Jump to content
documentation.suse.com / Public Cloud Guide
SUSE Linux Enterprise

Public Cloud Guide

This guide explains how to use SUSE Linux Enterprise in public clouds.

Authors: Christoph Wickert and Robert Schweikert
Publication Date: November 24, 2022

Copyright © 2021–2022 SUSE LLC and contributors. All rights reserved.

Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or (at your option) version 1.3; with the Invariant Section being this copyright notice and license. A copy of the license version 1.2 is included in the section entitled GNU Free Documentation License.

For SUSE trademarks, see http://www.suse.com/company/legal/. All third-party trademarks are the property of their respective owners. Trademark symbols (®, ™ etc.) denote trademarks of SUSE and its affiliates. Asterisks (*) denote third-party trademarks.

All information found in this book has been compiled with utmost attention to detail. However, this does not guarantee complete accuracy. Neither SUSE LLC, its affiliates, the authors nor the translators shall be held liable for possible errors or the consequences thereof.

About this guide

This chapter provides information about this guide itself and how to use it.

This guide explains how to use SUSE Linux Enterprise in public clouds.

This guide contains the following:

Chapter 1, Getting started

SUSE—together with the cloud service providers—offers different products and plans to cater to a variety of use cases. Find out which works best for you.

Chapter 2, Public cloud images

SUSE offers a variety of different product images for different use cases in partner cloud provider frameworks. Learn how to find the image that meets your use case.

1 Available documentation

Note
Note: Online documentation and latest updates

Documentation for our products is available at https://documentation.suse.comhttp://doc.opensuse.org/, where you can also find the latest updates, and browse or download the documentation in various formats. The latest documentation updates can usually be found in the English language version.

In addition, the product documentation is usually available in your installed system under /usr/share/doc/manual.

The following documentation is available for this product:

Book “Public Cloud Guide”

This guide explains how to use SUSE Linux Enterprise in public clouds.

2 Improving the documentation

Your feedback and contributions to this documentation are welcome. The following channels for giving feedback are available:

Service requests and support

For services and support options available for your product, see http://www.suse.com/support/.

To open a service request, you need a SUSE subscription registered at SUSE Customer Center. Go to https://scc.suse.com/support/requests, log in, and click Create New.

Bug reports

Report issues with the documentation at https://bugzilla.suse.com/.

To simplify this process, click the Report an issue icon next to a headline in the HTML version of this document. This preselects the right product and category in Bugzilla and adds a link to the current section. You can start typing your bug report right away.

A Bugzilla account is required.

Contributions

To contribute to this documentation, click the Edit source document icon next to a headline in the HTML version of this document. This will take you to the source code on GitHub, where you can open a pull request.

A GitHub account is required.

Note
Note: Edit source document only available for English

The Edit source document icons are only available for the English version of each document. For all other languages, use the Report an issue icons instead.

For more information about the documentation environment used for this documentation, see the repository's README at https://github.com/SUSE/doc-public-cloud.

Mail

You can also report errors and send feedback concerning the documentation to <>. Include the document title, the product version, and the publication date of the document. Additionally, include the relevant section number and title (or provide the URL) and provide a concise description of the problem.

3 Documentation conventions

The following notices and typographic conventions are used in this document:

  • /etc/passwd: Directory names and file names

  • PLACEHOLDER: Replace PLACEHOLDER with the actual value

  • PATH: An environment variable

  • ls, --help: Commands, options, and parameters

  • user: The name of user or group

  • package_name: The name of a software package

  • Alt, AltF1: A key to press or a key combination. Keys are shown in uppercase as on a keyboard.

  • File, File › Save As: menu items, buttons

  • AMD/Intel This paragraph is only relevant for the AMD64/Intel 64 architectures. The arrows mark the beginning and the end of the text block.

    IBM Z, POWER This paragraph is only relevant for the architectures IBM Z and POWER. The arrows mark the beginning and the end of the text block.

