Apache CloudStack 4.20 introduces exciting new features and enhancements, marking another milestone in cloud infrastructure management. As an LTS (Long Term Support) release, it will be maintained for 18 months, providing long-term stability and support to CloudStack deployments.

Below is a summary of the major new features introduced in this version:

ARM64 Support and Multi-Architecture Zones

Adds ARM64 support, enabling deployment across ARM64 and x86_64 Hosts in the same Zone, optimizing workload performance.

Shared File Systems

Introduces a Shared File System feature for Instances, supporting NFS with XFS or EXT4, simplifying high-availability storage.

VMware NSX-T Support

Integrates with NSX-T v4, enabling advanced network features like dynamic routing and security services in VMware environments.

Usage Management UI

New graphical interface for tracking, reporting, and managing usage data, improving resource utilization and transparency.

CloudStack Webhooks

Adds a Webhook Framework for real-time notifications and integration with third-party tools based on system events.

Implicit Hardware-Based Host Tags

Automatically tags Hosts based on hardware specifications, optimizing resource allocation for KVM Hosts.

NAS Backup and Recovery Plugin

Extends backup options to support NAS-based storage for better cloud resource protection.

CEPH RGW Plugin for Object Storage

Adds CEPH RGW to the Object Storage Framework, offering scalable storage for unstructured data.

Granular Resource Limits

It allows Administrators to set precise Compute and Storage limits, managing specialized resources like GPU Servers, ARM/x86 Hosts, and different Primary Storage types.

Dynamic & Static Routing

Supports BGP-based dynamic routing and IPv4/IPv6 static routing, eliminating NAT overhead and providing efficient traffic management.

Security Groups for Shared Networks in Advanced Zones

Enables Security Groups in Shared Networks, providing Instance-level security in Advanced Zones that wasn’t previously supported.

 

These new features in Apache CloudStack 4.20 make the platform even more robust and flexible, delivering advanced capabilities to meet the demands of modern cloud environments. Now, let’s delve deeper into each feature to understand the enhancements introduced in this release.

 

ARM64 Support and Multi-Architecture Zones

Apache CloudStack 4.20 introduces full support for ARM64 architecture, providing Users with the flexibility to deploy Instances across both ARM64 and traditional x86_64 systems. This feature enables the use of ARM64 and x86_64 hosts within the same Zone, but each cluster must maintain a homogeneous CPU architecture.

ARM64 has gained popularity for its power efficiency and cost-effectiveness, especially in scenarios like mobile backend services, cloud-native applications, and large-scale compute environments where ARM architecture provides tangible benefits in terms of reduced power consumption and lower operational costs. With CloudStack 4.20, Administrators can now take advantage of these benefits by creating Zones that support both ARM64 and x86_64 Clusters, allowing workloads to be strategically allocated based on specific requirements.

The architecture can be explicitly defined when creating Templates, ISOs, or Kubernetes ISOs, ensuring that each resource is compatible with the underlying hardware. Additionally, when deploying Instances or Kubernetes Clusters, CloudStack automatically ensures that the right architecture is selected, matching them with the appropriate Host hardware.

 

 

 

Shared Filesystem

Apache CloudStack 4.20 introduces the Shared Filesystem feature, which allows multiple Instances in the same Network to access the same NAS file system simultaneously. This functionality brings CloudStack in line with similar offerings from other cloud providers, such as AWS’s Elastic File System (EFS), providing a flexible, scalable solution for applications that require shared data access across multiple Instances.

The Shared Filesystem feature is particularly useful in scenarios where data consistency and accessibility are critical. High-availability clusters, distributed applications, and services requiring shared file storage, such as webservers, media servers, database clusters, and containerized workloads, can greatly benefit from this functionality. By centralizing the storage in a single shared filesystem, multiple Instances can access and modify the same data in real time without the need for complex data replication or synchronization mechanisms.

The initial implementation of the Shared Filesystem feature supports NFS (Network File System), with the use of XFS or EXT4 as the file system. NFS is a widely adopted protocol for sharing files across a network, and its integration with CloudStack ensures broad compatibility and reliability for enterprise-level deployments. Users can configure shared file systems directly within CloudStack, managing file shares through the CloudStack UI and API.

This feature simplifies storage architectures by eliminating the need for redundant data stores for applications that require shared data access. It reduces the complexity of managing distributed data systems and improves the efficiency of shared access to large datasets, media content, or application logs. Additionally, CloudStack’s Shared Filesystem is designed to scale up, enabling users to expand Disk and Compute Offerings as needed to accommodate increasing demands as their cloud environments grow.

