53 new things to look for in OpenStack Ocata

With a shortened development cycle, you’d think we’d have trouble finding 53 new features of interest in OpenStack Ocata, but with so many projects (more than 60!) under the Big Tent, we actually had a little bit of trouble narrowing things down. We did a live webinar talking about 157 new features, but here’s our standard 53. (Thanks to the PTLs who helped us out with weeding it down from the full release notes!)

Nova (OpenStack Compute Service)

1. VM placement changes: The Nova filter scheduler will now use the Placement API to filter compute nodes based on CPU/RAM/Disk capacity.
2. High availability: Nova now uses Cells v2 for all deployments; currently implemented as single cells, the next release, Pike, will support multi-cell clouds.
3. Neutron is now the default networking option.
4. Upgrade capabilities: Use the new ‘nova-status upgrade check’ CLI command to see what’s required to upgrade to Ocata.

Keystone (OpenStack Identity Service)

5. Per-user Multi-Factor-Auth rules (MFA rules): You can now specify multiple forms of authentication before Keystone will issue a token.  For example, some users might just need a password, while others might have to provide a time-based one time password and an additional form of authentication.
6. Auto-provisioning for federated identity: When a user logs into a federated system, Keystone will dynamically create that user a role; previously, the user had to log into that system independently, which was confusing to users.
7. Validate an expired token: Finally, no more failures due to long-running operations such as uploading a snapshot. Each project can specify whether it will accept expired tokens, and just HOW expired those tokens can be.

Swift (OpenStack Object Storage)