The next major release of the open source OpenStack cloud platform, code named ‘Grizzly’ is nearing release. By the end of this week, all the core projects within OpenStack should be at the Release Candidate (RC) 1 stage.
Currently the Glance (image store), Swift, Cinder (storage), Horizon (dashboard) and Quantum(networking) projects all have their respective RC1
releases publicly available.
What’s still missing are the Keystone (identity) and the big one – Nova(compute).
The RC1s for Keystone and Nova are currently expected by the end of this week.
The way the review system should work is that unless issues are found in the respective RC1 releases, the RC1 will be formally announced as OpenStack 2013.1 final on April 4th.
So yeah, it’s close!
The biggest thing for me (at the high-level) that will be part of the Grizzly release is actually the removal of what I personally see as the biggest security risk in all previous iterations of OpenStack. In Nova the volume code has now been entirely removed. That volume code allowed Nova to have direct database access, which is a bug I wrote about in February.
“If an attacker successfully exploits a flaw in the hypervisor (as have been found in KVM and XEN in the past), the attacker can easily tamper with the MySQL database, wreaking havoc on the OpenStack Cloud.”bug #823000 warns.
All fixed in Grizzly!
Sean Michael Kerner is a senior editor at InternetNews.com, the news service of the IT Business Edge Network, the network for technology professionals Follow him on Twitter @TechJournalist.
