Enterprise AI Lifecycle with SUSE AI and ClearML #

This technical reference provides a validated design for building an enterprise-grade AI compute and machine learning operations (MLOps) platform using SUSE® AI integrated with ClearML. It describes an opinionated but flexible architecture, designed to help organizations deploy, operate, and scale machine learning workloads in a secure, consistent, and observable manner across on-premises, cloud, and hybrid environments.

As enterprises increasingly adopt artificial intelligence to drive business value, many face challenges in moving from isolated experimentation to reliable, repeatable production deployments. Common obstacles include fragmented tooling, inconsistent environments, limited lifecycle visibility, and difficulties in scaling GPU-enabled workloads while maintaining security and governance. SUSE AI and ClearML together address these challenges by providing a Kubernetes-native foundation for AI workloads combined with end-to-end MLOps capabilities.

This reference configuration focuses on platform-level concerns rather than data science methodologies. It outlines how platform teams can standardize machine learning workflows, manage shared AI infrastructure, and enable multiple data science teams to work efficiently within a governed and observable environment at enterprise scale. It includes discussion of the business context and its value. It also covers technical architecture and provides operational guidance.

Enterprises increasingly invest in AI infrastructure to support process automation, AI model development, and management. While many organizations succeed in acquiring powerful hardware, they often struggle to operate it efficiently, securely, and at scale.

Without a centralized infrastructure management layer, AI resources are frequently underutilized, fragmented across teams, and difficult to govern. Inconsistent access controls, limited visibility into usage, and ad hoc workload orchestration lead to poor utilization of expensive compute and increased operational overhead, resulting in lost ROI.

This reference configuration addresses these challenges by providing an enterprise-ready AI infrastructure management platform based on SUSE AI and ClearML. The solution enables organizations to operate shared compute as a controlled, multi-tenant platform while offering essential tools that support AI builders without requiring a separate MLOps stack.

The solution integrates SUSE AI and ClearML to provide a unified AI infrastructure platform. It supports the full lifecycle of AI workloads—from experimentation and training to deployment and monitoring—while ensuring consistency, security, and operational visibility. Its architecture follows a layered, Kubernetes-native design that allows clear separation of responsibilities. This results in highly flexible, AI infrastructure that can scale across on-premises, hybrid, and multi-cloud environments.

At a high level, the architecture consists of the following layers:

The following diagram illustrates the details of this architecture.

Figure 1: SUSE AI and ClearML AI Platform Architecture #

 

Note

This reference configuration focuses on architectural patterns and integration points. For installation details and hardware-specific guidance, refer to the official SUSE and ClearML documentation.

The key components of the solution are:

Each component is further described in the next sections.

This section describes the primary software components that compose the solution, including their roles in infrastructure and workload management.

This section provides a high-level overview for deploying ClearML into your SUSE AI environment. It describes deployment considerations for the major compute platform and software layers to form a functional platform for AI workloads. The solution is represented as a layered stack, where each layer depends on the services provided by the layer below it. Deployment is performed in a bottom-up sequence, ensuring that each foundational capability is in place before higher-level services are introduced.

Figure 2: SUSE AI and ClearML Layered Diagram #

 

5.1 SUSE Linux Enterprise Server #

 

At the base of the software stack is SUSE Linux Enterprise Server. You can download SUSE Linux Enterprise Server as an ISO file or virtual machine image from SUSE Linux Enterprise Server Downloads or from the SUSE Customer Center (SCC). Be sure to select the appropriate, supported version of SUSE Linux Enterprise Server by reviewing the SUSE Rancher support matrix.

You will need to register your installed system with SUSE Customer Center to obtain software packages and patches. You can do this by configuring each node in one of the following ways:

• directly access the SUSE Customer Center through an external network

• use your organization’s internal, SUSE® Multi-Linux Manager infrastructure

• leverage a local server running an instance of SUSE Remote Mirroring Tool (RMT)

Tip

During OS installation, you can point each node to the respective update service. This can also be accomplished post-installation with the command line tool, SUSEConnect.

