SUSE Linux Enterprise 11 SP3 tested
The Chameleon's New Clothes
Corporations need long-term stability from the software they use. When they purchase a subscription for an enterprise distribution, corporations are actually buying a promise that the provider will support, maintain, and carefully develop the distribution for as long as possible. Such stability saves the stressed admin from unpleasant tasks like replacing a kernel or some other essential system component.
An enterprise distribution implies that major renovations are needed as infrequently as possible, but without denying the distribution essential new technologies. These usually find their way into the distribution via patches and kernel backports. SUSE and Red Hat offer customers a seven-year and, optionally, a 10-year product life cycle. During this time, both companies keep essential system components such as the kernel, glibc, important system libraries, and development tools as constant as possible. Nevertheless, they regularly provide customers with the latest security patches. This approach also explains the Service Pack or Service Patch designation in the SUSE product name.
SUSE Manager
Companies that use a large number of enterprise distributions must distribute them to and maintain them on a large number of servers. This setup takes a powerful management tool. In contrast to Red Hat – with its Red Hat Customer Portal (RHCP) – SUSE does not offer a cross-site system management via a hosted service but instead offers a virtual appliance that needs to be installed locally: the SUSE Manager [1]. In terms of management, SUSE Manager delivers something similar to the Red Hat tool, but it costs extra. If you register a licensed SUSE Linux Enterprise (SLE) system with SUSE Manager, you have access to extensive management features, including monitoring and a scheduler for scheduling automatic updates.
Live Updates
Even without SUSE Manager, you are required to register with the Novell Customer Center to install SLE. Customers can use the center to request product updates and support and to manage their subscriptions (Figure 1).
You need registration data to configure the Customer Center. Although you can skip registration during installation, this means you cannot access live updates. Users of the trial version can enter a valid email address, the computer name, or an arbitrary description when they register instead of an activation code. An initial online update can be launched directly from the installation.
When updating, you will want to import all the patches from the Needed Patches category. This includes an update of the SLE kernel to version 3.0.82. You will also find a patch for the Firefox ESR version with extended support from 17.04 to 17.07. The patch may not fix the vulnerability in Firefox ESR 17.06, which became known while I was writing this article, because it only seems to affect the Windows version. However, it does demonstrate the timely response of the SLE maintainers (Figure 2).
Because SUSE usually offers patches for SLE in the form of delta RPMs, an online update is fairly quickly done, ideally without rebooting – unless you have updated the kernel (Figure 3).
About Kernels
The main difference between the current SUSE and Red Hat enterprise distributions is the kernel maintenance strategy. From the customer's point of view, it is desirable to avoid changing the major kernel version if possible. To this end, Red Hat maintains a hardened RHEL 2.6.32 kernel in version 6, providing the latest development results in the form of backports. A similar strategy was pursued by SUSE until version SP1, which had the 2.6.32 kernel at the time. SUSE switched to a 3.0 SLE kernel for SP2, which caused the company a few problems. For example, some of the drivers built for SP1 no longer worked with SP2, and SUSE needed to make some adjustments to fix this problem.
In SP3, SUSE returned to its conservative kernel strategy. The distribution keeps the series 3 kernel, version 3.0.76, and integrates any necessary updates, such as current hardware drivers, via backports. They add a number of improvements to memory management and increased I/O throughput for CPU-intensive tasks to SLE SP3. Following the update of the kernel code for KVM and Xen, the current SLE kernel 3.0.82 also influenced the supported virtualization capabilities of SLE 11 SP3.