Follow ZDNET: Add us as a preferred source on Google.
ZDNET’s key takeaways
- SLES 16 comes with model context protocol built in.
- The new enterprise distro is digital sovereignty-ready.
- This impressive upgrade introduces many changes and new features.
Lots of companies are announcing AI this and AI that, but few of them offer more than new AI lipstick on an old pig when you look at them closely. Then, there’s what SUSE is doing with its release of SUSE Linux Enterprise Server 16 (SLES 16), available today. This new version is positioned as an AI-ready operating system tailored to the demands of today’s hybrid cloud, data center, and edge computing environments.
Also: You can get Nvidia’s CUDA on three popular enterprise Linux distros now – why it matters
SLES 16’s most significant AI component is a technology preview of a built-in model context protocol (MCP) host. MCP has become the agentic generation of AI-powered applications. Developed as an open standard by Anthropic in late 2024, MCP is built to seamlessly and securely connect large language models (LLMs) and AI agents to the vast, ever-changing landscape of real-world data, tools, and services.
Additionally, the release features built-in support for GPU acceleration, the latest Nvidia CUDA toolkit, and enhanced container and Kubernetes management for large-scale, compute-intensive deployments. In short, it’s an AI-ready Linux distribution.
SUSE: The European Linux for digital sovereignty
In addition, SUSE is backing this new release up with its Sovereign Premium Support (SPS) package. This comprehensive support service is designed to meet the growing demand for digital sovereignty. Specifically, SPS is designed for enterprises and organizations that require strict data residency, privacy, and operational control within the EU. The service ensures that:
- All support personnel and data are based in the EU, with named premium support engineers and service delivery managers assigned to each customer.
- Customer support data is stored exclusively on EU-located networks and servers, addressing both regulatory and geopolitical concerns.
- Access to sensitive data is strictly limited to EU-based staff, with a commitment to encrypting all data required for troubleshooting.
To reinforce sovereignty, SUSE has partnered with Exoscale, a leading European cloud provider, allowing businesses to deploy SLES on Exoscale’s secure, EU-compliant cloud environment. This effort will enable organizations to maintain local data control while leveraging trusted, open-source solutions. As Exoscale CEO Mathias Nöbauer explained, “Digital sovereignty is no longer a niche requirement; it’s a fundamental business necessity for European companies.“
SUSE has also allied with AI & Partners to support compliance with the EU AI Act, combining infrastructure and regulatory technology for sectors such as finance and healthcare. “Beneath the surface of any AI platform lies the infrastructure of trust: secure infrastructure and auditable operations. That is what powers safe, cloud native AI,” said Abhinav Puri, SUSE’s VP and GM of Portfolio Solutions and Services.
Also: I tested 3 Snapdragon X Windows laptops this year – and found 3 big issues
Finally, SUSE has joined the EuroStack initiative. This is a policy and funding coalition focused on developing European digital infrastructure, encompassing cloud, AI, and connectivity platforms. This move aligns SUSE with the broader EU strategy for open-source-based digital sovereignty.
What’s under the SLES 16 hood?
While all this should catch the attention of anyone who values digital sovereignty or wants to run AI on their own hardware, SLES 16 may have the most dramatic changes of any SLES release to date.
It starts with the installation. SUSE has finally dropped its YaST installer for the new Agama installer. Agama enables local and remote deployment via browser, is written in Rust for enhanced memory safety, and maintains compatibility with AutoYaST profiles for seamless migration from existing AutoYaST profiles.
Also: 5 obscure Linux distros you’ve probably never heard of – but should definitely try
SLES 16 also debuts its new Adaptable Linux Platform, which separates the host Linux from the application layer. This is being done to avoid the age-old Linux problem of dependency hell. Within its decoupling of applications and their dependencies from the operating system, you can use the latest version, even the beta, if you need it for development, while continuing to support old versions of your application on a more stable version for production. This also enables simplified updates and better consistency in deployment across diverse environments.
The new distro has also adopted the UsrEtc model for configuration files. That means distributor defaults now reside in /usr, while local administrator customizations now live in /etc/example.conf.d/*.conf. This separation makes updates cleaner and finally eliminates the long-standing problem of managing .rpmsave and .rpmnew files.
There have also been significant changes to SLES’s default programs:
- Networking: NetworkManager is now the sole networking stack, replacing wicked.
- Firewall: NFTables is now the default, replacing IPTables.
- DHCP: KEA DHCP replaces the older ISC DHCP server.
- Virtualization: SLES 16 focuses exclusively on KVM as the general-purpose hypervisor. The Xen hypervisor has been removed.
- Key-value store: Valkey, the community-driven fork, replaces Redis.
- Display server: Wayland replaces the X.org server as the default, though support for X11 applications remains.
The latest SLES also boasts a new security approach. SLES 16 has transitioned from AppArmor to SELinux as the default mandatory access control (MAC) framework, with SELinux enabled in enforcing mode by default. The new SLES’s SELinux comes with over 440 policy modules, allowing you to get started with ready-to-run, robust coverage for your enterprise security needs.
Also: The easiest way to protect your Linux PC from disaster – no backup needed
SLES 16 also features post-quantum cryptography (PQC) algorithms. This proactively protects data against “Harvest now, decrypt later” attacks, where adversaries may store encrypted data today to decrypt it with quantum computers in the future. (If you don’t think you need to worry about this, think again. It will happen. And it may not take that long.)
Linux also has new management tools. For hands-on server management, SLES 16 has shifted from YaST2 to Cockpit. System administrators from the Red Hat universe will recognize Cockpit at a glance, but new users should know it’s an easy-to-use, web-based, remote management console. To make it easier for longtime SUSE admins, Cockpit has been updated to seamlessly manage SLES-specific functions such as software repositories, package installation, and SUSE subscriptions.
SUSE is also extending automatic snapshot integration into Cockpit. With every update performed using the Zypper package manager or Cockpit, a new snapshot will be created, and the system will maintain them to ensure that system changes can always be rolled back.
Also: This Linux distro makes openSUSE accessible to all – even newbies should take a look
At the DevOps level above this, SLES 16 now includes Ansible. Yes, that’s also a Red Hat-based automation framework. SUSE is shipping it with standardized Ansible roles for consistent SLES configuration. This includes roles for firewalls, SELinux, the Podman container manager, and related services. Prefer Salt for your DecOps needs? Salt remains fully supported via SUSE Multi-Linux Manager.
Extended support
If you work at a company that dislikes moving from one version of the operating system to another, SLES 16 comes with a 16-year support promise. Each minor version now receives five years of support. Specifically, each will come with two years of general support, followed by three years of optional long-term support. The major version as a whole is backed by 10 years of mainstream support plus six years of extended service, allowing customers to align upgrade cycles with hardware refreshes and regulatory requirements.
Additionally, SUSE’s vocabulary has evolved. Moving forward, Service Packs (SPs) are now Minor Releases and Long Term Service Pack Support (LTSS) is now Long Term Support (LTS). This aligns with how other Linux distributions describe the evolution of their releases.
Also: The best CRM software: Streamline your customer relationships
Additionally, for long-term support, SLES 16 is fully prepared to extend beyond 2038. The 32-bit time_t counter overflow issue, known as the “Y2038 problem,” has been addressed by updating key components and interfaces, including lastlog, utmp, and systemd-logind.
When I consider the entire package, I’m impressed. SUSE has gone out of its way to create a new opinionated enterprise Linux distribution that embraces modern software. If you haven’t evaluated SLES recently for your server, cloud, and edge needs, it’s time to take another look. I think you’ll be impressed too.
Get the morning’s top stories in your inbox each day with our Tech Today newsletter.
