Last week, the news was about OpenStack, by way of the first commercial rendition of the open source cloud operating system from a new firm called Piston Cloud. Having emerged from a NASA project, it’s easy for OpenStack to steal the spotlight.
This week, the latest rendition of a slightly older project is being released, and it too has a commercial rendition. It’s version 3.0 of OpenNebula (not to be confused with the NASA Nebula project based on what’s now called OpenStack), and its origin is in the laboratory as well – in this case, since 2009 at Switzerland-based physics lab CERN.
Unlike OpenStack – whose philosophy, its leader told us, is to use as few tools independent of the client’s existing environment as possible – OpenNebula (often shortened to “ONE”) uses a reasonably rich set of dedicated tools, including a command line environment and a browser-based UI called SunStone. But like its competitor, OpenNebula’s goal is to offer a hypervisor-agnostic platform for data centers to pool together whatever assets they have, with whatever assets they may eventually have.
“OpenNebula is an open-source project aimed at developing a production-ready cloud management tool for building any type of Cloud deployment, either in scientific or in business environments,” reads the development group’s Web site. “OpenNebula releases are tested to assess its scalability and robustness in large scale VM deployments, and under stress conditions… Because two datacenters are not the same, OpenNebula offers a open, flexible and extensible architecture, interfaces and components that fit into any existing data center; and enable its integration with any product and service in the Cloud and virtualization ecosystem, and management tool in the datacenter. OpenNebula is a framework, you can replace and adapt any component to efficiently work in any environment.”
One of the more notable additions to version 3.0 – one which may be familiar to admins of general-purpose operating systems – is access control lists (ACLs). In ONE, this is a fairly uncomplicated system: Individual users have ID definitions, and such definitions may be combined into any number of groups. Using the command-line tool, the admin invokes the new oneacl
command to create an instruction line in its entirety, encased in quotation marks, and appended to the ACL. That instruction may grant a user or group express permission to use, create, delete, or manage (among other operations) a resource such as a VM or a host. The operation being granted and the class of resource are each represented by single letters. So there’s no tricks here.
“For instance, using ACL rules you could create a group of users that can see and use existing virtual resources, but not create any new ones,” reads the version 3.0 documentation. “Or grant permissions to a specific user to manage Virtual Networks for some of the existing groups, but not to perform any other operation in your cloud.”
Up until version 2.2, OpenNebula supported VMware Server, VMware ESX, KVM, and Xen hypervisors. The new release adds support for Oracle’s VirtualBox (acquired from Sun) and Microsoft’s Hyper-V. Upon hearing the news last week, Microsoft’s open systems general manager Sandy Gupta heaped praise on the project: “Given the highly heterogeneous environments in today’s data centers and clouds, we are seeing enablement of various Linux distributions including SUSE, CentOS, Red Hat, and CS2C on Windows Server Hyper-V, as well as emerging open source cloud projects like OpenStack – and now OpenNebula.”