In production environments, you can optimize deployment and reduce manual interaction with unattended, automated deployments. See Automated Installation Using Agama.

Ensure these additional considerations are configured on each node:

1. Domain Name Service (DNS) - an external network-accessible service to map IP Addresses to host names

2. Network Time Protocol (NTP) - an external network-accessible service to obtain and synchronize system times to aid in time stamp consistency

3. Ensure connectivity by configuring the firewall to allow necessary inbound RKE2 ports or, depending on your security compliance requirements, disable the firewall service.

5.2 SUSE RKE2 #

 

SUSE RKE2 provides the Kubernetes layer to host SUSE Rancher Prime. For a stable, secure, and scalable RKE2 deployment, consider the following:

• Version - Identify the appropriate, supported version of RKE2 by reviewing the SUSE Rancher: Support Matrix.

• Availability - For production deployments, use an odd number of control plane / etcd nodes (minimum three) to maintain etcd quorum and prevent loss of cluster availability. When deploying multiple control-plane nodes, use an external load balancer to distribute traffic across the Kubernetes API servers.

• Networking - Ensure that all required Kubernetes, etcd, and container runtime ports are open between cluster nodes. Latency and packet loss between nodes—especially etcd members—can negatively impact cluster stability and performance.

• etcd Data Protection - etcd stores all Kubernetes cluster state and configuration. Enable regular etcd snapshots and store backups outside the cluster to support disaster recovery and cluster restoration.

• Security - Restrict SSH access to cluster nodes using key-based authentication only. Use least-privilege access for the SSH user specified in the cluster.yml file. Protect the generated cluster.yml file, as it provides administrative access to the cluster.

• Scalability - Additional worker or control-plane nodes can be added to the cluster after initial deployment by updating the cluster.yml file and re-running the rke up command. Plan IP addressing, DNS, and load balancer capacity accordingly.

• Certificate Management - RKE2 automatically generates and manages Kubernetes certificates. If a load balancer or external endpoint is used, ensure all required IP addresses and FQDNs are included in the cluster.yml file to avoid certificate validation issues.

• Operating System Configuration - Disable swap and ensure required kernel modules are loaded on all nodes. Apply consistent OS configuration across nodes to avoid unpredictable behavior.

• Upgrade Strategy - Before upgrading Kubernetes or RKE2 versions, review the supported version matrix and perform upgrades in a test environment. Back up etcd data prior to any upgrade operation.

• Logging and Monitoring - Plan for cluster-level monitoring and logging early in the deployment lifecycle to simplify troubleshooting and operational visibility.

Note

RKE2 installation requires a client system (an administrative workstation) that has been configured with kubectl utility.

The deployment process includes the major steps outlined below.

1. Select your installation method.

   RKE2 supports multiple installation methods, including TAR archive installation, RPM-based installation, and manual binary installation. The TAR archive installation method is recommended for most deployment scenarios because of its flexibility and consistency across environments. Refer to the official RKE2: Installation Methods documentation for details.

2. Install RKE2 on the control plane nodes.

   Install RKE2 on each server node by following the official guidance in RKE2: Installation Quickstart.

3. Configure high availability by following guidance provided in RKE2: Installation High Availability.

   

   Note

   For multi-node control plane deployments, you will need to provision an external load balancer to distribute traffic across server nodes.

   Ensure that the load balancer IP address or fully qualified domain name (FQDN) is included in the TLS Subject Alternative Name (SAN) configuration to prevent certificate validation issues.

4. Install the appropriate agent on your worker nodes.

   Instructions for installing the Linux or Windows Agent are provided in RKE2: Installation Quickstart.

   

   Tip

   Ensure that each worker node meets documented system requirements and can securely communicate with the server nodes.