 

Support for VMware NSX

Apache CloudStack 4.20 enhances its networking capabilities by integrating support for VMware NSX-T v4, a powerful network virtualization platform specifically designed for VMware vSphere environments. This feature allows CloudStack Users to leverage NSX-T’s advanced networking functions, such as dynamic routing, micro-segmentation, load balancing, and enhanced network security.

NSX-T allows CloudStack to provide comprehensive network services, including dynamic routing protocols like BGP, firewall rules, and NAT (Network Address Translation). Micro-segmentation, enabled through NSX-T, allows Administrators to control east-west traffic between Instances with precision, enhancing security by isolating workloads and reducing the risk of lateral movement of threats within the network.

A major advantage of NSX-T integration is that it allows CloudStack to offload critical network functions—such as routing, firewalling, and load balancing—from CloudStack’s Virtual Routers to NSX-T. NSX-T integration continue using CloudStack’s Virtual Routers to delivery services such as DHCP server, DNS and user-data for automation based on cloud-init. This improves performance and scalability, allowing NSX-T to manage network traffic more efficiently. With NSX-T’s distributed architecture, CloudStack can handle network traffic more seamlessly, particularly in large-scale deployments.

The management traffic must be kept outside of NSX-T, using a separate VLAN as usual, along with a dedicated Public IP Address range for CloudStack’s Virtual Routers and System VMs. In summary, the VMware NSX-T Support introduced in CloudStack 4.20 brings enterprise-grade networking capabilities to CloudStack environments based on the VMware vSphere hypervisor.

 

Usage Management UI

CloudStack 4.20 introduces a new Usage Management UI, making it easier for Administrators to track, view, and manage resource consumption across cloud environments. This feature provides detailed insights into the usage of cloud resources per Account and Domain basis, simplifying the process of monitoring resource utilization. Administrators can now search, filter, and export usage data directly through the CloudStack UI, streamlining billing and reporting tasks. This new UI replaces the previously manual process of retrieving usage data via APIs or command-line tools, significantly enhancing usability.

Additionally, the Usage Management UI enables Administrators to purge old usage data, improving database performance by removing outdated records. By providing better visibility into historical usage patterns, this feature helps operators optimize resource allocation, reduce waste, and control costs more effectively.

 

CloudStack Webhooks

CloudStack 4.20 introduces Webhook support, allowing Users to configure real-time notifications and interactions with external systems when specific cloud events occur. Webhooks can be triggered by various predefined events, such as Instance state changes (start, stop, reboot), user login, resource creation, resource scaling, or backup completion. When triggered, webhooks send HTTP POST requests to external endpoints, enabling integration with external systems and services in real time.

Users can create and manage webhooks through the CloudStack UI or API, defining the events that will trigger the webhook. This functionality is valuable for integrating CloudStack with external monitoring tools, automation platforms, or notification services. For example, when an Instance scales up, a webhook could notify a monitoring system, trigger a capacity adjustment, or alert relevant teams.

Webhooks provide a mechanism for external systems to stay informed and react to cloud events, making CloudStack environments more adaptable and ensuring that external tools and services receive timely updates on important cloud operations.

 

Implicit Hardware-Based Host Tags

Starting with Apache CloudStack 4.20, Implicit Host Tags allow CloudStack Administrators to automatically assign tags to KVM Hosts based on their server configurations. This is an enhancement over earlier versions, where tags could only be set manually via the CloudStack API or UI. With implicit host tagging, the tags are generated dynamically based on hardware and software attributes such as CPU architecture, network card type and speed, hard disk type, GPU model, and OS distribution and version.

To enable implicit host tagging, Administrators need to modify the KVM host configuration by adding the relevant tags to the /etc/cloudstack/agent/agent.properties file and then restarting the CloudStack agent. This process allows CloudStack to automatically recognize the Host’s capabilities and assign appropriate tags. Additionally, implicit tags can be managed using automation tools like Chef, Ansible, or Puppet, further simplifying the process for large-scale environments.

It’s important to note that Implicit Host Tags are only supported on KVM hosts and are not managed through the CloudStack API. Moreover, they are not compatible with flexible host tags, which are manually assigned explicit tags. However, both explicit and implicit tags function similarly in terms of Instance deployment and migration, ensuring proper workload allocation based on Host capabilities.

