Data sheet

Update your kernel with no service interruption SUSE Enterprise Live Patching on HPE infrastructure

Eliminate the need for planned downtime Keep your kernel up-to-date Downtime is expensive, even when it Take a proactive and dynamic approach to kernel patching is planned. SUSE Linux Enterprise Live Patching virtually eliminates the need SUSE® Linux® Enterprise Live Patching running on HPE infrastructure is an open source for downtime—and allows for easier solution that delivers live kernel patching without the need to reboot the system. With this planning of scheduled downtime—by subscription offering based on the open source kGraft project, you can perform patching applying critical fixes without interrupting your mission-critical workloads and in-memory databases—saving outside of maintenance windows. the cost of downtime and increasing service availability. Because the solution builds on the SUSE Linux Enterprise Live Patching offers a proactive and dynamic approach existing SUSE Linux Enterprise kernel infrastructure and uses familiar deployment methods, to kernel maintenance that saves your SUSE Linux Enterprise Live Patching on HPE infrastructure is an easy way to make operating company valuable time and money by system maintenance more efficient and secure. never needing to stop the kernel. SUSE Linux Enterprise Live Patching on HPE infrastructure puts you in charge of kernel updates and service availability. Even when urgent kernel updates are needed, SUSE Linux Customer profile Enterprise Server can run continuously—with zero execution interruptions—while you apply • SAP HANA®: Live Patching targets critical kernel patches in the background. users of SAP® applications, specifically the HANA in-memory databases. Customers running workloads on the SAP HANA platform, SAP NetWeaver technology platform and other SAP applications reduce the business disruption caused by planned downtime, while maintaining a highly secure IT environment. Data sheet

Key features

SUSE Linux Enterprise Live Patching on HPE infrastructure offers an extensive list of state-of-the-art features and functions, including: • Zero execution interruption—Stopping the kernel is problematic for low-latency applications such as transactional databases. SUSE Linux Enterprise Live Patching on HPE infrastructure doesn’t stop the system during patching, not even for a millisecond. The patching infrastructure is built directly into SUSE Linux Enterprise Server 12, and SUSE Linux Enterprise Live Patching uses the familiar -based approach to perform the updates. • Minimalist design—SUSE Linux Enterprise Live Patching on HPE infrastructure is easy to add to your existing code base. The solution consists of a small amount of code because it leverages the technologies and ideas already present in the upstream Linux kernel: – Ftrace and its mcount-based space allocation in-function prologues –IN– T3/IPI-NMI patching, also used in jump labels –Re– ad-copy-update (RCU) code updating that does not require kernel stoppage Note: A kernel live is a kernel module relying on the in-kernel module loader to link the new code with the kernel.

• Enhanced security—The SUSE Linux Enterprise Live Patching kernel module is signed by SUSE. This approach complies with advanced security technologies such as the Unified Extensible Firmware Interface (UEFI) secure boot, which requires kernel modules to be signed by an approved signing key. With this signature, you can minimize exposure to security risks by verifying that a kernel live patch has been created by SUSE. • Familiar deployment methods—Similar to all maintenance updates, the patches delivered by SUSE Linux Enterprise Live Patching on HPE infrastructure are delivered as signed RPMs. Introducing the solution into your established administrative is simple because you can reuse existing deployment methods including—but not limited to— YaST®, zypper, SMT, and SUSE Manager.

System requirements

Minimum requirements • A system running SUSE Linux Enterprise Server 12 • Zypper must be installed and configured to receive updates

Supported processor platforms • HPE x86_64 servers

Make the right purchase decision. Chat with our Learn more at presales specialists. hpe.com/partners/suse

Sign up for updates

© Copyright 2017 Hewlett Packard Enterprise Development LP. The information contained herein is subject to change without notice. The only warranties for Hewlett Packard Enterprise products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. SAP and SAP HANA are trademarks or registered trademarks of SAP SE in Germany and in several other countries. Linux is the registered trademark of in the U.S. and other countries. All other third-party trademark(s) is/are property of their respective owner(s). a00008305ENN, June 2017