5.7 ClearML Enterprise Server #

 

Figure 3: ClearML Platform Architecture #

 

5.7.1 Preparation #

 

1. ClearML Enterprise Server provides ClearML Control Plane. Ensure that the cluster for the ClearML Enterprise Server consists of at least three nodes that meet these minimum specifications:

   • 8 vCPUs

   • 32 GB RAM

   • 500 GB storage

2. Be sure you have access to the Kubectl and Helm CLI tools.

3. Use a supported Kubernetes distribution, such as RKE2.

   At the time of publication, the minimum Kubernetes version is 1.23.0-0.

4. Ensure your cluster has access to the ClearML software dependencies via their Helm charts.

   At the time of publication, these include:

   • elasticsearch

   • mongodb

   • dragonfly

   To obtain a current list, log in to the ClearML Docker repository and issue the following command:

   helm show readme oci://docker.io/clearml/clearml-enterprise > file.md

   This will return output similar to:

   Repository	Name	Version
   https://helm.elastic.co	elasticsearch	8.5.1
   https://mongodb.github.io/helm-charts	mckMongodb(mongodb-kubernetes)	1.6.1
   oci://docker.io/bitnamicharts	mongodb	15.6.26
   oci://ghcr.io/drangonflydb/drangonfly/helm	drangonfly	v1.36.0

5. Provision or configure networking as follows:

   • Ingress controller

     An ingress controller (such as, nginx-ingress) is required. If exposing services externally, configure a load balancer (such as, MetalLB).

   • Port specification

     The designated nodes for the ClearML Control Plane servers and workers should be able to communicate through HTTP/S (TCP ports 80 and 443). Any additional ports to be used in the deployment (TCP sessions) should also be preconfigured (see Section 5.9, “ClearML Application Gateway”).

   • DNS configuration

     A domain with subdomain support is required (referred hereafter as "<BASE_DOMAIN>"), ideally with trusted TLS certificates. All entries must be resolvable by the ingress controller.

     Some example subdomains include:

     • Control Plane servers:

       • api.<BASE_DOMAIN>

       • app.<BASE_DOMAIN>

       • files.<BASE_DOMAIN>

     • Application Gateway:

       • router.<BASE_DOMAIN>

       • tcp-router.<BASE_DOMAIN> (optional, for TCP sessions)

   • For advanced deployments, configure a CNI.

   • For multi-tenant deployment, set up IdP per tenant.

   • Configure storage with:

     • a StorageClass to an accessible storage backend for the ClearML control plane

     • a PVC (ReadWriteMany policy) and PV for the ClearML workers

6. Configure the ClearML Artifactories.

   To install the different ClearML components, credentials to ClearML’s artifact repositories are required. The following are provided by the ClearML team:

   • DockerHub registry credentials (referenced hereafter as "<CLEARML_DOCKERHUB_TOKEN>")

5.7.2 Deploying the ClearML Control Plane #

 

The ClearML Control Plane is the back-end service infrastructure that allows multiple users to collaborate and manage their tasks by working seamlessly with the ClearML Python package and ClearML Agent.

For current, detailed installation guidance, refer to ClearML: Enterprise Server Kubernetes Deployment.

1. Login to the ClearML OCI registry

   helm registry login docker.io --username allegroaienterprise --password <CLEARML_DOCKERHUB_TOKEN>

   See https://clear.ml/docs/latest/docs/deploying_clearml/enterprise_deploy/k8s#installation

2. Configure deployment parameters.

   The installation procedure uses a tailored Helm chart to deploy the ClearML control plane components. Deployment-specific parameters are set through a custom clearml-values.override.yaml file.