  • Chapter 1, Example chapter: A cross-reference to another chapter in this guide.

  • Commands that must be run with root privileges. Often you can also prefix these commands with the sudo command to run them as non-privileged user.

    # command
    > sudo command
  • Commands that can be run by non-privileged users.

    > command
  • Notices

    Warning
    Warning: Warning notice

    Vital information you must be aware of before proceeding. Warns you about security issues, potential loss of data, damage to hardware, or physical hazards.

    Important
    Important: Important notice

    Important information you should be aware of before proceeding.

    Note
    Note: Note notice

    Additional information, for example about differences in software versions.

    Tip
    Tip: Tip notice

    Helpful information, like a guideline or a piece of practical advice.

  • Compact Notices

    Note

    Additional information, for example about differences in software versions.

    Tip

    Helpful information, like a guideline or a piece of practical advice.

1 Getting started

SUSE—together with the cloud service providers—offers different products and plans to cater to a variety of use cases. Find out which works best for you.

1.1 Products

The following SUSE products are available for public cloud:

  • SUSE Linux Enterprise Server

  • SUSE Linux Enterprise High Performance Computing

  • SUSE Linux Enterprise Micro

  • SUSE Linux Enterprise Server for SAP Applications

  • SUSE Manager Server

  • SUSE Manager Proxy

  • openSUSE Leap

Note

To constantly adjust and improve SUSE's offerings, availability of products and versions is subject to change and may differ between cloud frameworks.

1.2 Cloud service providers

SUSE publishes product images in the following cloud service provider frameworks:

  • Amazon Web Services

  • Microsoft Azure

  • Google Cloud

Tip

SUSE images are also available in other provider frameworks. Images in other providers are generally created and published by the provider.

Please note that this list may change. If you are interested in becoming a SUSE partner, visit https://www.suse.com/partners/cloud-service-providers/ for more information.

1.3 Plans

SUSE—together with the cloud service providers—offers different plans to cater to a variety of use cases. While details differ depending on the cloud framework, usually there are two types of subscriptions.

Pay as you go (PAYG)

Pay as you go (PAYG) images are used to create on-demand instances. When an instance is first booted, it automatically registers with a local update server. Once the system finishes booting, it is ready to use.

Create an instance when you need it and delete it when you are done. While in use, you have access to updates from SUSE through the automatically configured repositories. You only pay for the resources you use. Upcharges over the basic cloud prices may apply, depending on the image and framework.

PAYG instances include support through the cloud provider which in turn is supported by SUSE. Microsoft Azure also offers a basic PAYG image that only includes updates. Instances created from this image are not eligible for support.

Bring your own subscription (BYOS)

Bring your own subscription (BYOS) images are useful if you already have a support contract with SUSE and want to move your workloads to the public cloud. An instance launched from a BYOS image is equivalent to a physical machine that just received a SUSE Linux Enterprise Server installation from the SLES installation image. After creation, use registercloudguest to register the instance with the SUSE-operated update infrastructure in the cloud framework or use the SUSEConnect to register the system with SUSE Customer Center using the entitlements you already have. Connect your system to your own running RMT or SUSE Manager infrastructure in the same way you connect systems in your data center.

BYOS instances make it easier to manage extensions such as LTSS or kernel live-patching. Extensions for PAYG instances can only be used in conjunction with SUSE Manager.

In summary, if you already have a direct relationship with SUSE you generally want to start out with BYOS. You can still use PAYG for on-demand excess capacity.

