Technology has layers. A lot like the ogre’s onion analogy in Shrek, technology comes in layers because we have an upper front-end user interface layer, a middleware connectivity layer and a lower substrate back-end, all of which must function in beautiful harmony if we are to enjoy apps the way we want them. We can classify technology stacks into tiers that extend beyond those three basic forms, but you get the point i.e. the modern digital stack is a fabric of interlaced services, functions, computing resources and threads.
It’s not hard to extend the fabric analogy further, when we need to fix tears, breaks, misconfigurations and frailties in our IT systems today, we talk about ‘patching’ with application code designed to remediate, update and obviate the risk of an IT service becoming further degraded, less function or (at worst) compromized from a security perspective.
A trend report sponsored by enterprise-grade open source company SUSE this year suggested that more than 88% of respondents reported experiencing more than one cloud-related security incident in the past year. Whether it’s half that figure or somewhere in between isn’t that important, the fact is that cloud-centric digital systems are expanding and – therefore – SUSE says it continues to build out its infrastructure security stack to ensure that customers, partners and open source communities can safely run their application workloads no matter if it’s in the cloud, in the edge or in datacenters to make their business more resilient.
“Every enterprise must maximize its business resilience to face increasingly sophisticated and potentially devastating, digital attacks,” said Dr. Thomas Di Giacomo, chief technology and product officer of SUSE. “That means they need to get serious about the security posture of their complex workloads, particularly AI/ML platforms where the protection of customer data is under intense scrutiny. SUSE’s approach to supply chain security along with the latest announcements allows customers to safely adapt the advantages of a cloud-native world and to secure their digital business.
Live patching, no needles required
The latest version of the company’s SUSE Linux Enterprise 15 platform is denoted by the perhaps less-than-snappily titled Service Pack 5 (SLE 15 SP5) nametag. This is technology designed to deliver the high-performance computing capabilities essential for AI/ML workloads – and this iteration of the platform of course works in lockstep with Rancher (which SUSE bought in 2020) a widely adopted Kubernetes platform. Because this platform now extends the company’s Live Patching capabilities, the suggestion from SUSE is that this is a leg up to improve business continuity, security and legislative compliance.
Platform-level progressions of this sort normally reflect major technology industry trends, movements and (let’s be honest) innovation hype cycles.
Among the motivators driving this new Linux distribution are the technology’s ability to support the spectrum of so-called Confidential Computing, an approach secure customer data management where information is processed in the public cloud and at the Internet of Things (IoT) edge. This is said to allow organizations to run fully encrypted virtual machines (VMs) in any computing environment. As such, SLES 15 SP5 supports the latest microprocessor chipset innovations from AMD, Arm, IBM and Intel.
“Sustainably and securely meeting cloud computing performance demands requires energy-efficient, specialized processing alongside a strong software ecosystem. Our ongoing work with SUSE to expand the SUSE Linux Enterprise portfolio enables the Arm ecosystem to bring their innovative solutions to market faster on a well-established operating system (OS) like SLE Micro, with confidence in security proven by its achieving PSA Certified Level 1,” said Andrew Wafaa, senior director of software communities, Arm.
SUSE’s report also found that 88% of respondents (there’s that same figure again) agreed with the proposition that their teams would locate, proliferate and mitigate more application and data workloads in cloud environments and at the IoT edge if they could be more certain that their data couldn’t be tampered with. To ensure customers and partners are protected, Rancher by SUSE builds off its spring 2023 launch with new security-focused product updates that include optimized storage, support for hardened VMs and improved vulnerability and compliance management.
Among the many developments in this release, the company notes that Adaptable Linux (ALP) brings enterprise Linux forward into modern cloud environments by evolving to a more ‘modular Linux’, running containerized and virtualized workloads.
“SUSE ALP is an open source project that provides self-healing and self-management, executing tasks affecting both the OS and the container layer. This allows users to focus on their workloads while abstracting from hardware and applications brings enterprise Linux forward into modern cloud environments by evolving to a modular Linux, running containerized and virtualized workloads. SUSE ALP is an open source project that provides self-healing and self-management, executing tasks affecting both the OS and the container layer. This allows users to focus on their workloads while abstracting from hardware and applications,” notes SUSE, in a platform specifications document.
Pizza-grade open source credentials
Overall, we know that enterprise grade open source is getting stronger, enjoying more widespread deployment and being maintained, supported and extended – plus of course patched and augmented – in ways that we would not have seen around the turn of the millennium.
SUSE claims and promises to be ‘putting the open back in open source’ and its industry events are indeed fully populated by hard-core software programming engineers (wearing shorts in winter, consuming pizza & soda, occaisionally dying their hair green to match SUSE’s corporate colors – the stereotype is alive and well, but is now geek-chic and commands respect) that would quickly call out any form of team development established on anything other than a fair system of meritocracy and effort.
That said, SUSE is still a commercial enterprise and will want to sell enterprise contracts to support business-critical Linux use cases that come with a side order of enterprise container management and edge solutions that fall in line with partner-connected deals and more. But why not? That’s fine, as long as the open heart is pure and we know it is in this case – and that goes for patches of patching work too.
Despite their popularization among millennials and Gen-Z types, developers might not be taking up sewing or knitting anytime soon, not unless it weaves through a Linux kernel.
Read the full article here