   Create a clearml-values.override.yaml file with the baseline ClearML service settings as shown below. Be sure to replace the <BASE_DOMAIN> placeholders with the domain you have assigned to the cluster’s ingress controller. This will be the base domain for reaching your ClearML installation.

   imageCredentials:
     password: "<CLEARML_DOCKERHUB_TOKEN>"
   clearml:
     cookieDomain: "<BASE_DOMAIN>"
   apiserver:
     ingress:
       enabled: true
       hostName: "api.<BASE_DOMAIN>"
     service:
       type: ClusterIP
   fileserver:
     ingress:
       enabled: true
       hostName: "files.<BASE_DOMAIN>"
     service:
       type: ClusterIP
   webserver:
     ingress:
       enabled: true
       hostName: "app.<BASE_DOMAIN>"
     service:
       type: ClusterIP
   clearmlApplications:
     enabled: true

3. Enable a multi-tenant configuration.

   Establish an initial supervisor tenant with a supervisor user. This user will have the authority to create and remove other tenants, and access information across all tenants. Do this by updating the clearml-values.override.yaml with the following:

   apiserver:
     extraEnvs:
       - name: CLEARML__services__organization__features__user_management_advanced
         value: "true"
       - name: CLEARML__services__workers__resource_usages__supervisor_company
         value: "<SUPERVISOR_COMPANY_ID>"
       - name: CLEARML__secure__credentials__supervisor__role
         value: "system"
       - name: CLEARML__secure__credentials__supervisor__allow_login
         value: "true"
       - name: CLEARML__secure__credentials__supervisor__user_key
         value: "<SUPERVISOR_USER_KEY>"
       - name: CLEARML__secure__credentials__supervisor__user_secret
         value: "<SUPERVISOR_USER_SECRET>"
       - name: CLEARML__secure__credentials__supervisor__sec_groups
         value: "[\"users\", \"admins\", \"queue_admins\"]"
       - name: CLEARML__secure__credentials__supervisor__email
         value: "\"<SUPERVISOR_USER_EMAIL>\""
       - name: CLEARML__apiserver__company__unique_names
         value: "true"

   Be sure to replace <SUPERVISOR_COMPANY_ID>, <SUPERVISOR_USER_KEY>, <SUPERVISOR_USER_SECRET>, and <SUPERVISOR_USER_EMAIL> with desired values. The <SUPERVISOR_USER_KEY> and <SUPERVISOR_USER_SECRET> can be used to log in as the supervisor user to the ClearML Web UI at https://app.<BASE_DOMAIN.

   

   Note

   The <SUPERVISOR_USER_EMAIL> value must be explicitly quoted (for example, "\"email@example.com\"").

4. Install the ClearML Enterprise Control Plane using the configuration in your clearml-values.override.yaml.

   helm upgrade -i -n clearml clearml clearml-enterprise/clearml-enterprise --create-namespace -f clearml-values.override.yaml

5. Create a tenant.

   1. Using the values defined earlier, define environment variables for configuring the server via API.

      APISERVER_URL="https://api.<BASE_DOMAIN>"
      APISERVER_KEY="<SUPERVISOR_USER_KEY>"
      APISERVER_SECRET="<SUPERVISOR_USER_SECRET>"

   2. Call the API server with the tenant’s name.

      Be sure to replace <TENANT_NAME> in the command below with an appropriate value.

      curl $APISERVER_URL/system.create_company \
        -H "Content-Type: application/json" \
        -u $APISERVER_KEY:$APISERVER_SECRET \
        -d '{"name":"<TENANT_NAME>"}'

      After executing this command, the API returns the new tenant ID (<COMPANY_ID>).

   3. Validate tenant creation by listing existing tenants.

      curl -u $APISERVER_KEY:$APISERVER_SECRET $APISERVER_URL/system.get_companies

   4. Create a utility administrator user to facilitate tenant configuration.

      In the command below, replace <COMPANY_ID> with the value returned when creating the tenant. Also, replace <ADMIN_USER_NAME> and <ADMIN_USER_EMAIL> with suitable values.

      curl $APISERVER_URL/auth.create_user \
        -H "Content-Type: application/json" \
        -u $APISERVER_KEY:$APISERVER_SECRET \
        -d '{"name":"<ADMIN_USER_NAME>","company":"<COMPANY_ID>", \
           "email":"<ADMIN_USER_EMAIL>","role":"admin","internal":"true"}'

   5. Create utility API credentials for the administrator user.

      curl $APISERVER_URL/auth.create_credentials \
        -H "Content-Type: application/json" \
        -H "X-{cml}-Impersonate-As: <USER_ID>" \
        -u $APISERVER_KEY:$APISERVER_SECRET

      The returned key and secret pair can be used for additional API configuration of the tenant.

