yourself on a private or public cloud (such as Amazon EC2 or Azure), or simply within your own datacenter. Or, Amazon EKS or Azure AKS are great options if you prefer to use a hosted and fully managed Kubernetes. The top of the diagram shows options for developer experiences. On the left, you have DIY DevOps automation, meaning you can create and run containers any way you like. On the right is the SUSE Cloud Application Platform, which we believe is the best choice for a true cloud native developer experience.
What’s great about Cloud Foundry?Speed application delivery at scale
41
Cloud Foundry Foundation Application Runtime User Survey, Oct 2017
Presenter
Presentation Notes
Companies and organizations using Cloud Foundry Application Runtime enjoy significantly faster application development cycles for their cloud-native applications. Prior to using Cloud Foundry Application Runtime, typical users deployed and configured cloud applications manually (58 percent), or used custom install scripts (52 percent) or configuration management tools (38 percent), according to the survey. Under these workflows, a majority of respondents (51 percent) required more than three months to deploy a cloud application. Only 16 percent say it took them less than one week without Cloud Foundry Application Runtime, including only six percent that could deploy a cloud application in less than one day. After moving those applications to Cloud Foundry Application Runtime, however, those times dropped dramatically. Now, 46 percent of respondents report cloud app development cycles of under a week, including 25 percent who report it takes less than one day (increases of 30 and 19 points, respectively). Using Cloud Foundry Application Runtime, only 18 percent of respondents report application development cycles over three months (a decrease of 33 percentage points from 51 percent).
SUSE is Committed to Cloud Foundry As a long time supporter of Cloud Foundry, SUSE contributes to the project and its Foundation in many ways:
• Platinum member of Cloud Foundry Foundation
• SUSE Cloud Application Platform is a certified distribution
• Originator and Project Lead for CF Containerization
• Originator and Project Lead for Stratos
• Early adopter and influencer of Project Eirini
Presenter
Presentation Notes
1 out of 6 platinum member (3 is the same company, Dell, Vmware, Pivotal)
Bonus Demo – If there is timeEirini
SUSE Cloud Foundry (containerized)
SUSE CaaS Platform, Amazon EKS, Azure AKS, Google GKEor supported 3rd Party Kubernetes
SUSE Cloud Application Platform 1.xDiego cells as Kubernetes Pods
SUSE Cloud Application PlatformBYO
Containers
Control plane: SUSE Linux Enterprise containers
Application execution: SUSE Linux Enterprise containers
Broker UAA Volume Router CC API Logging
SLE
SLE SLE SLE SLE SLE SLE
SLE SLE SLE SLE SLE
Diego Diego Diego Diego DiegoDiego
Presenter
Presentation Notes
SUSE CAP 1.x uses Diego for scheduling user applications as per Cloud Foundry certification requirements. This is a workable solution, but sub-optimal as two container schedulers (Diego and Kubernetes) have to work together. It is deployed to Kubernetes via a Helm chart, with configuration options set during installation or upgrade. There is no BOSH Director role as with VM based Cloud Foundry deployments.
SUSE Cloud Foundry (containerized)
SUSE CaaS Platform, Amazon EKS, Azure AKS, Google GKEor supported 3rd Party Kubernetes
SUSE CAP 2.x optionally removes Diego, using Kubernetes for user application scheduling directly via Eirini. A new Kubernetes operator (Quarks project) actively directs cluster operations such as configuration change and migration management.
2018 2020
SUSE Cloud Application Platform Roadmap
• Containerized Cloud Foundry on SUSE Linux Enterprise
• Stratos-UI 1.0 web console• HA pod configuration• Volume Service (NFS)• MySQL service broker
1.0
• Cloud Foundry 2018 certification• Supported on Azure AKS• Backup/restore cf plugin• PostgreSQL service broker• CF updates - every point release
• Serverless: Function-as-a-Service in Cloud Foundry and Kubernetes (e.g. via knative)
• Istio & Envoy in CF (pending upstream readiness)
• Integrated CI/CD (Concourse, Jenkins, other)• Git hosting: Github Enterprise, Gitlab, or Gitea• Online IDE (e.g. Eclipse Che)• CF App SSO via Oauth2/UAA: Route service for
limiting access to CF-hosted applications.• System log normalization, filtering, and
aggregation• Better SNI/certificate management
• Supported on Amazon EKS• App-AutoScaler• OSBAPI Broker for Helm: MariaDB, PostgreSQL,
Redis, and MongoDB• Stratos UI v2: service management, Angular
updates• Support for Azure Load Balancer
1.1
1.2
2.x
* Information is forward looking and subject to change at any time.
• Stratos: New Helm UI for browsing repositories and deploying charts
• Usage metering via Cloud Foundry Prometheus Exporter
• Deployment automation for CSPs (AKS, EKS, GKE)
1.x2019
2.x
2.0 Beta
• All features and updates in 1.5 plus...• CF Quarks: a Kubernetes Operator for Cloud
Foundry providing dynamic configuration via BOSH manifests and better lifecycle management for day two operations
A haiku...
"here is my source coderun it on the cloud for mei do not care how"
-ONSI FAKHOURI
Presenter
Presentation Notes
Def haiku: "Haiku" is a traditional form of Japanese poetry. Haiku poems consist of 3 lines. The first and last lines of a Haiku have 5 syllables and the middle line has 7 syllables. The lines rarely rhyme.
Unpublished Work of SUSE LLC. All Rights Reserved.This work is an unpublished work and contains confidential, proprietary and trade secret information of SUSE LLC. Access to this work is restricted to SUSE employees who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of SUSE. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability.
General DisclaimerThis document is not to be construed as a promise by any participating company to develop, deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. SUSE makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for SUSE products remains at the sole discretion of SUSE. Further, SUSE reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All SUSE marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.