Table 1.1: Feature comparison

Plan

Pay as you go (PAYG)

Bring your own subscription (BYOS)

Customer relationship

with cloud provider

with cloud provider and SUSE

Pricing

per use

per instance and license

Registration

with a local update server upon instance creation

with your RMT or SUSE Manager infrastructure or directly with the SUSE Customer Center

Support

L1 and L2 support by cloud provider, L3 by SUSE

Full support by SUSE directly

Extended ESPOS1 or LTSS2 or support

only if included in image base product

available

Extensions

only with SUSE Manager

no limitations

1 ESPOS: Extended Service Pack Overlay Support
2 LTSS: Long-Term Service Pack Support
Important
Important: Switching plans

Switching from PAYG to BYOS or vice-versa is only possible on Microsoft Azure through the Hybrid Benefit program. For all other cloud providers, you remain on the plan you initially selected for as long as the instance is running. The only way to switch plans is to start with the other image and rebuild your system.

Important
Important: Do not register PAYG instances with the SUSE Customer Center

Registering PAYG instances with the SUSE Customer Center or your own RMT server will create conflicts that are not easily solved. Only register BYOS instances. PAYG instances are automatically registered against the correct update server.

1.4 Supported instance types

To find out what types of instances are supported by each provider, refer to the SUSE Public Cloud Instance Support Matrix. Select your SUSE Linux Enterprise product and your cloud provider to see a list of supported instance types.

1.5 Support

Regardless of the public cloud you use and the plan you choose, SUSE has you covered with support. Support is dependent on whether you "bring your own subscription" (BYOS) or you use SUSE Linux Enterprise "on-demand" (PAYG). For more information about BYOS and PAYG, refer to Section 1.3, “Plans”.

  • PAYG instances include support through the cloud provider which in turn is supported by SUSE. If you have a problem, always contact your cloud service provider for assistance. They provide 1st and 2nd level support, SUSE will provide level 3 if necessary.

    Important
    Important: Microsoft Azure basic images

    Microsoft Azure also offers a basic PAYG image that only includes updates. Instances created from this image are not eligible for support.

  • BYOS instances are supported by SUSE under the terms of your SUSE subscription. For an overview of SUSE's support subscriptions, refer to https://www.suse.com/support/.

For more information, refer to the SUSE Technical Support Policy and the support statement for SUSE Linux Enterprise in Appendix A, Support.

For information on how to contact the SUSE support team and report problems, refer to the SUSE Technical Support Guide.

2 Public cloud images

SUSE offers a variety of different product images for different use cases in partner cloud provider frameworks. Learn how to find the image that meets your use case.

2.1 Image lifecycle

All SUSE public cloud images follow a refresh cycle up to the point of deletion. The refresh cycle follows a 'rolling' three month time frame. What this means:

  • Images in an active state are refreshed every three months. Replaced images are moved to the deprecated state.

  • If a critical security vulnerability occurs, images in active and inactive states are updated as soon as possible once the fix for the affected code is available. For images in active state the three month timer restarts with this forced replacement.

    SUSE is committed to address all security vulnerabilities disclosed through the Common Vulnerabilities and Exposures process (CVE) and a score of 9.0 or greater in the Common Vulnerability Scoring System (CVSS). For more information about the effects and rating of CVEs, refer to the SUSE CVE database.

The life cycle of an image consists of four different states:

SUSE public cloud image states
Active

Active images are fully supported and refreshed at least every three months. The duration lasts until the image is replaced by a newer image version.

Inactive

Inactive images are supported following the rules of LTSS or ESPOS and will only get refreshed for critical security updates. The duration term is defined by the product. For more information, refer to https://www.suse.com/de-de/support/policy-products/#cloud

Deprecated

Deprecated images may no longer be supported. The status of support depends on the support status of the product in the image. Deprecated images are not made available in regions added after an image has been set to deprecated and images do no longer get refreshed. At the end of the six month deprecation period, images are subject to deletion. It is strongly discouraged to use deprecated images to create new instances.

Deleted

Deleted images are no longer supported or available for instance creation.

Important
Important: Only use active images for new instances

It is strongly recommended to only use active images to launch instances for new deployments.

2.2 Naming scheme

Names for SUSE's public cloud images consist of multiple parts that contain information about the product, its version, a time stamp indicating the release date of the image, and more. The general naming scheme for SUSE's public cloud images is as follows:

PRODUCT-FLAVOR-vVERSION-VIRTUALIZATION-STORAGE-ARCHITECTURE-GEN

Not all components of this naming scheme are used in all frameworks.