      

      Tip

      You can onboard users through an Identity Provider (IdP).

      ClearML supports a wide range of protocols and providers. In ClearML, each tenant is associated with its own IdP to authenticate and authorize access to the ClearML platform.

      Refer to ClearML Identity Providers for further information.

6. Verify installation of ClearML Enterprise Control Plane by opening a Web browser to https://app.<BASE_DOMAIN>.

   If the deployment is successful, you should see the ClearML login screen.

   

   Figure 4: ClearML login screen #

    

The test ClearML’s integration, users should:

ClearML’s experiment manager is the core of its AI Development Center. To start, either try a simple MNIST classifier example or run this code to perform LLM finetuning. All relevant information is captured and displayed by ClearML.

Pipeline Orchestration with ClearML - Based on this github example. Running the linked example on a configured clearml server would result in a similar pipeline visualization in the ClearML user interface. See cml Pipeline Orchestration documentation for more information.

ClearML’s Resource Configuration allows admins to set resource hierarchies, spillovers and quotas. To do that, admins need to configure the ClearML Agent to the topology configured in the ClearML user interface. For more information, see ClearML’s documentation.

This reference configuration outlines an opinionated yet flexible architecture for delivering an enterprise AI lifecycle management platform using SUSE AI integrated with ClearML. The solution establishes a standardized, Kubernetes-native foundation for running, managing, and governing AI workloads across on-premises, hybrid, and air-gapped environments.

By combining SUSE’s secure and supported infrastructure stack with ClearML’s AI workload orchestration and lifecycle management capabilities, the architecture addresses key enterprise requirements such as scalability, multi-tenancy, security, observability, and operational consistency. The result is a repeatable platform design that enables organizations to operationalize AI workloads reliably while maintaining control over data, infrastructure, and governance.

Copyright © 2006–2026 SUSE LLC and contributors. All rights reserved.

Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or (at your option) version 1.3; with the Invariant Section being this copyright notice and license. A copy of the license version 1.2 is included in the section entitled "GNU Free Documentation License".

SUSE, the SUSE logo and YaST are registered trademarks of SUSE LLC in the United States and other countries. For SUSE trademarks, see https://www.suse.com/company/legal/.

Linux is a registered trademark of Linus Torvalds. All other names or trademarks mentioned in this document may be trademarks or registered trademarks of their respective owners.

Documents published as part of the series SUSE Technical Reference Documentation have been contributed voluntarily by SUSE employees and third parties. They are meant to serve as examples of how particular actions can be performed. They have been compiled with utmost attention to detail. However, this does not guarantee complete accuracy. SUSE cannot verify that actions described in these documents do what is claimed or whether actions described have unintended consequences. SUSE LLC, its affiliates, the authors, and the translators may not be held liable for possible errors or the consequences thereof.

Copyright © 2000, 2001, 2002 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed.

The purpose of this License is to make a manual, textbook, or other functional and useful document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others.

This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software.

We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference.

This License applies to any manual or other work, in any medium, that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. Such a notice grants a world-wide, royalty-free license, unlimited in duration, to use that work under the conditions stated herein. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". You accept the license if you copy, modify or distribute the work in a way requiring permission under copyright law.

A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language.

A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document’s overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (Thus, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them.

The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. If a section does not fit the above definition of Secondary then it is not allowed to be designated as Invariant. The Document may contain zero Invariant Sections. If the Document does not identify any Invariant Sections then there are none.

