- Emilien Macchi & Chmouel Boudjnah (eNovance)
Emilien et Chmouel sont tous deux développeurs OpenStack et sont de forts contributeurs aux projets Swift et Quantum. Ils introduiront le meetup en donnant une update sur les projets, les fonctionnalités de la release Grizzly et ce que nous pouvons attendre de la release Havana qui se dessinera à l'OpenStack Summit de Portland. Ils présenteront également un rapide bilan sur: "OpenStack: 3 ans après: qui sont les plus gros contributeurs du projet?"
3. adj. cooler than cool, hotter than hot,
possessing a quality of complete and utter
awesomeness.
From the most reliable source -- The Urban Dictionary
4. Who are we!
Chmouel Boudjnah - The darkie - eNovance Señor dev - aka David Starsky.
Emilien Macchi -- The blondie- eNovance engineer - aka Kenneth Hutch.
6. Nova
I want to scale my Nova, like a
lot!
We give you Cells!!!!
7. Nova
The DB access is a pain on Nova.
We give you No-DB!!!!
• upgrades - without this, you need to take down all
compute services (potentially 1000s) to do a db schema
sync
• security - if you break out of the VM, you ownz the cloud
right now because you have full DB access and access to
the message queue
• scalability - limit the amount of agents which need to hit
the DB; reduce the connections, but also potentially reduce
the number of queries
8. Nova
Hey let me track all that stuff.
We give you Instance Action tracking
Nova has been updated to keep track of all actions performed on
an instance. There is an API extension for accessing this
information. Viewing the list of instance actions provides deeper
insight into the history of an instance. It also provides much
better error reporting for users and administrators.
9. Nova
And many many mores
• Availability Zones:
• Admin APIs:
• API support for instance passwords:
• Improved MySQL connector added lines: 281036
performance:
• Database archiving:
removed lines : 214574
• Quantum Security Groups:
• File injection without mounting guest
filesystem: total lines: 66462
• Default Security Group Rules:
• libvirt Custom Hardware:
• libvirt Spice Console: 1889 Commits
• powervm Resize, Migrate, and
Snapshot:
• Availability Zones in OpenStack API
• Glance Direct Image File Copy.
10. Quantum
I want to scale my Quantum,
like a superstar !
We give you Multi-host !!!!
• Utilize resource
●
Support scalability on quantum agent
●
Availability zone
●
Works on multiple hosts
• Agent management
●
Monitoring agents
●
Manage agent’s capabilities
• High availability
11. Quantum
Let me choose my IP address space.
We give you overlapping !!!!
• Security Groups
• Floating IP
• Metadata Server
... are now able to manage the same IP address space.
12. Quantum
I want friends for my VM
We give you Load Balancing !
• API for cloud admins: manage a pool of HW and SW load-
balancing appliances
• API for OpenStack tenants: load balancing as a service
• transparency and flexibility (multi-tenancy support, isolation
and per-tenant resource limits
• mechanism of drivers for supporting load balancers from
different vendors
• drivers already in development for HAProxy, Cisco ACE, and F5
BigIP
13. Quantum
And many many mores
added lines: 92376
• Service Insertion
removed lines : 41864
• RPC support for l3 agent
• IPtables support for OVS
• VIF Plugging Improvements total lines: 50512
• Security Groups API
602 Commits
14. Keystone
Those token UUID are so
1990s.
We give you PKI
tokens!!!!
More secure and more
efficient.
15. Keystone
How do I plug Keystone to my auth
Server?
Use REMOTE_USER and
Apache, it will do just that.
16. Keystone
I WANT a new API.
Sure here is the v3 API
Former "Service" and "Admin" APIs (including CRUD operations previously defined
in the v2 OS-KSADM extension) are consolidated into a single core API
"Tenants" are now known as "projects"
"Groups": a container representing a collection of users
"Domains": a high-level container for projects, users and groups
"Policies": a centralized repository for policy engine rule sets
"Credentials": generic credential storage per user (e.g. EC2, PKI, SSH, etc.)
"Trusts": Project-specific role delegation between users, with optional
impersonation
Roles can be granted at either the domain or project level
User, group and project names only have to be unique within their owning domain
Retrieving your list of projects (previously GET /tenants) is now explicitly based on
your user ID: GET /users/{user_id}/projects
Tokens explicitly represent user+project or user+domain pairs
Partial updates are performed using the HTTP PATCH method
Token ID values no longer appear in URLs
17. Keystone
added lines: 28488
And more! removed lines : 17265
total lines: 11223
289 Commits