By Lionel Gibbons | November 22, 2017 | OpenStack
If the 20-percent year-over-year deployment growth is any indication, as reported in 2016 per the latest organizational report, the clear benefits of OpenStack are no match for the historic complexity of deployment. As OpenStack continues to evolve with each new release, a pattern of improvements that make it more stable and usable emerges.
Although we’re well into adoption of release 16 known as Pike, release 15 known as Ocata is where the process of improvement for existing attributes really picked up steam. This is a significant point because the goal with Ocata was to increase stability, manageability, user experience, and interoperability of core services. By reviewing some of the latest developments in Ocata as a “mature” version of OpenStack, we can see how many adopted services have been improved in terms of management, scalability, performance, and reliability.
OpenStack’s Keystone Identity Management Service now enables administrators to set multifactor authentication on a per-user basis for more granular access control. Expired token validation ensures that long-running operations in OpenStack don’t fail due to timeouts.
The Horizon GUI, OpenStack's administrative management dashboard, has been updated with new contextual access and security controls to enable keystone-to-keystone federation, as well as a greater ability to detect performance issues across OpenStack services.
As the core of OpenStack, Nova allows for the creation of VMs, so a new compute placement API makes it easier for users to allocate resources based on application needs. For example, the Nova enhancements in Ocata allow administrators to package VMs to optimize memory usage and other resources. In addition, Cells v2 has also become a default option to increase Nova’s stability.
Zaqar messaging service added Swift object storage as a backend service, to easily leverage an existing Swift cluster without deploying another MongoDB or Redis cluster.
OpenStack's Cinder block storage service now features Active/Active HA driver implementation to provide non-stop storage operations for increasing critical operation uptime. In addition, Ocata enhances data sharing, especially for databases, by allowing a single volume to attach to multiple users.
Heat, which provides orchestration services for resources in an OpenStack cluster, now has auto-healing that can automatically spin up a replacement VM when an outage is detected. This enables a much easier service failure recovery.
Neutron, the core networking service in OpenStack, has been split into a base library and agents, for ease of scaling large, production-sized configurations. This change could lead to more OpenStack-based private clouds. In addition, Ocata updates the firewall as a service, allowing for port-level firewall rules.
OpenStack's Dragonflow is an SDN controller for Neutron intended for larger-scale deployment; it now includes IPv6 support and more advanced reporting features.
This new feature facilitates tighter integration between multiple, geographically dispersed OpenStack clouds. Tricircle enables private clouds to act more like the dispersed availability zones of large public clouds. Tricircle caters to large enterprises with multiple linked sites used for disaster recovery and redundancy.
Kolla, Kuryr, and Zun
Three new container-related sub-projects were included with Ocata: Kolla for container deployment; Kuryr for bridging containers to networking and storage; and Zun, a container management service with support for Kubernetes and Docker containers.
Network Function Virtualization has become more stable and fully integrated into OpenStack (TripleO) for ease of deployment. The upgrades to TripleO, Heat, and Mistral enhance orchestration and automation of the release upgrade process for less downtime.
Octavia, the load-balancer-as-a-service (LBaaS) that was formerly a Neutron subproject, is now a top-level OpenStack service. General availability is expected with Pike, the next OpenStack release.
The sheer breadth of OpenStack means that we’ve only covered a few of the many developments in Ocata. Overall, it’s important to keep perspective on Ocata as, first and foremost, a big advance in the maturity of OpenStack. This can be seen in the fact that the project navigator tool now ranks the components of OpenStack Nova, Neutron, Swift and Cinder as eight out of eight on maturity.
With OpenStack Ocata and the most current release of Pike, users across business sectors are now beginning to see how the promise of OpenStack is attainable. Although the short release cycles can be frustrating, they are a key factor in the rapid growth in adoption of OpenStack. In fact, the 2017 OpenStack Users’ Survey shows the growth rates of enterprise data center deployments as a means of enabling a private cloud infrastructure that supports applications as easily as a public cloud.
However, challenges still exist. The same User’s Survey also shows that respondents are still dogged by deployment complexity, even as Kubernetes becomes a workable option. In a world where every use case and need is different, it’s not enough to say that you can’t please everybody all of the time. However, as OpenStack continues to evolve with each version, cluster and cloud management solutions also continue to evolve to make that old saying a non-issue.