How OpenStack Dalmatian's features came to life

The OpenInfra Foundation has collaborated with the OpenStack community to highlight some of the prominent features of the Dalmatian release; more cycle highlights can be found here. 

Support of AI & HPC Workloads 

Dalmatian advances OpenStack’s support of AI and HPC workloads. For example:

• Blazar introduced support for reserving compute instances based on existing Nova flavors. This can be used to provide reservation of GPU instances.
• In Nova, with the libvirt driver and libvirt version 7.3.0 or newer, mediated devices for vGPUs are now persisted across reboots of a compute host. This offers more convenience and efficiency improvements for users of hardware accelerators, many of whom currently may be training AI systems.

Security

Security enhancements are a common theme in many OpenStack Dalmatian components. Highlights include the following: 

• Ironic has enhanced multiple security aspects. For example, it now requires rescue passwords to be hashed, it has reduced the logged nodes information during the cleaning phase to avoid showing sensitive data, and it has hardened the communication between the Ironic services and the Ironic agent requiring an HTTPS URL by default. In addition, Ironic now allows users to perform firmware updates on active nodes with the firmware interface, using the redfish driver firmware update feature as a service step. This can be used to facilitate applying firmware security patches.
• Neutron has added manager role support to its APIs, meeting the next phase of the Secure RBAC community goals.
• Nova now automatically detects virtual Trusted Platform Module (vTPM) support for compute services if libvirt version is above 8.0.0 and if swtpm is installed on the node. It will also automatically get the TPM models that are supported. In addition, Nova users can now require Transport Layer Security (TLS) connections for SPICE consoles. 

User Interface Enhancements

OpenStack Dalmatian showcases several ways the community continues to adapt the software to enhance usability. These features are key for organizations who are migrating from VMware to OpenStack. 

For example: 

• Skyline, a next generation dashboard with a modernized web UI, is now fully supported as part of the official OpenStack release. Previously released as a technology preview, Skyline is now production ready and has added new functionality in Dalmatian including support for Masakari, Designate and FWaaS, as well as several translations. 
• Ironic has added runbooks, a new API concept to enable self-service of maintenance items on nodes by project members. Runbooks are curated lists of steps that can be run on nodes only associated via traits and used in lieu of an explicit list of steps for manual cleaning or servicing. They also follow RBAC rules, allowing projects to limit who can maintain and use a runbook.
• Manila: Users now have the ability to manipulate storage capabilities through shared metadata. Cloud operators can determine which capabilities are updatable, and users are then notified about the status of the updates through asynchronous user messages.

Simplification of OpenStack Upgrades

In 2022, the OpenStack community adopted a once-a-year SLURP release cadence designed to ease the demands upon operators to upgrade every six months. OpenStack Dalmatian is a “not-SLURP release,” which means it is offered in the six-month interim of annual SLURP releases expressly for those who wish to upgrade more frequently. Organizations will then have the opportunity to return to the SLURP release cadence by upgrading to OpenStack 2025.1 ‘Epoxy.’

 Contributor List

Thank you to the nearly 500 contributors who contributed to the OpenStack Dalmatian release.