SUSE public cloud image naming scheme
PRODUCT

Abbreviated name of the product in lower case letters, e.g. suse-sles-15-sp3 or suse-manager-4-1-proxy. This part may also be search-optimized per cloud framework. For example the prefix suse- helps when searching for SUSE in the general catalog in Amazon Web Services.

FLAVOR

Images can have different flavors such as chost or byos. If it is the default image of a product, this part will be omitted. Multiple FLAVOR attributes may be combined in an image name. For example sles-15-sp3-chost-byos is an image build based on SUSE Linux Enterprise Server 15 SP3 build as a container host using a BYOS (Bring Your Own Subscription) billing model. Images without byos in the name are set up the image is set up for PAYG (Pay As You Go) billing. For more information about the different billing models, refer to Section 1.3, “Plans”.

SUSE Linux Enterprise flavors
  • byos: Bring your own subscription (BYOS) image

  • chost: Minimal container host image

  • hardened: Pre-hardened images, see Section 2.5, “Hardened Images”

  • hpc: SUSE Linux Enterprise High Performance Computing image

  • sap: SUSE Linux Enterprise Server for SAP Applications image

  • sapcal: SAP Cloud Application Library image

Not all flavors are available for all could frameworks; some are provider-specific.

Amazon Web Services flavors
  • ecs: Amazon Elastic Container Service image

Microsoft Azure flavors
  • basic: PAYG image that only includes updates but no support

  • standard: Fully supported PAYG image

VERSION

Upload date of the image in the format vYYYYMMDD (ISO 8601).

VIRTUALIZATION (AWS-only)

SUSE no longer supports or publishes para-virtualized images. The virtualization type was encoded as pv (para-virtualized) or hvm (hardware-assisted virtual machine). The hvm part of the image name has been retained in an effort to not break backward compatibility.

STORAGE (AWS-only)

SUSE no longer publishes images that are based on hard disk (magnetic) backed storage. This used to be encoded as mag. All published images are backed by SSD. The ssd part of the image name has been retained in an effort to not break backward compatibility.

ARCHITECTURE

Either x86_64 or arm64. SUSE no longer supports or publishes 32 bit x86 images. Images with the i386 identifier are visible in Public Cloud Information Tracker data.

GENERATION (Microsoft Azure-only)

appended as gen2 for 2nd Generation VMs.

2.3 Public Cloud Information Tracker

The Public Cloud Information Tracker (PINT) provides information about the images SUSE publishes and servers that are part of the SUSE operated update infrastructure. PINT is available at https://pint.suse.com/ and provided as an API and command-line tool with the python3-susepubliccloudinfo package from the Public Cloud Module repository.

Screenshot of the SUSE Public Cloud Information Tracker (PINT)
Figure 2.1: Overview of SUSE Public Cloud Information Tracker (PINT)

Use the drop-down boxes to view images, servers, or both and filter by cloud framework, state, and region. You can also search for strings and adjust the number of results shown per page.

2.3.1 Images view

The following columns are shown in the Images view. Please note columns depend on the the cloud frameworks.

Columns in the Images view
Name

Name of the image. For more information about the image naming scheme, refer to Section 2.2, “Naming scheme”.

State

State of the image. Can be one of active, inactive, deprecated, or deleted. For more information, refer to Section 2.1, “Image lifecycle”.

Replacement

Name of the image that replaces another.

Replacement ID

ID of the image that replaces another. Only shown for Amazon, Oracle, and Alibaba; images on Google and Microsoft do not have IDs.

Published Date

Publication date of the image. Displayed in the format YYYYMMDD (ISO 8601).

Deprecated Date

Date the image was deprecated by a newer one. Displayed in the format YYYYMMDD (ISO 8601). Only shown for deprecated or deleted images.

