OpenStack “Liberty,” due for imminent release, represents the 12th release of the open source computing platform for public and private clouds. Recent OpenStack releases have focused on improving stability and enhancing the operator experience. This is still the case with Liberty, but there are still new features to consider.
On October 1st we provided a sneak peek into the highlights of OpenStack Liberty, if you missed out you can now view the recording of the event on demand. As well as providing an overview the highlights of the Liberty release we also discussed the recent restructure of the way governance of OpenStack projects works, colloquially referred to as the “big tent”, and what it means for you as a consumer of OpenStack.
We also spent some time covering projects that are less widely deployed at this time and what the future might hold for them including the Containers service (Magnum), the Shared File Systems service (Manila), and the Message service (Zaqar).
Features discussed in the “What’s new in OpenStack Liberty” webinar include:
- Network quality of service (QoS): providing an extensible API and reference implementation for dynamically defining per-port and per-network QoS policies. This enables OpenStack tenant administrators to offer different service levels based on application needs and available bandwidth.
- Role-based access control (RBAC) for networks: provides fine-grained permissions for sharing networks between tenants. Historically OpenStack networks were either shared between all tenants (public) or not shared at all (private). Liberty now allows a specific set of tenants to attach instances to a given network, or even to disable tenants from creating networks - instead limiting access to pre-created networks corresponding to their assigned project(s).
- Mark host down API enhancements: supports external high-availability solutions, including pacemaker, in the event of compute node failure. This new API call provides improved instance resiliency by giving external tools a faster path to notifying OpenStack Compute of a failure and initiating evacuation.
- Dashboard support for database-as-a-service (Trove): subnet allocation, floating IP assignment, and volume migration, will now be included and configurable through the graphical user interface (Horizon). Providing easier day to day operational management for cloud users.
- Generic volume migration: adds the ability to migrate workloads from iSCSI to non-iSCSI storage back ends, with more drivers to perform migration including Ceph RBD.
- Volume Replication API: Cinder now allows block level replication between storage back ends. This simplifies OpenStack disaster recovery by allowing administrators to enable volume replication and failover.
- Nondisruptive backups: Allows the backup of volumes while they are still attached to instances by performing the backup from a temporary attached snapshot. This eases backups for administrators and offers a less disruptive solution to end users.
- New Image signing and encryption: helps to protect against image tampering by providing greater integrity with signing and signature validation of bootable images.
- Convergence updates: Updates to OpenStack Orchestration (Heat) are aimed at making infrastructure updates easier to scale and more resilient to failures. As part of long-term work in this area, Liberty includes an (optional) mode for a persistent, per-resource state during stack updates. This provides improved fault tolerance, including the ability to recover from a failure in the orchestration engine during the update. In addition these changes provide the potential for work to be spread across multiple orchestration engine workers in a more granular way than was previously possible.
- Experimental online schema changes: aimed at minimizing the amount of downtime required when applying database schema changes during the upgrade process. Further work on this feature planned for in the future will apply the required database migrations while still running (online).