7.02.2017 - by Stephan Vanecek
The fourteenth release of OpenStack brings countless of new features, enhancements, bug fixes, and updates. In general, the developers in the Newton release focused on and made the most progress in scalability, reliability, and high availability. In this article, we will introduce some of the changes made to OpenStack projects focused on data storage — Cinder (Block storage), Swift (Object storage), and Glance (Image service).
One of the changes made in this release cycle is deprecating the default key manager of Cinder. A key manager in Cinder stores and provides keys used for encrypting the Cinder volumes. Currently, Castellan is being used instead. It is an alternative key management interface for the projects that prefer not to require Barbican (the OpenStack key management project) by default. Cinder developers chose this to avoid the need to install another OpenStack project to run Cinder.
A significant progress has also been made in the field of Active/active High availability of Cinder volumes. They are currently highly available in the active/passive mode. Once this feature is production-ready, Cinder volumes should also feature better performance characteristics compared to the current state.
Cinder also added the support of API microversions.This feature has already appeared in Nova in previous releases. Microversions allow the user to request a specific version of the API. That means that the user can choose an older version instead of the newer one with features he doesn’t intend to use. On the other hand, he can avoid using a newer API with new features that might be breaking the solution. Microversions preserve the backwards compatibility so the user can pick the minimal compatible version of the API for the task he intends to perform.
During the Newton cycle has also been made some progress in the openstack CLI (command line interface) regarding the Cinder-related functionality. There has been an ongoing effort trying to merge the CLIs of the OpenStack projects (nova CLI, cinder CLI, …) together. The cinder CLI will be deprecated once all of its functionality is also available and fully working in the openstack CLI.
The Newton release includes wider support of drivers from different vendors. Moreover, several smaller components to the API have been added. It includes for example the possibility to display the number of total volumes or volume’s size. To get an overview of all updates, you can have a look at the release notes.
The first thing to mention in Swift is further progress in the integration of Swift with Searchlight, however still having experimental status. This effort has been going on since Mitaka (13th release). Searchlight is a project dedicated to searching. Since Swift is hugely scalable — enabling to store petabytes of data — it is important to have a possibility to effectively search the metadata of the stored data.
Another notable new feature is encryption at-rest. It allows users to encrypt the data and its metadata when it is being stored in the cluster. It means that the data being uploaded is not encrypted until it gets stored in Swift. The encrypted data at the server ensure that nobody without the key will be able to read the data. It is important in terms of security of the stored data: So even if the data gets stolen or the hardware component is reused for another purpose with the data not properly deleted, the data is safe. This feature also targets some of the legal issues concerning storing the data in remote places. It should make Swift a fitting solution for even more customers.
Object versioning of Swift now features a possibility of choosing a way how an object is treated when the DELETE request is triggered. It is done by setting an appropriate flag to the container. We can now either choose to delete only the most recent version and replace it with another one when the DELETE request is triggered or to delete all available versions at once.
To see the list of changes made to the project, please check the changelog of Swift.
There has been less notable updates in the functionality of Glance compared to the previous projects. The developers have added the support for another disc format — vhdx. Moreover, the Image API v1 was outdated and is planned to be removed in the future. Therefore, the operators are advised to use the current Image API v2. Another update changes the data signatures. Now, data of the images is signed directly. The previous approach was to sign the hash of the image, not the data itself. This should however not affect the functionality.
Another change that lies in the management of OpenStack is that Glare (Glance artifact repository) is being moved to a separate project. Before Newton, it used to be a part of Glance project as it was supposed to provide a repository for artifacts as a whole. It was decided that disc images are an unique issue that should be kept in a separate project so that the stability and its specific needs can be ensured. As a conclusion, Glance is again a project that aims to provide and manage disc images and Glare is an effort to provide repository for artifacts.
For other features and fixes of the Newton release, please refer to the release notes of Glance project.
In this article, we introduced some interesting features in OpenStack storage projects Cinder, Swift and Glance. Beside the updates mentioned above, there have also been lots of improvements and bug fixes supporting the scalability and reliability making the software even better.
There has also been put a lot of effort in implementing further features that take more time to complete and therefore will be production-ready in later releases. Those efforts include for example Glance’s community images or Active/active High Availability for Cinder volumes.