Project

Project of the image. Projects are used to organize Google Cloud Platform resources. Only shown for Google Cloud Platform

Region

Region of the image.

Environment

Environment of the image. Only shown for Microsoft Azure.

ID

Unique identifier of the image. While the Name of an image is the same across different regions, the ID is unique.

URN

Uniform Resource Name of an image. While the Name of an image is different across the environments, the URN is the same. Only shown for Microsoft Azure.

Deleted on

Date the image was deleted in the format YYYYMMDD (ISO 8601). Only shown for deleted images.

Changelog

Link to a detailed changelog that lists image configuration changes, CVE fixes, package version changes, and package changelogs. For more information, refer to Section 2.4, “Change information”

Image changelogs are only available for images that replace others. For initial images of new product versions, refer to the product's release notes.

2.3.2 Servers view

The following columns are displayed in the Servers view:

Columns in the Servers view
Name

Host name of the server. Region servers do not have host names. Host names are not DNS resolvable.

IP

IP address of the server.

Region

Region of the server. For optimal performance SUSE provides servers in most regions of a cloud framework.

Type

One of regionserver or smt. In every framework where SUSE operates an update infrastructure, the regionserver systems are randomly distributed across regions and the smt servers are available in most regions. Every region has smt servers assigned.

2.4 Change information

Whenever a new image gets released, you can review changes compared to the previously released image. Search for an image in PINT and click on its entry in the Changelog column.

Image change information is divided into different categories:

Image configuration changes

This category describes changes in the image setup; for example, if a new service was enabled, kernel parameters were changed, or if packages were added or removed.

CVE fixes

This category lists security fixes in the image. Entries are cross linked to the SUSE CVE database. For more information, refer to Section 2.1, “Image lifecycle”.

Package version changes

This category lists all packages that had version changes compared to the previous image and the version in that image.

Changelog information

This category shows a concatenated changelog of all packages that had changes.

Note
Note: Change information for new product versions

Please note that that image change information is only available for updated images, meaning for images that replace previous images of the same product version.

For initial images of new product versions, refer to the product's release notes at https://www.suse.com/releasenotes.

To allow for automatic retrieval of image change information, all URLs follow the schema:

https://publiccloudimagechangeinfo.suse.com/FRAMEWORK/IMAGE/CHANGES.html

  • FRAMEWORK is the cloud framework as used in the pint command-line tool; i.e. one of alibaba, amazon, google, microsoft, or oracle.

  • IMAGE is the name of the image as shown by PINT, e.g. suse-sles-15-sp3-byos-v20220127-hvm-ssd-x86_64.

  • CHANGES is the category of the changes, i. e. one of cve_fixes, image_changes, package_changelogs, or package_version_changes. Do not forget the .html extension to complete the URL.

2.5 Hardened Images

To improve overall security, SUSE provides hardened images of some products. The images are hardened using OpenSCAP, a collection of open source tools that implement the Security Content Automation Protocol (SCAP) maintained by the National Institute of Standards and Technology (NIST). OpenSCAP supports automated configuration, vulnerability and patch checking, technical control compliance activities, and security measurement.

All images are pre-hardened to the extent they can safely be hardened without causing problems in public cloud frameworks. Certain rules can only be applied after instance creation, for example:

  • Rules that require having passwords set up. Passwords would have to be public if configured during image build. This would defeat the purpose of a secret password.

  • Rules that affect the network configuration. Networking is set up during instance creation, therefore it is not possible to limit access during image build.

  • Rules for custom partitioning. SUSE's public cloud images are partitioned to meet the requirements of the framework in which they are released. If your system needs to meet standards that require separate file systems for given directories, we recommend that you build your own images and use LVM or move those directories onto attached disks to get the strictest data separation possible.

  • Rules to remove packages. SUSE's public cloud images cater a wide range of use cases. Even if the number of packages is limited, it is impossible to determine what packages an instance requires.

