Auto Enable / Disable KVM Hosts | CloudStack Feature First Look

Introduction This feature introduces the capability to automatically disable KVM hosts when a customizable health check fails, and automatically re-enable them when the health check subsequently succeeds. This ensures that existing Hosts remain stable and operational, and new Instances will not be deployed on disabled Hosts (existing Instances running on disabled or auto-disabled hosts are not affected). This feature is particularly beneficial in scenarios where maintaining the health of a large number of Hosts is crucial. For instance, in a data centre with numerous Instances spread across multiple Hosts, this feature can help administrators by automatically isolating Hosts that are […]

CloudStack VMware environment Migration from vSwitch to dvSwitch | CloudStack Feature First Look

Introduction The networking in VMware environments is managed by either standard virtual switches (vSwitch) or distributed virtual switches (dvSwitch). These switches handle the traffic between Instances and the Physical Network. A standard vSwitch needs to be created per-Host, which means that each time a Host is added to a VMware Cluster, a standard vSwitch must be created with the same name on each Host. Whenever CloudStack creates a port group within a standard vSwitch, the port group is created on each individual ESXi Host within the cluster. On the other hand, dvSwitches, which are more sophisticated, do not operate at […]

Customising Source NAT Address for Networks I CloudStack Feature First Look

Introduction While managing a cloud infrastructure, it is sometimes necessary to make changes in network ranges or the reassign IP addresses to routers. Previously, all network addresses were changeable except for the Source NAT (Network Address Translation) address of a Virtual Private Cloud (VPC) or an Isolated Network. However, with Apache CloudStack 4.19, this will be possible. Feature Description In CloudStack 4.19, an extension has been implemented that enhances the functionality of the APIs (Application Programming Interfaces) for creating or updating networks and VPCs. The APIs `createNetwork`, `createVPC`, `updateNetwork`, and `updateVPC` have now been supplemented with a new parameter, `sourcenatipaddress`. […]

Host Control Plane Status I CloudStack Feature First Look

Introduction Diving into the ever-evolving world of Apache CloudStack, it is undeniable that its continuous enhancement has led it to become an influential infrastructure management platform. The recent feature addition, ‘Host Control Plane Status’, further refines this powerful tool by extending the hypervisor host control state in the listing of Virtual Machines / VMs (ie. user Instances, Virtual Routers, and System VMs). Specifically, it permits users to evaluate the feasibility of VM lifecycle actions like start / stop / restart / migrate, and to cross-verify the accuracy of VM metrics. Host State and Resource State Each Host in the Apache […]

Visual Resource Metrics I CloudStack Feature First Look

Introduction Viewing historical resource consumption data helps cloud users and operators to easily identify bottlenecks or the over-provision of resources, allowing resource owners to estimate and analyse performance. CloudStack already allows for retrieval of metrics data for various resources (eg. Zones, Hosts) and for Instances and their Volumes, but does not display the data in a simple graph. This improvement expands the available historical metrics data to include user Instances, system VMs and Volumes. Furthermore, a Metrics tab has been added for each of these resources where users can see the data in multiple, interactive graphs. With this improvement, cloud […]

Two-factor Authentication in Apache CloudStack l CloudStack Feature First Look

Introduction Two-Factor Authentication (2FA) is an authentication method where a user is authorised to login into a system only after successfully presenting two pieces of data, or factors. Something that the user knows plus something which the user possesses. Apache CloudStack 4.18 introduces a 2FA framework designed to bolster security when users access the platform. This feature can be enabled globally, by Domain, or for specific users, allowing operators to apply compliance policies for CloudStack access. The framework is also designed to be easily expandable, making it simple to incorporate additional 2FA methods in the future that align with security […]

Adaptive Affinity Groups l CloudStack Feature First Look

  In Apache CloudStack, Host Affinity and Host Anti-Affinity refer to the ability to deterministically ensure that a set of Instances run on the same or diverse hypervisor hosts in order to meet specific workload needs. How Affinity Groups Worked Previously Before Apache CloudStack 4.18 there were two types of Affinity Groups: Host Affinity and Host Anti-affinity.   • Host Affinity Host Affinity Groups allow users to specify that a set of Instances should always run on the same hypervisor host. This ensures minimum latency and maximum bandwidth between Instances as there’s no need for the network traffic to leave […]

Secure KVM VNC Connections l CloudStack Feature First Look

Introduction In a previous blog post (https://www.shapeblue.com/api-driven-console-access/) we described the latest improvements around VNC console access in CloudStack 4.18. These improvements included switching it to an API-driven approach, and introduced a way to secure WebSocket traffic between the CPVM and end-users, whilst the traffic between the CPVM and hosts remained decrypted. This blog post explains how we can also secure the traffic between the CPVM and KVM hosts, allowing complete security around the Instance console access. This feature is only supported by the KVM hypervisor at this time. Secure VNC access This feature allows securing Instance console access through CloudStack […]

API-driven Console Access l CloudStack Feature First Look

Introduction: The Apache CloudStack Console Proxy (CPVM) is a type of system virtual machine that presents an Instance’s console view via the web UI (connecting to the VNC port made available through the hypervisor). Both the admin and end-user web UIs offer a console connection. To provide access to the Instances console service, the CPVM has the following characteristics: • An HTTP server listens to incoming requests from browsers. • A TCP client to connect to the Instance’s VNC port when requested. The CPVM provides a proxy between the user’s browser and the Instance’s console, allowing interaction with the user’s […]

CloudStack Managed User Data l CloudStack Feature First Look

Introduction When launching a new Instance on Apache CloudStack, users can set a UserData script to be executed by cloud-init during the boot process. The ‘CloudStack Managed UserData’ feature extends this functionality allowing one to automate the installation of packages, update the instance’s OS, and configure applications during instance deployment. Introduced in Apache CloudStack 4.18, Managed UserData enables users to register and manage their own UserData script(s) as a CloudStack resource. It can be associated with a CloudStack Template/ISO, or when a new Instance is being deployed. Managed UserData This new feature makes the following operations available via API or […]