Dirk-Peter van Leeuwen has been CEO of SUSE since May 2023. Since then, AI, open source battles and massive cost-cutting campaigns have shaken up the IT world. The SUSE CEO is confident about the future, but: “Under competitive pressure, decisions are often made without sufficient care.”
Van Leeuwen is referring to the recurring dependence on a particular provider. Companies repeatedly opt for IT solutions that they cannot get rid of in the long term. The most well-known recent example is VMware, which has caused a stir since its takeover by Broadcom with license changes that mean horrendous sums for smaller companies. But elsewhere too, the parties are trying to exploit their acquired dominance to increase profit margins. The losers are the IT teams, who suddenly have to knock on management’s door to get money for horrendous license fees.
In the infrastructure world of SUSE, Red Hat is currently the slightly less derided bogeyman. Last year, the company dropped the source code of the widely used Red Hat Enterprise Linux (RHEL) – much to the concern and annoyance of the open source community, which gratefully used free RHEL alternatives based on Red Hat’s work. CentOS Linux, Red Hat’s free RHEL variant, was used 20 times more than the paid RHEL, but that distribution has since been discontinued. Alternatives like Alma Linux and Rocky Linux were forced to fork, while SUSE announced it would do the same with a $10 million investment. To make matters worse, Red Hat has ended support for RHEL 7 as of June 30 of this year. However, SUSE has since offered all RHEL and CentOS users a way out.
Customer philosophy
Those currently using CentOS or RHEL 7 can purchase additional years of support from SUSE. SUSE Liberty Linux, the “migration-free” replacement for the Red Hat-based operating system, easily takes on RHEL’s critical enterprise role and offers additional years of support. Thanks to SUSE, CentOS 7 will remain safe to use until June 30, 2028, giving end users plenty of time to think about migrations at their own pace.
From a higher perspective, SUSE simply has a different philosophy for its own customer base than companies like Red Hat. Ending support often disrupts companies’ roadmaps, argues Van Leeuwen. He says companies may want to be fully cloud-native within two years but are forced to disrupt their stable infrastructure before taking the leap. “It’s just not necessary. I see that frustration on a regular basis and people are looking for an alternative. We are that alternative.”
According to Van Leeuwen, the RHEL disruption was also the right time to ensure freedom of choice. “The principle of open source is that you don’t pay for the intellectual property, but for the services and support that are important to keep it running. In this industry, few companies can do that.” Moreover, Red Hat’s shutdown of RHEL suddenly became a good test of organizational dependency. This was a phenomenon that was emphatically repeated for many companies when the VMware transitions began. In the case of RHEL, the open source world spares the IT community most of the pain.
If you’re not convinced yet, look at SUSE’s track record. For example, the company has been working with car brand BMW since 2007, and Deutsche Bank recently announced that it is entrusting SUSE with the support of its own Red Hat environment. “This means they don’t have to upgrade when Red Hat asks them to,” says Van Leeuwen.
He notes, by the way, that Red Hat is exaggerating a bit in its strategy shift to RHEL. When the company announced it would shut down RHEL for third parties, Magnus Glantz, Principal Specialist Solution Architect at Red Hat, complained about the “free beer” that a party like Rocky Linux would demand. Van Leeuwen points out that SUSE actually makes proportionally more contributions to open source and Linux than Red Hat. In fact, the contributions are similar, while SUSE had only 2,300 employees in 2023 and Red Hat says it currently employs 19,000. “Red Hat’s success is also due to the fact that it is open source,” he says.
SUSE AI
As mentioned, companies are repeating the same mistakes in decisions that lead to retention. Right now, that may revolve around AI decisions based on hype rather than nuance. There are many “AI-like” solutions, Van Leeuwen said, “but until now we just called that automation.”
SUSE’s AI approach has now been laid out under the unsurprising name SUSE AI. It includes an architectural strategy, a vision of a mature private AI approach, but no actual product. That’s how we described it when SUSE announced it at SUSECON in June. Was it right to see it that way? “That was kind of the intention,” says Van Leeuwen. “My vision for the company was: we are an infrastructure player, so we shouldn’t become an AI app developer. We want to provide an infrastructure on which everything runs best, on which it is most secure and stable. That means you can’t ignore AI. AI workloads are the workloads of the future and we need to capitalize on that. We have the tools to run AI safely.”
