Novell beefs software appliance kit
How to harden SUSE Linux
Novell says that its SUSE Appliance Toolkit is ready for primetime.
Today, the company released an expanded version of the kit - used to create software appliances based on the SUSE distribution of Linux - giving software vendors and corporations a set of tools that were missing from the appliance making service SUSE Studio and the initial release of the Appliance Toolkit.
SUSE Studio Online went into alpha in February 2009 without any management tools, and last July, when the Toolkit debuted, several of the key tools that ISVs and companies needed to use the tool were missing. Nonetheless, Matt Richards - senior program manager for the appliance program at Novell - estimates that some 110,000 unique SUSE Linux-based appliances have been created using SUSE Studio Online in that time, and about 1.4 million appliances created using the tool have been downloaded.
"We have seen just a tremendous uptake for Studio Online," Richards says, but it hasn't been a big money maker for Novell. "Now that we have the updated tools, this is where we are going to start to see the revenue uptick."
Not many ISVs and very few corporations want to use an online service to build the software stacks they deploy in production, and so Novell has announced the SUSE Studio Onsite, a local version of the appliance-making kit that companies can deploy on their own servers behind their own firewalls.
The SUSE Lifecycle Management Server, which manages the software license entitlements for appliances as well as patching and which was promised last summer, ships today too. Up until now, those making software appliances with the SUSE Studio tool had to come up with their own mechanisms for keeping track of licenses (important for helping ISVs and therefore Novell figure out what to charge for support contracts) and do their own patching.
The Appliance Toolkit also gets the promised WebYast module, which allows ISVs and corporate appliance makers to create their own configuration modules for SUSE Linux and the application stack in the appliances they make as well as allowing for remote configuration and management of a deployed software appliance.
SUSE Studio Online, SUSE Studio Onsite, and the Appliance Toolkit are free to ISVs building appliances for resale, but ISVs are expected to charge their customers for front end support and negotiate back end support from Novell when they sell their appliances. (This is all about making money, after all).
If corporations want to use the SUSE Studio Onsite and Appliance Toolkit to spin up Linux-based appliances, they have to pay $100,000 to get the tools and a $25,000 annual maintenance contract and then pay for SUSE Linux support contracts as they deploy appliances internally. Companies can, of course, use the freebie Studio Online appliance maker and toolkit and self-support their Linuxes.
With Red Hat having the dominant share of running Linuxes in corporations - here are no hard numbers for this, just a relative reckoning based on the respective support streams for RHEL and SLES - you might be thinking that Novell would be tempted to be inclusive with SUSE Online and the Appliance Toolkit, much as it was with the Open Build Service, which debuted in April 2006 for packaging up spins of the openSUSE development Linux and which was extended to support the spinning up of RHEL, CentOS, and Ubuntu instances throughout 2008.
Forget that idea.
"The business model here is to drive SUSE Linux and subscriptions for SUSE Linux Enterprise," says Richards. Of course, the whole point of the appliance business is that customers may not know - or care - that they are buying Linux. "Customers are buying a solution, such as QuickBooks on Lotus Foundations hardware appliances, not an operating system. This solution has an operating system, of course, but that is not what the customers care about. They just want QuickBooks."
Well, they care when an operating system crashes, and they certainly care that the price of the hardware/software appliance is as low as possible.
In a separate announcement, Trusted Computer Solutions, which peddles a tool called Security Blanket to harden the security of operating systems, now supports SUSE Linux 11 and openSUSE 11.
Security Blanket already supported the automatic assessing and locking down of security features on Red Hat Fedora 10 and Enterprise Linux 4 and 5, as well as the RHEL clones, CentOS 4 and 5 and Oracle Enterprise Linux 4 and 5 and Sun Microsystems' Solaris 10 (both x64 and Sparc versions). It adheres to various security standards from the Center for Internet Security (CIS), the Defense Information Systems Agency (DISA) Unix Security Implementation Technical Guide (STIGS), the SANS) Institute, the Payment Card Industry Data Security Standard, Director of Central Intelligence Directive (DCID) 6/3, and a number of other US government security procedures for systems. ®
Sponsored: Benefits from the lessons learned in HPC