How SUSE® Is Helping You Rock The Public Cloud
James Mason Robert Schweikert Technical Architect, Public Cloud Public Cloud Architect [email protected] [email protected] Topics
• A very quick and brief Public Cloud intro • SLES On Demand • Bring Your Own Subscription (BYOS) • Containers • Managing Your Deployments
2 What is the Public Cloud The Public Cloud
• A Public Cloud makes Cloud resources available over a network that is open to anyone • Everyone uses the cloud already
‒ Gmail, G+, Facebook, FourSquare, Netflix,....
‒ All are cloud service based • We will focus on IaaS (Infrastructure as a Service)
4 IaaS
• A server or a data center in the cloud
‒ User has systems administrator responsibility
‒ Treat the running server (instance) just as you would treat a physical server
‒ Update for security, bug fixes
‒ Set up and configure applications • Removes the hardware handling responsibility
‒ HW failures are the providers problem
‒ Adding capacity, the providers problem
‒ Network wiring, the providers problem
5 The Public Cloud
• A collection of services
‒ DB, Data Analysis, Storage, others • Availability of massive resources around the world
‒ Or local for smaller Cloud Service Providers (CSP)
6 SUSE Public Cloud Partners
7 SUSE Linux Enterprise On Demand On Demand images
• Fire up and use ready
‒ Repositories configured at boot • Maintained and published by SUSE
‒ Some images will be published by Orbitera in “Marketplace” • Managed lifecycle
‒ Images get deprecated when replacement image is released
‒ Removed after 6 months • Images updated for critical security issues
9 On Demand images
• Contain special sauce
‒ Find region local update server
‒ Register with region local update server • Not useful if you want to
‒ Use SUSE Manager to manage your updates
‒ Want to use your own SMT server
‒ Register with SCC
10 On Demand images
• Found in
‒ Quick Launch Wizard in Amazon EC2
‒ Also in the “General Catalog” in Amazon EC2
‒ General public image listing in Google Compute Engine
‒ Aliases sles11 and sles12 for the command line tools
‒ General public image listing in HP Helion Public Cloud
‒ Gallery in Microsoft Azure
11 Update infrastructure for on demand
1 to N guests Provider framework Region
3 to N region servers
Region
1 to N guests
2 to N SMT servers
12 On Demand
• Region Server
‒ Maps IP addresses to regions
‒ Hands out SMT server information for given region in random order • SMT Servers
‒ Provide the updates region local
‒ No network charges
‒ Low latencies
‒ We are about 1 order of magnitude faster than other distributions
13 On Demand
• Special sauce
‒ Connect to region servers
‒ Register with SMT server
‒ Detect if the SMT server is not there for some reason and switch to sibling (HA failover)
14 On Demand
• The “special sauce” will interfere if you attempt to manage updates with a different SMT, SUSE Manager, or use SCC
‒ Don't do that • Use for
‒ Production if you do not have a direct relationship with SUSE for support
‒ Bursting
‒ Testing
‒ Kicking the tires
‒ If you do not want to connect Public Cloud instances to an existing update infrastructure in your data center
15 On Demand
• In a VPC/Virtual Network/....
‒ Need a route to connect to the SMT servers
‒ Use a proxy, routing tables, etc (depends on the framework)
‒ Use information service to find IP addresses of our servers
‒ pint amazon servers (provides information of all infrastructure servers in AWS EC2) • Information service (more about this later)
‒ python-susepubcloudinfo package
‒ REST API at https://susepubliccloudinfo.suse.com
‒ Use to find latest images
‒ Information about infrastructure servers
16 Bring Your Own Subscription Bring Your Own Subscription
• Your existing entitlements are valid in the Public Cloud
‒ For SLES 11 need to sign addendum to EULA, see the BYOS announcement from SUSECon '14
‒ 1 socket pair entitlement is good for 2 virtual machines
‒ Entitlements are stackable
‒ No VCPU restriction on the instances • Carries your existing support agreement to the Public Cloud
‒ You get someone to call and complain when there are problems
18 Bring Your Own Subscription
• Use for
‒ Migration to the Public Cloud at the base CSP price
‒ Self-managed updates for bursting
‒ Extending your data center with Public Cloud resources permanently
‒ Tie instances into your existing update infrastructure • You can
‒ Add Live Patching to your BYOS instances
19 Bring Your Own Subscription
• We provide BYOS images
‒ In Amazon EC2, Google Compute Engine, HP Helion Public Cloud, Microsoft Azure
‒ SLES 11 SP4
‒ SLES 11 SP3 images exist but are about to go away (life cycle policy applies)
‒ SLES 12
‒ SUSE Manager
‒ In Amazon EC2
‒ SLES 12 for SAP Applications
20 Bring Your Own Subscription
• Or you can...
