The OpenStack community has released Caracal (‘keh·ruh·kal), the 29th version of the world’s most widely deployed open source cloud infrastructure software. OpenStack is deployed globally by organizations comprising a multitude of sizes and industries, with more than 45 million cores in production. Recently, OpenStack has seen increasing demand among users who are hosting demanding artificial intelligence (AI) and high-performance computing (HPC) workloads, as well as by users who want to run virtualized workloads at a massive scale while avoiding the vendor lock-in nature of proprietary solutions.
OpenStack Caracal shares several features with its namesake African wildcat: the ability to make great leaps, agility and high performance, fierce protection of its territory, and adaptability to new environments.
Support of AI & HPC Workloads
OpenStack enables users to make great leaps in productivity through its support of AI and HPC workloads. For example, Nova now supports vGPU live migrations, a big win for hardware enablement and accelerated workloads. Within Nova, bugs were also fixed to improve NVIDIA GPU support. In addition, Ironic's continued transition from manufacturer-specific drivers to the Redfish API is helping promote open standards in hardware management while improving maintainability for its project.
Agility and Performance
OpenStack Caracal makes several improvements in agility and performance, including the following:
Designate now supports Catalog Zones (RFC 9432). This can improve the scalability of Designate pools managing a large number of zones and significantly reduce the provisioning time when adding additional DNS servers to a Designate pool.
Octavia Amphora-based load balancers now support using SR-IOV Virtual Functions (VF) for the load balancer VIP ports. This can significantly reduce latency for traffic flowing through the load balancer, delivering a notable improvement for high-traffic and performance-sensitive deployments.
With respect to user experience (UX), performance enhancements in Caracal include upgrades in Ironic and Manila. Ironic will now reserve a small number of worker threads for user-interactive API usage. Previously, an overloaded Ironic cluster could fail API calls if many nodes performed provisioning actions at the same time. In Manila, users can now specify a custom export location for their shares, making mount paths predictable. Also, shares created using the CEPHFS protocol in Manila will now feature the backing filesystem name in the share metadata, making it easier to mount shares.
Security
Security enhancements are a common theme in many OpenStack Caracal components. Highlights include:
Role-based access control (RBAC) progress in services like Ironic, Keystone, Kolla, and Magnum reflect an ongoing OpenStack-wide goal to improve overall security and flexibility of the platform.
Horizon and all Horizon plugins now support the Node.js 20 version of Node.js. In addition, Horizon now uses Django 4.2 as default and has dropped Django 3.2 support.
In Manila, administrators are now able to configure metadata options that can only be manipulated by more privileged users through a new config option.
Nova console session timeouts are a security improvement oft-requested by users. In Caracal, a new configuration option provides the ability to automatically close a server console session when the token expires.
Continuous Adaptation
OpenStack Caracal showcases several ways the community continues to adapt the software to stay up-to-date with the latest use-case trends and the best available hardware and software. For example:
As mentioned above, Caracal includes the latest version support for Django and Node.js.
Cloudkitty has added support for two new storage backends—OpenSearch and InfluxDB.
OpenSearch log retention has been enabled in Kolla.
In Cinder, new driver features were added, notably, Fujitsu ETERNUS DX expand volume on RAID group, Pure Storage synchronous replication, NetApp iSCSI LUN space allocation, and Dell PowerFlex Active-Active support.
Simplification of OpenStack Upgrades
OpenStack Caracal is a SLURP release, and the first release where operators can leap from the previous two releases, Antelope and Bobcat, through skip-level upgrades, a feature within the new release cadence designed to ease the demands upon operators to upgrade every six months. Deployments are now able to opt into a once-a-year upgrade cycle, upgrading with every Skip Level Upgrade Release Process or “SLURP” release. “Not-SLURP” releases are available in each six-month interim for those who wish to upgrade more frequently.
***The OpenStack Caracal release is available for download.***
***For a more detailed list of Caracal release features, please see the release notes.**
“Currently, the big drivers of OpenStack demand are AI workloads and VMware users looking for alternative virtualization solutions, and the Caracal release includes improvements that will help in both of those areas,” said Thierry Carrez, general manager of the OpenInfra Foundation. “For example, in Nova we see enablement of vGPU migration, a critical feature to support AI and high-performance workloads, while in other components you’ll see several user experience improvements that will make OpenStack more intuitive to use for users new to cloud infrastructure. Beyond that, you’ll see in Caracal that the OpenStack community is still very active in enhancing security, performance, reliability, and addressing the type of housekeeping and QA work that continues to make OpenStack the open source cloud platform of choice.”