After instance creation, users can use the installed openscap packages to complete the image hardening process using any of the following profiles:

Standard (standard.profile)

Basic OpenSCAP system security standard.

CIS Server Level 2 (cis.profile)

The Center for Internet Security Server Level 2 profile is considered to be defense in depth and is intended for environments where security is paramount. The recommendations associated with this profile can have an adverse effect on your organization if not implemented appropriately or without due care. For more information, refer to https://www.cisecurity.org.

Department of Defense STIG (stig.profile)

The Defense Information Systems Agency publishes Security Technical Implementation Guides (STIGs) for the Department of Defense. The STIG profile replaces the previous CIS Level 3 profile and provides all recommendations that are STIG specific. Overlap of recommendations from other profiles, i.e. CIS Level 1 and Level 2, are present in the STIG profile as applicable. For more information, refer to https://public.cyber.mil/stigs/.

HIPAA Security Rule (hipaa.profile)

In response to the Health Insurance Portability and Accountability Act (HIPAA) of 1996, the U.S. Department of Health and Human Services developed Security Standards for the Protection of Electronic Protected Health Information, commonly known as the HIPAA Security Rule. It establishes national standards to protect individuals` electronic personal health information (e-PHI) that is created, received, used, or maintained by a covered entity. For more information, refer to https://www.hhs.gov/hipaa/for-professionals/security/index.html.

Payment Card Industry Data Security Standard (pci-dss.profile)

The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements to guide merchants to protect cardholder data. It is maintained by the PCI Security Standards Council (SSC) that was founded by all five major credit card brands Visa, MasterCard, American Express, Discover, and JCB. For more information, refer to https://www.pcisecuritystandards.org/document_library.

All profile files are available in the ComplianceAsCode repository.

For a complete list of rules that have been applied during pre-hardening, refer to pcs-hardening.profile. This profile is a combination of the STIG and CIS profiles minus rules that can only be applied after instance creation.

Images of SUSE Linux Enterprise Server for SAP Applications are hardened using a modified version of the profile called pcs-hardening-sap.profile. Users may need to make additional modifications to the system configuration depending on individual application needs.

Important
Important: Recommended profiles

SUSE recommends using either the CIS or the STIG profile. You can use other profiles at your own discretion.

To evaluate an instance, you can run:

> sudo oscap xccdf eval \
 --profile stig1 \
 --results /tmp/results.xml2 \
 --report /tmp/report.html3 \
 --stig-viewer /tmp/stigviewer.xml4 \
 /usr/share/xml/scap/ssg/content/ssg-sle15-ds-1.2.xml5

1

Specifies the profile to use, e.g. stig or cis.

2

Saves the results of the evaluation to /tmp/results.xml

3

Generates a HTML report called /tmp/report.html in addition to the results in XML.

4

Saves the results to /tmp/stigviewer.xml, which can be imported into the DISA STIG Viewer. Refer to https://pub-lic.cyber.mil/stigs/srg-stig-tools/ for information about DISA STIG Viewer.

5

Scap Security Guide (SSG) policy file in the datastream (ds) format. Make sure to select the correct version for your instance. To list all available policies, run: ls -1 /usr/share/xml/scap/ssg/content/ssg-*-ds.xml.For more information about a particular policy, run oscap info on the file.

The evaluation process usually takes a few minutes, depending on the number of selected rules.

To remediate an instance, add the --remediate parameter:

> sudo oscap xccdf eval --remediate\
 --profile stig \
 --results /tmp/results.xml \
 --report /tmp/report.html \
 --stig-viewer /tmp/stigviewer.xml \
 /usr/share/xml/scap/ssg/content/ssg-sle15-ds-1.2.xml

For more information on how to harden your system with OpenSCAP, refer to the SCAP Security Guide.

3 Managing cloud instances

SUSE Linux Enterprise in public clouds is managed almost like on bare metal or in virtual environments. Learn about what is different in the cloud.