The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A Front-Cover Text may be at most 5 words, and a Back-Cover Text may be at most 25 words.

A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, that is suitable for revising the document straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup, or absence of markup, has been arranged to thwart or discourage subsequent modification by readers is not Transparent. An image format is not Transparent if used for any substantial amount of text. A copy that is not "Transparent" is called "Opaque".

Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML, PostScript or PDF designed for human modification. Examples of transparent image formats include PNG, XCF and JPG. Opaque formats include proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML, PostScript or PDF produced by some word processors for output purposes only.

The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work’s title, preceding the beginning of the body of the text.

A section "Entitled XYZ" means a named subunit of the Document whose title either is precisely XYZ or contains XYZ in parentheses following text that translates XYZ in another language. (Here XYZ stands for a specific section name mentioned below, such as "Acknowledgements", "Dedications", "Endorsements", or "History".) To "Preserve the Title" of such a section when you modify the Document means that it remains a section "Entitled XYZ" according to this definition.

The Document may include Warranty Disclaimers next to the notice which states that this License applies to the Document. These Warranty Disclaimers are considered to be included by reference in this License, but only as regards disclaiming warranties: any other implication that these Warranty Disclaimers may have is void and has no effect on the meaning of this License.

You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3.

You may also lend copies, under the same conditions stated above, and you may publicly display copies.

If you publish printed copies (or copies in media that commonly have printed covers) of the Document, numbering more than 100, and the Document’s license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects.

If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages.

If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a computer-network location from which the general network-using public has access to download using public-standard network protocols a complete Transparent copy of the Document, free of added material. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public.

It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document.

You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version:

If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version’s license notice. These titles must be distinct from any other section titles.

You may add a section Entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties—​for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard.

You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one.

The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version.

You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice, and that you preserve all their Warranty Disclaimers.

The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work.

In the combination, you must combine any sections Entitled "History" in the various original documents, forming one section Entitled "History"; likewise combine any sections Entitled "Acknowledgements", and any sections Entitled "Dedications". You must delete all sections Entitled "Endorsements".

You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects.

You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document.

A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, is called an "aggregate" if the copyright resulting from the compilation is not used to limit the legal rights of the compilation’s users beyond what the individual works permit. When the Document is included in an aggregate, this License does not apply to the other works in the aggregate which are not themselves derivative works of the Document.

If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one half of the entire aggregate, the Document’s Cover Texts may be placed on covers that bracket the Document within the aggregate, or the electronic equivalent of covers if the Document is in electronic form. Otherwise they must appear on printed covers that bracket the whole aggregate.

Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License, and all the license notices in the Document, and any Warranty Disclaimers, provided that you also include the original English version of this License and the original versions of those notices and disclaimers. In case of a disagreement between the translation and the original version of this License or a notice or disclaimer, the original version will prevail.

If a section in the Document is Entitled "Acknowledgements", "Dedications", or "History", the requirement (section 4) to Preserve its Title (section 1) will typically require changing the actual title.

You may not copy, modify, sublicense, or distribute the Document except as expressly provided for under this License. Any other attempt to copy, modify, sublicense or distribute the Document is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance.

The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See http://www.gnu.org/copyleft/.

Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation.

Copyright (c) YEAR YOUR NAME.
   Permission is granted to copy, distribute and/or modify this document
   under the terms of the GNU Free Documentation License, Version 1.2
   or any later version published by the Free Software Foundation;
   with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts.
   A copy of the license is included in the section entitled “GNU
   Free Documentation License”.

If you have Invariant Sections, Front-Cover Texts and Back-Cover Texts, replace the “ with…​Texts.” line with this:

with the Invariant Sections being LIST THEIR TITLES, with the
   Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST.

If you have Invariant Sections without Cover Texts, or some other combination of the three, merge those two alternatives to suit the situation.

If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software.