The OpenStack Diablo release adds a distributed cloud scheduler, a high-availability network mode, and support for a new authentication service known as OpenStack Identity Management (also known as Project Keystone). It also includes updates for the three existing OpenStack core components: Compute (Nova), Object Storage (Swift), and disk image storage (Glance).

Jonathan Bryce, chairman of the OpenStack project policy board and cofounder of Rackspace Cloud, said that this was a major update for the project. Other highlights of the release were around networking components, scalability of the system, and usability enhancements.

Primary among those usability enhancements is the new dashboard. Devin Carlen, founder and vice president of engineering at OpenStack distributor Nebula, was also a leader of the dashboard creation effort for the Diablo release. “Essentially, it is a project that allows you to go in and manage your virtualized infrastructure, manage objects in the object store, and manage block volumes and IP addresses,” he said of the new Web-based administration dashboard.

“Systems administrators can go in and see info about usage, and about the cloud deployment, as well as user and tenant management, and perform basic network and security isolation. We’ve been focused on adding features during Diablo, and planning on really polishing and focusing on the user experience and making sure it’s a world-class quality of product. It integrates with Glance, Swift, Nova and with the newly incubated Quantum network-as-a-service project. It also includes support for the new keystone project for authentication.”

As incubator projects, both Quantum and Keystone are still being developed, with stable public releases planned to coincide with the Essex release of OpenStack next spring. Of project Keystone, Bryce said, “We didn’t want to go write a new replacement for LDAP. We wanted to fill in the gap between existing authentication systems and what you need in a cloud infrastructure.

“There are concepts around multi-tenancy and around API calls that the ID management service layers on top of existing authentication systems. You can build your back end with something like Active Directory, and rather than set up new credentials for everyone, you enable it in your OpenStack cloud. You can set up quotas and limits.”

Project Quantum, said Bryce, is a network management system designed to function with or without OpenStack. “We kicked off a few different projects for doing more advanced networking, Quantum being one of the ones that is farthest along. It’s a layer-two networking management system, meant to control virtualized networks, but also meant to control network devices. It will allow you to control things like quality-of-service rules to set up network segmentation, and to take control of the network and use it beyond just some virtual networking for some compute nodes,” he said.

He added that Quantum can be used without a cloud environment, and it offers some powerful network management capabilities useful for any type of data center.