3.1 Registering instances

Like other SUSE products, SUSE Linux Enterprise in public clouds has to be registered to receive updates. There are different ways to register, depending on the image flavor chosen for the instance.

  • PAYG instances are registered automatically against the SUSE-operated update infrastructure in the cloud framework region, or geographically close region. The guestregister.service manages the registration on first boot.

  • BYOS instances have to be registered manually with your SUSE registration key. You can register with the cloud framework's SUSE update servers, the SUSE Customer Center, or your own SUSE Manager or RMT infrastructure.

BYOS instances with cloud-regionsrv-client version 9.3.0 or higher can be registered with the cloud framework's SUSE update servers using registercloudguest --regcode with your SUSE Customer Center registration code.

BYOS instances created from images with a datestamp of 20220103 or later contain all required packages. For BYOS instances created from images with a date stamp prior to 20220103, cloud-regionsrv-client and other packages have to be installed first before connecting to the cloud framework's SUSE update servers. Refer to Section 3.1.1, “Register with registercloudguest for instructions.

Registrations for BYOS instances to the update infrastructure are forwarded from the update server to the SUSE Customer Center, so your cloud instances show up in your SUSE account and count against the system count of your subscription.

Any BYOS instance can be registered directly with the SUSE Customer Center.

In summary, use registercloudguest to register with the local cloud update infrastructure to benefit from faster downloads. Use SUSEConnect to register with SUSE Customer Center, or your own SUSE Manager or RMT infrastructure.

Important
Important: registercloudguest limitations

Not all products and flavors can be registered with registercloudguest.

  • Container host (chost) images are optimized for container workloads and contain only a few packages outside of the bare minimum to make containers run. These images do not contain registercloudguest, but you can register instances with the SUSE Customer Center first, install the necessary packages and then register with the SUSE-operated update infrastructure in the cloud framework region. Refer to Section 3.1.1, “Register with registercloudguest for instructions.

  • SUSE Linux Enterprise Micro (sle-micro) uses a read-only root file system with transactional updates. SLE Micro images do not contain registercloudguest. To register an instance, use the command transactional-update register. Refer to the SUSE Linux Enterprise Micro Administration Guide for more information.

  • SUSE Manager (suse-manager) can only be registered with the SUSE Customer Center.

3.1.1 Register with registercloudguest

To register a BYOS instance with registercloudguest, perform the following steps:

  1. Check if the cloud-regionsrv-client package is installed:

    # rpm -q cloud-regionsrv-client

    If the package is not installed or older than version 9.3.0, install or update it. You will need some additional packages, depending on your cloud framework.

    1. For Amazon EC2 run:

      # zypper in cloud-regionsrv-client cloud-regionsrv-client-plugin-ec2 \
       regionServiceClientConfigEC2 regionServiceCertsEC2
    2. For Microsoft Azure run:

      # zypper in cloud-regionsrv-client cloud-regionsrv-client-plugin-azure \
       regionServiceClientConfigAzure regionServiceCertsAzure
    3. For Google Compute Engine run:

      # zypper in cloud-regionsrv-client cloud-regionsrv-client-plugin-gce \
       regionServiceClientConfigGCE regionServiceCertsGCE
  2. Disconnect your instance from the SUSE Customer Center:

    # registercloudguest --clean

    Do not use SUSEConnect -d; it will no longer work.

  3. Connect the instance to the SUSE update infrastructure in the public cloud. Replace REGISTRATION_CODE with a valid registration code. Replace EMAIL_ADDRESS with the e-mail address associated with the SUSE account you or your organization uses to manage subscriptions.

    # registercloudguest -r REGISTRATION_CODE  -e EMAIL_ADDRESS

    This will only register the base product and any recommended products. For instances created from images with a datestamp later than 20220103, it will also set up the repositories for the Public Cloud Module.

