Dirk-Peter van Leeuwen has been CEO at SUSE since May 2023. Since then, the IT world has been shaken by AI, open-source struggles and a forced search for cost savings. The SUSE CEO looks to the future with confidence, but: “Under pressure from competition, decisions are often made that are too easy.”
Van Leeuwen is referring to lock-in, which keeps rearing its head. Companies are continually opting for IT solutions that they will not be able to get rid of later. The best-known recent example is VMware, which has turned its licensing upside down since its takeover by Broadcom, with prices that have shocked SMEs. But elsewhere, too, parties are trying to exploit their acquired dominance for higher profits. The losers are the IT teams that suddenly have to knock on the management’s door for sky-high licensing costs.
In SUSE’s infrastructure world, the bogeyman is Red Hat. Last year, the company closed the source code to the widely used Red Hat Enterprise Linux (RHEL). This was to the great concern and annoyance of the open source community, which gratefully took advantage of free RHEL alternatives that built on Red Hat’s fieldwork. CentOS Linux, Red Hat’s free RHEL variant, was used twenty times as much as the paid RHEL, but that distribution has since been discontinued. Alternatives such as Alma Linux and Rocky Linux had to fork, while SUSE announced it would do the same with a ten million dollar investment. To top it all off, Red Hat ended support for RHEL 7 as of June 30 of this year. However, SUSE has since offered a way out for all RHEL and CentOS users.
Customer philosophy
Those currently running CentOS or RHEL 7 can purchase support from SUSE. SUSE Liberty Linux, the “no-migration” replacement for the Red Hat-based OS, will seamlessly take over RHEL’s critical enterprise role with extended support. Thanks to SUSE, CentOS 7 will remain usable until June 30, 2028; enough time to think about migrations in peace.
The exact end date and supported distributions aside, SUSE simply has a different philosophy for its own customer base. Ending support often throws organizations’ roadmaps into disarray, Van Leeuwen says. He points out that organizations may want to be fully cloud-native within two years, but are forced to disrupt stable infrastructure. “That’s completely unnecessary. I see that frustration regularly, and people are looking for an alternative. We are that alternative.”
The “RHEL commotion” was also the right moment to guarantee freedom of choice, according to Van Leeuwen. “The principle of open source is that you don’t pay for the intellectual property, but for the services and support, which are important to make it work. In this industry, only a small number of companies can do that.” Also, shutting down Red Hat was suddenly a good test to test the dependency on it, a phenomenon that was emphatically repeated for many organizations when the VMware shifts began. In the case of RHEL, the open source world saves the IT community from too many problems.
Those who still need convincing can take a look at SUSE’s track record. For example, the company has been working with car manufacturer BMW since 2007, and Deutsche Bank recently announced that it is entrusting support for its own Red Hat environment to SUSE. “That means they don’t have to do upgrades when Red Hat wants them to,” says Van Leeuwen.
Incidentally, he points out that Red Hat is exaggerating a bit. When it announced that it would close RHEL to third parties, Principal Specialist Solution Architect at Red Hat Magnus Glantz complained about the “free beer” that a party like Rocky Linux would claim. Van Leeuwen indicates that SUSE actually makes proportionally more contributions to open source and Linux than Red Hat. The contributions are comparable, while SUSE only had 2,300 employees in 2023 and Red Hat, according to its own count, 19,000. “Red Hat’s success also owes it to the fact that it is open source.”
SUSE YOU
As mentioned, organizations are repeating the same mistakes with choices that lead to lock-in. Right now, it’s all about AI choices, often based on hype instead of nuance. There are many “AI-like” solutions, says Van Leeuwen, “but we just called that automation.”
SUSE’s AI approach has now been mapped out under the unsurprising name SUSE AI. It includes an architectural strategy, a vision for a mature private AI approach, but not really a product. That’s how we described it when it was announced at SUSECON in June. Was it right to see it that way? “That was kind of the intention,” says Van Leeuwen. “My vision for the company was: we are an infrastructure player, so we shouldn’t become an AI app developer. We want to provide infrastructure on which everything runs best, most securely and most stable. Then you can’t ignore AI. AI workloads are the workloads of the future and we have to respond to that. We have the tools to run AI safely.”
