OpenStack's 10th birthday is next week, but you get the present of a new release today
Meet Victoria, who’s fond of K8s, security and complex networking
On October 21st, 2010, something new hit the world of enterprise infrastructure software: it was free software called OpenStack “Austin” and comprised the Nova VM-wrangler and the Swift Object store.
Enthusiasm for OpenStack has waxed and waned since. In its early years the project’s openness saw the likes of Cisco, Rackspace and HPE tout it as a better alternative than proprietary clouds from AWS Microsoft.
We know how that turned out: AWS, Azure and Google dominate the cloud and while OpenStack runs plenty of colossal web companies, the project’s own user surveys suggest that the majority of deployments are at organisations with between 100 and 10,000 employees.
China turned out to be a big part of the OpenStack story: its web giants Baidu and Tencent are known users, while the nation’s big three telcos - China Mobile, China Telecom and China Unicom – also adopted the stack. They’ve adopted it because OpenStack now offers over 40 modules that are collectively capable of doing just about anything a cloudy or webscale stack requires.
The Register will properly assess OpenStack’s first decade soon, but for now we need to consider the project’s 22nd major release, dubbed “Victoria”, which landed earlier this week.
The new release includes over 20,000 code changes by 794 developers from 160 different organisations and over 45 countries.
The OpenStack Foundation rates improved Kubernetes support, including support for containerised network functions, as among its most important new additions. More FPGA support has been added, specifically for Intel and Inspur accelerators, just in time for the SmartNIC craze to crest. And because too much security is seldom enough, the Octavia module now supports HTTP/2 over TLS using Application Layer Protocol Negotiation (ALPN).
The Ironic module, dedicated to provisioning bare metal servers, has a new communications flow for agent tokens that should make it safer to communicate with devices on the edge. Ironic had a 66% increase in activity compared to the OpenStack Ussuri cycle, and added more security for edge deployments by combining the communication flow for agent token which was added in Ussuri with the automatic agent TLS feature. Now, malicious attackers are unable to possibly intercept the "token" and through standard communication exchanges with the Ironic services. The Foundation also highlighted the following enhancements for “complex networking issues”:
- The SDN module Neutron now provides metadata service over IPv6 and has added support for flat networks for Distributed Virtual Routers (DVR), Floating IP port forwarding for the OVN backend, and router availability zones in OVN.
- Load-balancing module Octavia now support version two of the PROXY protocol.
- Container networking module Kuryr has added support for autodetection of VM bridging interface in nested setups.
OpenStack has published a full list of enhancements present in Victoria here. The next OpenStack release has been named “Wallaby” and should hop into view in April 2021. The release’s timeline and goals can be found here. ®