CloudStack Deep Dive

Apache CloudStack Release – Deep Dive

Apache CloudStack is the latest maintenance release as part of the LTS 4.16.x releases. It contains more than 150 fixes and improvements since the release. In this article, Suresh Kumar Anaparti, release manager of is reviewing some of the most notable fixes and improvements in the release. Continue reading to learn more what you can get out of the new release.

System VM Template Improvements

The System VM template is updated from Debian v11 to Debian v11.2. The operator is able to update the letsencrypt certificate in the System VMs, and also can update the old systemvm templates. The automatic fallback to the older System VM template is introduced, when there is no change in the template across different release versions.

More on the topic:

CloudStack Kubernetes Service (CKS) enhancements

CKS plugin now removes the docker dependency and uses containerd as its container runtime. The containerd can be configured with private image repository as well. In addition, the CKS user is changed to ‘cloud’ from ‘core’.

The UI shows the details to access the CKS nodes, in a new tab ‘K8s Access’.

Several Hypervisor (VMware, KVM, XenServer) Fixes and Improvements


The new release adds support for VMware versions 7.0u2 and 7.0u3. It supports the upload template from local with VM settings from OVA and appliances deployment with missing default values on some properties, with the improved OVF parsing.

Other improvements include NIC hot plugging for isolated networks, the root disk controller type modification for a stopped VM, volume file search on a datastore for computing the VM snapshot chain size.


The direct download templates are now supported with IPv6 host address. This release improved the fetching of CPU max frequency, and the volume migrations on Dell EMC PowerFlex storage by randomizing the hosts. It also fixes the volumes disconnection issue in manages storages on migrate or stop VM.


This release improved the NFS image store mount using the version configured in the setting ‘secstorage.nfs.version’. It syncs the CPU cores per socket in the ‘platform’ and ‘cpu.corespersocket’ VM details. The UI doesn’t show shrink disk option for a volume now.

UI Fixes and Improvements

The new UI now has a button to clear all the notifications, and also provides a footer text option on the login screen. It ensures the async jobs can be executed in parallel safely, and cancels the job pollings of all the async jobs on logout.

The zone wizard in the UI now facilitates addition of multiple physical networks and S3 provider for secondary storage. It improved the VM deployment in a basic zone, eases the deployment from the template / iso / network pages by populating these parameters, and also allows volumes selection when destroying list of VMs. In addition, it provisions domain admin to configure subdomain limits.

Other fixes and improvements include fixes for Tariff Label information, Networks Selection for a Deploy-as-is Template NIC, Network Offering addition for VPC, Isolated/L2 Network creation form, Domain /Account Selection for New User, Domains Switching with SAML User, Get diagnostics data files field, Missing parameters in BareMetal host addition, Pod/Cluster Selection on host addition, SSH keypair navigation, Accounts navigation from Domain view, Storage / Host tags display, VM read-only details filtering and update the template with more options

First Install and Onboarding Message

The users/operators are guided with help text when they install or upgrade CloudStack. Some help text is shown on the UI onboarding page as well.

Database Structure Improvements

This improvement adds the missing primary keys for some of the tables on the ‘cloud’ and ‘cloud_usage’ schema in the CloudStack database. This enables better MySQL performance and replication.

Log4j to Reload4j Migration

The current log4j 1.x used for logging in CloudStack is migrated to reload4j v1.2.18.0, which is a fork of log4j 1.x. There is no functional change in logging or log configuration.

Several Security Fixes Addressing Multiple CVEs

The dependency libraries, commons-compress, bouncycastle, jetty are upgraded to address multiple CVEs.

With users can find a more stable release, with many improvements which offer improved stability for the entire platform. Security issues in Log4j have been well addressed, CloudStack Kubernetes Service has been improved, the UI is more polished and focused on user experience in addition to general improvements in the virtualization and storage layer.

Release Notes: The release notes, that includes a full list of issues fixed, as well as upgrade instructions from previous versions of Apache CloudStack can be found at:

GitHub: This GitHub milestone and project for this release can be located here:


Related Posts:

Apache CloudStack enables existing VMware users and gives an easy way for service providers to migrate to a fully open-source solution and eliminate vendor dependency.