Currently, SUSE has around 30 customers testing the SUSE AI architecture. Key to this is deep packet inspection, which checks whether data moving over the network is sensitive. This is an existing data security technique that is already used for other workloads.
Open standards
The primary interest in SUSE AI is the same for SUSE as elsewhere. While the company is naturally keen to help companies with its own products, it also supports other people’s solutions. “There are customers who barely use SUSE but do use SUSE Manager to manage all their other solutions.” There is help to switch to SUSE products, “but that is a somewhat larger migration. We give customers the opportunity to buy the time they need, and then we help them on a stable path to the future.”
That future? One that embraces open standards. That is already happening, says Van Leeuwen. For example, the Linux ecosystem is open enough to allow organizations to run dozens of different distributions in production at the same time. “Nobody runs just one Linux distribution or Kubernetes service.” That is because Linux can run in all kinds of infrastructures with different system requirements. For example, SUSE itself offers SUSE Linux Enterprise Server (SLES) for data centers, while SLE Micro can be started with just 1GB of RAM.
Ultimately, this freedom of choice works out well for the end user. Van Leeuwen uses the mobile phone as a historical example. “In the early days of the telephone, you were given a number by your provider. If you wanted to switch, you needed a new number and probably a different phone. Now, switching is possible within a few seconds via eSIM and you take all your data with you.” That philosophy did not exist in the software world for a long time, says Van Leeuwen. “We now provide that experience.”
And is it also safe?
A potential question mark for companies: is open source vulnerable to hackers with staying power? Not the open source flavor that SUSE offers, says Van Leeuwen. The backdoor that a malicious person wanted to put in compression tool xz was blocked at the last minute. Xz is widely used in Linux distributions, but never ended up in a SUSE distro. “That speaks for the commercial side of open source. Customers can say to us: I use open source software, but I will pay a vendor to ensure that I can use it safely and business-critical.”
Therein lies a strength of open source, Van Leeuwen claims. Approval of new code within open source projects requires the scrutiny of many members of the community. “People with the wrong intentions also look at it. If I tell you in detail how the lock of my house works and you still can’t open it, that’s safer than if a burglar happens to know how to open your lock.” This leads Van Leeuwen to an unambiguous conclusion: “If you want secure software, it has to be open source.”
The danger can come from a closed corner. The global IT outage caused by a CrowdStrike update is still fresh in the memory. Allowing a single company to change your infrastructure without their own involvement results in “a huge exposure to problems”, according to Van Leeuwen.
Speaking of such a failure: that should not be possible with SUSE operating systems. It uses a filesystem that is different from the norm for booting the OS. Btrfs has “self-healing” functionality by detecting a bad update or patch – it then automatically rolls back to a previously working version. So even a blunder by a third party would never bring down a SUSE Linux distribution.
Conclusion
Open source is versatile, but in the enterprise IT context it is sometimes portrayed very negatively. In discussions about this, a distinction is rarely made between unsupported and supported. You can always expect SUSE to have performed the required checks, says Van Leeuwen. With the added advantage that you can simply check it. That is the power of the SUSE story, which can guarantee that you can also walk away from it with peace of mind.
Not many organizations will just do that. Not only because infrastructure choices are intended for the long term, but precisely because SUSE is as little of an obstacle as possible. Whether it concerns its own Kubernetes software Rancher, Linux distributions or container security NeuVector Prime: they can all be combined with or replaced by other open-source options. Their vendors must therefore cooperate. Van Leeuwen sees that the dream of the hybrid cloud, being able to run workloads wherever you want, is still being held back by idiosyncratic hyperscalers and closed-source, non-interoperable tools.
The only way to find a solution in this area is to give customers an alternative. SUSE is not alone in this, as has already been proven. Just look at the united front of tech companies that, unlike Nvidia, is pushing for open standards regarding AI infrastructure. It is comparable to the battle cry of SUSE and other open-source players in resistance to Red Hat mid-last year. Many vendors have now realized that closed systems will not always prevail in 2024. SUSE has been aware of this for considerably longer.
Also read: SUSE AI: now a vision, later a product