  4. For instances created from images with a date stamp prior to 20220103 it is strongly recommended to also add the Public Cloud Module repositories. For SUSE Linux Enterprise 15 SP4, run:

    # SUSEConnect -p sle-module-public-cloud/15.4/x86_64

    For other versions or a complete list of modules and their product identifiers, run SUSEConnect --list-extensions.

3.1.2 Register with SUSEConnect

To register a BYOS instance with the SUSE Customer Center, use the command:

# SUSEConnect -r REGISTRATION_CODE -e EMAIL_ADDRESS

Replace REGISTRATION_CODE with a valid registration code. Replace EMAIL_ADDRESS with the e-mail address associated with the SUSE account you or your organization uses to manage subscriptions.

To register with your own registration server, also provide its URL:

# SUSEConnect -r REGISTRATION_CODE -e EMAIL_ADDRESS --url URL

3.2 Deregister instances

If you are to decommission an instance, remember to deregister it before termination. This will ensure that the system gets removed from the SUSE Customer Center and is no longer counted against your subscription.

  1. Run SUSEConnect --status-text to check the registration status.

  2. If the system is registered, check if the file /var/log/guestregister exists. This usually indicates the system was registered with registercloudguest.

  3. Deregister the system:

    1. If a system was registered with registercloudguest, run:

      # registercloudguest --clean
    2. If a system was registered with SUSEConnect, run:

      # SUSEConnect -d

      If this does not work, make sure the package cloud-regionsrv-client is not installed. It may have been installed after the system was registered.

A Support

Find the support statement for SUSE Linux Enterprise and general information about technology previews below. For details about the product lifecycle, see https://www.suse.com/lifecycle.

If you are entitled to support, find details on how to collect information for a support ticket at https://documentation.suse.com/sles-15/html/SLES-all/cha-adm-support.html.

A.1 Support statement for SUSE Linux Enterprise

To receive support, you need an appropriate subscription with SUSE. To view the specific support offerings available to you, go to https://www.suse.com/support/ and select your product.

The support levels are defined as follows:

L1

Problem determination, which means technical support designed to provide compatibility information, usage support, ongoing maintenance, information gathering and basic troubleshooting using available documentation.

L2

Problem isolation, which means technical support designed to analyze data, reproduce customer problems, isolate problem area and provide a resolution for problems not resolved by Level 1 or prepare for Level 3.

L3

Problem resolution, which means technical support designed to resolve problems by engaging engineering to resolve product defects which have been identified by Level 2 support.

For contracted customers and partners, SUSE Linux Enterprise is delivered with L3 support for all packages, except for the following:

  • Technology previews.

  • Sound, graphics, fonts, and artwork.

  • Packages that require an additional customer contract.

  • Some packages shipped as part of the module Workstation Extension are L2-supported only.

  • Packages with names ending in -devel (containing header files and similar developer resources) will only be supported together with their main packages.

SUSE will only support the usage of original packages. That is, packages that are unchanged and not recompiled.

A.2 Technology previews

Technology previews are packages, stacks, or features delivered by SUSE to provide glimpses into upcoming innovations. Technology previews are included for your convenience to give you a chance to test new technologies within your environment. We would appreciate your feedback! If you test a technology preview, please contact your SUSE representative and let them know about your experience and use cases. Your input is helpful for future development.

Technology previews have the following limitations:

  • Technology previews are still in development. Therefore, they may be functionally incomplete, unstable, or in other ways not suitable for production use.

  • Technology previews are not supported.

  • Technology previews may only be available for specific hardware architectures.

  • Details and functionality of technology previews are subject to change. As a result, upgrading to subsequent releases of a technology preview may be impossible and require a fresh installation.

  • SUSE may discover that a preview does not meet customer or market needs, or does not comply with enterprise standards. Technology previews can be removed from a product at any time. SUSE does not commit to providing a supported version of such technologies in the future.

For an overview of technology previews shipped with your product, see the release notes at https://www.suse.com/releasenotes/x86_64/public-cloud.