‒ build your own images, with kiwi, SUSE Studio, or migration toolchains
‒ add any configuration management, applications/services
‒ clone your own base images • But then...
‒ you still need to upload that image, different for different frameworks, some easier than others
‒ See TUT8018 at SUSECon '14
21 Bring Your Own Subscription
• A few caveats:
‒ we do generally not refresh the BYOS images
‒ Released on FCS date
‒ Removed at EOL (life cycle policy)
‒ no access to the on-demand update infrastructure - you must provide your own (SUSE Manager, SMT, direct SCC, etc.)
‒ Can not convert on-demand images to BYOS and vice-verse
22 Containers Containers
• Are also invading the Public Cloud
‒ SLES 12 fully integrated with Amazon EC2 Container Service (ECS)
‒ Integration point with other providers is not yet obvious
The Mythical App Container Thursday at 3:30 P.M. C-Lotenzaal
24 Managing Your Deployments Managing Your Deployments
• Public Cloud Module • Command line tools • SUSE maintained code
26 Public Cloud Module
• SLE 12 • SLES 11 >= SP3 • supported by SUSE • Contains
‒ Initialization code for frameworks
‒ cloud-init, walinuxagent ….
‒ Tools for interacting with Public Cloud frameworks (SLE 12 only)
‒ CSP tools (SLE 12 only)
SUSE Linux Enterprise 12- Modules and Backports Thursday at 10:45 A.M. 9-Ontvangkamer
27 Managing Your Deployments
• azurectl (coming soon; SUSE initiated project)
‒ python-based library for managing Azure content
‒ replacement for nodejs-based 'azure'
‒ community contribution welcomed: https://github.com/suse/azurectl
azurectl compute image list
‒ azurectl compute storage upload \
‒ --source=
‒ azurectl compute vm create \
‒ --cloud-service-name=
28 Command line tools
• ec2utils (SUSE initiated project)
‒ EC2 image management made easier
‒ part of Enceladus GitHub project
‒ ec2uploadimg
‒ upload a compressed raw file to create an EBS-backed AMI
‒ ec2publishimg
‒ set images public or private
‒ ec2deprecateimg
‒ assign a deprecation date, removal date, replacement image in metadata • aws-cli
‒ Amazon led project in GitHub
29 Command line tools
• gcloud
‒ Google tools developed by Google
‒ Not yet in Github • OpenStack tools
‒ The clients from the OpenStack project that work with HP Helion Public Cloud and SUSE OpenStack Cloud
30 Command line tools
• pint
‒ command-line client for https://susepubliccloudinfo.suse.com
‒ json or XML output
‒ python library for inclusion in your own scripts
‒ part of Enceladus project
pint amazon servers
‒ pint microsoft images --active --region 'West US' \ --filter 'name~sles-11'
‒ pint google images --deleted \
‒ --filter 'deleted<20150101' --json
31 Enceladus
Enceladus is the sixth-largest moon of Saturn. Cassini first discovered a water-rich plume; some of the water vapor from its 100 volcanic geysers falls back as "snow". The atmosphere of Enceladus is composed of 91% water vapor, 4% nitrogen, 3.2% carbon dioxide, and 1.7% methane. In other words, one big cloud.
32 Enceladus project
• open-source code around public cloud projects • https://github.com/suse/Enceladus/
‒ ec2utils
‒ pint
‒ CSP metadata readers
‒ client-side code for our on-demand infrastructure integration
‒ cloud formation templates
‒ Icinga/Nagios plug-ins
33 Getting Started: jump in for free! Getting Started
http://aws.amazon.com/free/
1st year free* 750 hours per month of Linux, including SLES, t2.micro 5GB of S3 storage per month
35 Getting Started
http://azure.microsoft.com/en-us/pricing/free-trial/
$200 credit over 30 days No restrictions except the time limit.
36 Getting Started
https://cloud.google.com/free-trial/
$300 credit over 60 days Limited to eight concurrent cores Credit is used when you exceed the App Engine free quota
37 Now go rock the cloud!
http://suse.com/public-cloud
Thank you.
38 39 Corporate Headquarters +49 911 740 53 0 (Worldwide) Join us on: Maxfeldstrasse 5 www.suse.com www.opensuse.org 90409 Nuremberg Germany
40 Unpublished Work of SUSE LLC. All Rights Reserved. This work is an unpublished work and contains confidential, proprietary and trade secret information of SUSE LLC. Access to this work is restricted to SUSE employees who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of SUSE. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability.
General Disclaimer This document is not to be construed as a promise by any participating company to develop, deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. SUSE makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for SUSE products remains at the sole discretion of SUSE. Further, SUSE reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All SUSE marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.