SUSE Pairs Well With Xen

Review: Virtualization capabilities shore up Novell's already-solid Linux Enterprise Server

On the strength of its broad platform support, approachable configuration tools, estimable set of vendor certifications and solid support options, Novells SUSE Linux Enterprise Server has earned a reputation as a safe choice for Linux at enterprise sites.

SLES 10, which Novell began shipping this summer, continues in this vein. It also adds to the mix Xen virtualization capabilities, which, while clearly still on the road to maturity, fit in well with the distribution and add a new deployment and management arrow to the SLES administrators quiver.

Current SLES shops should take the new release for a spin and consider whether an upgrade makes sense. Administrators should place particular focus on compatibility between their current SLES 9-hosted applications and SLES 10s Xen virtualization and lockdown technologies.

SLES 10 also is well worth considering at sites in search of a well-supported and popular Linux distribution on which to build their infrastructure.

SLES 10 supports x86 platforms as well as Advanced Micro Devices Athlon 64 and Opteron; Intels EM64T (Extended Memory 64 Technology) and Itanium II; and IBMs PowerPC and zSeries. eWeek Labs tested the 32-bit version of SLES on a single-processor Athlon 64 system with 1GB of RAM, and we tested the 64-bit version of the operating system on a dual-processor Opteron system.

For x86, AMD64, EM64T, Itanium II and IBM PowerPC platforms, a one-year SLES 10 subscription costs $349 for a basic support plan, $799 for a standard support plan and $1,499 for a priority support plan. Three-year versions of each plan cost $873, $1,998 and $3,748, respectively. (For more on SLES 10 pricing, see

In general, SLES 10s pricing is comparable to that of Red Hats RHEL (Red Hat Enterprise Linux).

Xen Virtualization

The biggest new addition on the sles software-hosting front is Xen, the open-source virtualization technology behind which Novell, Red Hat and other prominent systems vendors have thrown their weight.

During tests, eWeek Labs found that Novell has tightened up the Xen configuration module thats built into SLES suite of configuration tools, Yast. We installed versions of SUSE in our Xen virtual machines and found that the installations ran smoothly when we prepared for them by first using SLES installation server feature to create install sources. We did this for the x86-64 and x86 versions of SLES, as well as for an alpha release of OpenSUSE 10.2.

The SLES installation server setup tool gave us the option of hosting our install source via NFS (Network File System), HTTP or FTP. After specifying a folder in which to place the install source—and providing pointers to the distributions installation ISO images—we were up and running and ready to reel off new installs on physical hardware, as well as on Xen and VMware systems.

SLES 10s Yast Xen module did a good job of guiding us through the installations we created, although it didnt offer much help after the installations were complete. The tool allowed us to stop, start and delete our Xen VMs, as well as launch a terminal window through which we could interact with the VMs. Wed like to see Novell add resource monitoring and allocation features to the tool, as well as support for cloning VMs and migrating them from physical hosts.

We hit one snag while completing setup for a Xen VM wed installed as a LAMP (Linux, Apache, MySQL and PHP) server: The terminal window through which we were interacting with our VM stopped registering the backspace key, and we ended up restarting the VM to complete its configuration.

Broad Support

Novell maintains a hardware compatibility list for its products, including SLES 10, at Across the platforms on which SLES 10 runs, we found 579 support bulletins. Of th-ose bulletins, 124 were for Hewlett-Packard systems, 305 for IBM systems and 87 for Dell systems.

Browsing through the SLES 10 hardware compatibility list, we found that the SLES platform with the most certifications was x86-64. (Dell, for instance, certifies SLES 10 only on this platform.) We also were interested to find that HP offered the most certifications for Xen on x86 and x86-64 platforms.

Running SLES as a Xen host involves running a Xen-enabled SLES kernel (as opposed to the default SLES kernel), which adds a bit of a support wrinkle. The Xen project and VMware, along with the Linux kernel project, are working to develop a virtualization interface within the kernel that is intended to enable virtualization systems to run atop a single kernel. This would make for a simpler support and certification path for vendors.

Like RHEL 5, SLES 10 is in the midst of a change in the software framework that it employs for adding, removing and updating software packages.

As we saw in our tests of Novells OpenSUSE 10.1 and SLED (SUSE Linux Enterprise Desktop) 10, Novell is moving to integrate the software management pieces once known as Red Carpet, which Novell acquired when it purchased Ximian.

The SLES 10 software tools worked acceptably for us, but we found them a bit slow when adding new network software repositories.

Lockdown Capabilities

SLES 10 ships with apparmor, novells relatively easy-to-use application security framework that has impressed us in past reviews of the technology.

During tests, AppArmor made it fairly easy to create profiles to limit applications to only the privileges required to get their jobs done—which, in turn, limits the scope of damage that subverted or otherwise out-of-control software can wreak.

RHEL distributions ship with a similar capability, in the form of SELinux (Security-Enhanced Linux). However, while SELinuxs enforcement policies can be tricky to create and modify, profile creation in AppArmor is pretty straightforward. AppArmors learning mode tracks the resources and capabilities a given application accesses during normal operation, forming the basis of AppArmors profiles.

On-The-Job Training

Standard and priority subscriptions to SLES 10 come with a self-training program that covers SLES 10 fundamentals for administrators new to Linux. Novell offers a handful of other training programs for purchase, as outlined at

We were fairly pleased with the documentation that ships with SLES 10 and is available through the help browser thats built into the GNOME desktop environment to which SLES defaults.

Theres also a good deal of documentation on Novells Web site. However, as we found with Novells SLED 10 forums, SLES 10s forums are lightly trafficked. Were still looking for a fruitful point of contact with other SLES users.

Advanced Technologies Analyst Jason Brooks can be reached at

Evaluation Shortlist

Microsofts Windows Server 2003
Offers good software support and rather approachable management tools (

Red Hats RHEL 4
Enjoys broad software, hardware and processor architecture support (

Sun Microsystems Solaris 10
Sports very good virtualization support through its Containers feature, along with good x86-64 support (