Red Hat rolls OpenStack train up to Platform 16

With OpenStack’s Train release out for a while, Red Hat has now finished work on version 16 of OpenStack Platform, its commercial offering of the cloud computing platform.

According to the IBM subsidiary, the product aims at service providers looking to run workloads from the areas of network function virtualisation, artificial intelligence and machine learning, as well as high performance and edge computing. 

Version 16 is based on the Train release, but comes with a couple of special features to justify the price and support its target audience better. This is why, for example, the platform’s Compute service now allows deployments to be configured to use multiple cells, which helps with process isolation and security in larger setups. 

Compute has also been modified to let users schedule pinned and floating instances on a single host, create instances with a guaranteed minimum bandwidth, and perform live migrations pinned instances and those with SR-IOV interfaces.

Since security is another major issue of enterprise customers, the platform’s Block Storage service has learned to change the encryption key when cloning an encrypted volume, following the security best practice to not use the same key multiple times. It also adds an encryption key to the key management service when uploading an encrypted volume to the image service.

The Platform’s networking component received some security enhancement as well, leading the service to support “the encryption of internal API traffic for OVN using Transport Layer Security”. Apart from that it now sports features to deploy OVN on IPv6 networks, and limit incoming traffic to a list of IP addresses.

Thrill seekers are welcome to look into the technology previews, of which there are several in version 16. The release for example brings capabilities to “interact with a single undercloud to manage multiple distinct overclouds”, “create an active-active configuration for Block Storage service”, and deploy multiple Ceph clusters. Underclouds are single-node OpenStack installations which serve as main director nodes. They contain components to manage the nodes making up an OpenStack environment (deployed cloud or Overcloud).

Another experimental addition can be found in the form of a so-called undercloud minion, which provides additional heat-engine and ironic-conductor services to realise faster and larger deployments. A new validation framework is meant to “help verify the requirements and functionality of the undercloud and overcloud”. The full list of changes can be found in the product’s documentation.