OpenStack Mitaka Aimed at Simplifying Cloud Operations

darthcamaro writes: The 13th release of OpenStack, codenamed Mitaka is now generally available with updates across all major projects. Among the biggest new capabilities in OpenStack Mitaka however isn't a new project or a new feature in a single existing project, but rather the official debut of the OpenStack Client, which creates for the first time a unified command line interface to control the cloud.

According to eWEEK: "The OpenStack client is a command line client that unifies access across all the main projects," Jonathan Bryce, executive director of the OpenStack Foundation, told eWEEK. So if an administrator wants to create a user, a block storage device or a virtual server, or attach to a network, all those functions are now enabled in the single tool that is the OpenStack client. The OpenStack client provides a standardized set of commands, whereas previously, each project had its own command line client, Bryce said. He added that the OpenStack client can be run locally or in the cloud, and can be configured to control multiple OpenStack clouds.

Should help efficiency.

Hackers were getting frustrated having to find security vulnerabilities in multiple clients and creating similar exploits again and again. This tool should greatly streamline the process, finding a single hole and exploiting it rapidly across multiple platforms.

Security?

[VernonNemitz]

This almost sounds like an invitation for hackers to seek a security hole such that one instance of the client can control the entire cloud of OpenStack implementations....

Re: Security?

But, it's OpenStack!

Open source stuff is bug and exploit free. A slashdotter told me long ago.

Re:Security?

Just like they currently love to target hyper visors...

Re:Security?

You don't need a hacker to do anything. Keystone briefly loses MySQL connectivity, takes a crap, and now all objects, compute notes are now failing and your entire OpenStack installation is SOL.

Of course, OpenStack can't implement things which are needed by real people. Wake me up when they are able to get comparable functionality to vMotion, HA, fault tolerance, or just adding disks/RAM to an image without having to kill the VM and spin up a new one from an image.

Re: Security?

Openstack is not an answer to all tour computing needs. It's paradigm in terms of sever management is disposability and short term leases. Reproduce and scale quickly/cheaply. What you are asking for is not an aim. Openstack can control all types of hypervisors, and enjoy the benefits of their particular platform, but this will cost you.

Speed, Quality, Cheap, pick two.

Re: Security?

[Junta]

That sensibility is fine I suppose, but the problem is that the project has not been so restrained when it comes to how it is evangelized.

Years ago I saw a virtualization management software team pretty much get disbanded, because some high level engineer told executives that Openstack was utterly share nothing, resilient, stable, easy to use, and equipped to do everything an enterprise virtualization user would possibly want, so developing software geared toward enterprise virtualization management was a lost game.

Around the same time, an organization doing *nothing* cloud related or even virtualization related was directed to rebase all their efforts on Openstack, because leadership was told that OpenStack was already the way *everybody* did everything with Linux. That group lost about 6 months of time to first figuring out it wouldn't be so easy, that it really wouldn't work at all, and finally convincing their leadership that Openstack was, in fact, *not* covering everything.

I don't know how it turned out, but I also was in the early stages of a very large customer datacenter revamp. They had thousands of systems largely running vmware. Their executive said 'we will move to 100% openstack within the year'. Turned out they had made this decision based solely on write ups and never actually used the software. This was about the time I moved on to another company, so I didn't see how that turned out. Keep in mind that was about 3 years ago.

I'll also say that not providing those functions when the lower level software does provide it isn't exactly a virtue. I understand how an implementation may make certain storage and networking decisions that would make it a bad idea to provide the features, but for the higher layer software to not even give a choice... it's dubious. Also early on the word 'share nothing' was flung along a lot, with 'oh, except for the MySQL database, but someone will probably rearchitect that'.

The way OpenStack evangelizes itself has caused unfortunate side effects in a lot of areas, sucking up all the attention for something that is much narrower in scope than people will talk about it. I will say that fortunately, the buzz around Openstack has seemingly settled down a great deal, but I do not like the damage it caused on the way.

Re:Security?

If you understood how Openstack requests worked, you wouldn't have made this post.

First, in order to issue requests to any service, you have to authenticate and get a token. Once authenticated, you can only act within the role granted to you by the operator. Having a single CLI for any particular cloud operation isn't a crazy idea - granting all users the ability to do anything with said client is crazy and fortunately is not how it is implemented.

captcha: anarchy

Re: Security?

It sounds like the damage was not caused by Openstack, but people making reckless decisions with incomplete information.

Re:Security?

Tell this to Rackspace, I'm sure they'd like to know how their entire business relies on software that doesn't work.

Or, maybe your Openstack team doesn't know what it's doing.

Re:Security?

[Gizzmonic]

Of course, OpenStack can't implement things which are needed by real people. Wake me up when they are able to get comparable functionality to vMotion, HA, fault tolerance, or just adding disks/RAM to an image without having to kill the VM and spin up a new one from an image.

FUD. OpenStack is not a hypervisor, it's an omnibus cloud application suite. There are at least 2 nova-compute compatible hypervisors that can "vmotion" (which is snapshotting RAM and storage to a network block device). If you can't figure out how to do "HA" and "fault tolerance" with MySQL then by all means, keep transferring your entire bank account to VMWare.

All in all, your rant makes about as much sense as someone complaining that Microsoft Office can't do spreadsheets.

Re: Security?

[Zeromous]

>I don't know how it turned out, but I also was in the early stages of a very large customer datacenter revamp. They had thousands of systems largely running vmware. Their executive said 'we will move to 100% openstack within the year'. Turned out they had made this decision based solely on write ups and never actually used the software

I am AC. I am experiencing this right now...... this doesn't change the fact that we can mostly do it, but requires a complete change from how business is used to doing things. Management Groking what openstack actually means for the business is the first step to peace, and frankly we will prevail in that regard.

That said the OP i replied to ought to stop whining and look at all the solutions there are for these new sets of 'problems'

Re: Security?

[Zeromous]

Its okay to be angry at the sales(wo)man/pitch but you are exactly right.

Re: Security?

[Junta]

This is of course true, but a lot of the OpenStack community were pretty content to let misrepresentation in their favor run rampant, until folks started screwing themselves by listening to the hype.

Re: Security?

[Junta]

requires a complete change from how business is used to doing things

The question being for a lot of organizations is what the upside will *really* be. Yes, if you redo a lot of your work, many things can work in that architecture. Not all things really work that well. But at the end, how do you end up better than before? Is it faster deployment of workload, lower staff cost to service requests? Could an alternative strategy have delivered the benefit in a way more compatible with the way your business works today? Will the imagined benefit really materialize given the wider context of your particular organization? It's a complicated set of questions that I worry is not considered carefully enough by most adopters.

Things like docker are easy enough to add on to infrastructure non-disruptively, a sort of technology that can be deployed without being too demanding about urgent changes to how the business works. If it gets ignored, oh well, no harm done. If it gets sunset, again no big deal for those who weren't using it. Openstack is a bit more disruptive and demanding and so warrants a bit more careful approach, and looks much uglier if the transition does not work out and requires a fair effort to backtrack..

OpenStack command line is for LUDDITES.

Modern app appers use AppenApp, which uses an App user apperface!

Apps!

Doubtful...

[Junta]

I would expect it to be more about a single utility frontending the same apis.

My bigger concern would be whether this meaningfully simplifies things, or, as is more common, is just a prefix word making commands more verbose without much benefit.

dimothy

[edittard]

If you're going to put a comma after "OpenStack" you should also put one after "Mitaka".

A day late and a ...

AWS has provided a single cli tool for how long? I'm asking because I've never experienced AWS any other way.

OpenManagement

So OpenStack is basically a management layer then?