Currently, about 30 SUSE customers are testing the SUSE AI architecture, which relies on deep packet inspection to verify that data transmitted over the network is confidential. This is an existing data security technique that is already used for other workloads.
Open standards
The goal around SUSE AI is the same at SUSE as it is elsewhere. While the company is of course happy to help companies transition to SUSE’s own offerings, it also supports the solutions of others. “There are customers who barely use SUSE but use SUSE Manager to manage all their other solutions.” Help with switching to SUSE products is available, “but that’s a bit of a bigger migration. We give customers the opportunity to buy the time they need and then help them on a stable path to the future.”
That future? One that embraces open standards. And that’s already happening, Van Leeuwen claims. For example, the Linux ecosystem is so open that companies can run dozens of different distributions in production at the same time. “Nobody uses just one Linux distribution or one Kubernetes service,” he says. That’s because Linux can run on all sorts of infrastructures with different system requirements. For example, SUSE itself offers SUSE Linux Enterprise Server (SLES) for data centers, while SLE Micro can run with as little as 1GB of RAM.
This freedom of choice ultimately benefits the end user. Van Leeuwen cites the mobile phone as a historical example. “In the early days of the mobile phone, you were assigned a number by your provider. If you wanted to switch, you needed a new number and probably a different phone. Today, you can switch within seconds using an eSIM and you take all your data with you.” This philosophy has not existed at all in the software world for a long time, says Van Leeuwen. “Now we offer this experience.”
And is it safe?
A possible question mark for companies: Is open source vulnerable to hackers penetrating its ecosystem? Not the kind of open source that SUSE offers, argues Van Leeuwen. The backdoor that a threat actor wanted to build into the compression tool xz was blocked just in time. Xz is widely used in Linux distributions but never ended up in a SUSE distribution. “That speaks to the commercial side of open source. Customers can tell us: ‘I use open source software, but I’m going to pay a vendor to make sure I can use it securely and mission-critically.'”
This is precisely the strength of open source, says Van Leeuwen. Releasing new code in open source projects requires cleanup by many members of the community. “Even people with bad intentions look at it. If I explain to you in detail how the lock on my house works and you still can’t open it, that’s safer than if a burglar happens to know how your lock works.” Van Leeuwen comes to a clear conclusion: “If you want secure software, it has to be open source.”
In addition, the danger can also come from closed source companies. The global IT outage caused by a CrowdStrike update is still with us. Allowing a single company to change its own infrastructure without having any influence on what is happening poses “a huge risk of problems,” says Van Leeuwen.
Speaking of updates causing problems, that shouldn’t be possible with SUSE operating systems. It uses a file system that is different from the standard one to boot the operating system. Btrfs has a “self-healing” feature by detecting a bad update or patch and then automatically rolling back to a previously working version. Therefore, even a third-party bug would never affect a SUSE Linux distribution.
Diploma
Open source is versatile, but is sometimes portrayed in a very negative light in the context of corporate IT. Such portrayals urgently need to be clarified: a distinction between unsupported and supported open source is essential, for example. SUSE can guarantee that the necessary checks have been carried out, says Van Leeuwen. The added advantage is that you can also easily check the code yourself. Therein lies the strength of the SUSE story, which can guarantee that you can also walk away with peace of mind.
Not many organizations will do that, and if they did, it wouldn’t be a quick process given the infrastructure requirements involved. It doesn’t matter whether it’s SUSE’s own Kubernetes software Rancher, its Linux distributions, or its container security solution NeuVector Prime: everything can be combined with or replaced by other open source options. Your vendors will therefore need to work together to make that choice happen. Van Leeuwen sees that the dream of the hybrid cloud, where you can run workloads wherever you want, is still held back by proprietary hyperscalers and closed source tools with no interoperability.
The only way to achieve resolution in this area is to offer customers an alternative. SUSE is not alone in this regard. One only has to look at the united front of technology companies that, unlike Nvidia, are pushing open standards for AI infrastructure. This is similar to the battle cry voiced by SUSE and other open source companies against Red Hat in the middle of last year. Many vendors have now realized that closed systems are not built to last in 2024. SUSE has long been aware of this fact, and time is on its side.
Read also: SUSE AI: A vision now, a product later
