What’s New in 5.10¶
This is the stable release of OpenNebula 5.10
OpenNebula 5.10 (Boomerang) is the sixth major release of the OpenNebula 5 series. The main focus has been to enforce functionality to manage NFVs (as well as other workloads) to propel OpenNebula as the default orchestrator of choice to build clouds in the edge and in environments where network performance is key. Also this focus on networking explains the new NSX integration over VMware infrastructures, which enables very interesting use cases in vSphere. The highlights of Boomerang are:
- NUMA and CPU pinning, define in which NUMA node VMs are going to be deployed.
- NSX integration, create and consume NSX networks from within OpenNebula.
- Revamped hook subsystem, hook a script for any API call or change of state in any VM or host resource.
- DPDK support, dramatically increase performance in network hungry, densely packed VMs.
- 2FA Authentication for Sunstone.
As usual, the OpenNebula 5.10 codename refers to a nebula, in this case the Boomerang Nebula, a protoplanetary nebula located 5,000 light-years away from Earth in the constellation Centaurus. It is also known as the Bow Tie Nebula and catalogued as LEDA 3074547. The nebula’s temperature is measured at 1 K (-272.15 °C; -457.87 °F) making it the coolest natural place currently known in the Universe. Same as OpenNebula in the IaaS space :)
OpenNebula 5.10 Boomerang is considered to be a stable release and as such it is available to update production environments.
In the following list you can check the highlights of OpenNebula 5.10. (A detailed list of changes can be found here.)
- Update hashing algorithm: Now passwords and login tokens are hashed using sha256 instead of sha1. Also csrftoken is now hashed with SHA256 instead of MD5
- NUMA and CPU pinning: You can define virtual NUMA topologies and pin them to specific hypervisor resources. NUMA and pinning is an important feature to improve the performance of specific workloads. You can read more here.
- Live update of context information: Running VMs can update their context information and trigger the contextualization scripts in the guests, see here.
- Uniform thread-safe random generator: For random numbers use a Mersenne Twister generator with uniform distribution.
- VM operations configurable at user and group level: Use attributes
VM_ADMIN_OPERATIONSin the user or group template, more information
- Unified objects’ secrets handling: Secrets are encrypted and decrypted in core, drivers get secrets decrypted see here.
- Allow VM reschedule in poweroff state: See here.
- System wide CPU model configuration: The default CPU model for KVM can be set in config file see here.
- KVM configuration per Host or Cluster: All kvm default attributes can be overriden in Cluster and Host.
- Revamped Hook System: A more flexible and powerful hook system has been developed for 5.10. Now you can hook on any API call as well as state changes
Other minor features in OpenNebula core:
- FILTER is now a VM_RESTRICTED attribute.
- Increase size of indexes (log_index and fed_index) of the logdb table from int to uint64.
- Custom block size for Datablocks, to allow users to modify block size for dd commands used for Ceph, Fs and LVM datastore drivers.
- Configurable VM monitoring: You can configure the frequency to monitor VM disk usage in datastores drivers (Fs and LVM). Check the oned.conf reference guide.
- Extensible mixed modes: Different TM drivers can be easily combined by implementing custom driver actions for any combination. Check the storage integration guide for more details.
- Support for Trash in Ceph datastore: Allows users to send disks to the trash instead of removing them.
- DPDK Support: The Open vSwitch drivers include an option to support DPDK datapaths, read more here.
- Extensible Network Drivers: You can extend network driver actions with customizable hooks, see more details.
- Deprecate brctl: The ip-route2 toolset replaces brctl to manage bridges for the KVM/LXD networking.
- All VMM driver actions receive relevant information through stdin, saving oned calls enhancing performance.
- Change default port used when OpenNebula connects to vSphere’s API.
- NSX integration: discover and setup NSX Manager.
- NSX integration: create and consume NSX networks from within OpenNebula.
OneFlow & OneGate¶
- Remove attributes from VMs: The onegate server API supports a new option to delete attributes from VM user template via onegate command.
- Better output for CLI tools: New options to adjust and expand the output to the terminal size; also it allows better parsing of output, check the documentation (expand, adjust and size attributes) for more details.
- Show raw ACL string in oneacl: The full string of each rule can be shown. It’s disabled by default check oneacl for more information.
- Show orphan images by using
- Show orphan vnets by using
- Packaged all required Ruby gems: Installation is now done only from operating system packages and is not necessary to run
install_gemsafter each installation or upgrade anymore, check the front-end installation.
- Debian and Ubuntu debug packages now have debugging information for the OpenNebula server in the dedicated package opennebula-dbgsym.
- Build optimizations: Packages build respects the proposed compiler and linker parameters of each platform with additional hardening features.
- Node packages revert changes on uninstall: Configuration changes in libvirt made during the KVM node package install are reverted on uninstall.
- Avoid node_modules files in Sunstone package: Build-time only data were dropped from the distribution package.
- Sunstone package should not provide empty /var/lib/one/sunstone/main.js: A temporary file with initially empty content is not contained in the package, but created by post-install scripts.
- Datastores directories contained in the package: Initial datastores directories are not contained in the package anymore.
- Lower services restart interval decreases limit for automatic restart of core services and consistently sets automatic restart to all services.
- Augeas lens for oned.conf: The server package contains an Augeas lens to manipulate
- Optional Python bindings are now built also for Python 3 – package python3-pyone.
- Reviewed sudo-enabled commands: Obsolete sudo-enabled commands were removed and REST commands are now enabled by each installed OpenNebula component package (server, node KVM, node LXD) to provide more fine-grained security.
- Packaged files and directories have more restricted ownership and permissions across all platforms, see here.
- Added new dependency on
install_gemson Debian-like systems, see here.
- IPAM driver scripts now receive the template of the AR via STDIN instead of via arguments, see more details.
Other Issues Solved¶
- Fixes an issue that makes the network drivers fail when a large number of sectary groups rules are used.
- Remove resource reference from VDC when resource is erased.
- Validate disk-snapshot-id cli parameter to prevent confusing conversion.
- Fix *Argument list too long* error in migrate action.
- Fix cluster CPU/MEM reservations.
- Fix issue with wrong controller for multiple scsi disks.
- Fix issue with Context ISO device vs. KVM models.
- Fix delete IPAM address ranges when deleting the vnet.
- Fix multiple click to back button when instantiate multiple VM.
- Fix add and remove cluster in datastore’s table.
- Fix remove resource from VDC.
- Fix empty scheduled action id when is 0.
- Change order columns in services instances view.
- Fix send requeriments when a template is instantiated in user view.
- Fix lose NIC index in VM networks.
- Fix sunstone submit context in Virtual Network Template form.
- Fix FILES_DS template variable disappears if the configuration is updated.
- Fix wrong running quotas values when disk-snapshot create.
- Fix escape of backslash in XML documents for the onedb command.
- Add migrate power off in sunstone view yamls files.
- Fix preserve attributes in Virtual Machine Template.
- Fix libvirt race condition when detaching network interface.
- Fix hide the create button when it not have options.
- Fix parse error in VM descriptions with spaces.
- Fix error on resize VM disk in Firefox.
- Fix only show update if the version is stable.
- Fix update CPU model in VM config view.
- Fix showing uplinks as networks in vcenter hosts.
- Add the possibility of exclude some addresses from the HTTP proxy.
- Improve performance for large fileset containers.
- Fix show error when disable OpenNebula Systems support endpoint.
- Fix race condition when two migrate actions are executed simultaneously over the same VM.
- Fix error when attaching a disk to a VM using hybrid mode.