With its OpenInfrastructure summit just a few weeks away, the OpenStack gang is issuing its next "Train" launch with a focus on data protection and machine learning.
The launch comes after the platinum foundation member SUSE threw the towel over the OpenStack Cloud to move towards a bright future, based on Kubernetes.
It is not that the word "S" was mentioned, even in a hesitant tone, while OpenStack prepared Train before an expected release on October 16.
As is the norm, OpenStack was eager to shout about the more than 25,500 code changes accepted this time, from 1,125 developers from more than 150 organizations. A look at the content of the release shows that OpenStack is as surprisingly vast as ever, although a number of adjustments deserve more attention.
The first is the arrival of guest RAM encryption to Nova using AMD Secure Encrypted Virtualization (SEV). Nova is a veteran component of OpenStack and a cloud computing structure controller, forming a cornerstone of the Infrastructure as a Service (IaaS) of OpenStack and, according to OpenStack, the feature is "an incredible breakthrough in terms of security." 19659006] SUSE mascot in Huawei Connect 2016 "/>
SUSE, what? The adoption continues to grow, it shrugs OpenStack Foundation
The team told The Register that, in a nutshell, "this means that even if you have physical access to my server , you won't be able to see what's in my virtual machine or what's in the memory logs of my virtual machine. "
Practical for multi-tenant environments or environments with public access hardware (such as edge implementations), the performance hit of activating the function is "quite small" according to the OpenStack calculation as it lurks at the hardware level. It is not enabled by default, since only AMD is currently supported and encryption is not "universally available on every chipset and every hardware stack."
Also in Nova there is live migration support for servers with a NUMA topology when using the libvirt computation controller.
The team also highlighted the improvements to Karbor, a framework designed to give suppliers a unified API to protect user data. Directed by China Mobile, Train offers new event notifications and backup options to Karbor.
Ironic, the project to supply bare metal instead of virtual machines, received support to build software RAIDs directed by CERN. Meanwhile, Acceleration Resource Manager Cyborg saw a Nova interaction specification to launch and manage virtual machines with acceleration technology. The existing Intel FPGA and GPU controllers were also enhanced for heavy work on tasks such as machine learning.
Finally, the placement service, which emerged from Nova to become a project in itself at the launch of OpenStack Stein, has seen some substantial performance gains. The service, which is used by other projects to track its resources, had already dropped from 16.9 seconds per request to 2.9 on Stein after decoupling from Nova. Train has seen that figure fall further, to 0.7 seconds per request at the OpenStack benchmarks.
"When the team decoupled it [Placement] from Nova," the gang explained, "they focused very specifically on that one step: & # 39; Let's put a resource. & # 39; And they realized that they can optimize that simplifying some of the code paths and changing the data model. And then in Train, they took it a little further and made more code profiles to find where to get even more … " Perhaps recognizing that the most Of 40 components lurking within OpenStack can be a bit daunting, the team has also worked to improve documentation.
It will be interesting to see the impact of SUSE's departure on the next OpenStack launch, Ussuri, which is scheduled for May 2020. ®
General technical description: Exasol Peek Under the Hood