OpenStack Newton, the technology’s 14th release, shows just how far we’ve come: where we used to focus on basic things, such as supporting specific hypervisors or enabling basic SDN capabilities, now that’s a given, and we’re talking about how OpenStack has reached its goal of supporting cloud-native applications in all of their forms — virtual machines, containers, and bare metal.
There are hundreds of changes and new features in OpenStack Newton, and you can see some of the most important in our What’s New in OpenStack Newton webinar. Meanwhile, as we do with each release, let’s take a look at 53 things that are new in OpenStack Newton.
- Get me a network enables users to let OpenStack do the heavy lifting rather than having to understand the underlying networking setup.
- A default policy means that users no longer have to provide a full policy file; instead they can provide just those rules that are different from the default.
- Mutable config lets you change configuration options for a running Nova service without having to restart it. (This option is available for a limited number of options, such as debugging, but the framework is in place for this to expand.)
- Placement API gives you more visibility into and control over resources such as Resource providers, Inventories, Allocations and Usage records.
- Cells v2, which enables you to segregate your data center into sections for easier manageability and scalability,has been revamped and is now feature-complete.
- 802.1Q tagged VM connections (VLAN aware VMs) enables VNFs to target specific VMs.
- The ability to create VMs without IP Address means you can create a VM with no IP address and specify complex networking later as a separate process.
- Specific pools of external IP addresses let you optimize resource placement by controlling IP decisions.
- OSProfiler support lets you find bottlenecks and troubleshoot interoperability issues.
- No downtime API service upgrades
Storage (Cinder, Glance, Swift)
- Microversions let developers can add new features you can access without breaking the main version.
- Rolling upgrades let you update to Newton without having to take down the entire cloud.
- enabled_backends config option defines which backend types are available for volume creation.
- Retype volumes from encrypted to not encrypted, and back again after creation.
- Delete volumes with snapshots using the cascade feature rather than having to delete the snapshots first.
- The Cinder backup service can now be scaled to multiple instances for better reliability and scalability.
- Glare, the Glance Artifact Repository, provides the ability to store more than just images.
- A trust concept for long-lived snapshots makes it possible to avoid errors on long-running operations.
- The new restrictive default policy means that all operations are locked down unless you provide access, rather than the other way around.
- Object versioning lets you keep multiple copies of an individual object, and choose whether to keep all versions, or just the most recent.
- Object encryption provides some measure of confidentiality should your disk be separated from the cluster.
- Concurrent bulk-deletes speed up operations.
Other core projects (Keystone, Horizon)
- Simplified configuration setup
- PCI support of password configuration options
- Credentials encrypted at rest
- You can now exercise more control over user operations with parameters such as IMAGES_ALLOW_LOCATION, TOKEN_DELETE_DISABLED, LAUNCH_INSTANCE_DEFAULTS
- Horizon now works if only Keystone is deployed, making it possible to use Horizon to manage a Swift-only deployment.
- Horizon now checks for Network IP availability rather than enabling users to set bad configurations.
- Be more specific when setting up networking by restricting the CIDR range for a user private network, or specify a fixed IP or subnet when creating a port.
- Manage Consistency Groups.
Containers (Magnum, Kolla, Kuryr)
- Magnum is now more about container orchestration engines (COEs) than containers, and can now deploy Swarm, Kubernetes, and Mesos.
- The API service is now protected by SSL.
- You can now use Kubernetes on bare metal.
- Asynchronous cluster creation improves performance for complex operations.
- You can now use Kolla to deploy containerized OpenStack to bare metal.
- Use Neutron networking capabilities in containers.
- Nest VMs through integration with Magnum and Neutron.
Additional projects (Heat, Ceilometer, Fuel, Murano, Ironic, Community App Catalog, Mistral)
- Use DNS resolution and integration with an external DNS.
- Access external resources using the external_id attribute.
- New REST API that makes it possible to use services such as Gnocchi rather than just interacting with the database.
- Magnum support.
- Deploy Fuel without having to use an ISO.
- Improved life cycle management user experience, including Infrastructure as Code.
- Container-based deployment possibilities.
- Use the new Application Development Framework to build more complex applications.
- Enable users to deploy your application across multiple regions for better reliability and scalability.
- Specify that when resources are no longer needed, they should be deallocated.
- You can now have multiple nova-compute services using Ironic without causing duplicate entries.
- Multi-tenant networking makes it possible for more than one tenant to use ironic without sharing network traffic.
- Specify granular access restrictions to the REST API rather than just turning it off or on.
Community App Catalog
- The Community App Catalog now uses Glare as its backend, making it possible to more easily store multiple application types.
- Use the new v2 API to add and manage assets directly, rather than having to go through gerrit.
- Add and manage applications via the Community App Catalog website.