Monday, March 19, 2018

SUSE is the trusted source for your Cloud Foundry PaaS


With the recent release of the SUSE Cloud Application Platform based on Cloud Foundry and Kubernetes, you might be wondering what benefits SUSE brings to these open source projects. Let me share with you some details about being a trusted source and enterprise-ready.

SUSE has been a major player in the open source industry for over 25 years, and our longstanding success is rooted deeply in this circle of trust. SUSE knows open source. And we know what it means to be enterprise ready. We have repeatedly and successfully turned open source technologies into powerful enterprise-class software solutions you use today. Key to our success, we have an innovative software management stack that is enterprise grade, we have a powerful build model that enhances our abilities to deliver enterprise-ready software, and we deliver enhanced security protection across the whole stack. But most importantly our engineers are trained and certified and ready to serve you.

With SUSE Cloud Application Platform, SUSE brings this model of trusted, enterprise-grade, open source software to your application delivery teams. You get a complete, open source solution with everything needed to accelerate application delivery, including SUSE Cloud Foundry, Stratos UI, SUSE CaaS Platform (our Kubernetes distribution), and SUSE Enterprise Storage. This is a first of its kind built and running on Kubernetes. If you missed what all that means read this blog post about Applying the Cloud Foundry workflow to Kubernetes.

SUSE Linux Enterprise Server is at the core of the technologies we have created. The package management has been enhanced for containers. We have built an enterprise-grade container host OS called MicroOS which utilizes the enhancements. Updates for MicroOS are released on a continuous delivery model as transactional updates. These updates are atomic, don't influence the running system, and can be rolled back in the event you need to. The system can be manually rebooted to activate the changes that were applied from any updates, or be set up to reboot automatically on a scheduled basis through the rebootmgr tool. Everything delivered is signed and verified from SUSE sources. These features make MicroOS an ideal infrastructure for running Kubernetes, by addressing key reliability, availability, serviceability (RAS) and security requirements for any enterprise environment. You can read further at the openSUSE Kubic project portal which is the upstream project for Container as a Service Platform.

Many developers today are comfortable building containers on linux variants that are not enterprise hardened, but those same containers will most likely be unacceptable in production environments. When you use SUSE Cloud Application Platform, you can be assured that your application is built on containers using SUSE Linux Enterprise base images, and you know that your container will make it out of dev/test and into production without any trouble. We utilize our powerful build model and the Open Build Service to build our base container images using KIWI. These container images are built, signed, and verified in the Open Build Service, and then each image is signed and readied for a public/private notary.

Moving up the SUSE Cloud Application Platform stack, you’ll see how we’ve carried our trademark enterprise-grade value further, into SUSE Cloud Foundry. Signed and readied SUSE images are used as our base for the SUSE Cloud Foundry Fissile Stem Cell that runs both the Cloud Foundry application stack and Build Packs. On top of all of that, these OCI compliant images can be used to implement your application, or a third party application, without the hassle of stripping the base image down and recreating it.

The SUSE build model, utilizing the Open Build Service and other open source software gives us the advantage of having a fully secured, tested, signed, and verified delivery of the entire SUSE Cloud Application Platform, from source to image to notary and into your hands. These sources go through hundreds of quality assurance models daily in our openQA tool as part of our pipeline delivery.

And, while we’re on the absolutely critical topic of security, let’s recognize that there’s more to that than secure images. The whole SUSE Cloud Application Platform solution has been designed and delivered with security in mind. We fully support and integrate Apparmor on the container host (MicroOS). We also support the implementation of UEFI Secure Boot, cryptographically hashing of all files, as well as a read-only root file system. Further hardening can be applied by following our hardening guide for SUSE Linux Enterprise Server.

Finally, and perhaps most importantly, we are here to help. We have trained and certified support engineers ready to jump in on a moment’s notice to dig you out of trouble. That’s part of our core mission here at SUSE. We have available many different support offerings from dedicated to semi-dedicated premium engineers that can work directly with your teams.

SUSE is the trusted source for your Cloud Foundry PaaS. Our complete solution will give you everything you need to streamline lifecycle management of traditional and new cloud native applications. This platform facilitates DevOps process integration to accelerate innovation, improve IT responsiveness, and maximize return on investment.

Have a lot of fun!