OpenStack 2012.2 (Folsom) Release Notes
OpenStack Object Storage (Swift)
OpenStack Compute (Nova)
OpenStack Image Service (Glance)
- Completely new v2 API
- Completely new client - python-glanceclient
- Client SSL certificate validation on glance-api
- Tenant-specific storage in Swift
- Image replication using glance-replicator
- v2 API requires sql configuration on glance-api nodes
- auth_token middleware configuration moved from paste configuration to server confguration
- Set enable_v2_api to 'false' to disable new v2 API or copy sql configuration from glance-registry.conf to glance-api.conf
- Update local keystone code before starting Folsom glance services
OpenStack Dashboard (Horizon)
OpenStack Identity (Keystone)
- PKI Support for authentication
- Integration into openstack-common libraries
- Swift AUTH middleware allowing overrides of authentication
- Consolidation of CLI option names to global openstack standard (use hyphens)
- V2 API exposes token within the URL
- If a tenant is deleted in Keystone, there is no orchestration to verify that resources associated with that tenant are disabled and/or removed in other projects (glance, nova, swift, etc)
- The Keystone CLI lacks a means of reporting the tenants that a user is associated with
- auth_token middleware requires installation of almost all of keystone, is not in its own package
- LDAP backend is lacking TLS/LDAPS support
- No active directory specific LDAP backend
- V2 API is not backed by RBAC
OpenStack Network Service (Quantum)
- First "core" release of OpenStack Quantum
- v2 tenant-facing API to control L2 networking and IP address management
- pluggable network back-ends technologies, including Open vSwitch, Cisco, Linux Bridge, Nicira NVP, Ryu, and NEC.
- support for overlapping IP addresses on different L2 networks.
- new and improved CLI
- DHCP service with support for overlapping IPs.
- support for OpenStack notifications and API quotas.
- extension support for "provider networks" that map to physical VLANs or flat networks.
- extension support for basic L3 forwarding, SNAT, and floating IPs. Support for multiple routers.
- Keystone-integrated API policy framework to allow support different API-modes: tenant network control or admin-only network control.
- Nova security groups and metadata server are not compatible with overlapping IPs.