2.13. Technology Previews
This section outlines features that are in technology preview in Red Hat OpenStack Platform 10.
Note
For more information on the support scope for features marked as technology previews, see Technology Preview Features Support Scope.
2.13.1. New Technology Previews
The following new features are provided as technology previews:
- At-Rest Encryption
- Objects can now be stored in encrypted form (using AES in CTR mode with 256-bit keys). This provides options for protecting objects and maintaining security compliance in Object Storage clusters.
- Erasure Coding (EC)
- The Object Storage service includes an EC storage policy type for devices with massive amounts of data that are infrequently accessed. The EC storage policy uses its own ring and configurable set of parameters designed to maintain data availability while reducing cost and storage requirements (by requiring about half of the capacity of triple-replication). Because EC requires more CPU and network resources, implementing EC as a policy allows you to isolate all the storage devices associated with your cluster's EC capability.
- Open vSwitch Firewall Driver
- The OVS firewall driver is now available as a Technology Preview. The conntrack-based firewall driver can be used to implement Security Groups. With conntrack, Compute instances are connected directly to the integration bridge for a more simplified architecture and improved performance.
2.13.2. Previously Released Technology Previews
The following features remain as technology previews:
- Benchmarking Service
- Rally is a benchmarking tool that automates and unifies multi-node OpenStack deployment, cloud verification, benchmarking and profiling. It can be used as a basic tool for an OpenStack CI/CD system that would continuously improve its SLA, performance and stability. It consists of the following core components:
- Server Providers - provide a unified interface for interaction with different virtualization technologies (LXS, Virsh etc.) and cloud suppliers. It does so via ssh access and in one L3 network
- Deploy Engines - deploy an OpenStack distribution before any benchmarking procedures take place, using servers retrieved from Server Providers
- Verification - runs specific set of tests against the deployed cloud to check that it works correctly, collects results & presents them in human readable form
- Benchmark Engine - allows to write parameterized benchmark scenarios & run them against the cloud.
- Cells
- OpenStack Compute includes the concept of Cells, provided by the nova-cells package, for dividing computing resources. For more information about Cells, see Schedule Hosts and Cells.Alternatively, Red Hat OpenStack Platform also provides fully supported methods for dividing compute resources in Red Hat OpenStack Platform; namely, Regions, Availability Zones, and Host Aggregates. For more information, see Manage Host Aggregates.
- CephFS Native Driver for Manila
- The CephFS native driver allows the Shared File System service to export shared CephFS file systems to guests through the Ceph network protocol. Instances must have a Ceph client installed to mount the file system. The CephFS file system is included in Red Hat Ceph Storage 2.0 as a technology preview as well.
- Containerized Compute Nodes
- The Red Hat OpenStack Platform director has the ability to integrate services from OpenStack's containerization project (kolla) into the Overcloud's Compute nodes. This includes creating Compute nodes that use Red Hat Enterprise Linux Atomic Host as a base operating system and individual containers to run different OpenStack services.
- DNS-as-a-Service (DNSaaS)
- Red Hat OpenStack Platform 8 includes a Technology Preview of DNS-as-a-Service (DNSaaS), also known as Designate. DNSaaS includes a REST API for domain and record management, is multi-tenanted, and integrates with OpenStack Identity Service (keystone) for authentication. DNSaaS includes a framework for integration with Compute (nova) and OpenStack Networking (neutron) notifications, allowing auto-generated DNS records. In addition, DNSaaS includes integration support for PowerDNS and Bind9.
- Firewall-as-a-Service (FWaaS)
- The Firewall-as-a-Service plug-in adds perimeter firewall management to OpenStack Networking (neutron). FWaaS uses iptables to apply firewall policy to all virtual routers within a project, and supports one firewall policy and logical firewall instance per project. FWaaS operates at the perimeter by filtering traffic at the OpenStack Networking (neutron) router. This distinguishes it from security groups, which operate at the instance level.
- Google Cloud Storage Backup Driver (Block Storage)
- The Block Storage service can now be configured to use Google Cloud Storage for storing volume backups. This feature presents an alternative to the costly maintenance of a secondary cloud simply for disaster recovery.
- OpenDaylight Integration
- Red Hat OpenStack Platform 10 includes a technology preview of integration with the OpenDaylight SDN controller. OpenDaylight is a flexible, modular, and open SDN platform that supports many different applications. The OpenDaylight distribution included with Red Hat OpenStack Platform 10 is limited to the modules required to support OpenStack deployments using NetVirt, and is based on the upstream Boron version.The following packages provide the Technology Preview: opendaylight, networking-odl.For more information, see the Red Hat OpenDaylight Product Guide and the OpenDaylight and Red Hat OpenStack Installation and Configuration Guide.
- Real Time KVM Integration
- Integration of real time KVM with the Compute service further enhances the vCPU scheduling guarantees that CPU pinning provides by reducing the impact of CPU latency resulting from causes such as kernel tasks running on host CPUs. This functionality is crucial to workloads such as network functions virtualization (NFV), where reducing CPU latency is highly important.
- Red Hat SSO
- This release includes a version of the keycloak-httpd-client-install package. This package provides a command-line tool that helps configure the Apache mod_auth_mellon SAML Service Provider as a client of the Keycloak SAML IdP.
- VPN-as-a-Service (VPNaaS)
- VPN-as-a-Service allows you to create and manage VPN connections in OpenStack.