Granular Resource Limits

CloudStack 4.20 introduces Granular Resource Limit Management, allowing Administrators to set precise limits for compute and storage resources. These limits are applied to Domain and Account level, covering resources such as Instances, CPU, memory, Volumes, and Primary Storage. Administrators can control specialized Compute resources like ARM and x86 hosts, GPU-enabled servers, and different types of storage, including high-performance SSDs and lower-performance SAS/SATA disks.

For Compute resources, administrators can apply granular limits to CPU architectures or hardware configurations, ensuring that each compute resource is used appropriately based on workload demands. Similarly, for Storage, limits can be set to manage the allocation of high-performance SSD storage for critical applications, while restricting fewer demanding workloads to SAS/SATA disks. This granular control helps optimize resource allocation according to specific performance requirements, ensuring that specialized resources are used efficiently.

Through CloudStack’s API and UI, Administrators can dynamically manage resource limits, list capacities, and monitor usage in real-time. During deployments, CloudStack enforces both overall and granular limits, ensuring that Instances are deployed according to these resource constraints, preventing overutilization, and maximizing resource efficiency across the infrastructure.

 

Dynamic & Static Routing

CloudStack 4.20 introduces support for both Dynamic and Static Routing, offering Administrators enhanced control over network traffic in complex cloud environments. This feature allows the integration of dynamic routing using BGP (Border Gateway Protocol), as well as manual static route configuration, providing the flexibility to adapt to diverse networking needs.

Dynamic routing is achieved through BGP Peers, which are configured at the Zone level. Administrators can set up BGP peers to automatically exchange route information between networks. CloudStack allows the configuration of multiple peers with different metrics, enabling efficient route propagation across the network. This is particularly useful in large or multi-Zone environments where networks need to adapt to frequent changes in topology, improving both scalability and resiliency.

A key aspect of dynamic routing is the management of Autonomous System (AS) Numbers, which Administrators can configure using the Create AS Range form. Administrators need to define the AS Number Range that will be used in BGP. This configuration simplifies BGP management by automating the allocation of AS numbers as networks are created, ensuring efficient and seamless dynamic routing across cloud environments.

For Static Routing, CloudStack introduces the ability to manage IPv4 subnets for networks operating in routed mode, extending the existing IPv6 static routing support. Administrators can allocate specific subnets for Isolated and VPC Networks, defining static routes that create fixed paths for network traffic. This ensures predictable traffic flow between network segments, beneficial for environments requiring specific routing policies or compliance standards. The Virtual Routers (VRs) act as gateways in routed mode, making guest Instance IPs publicly accessible while maintaining control over traffic through static routes.

Considering IPv4 addresses, this feature eliminates the overhead related to NAT translations, allowing Instances to have direct public IP addresses. This setup avoids the complexities of source NAT and port forwarding, providing a more straightforward path for traffic.

 

NAS Backup and Recovery Plugin

CloudStack 4.20 introduces the NAS Backup and Recovery Plugin, expanding the existing backup framework to support network-attached storage (NAS) as a backup destination. This plugin works alongside current solutions like Veeam, Dell, and Backroll, giving administrators a flexible way to integrate NAS into their backup strategies. By supporting NAS, CloudStack provides a straightforward and effective method for handling backups within diverse infrastructure setups.

The plugin is designed specifically for KVM environments, allowing Users to schedule backups and perform restore tasks directly from the CloudStack UI. It integrates seamlessly with NAS storage systems, enabling efficient copying of both Instances and data volumes to the designated NAS. Currently, the plugin supports NFS as the primary NAS protocol, with future plans to add support for other shared storage options like CephFS and CIFS/Samba.

 

CEPH RGW Plugin for Object Storage Framework

CloudStack 4.20 introduces the CEPH RGW Plugin to its existing Object Storage Framework, complementing the current MinIO integration. The CEPH RGW (RADOS Gateway) provides a scalable, distributed, and resilient object storage solution, making it an ideal choice for managing unstructured data like backups, media files, and logs in large-scale cloud environments.

With CEPH RGW, CloudStack administrators can take advantage of an enterprise-grade object storage platform that supports massive scalability and high availability, ensuring that data can be stored, retrieved, and managed efficiently. This plugin integrates directly with the Object Storage Framework, enabling users to utilize CEPH RGW as a first-class object storage provider. The integration allows for seamless storage of large volumes of data with low operational overhead, making it particularly beneficial for organizations with growing storage needs.

The addition of CEPH RGW enhances CloudStack’s flexibility by offering another robust option for object storage, alongside MinIO. By supporting multiple storage backends, CloudStack gives administrators the freedom to select the best solution based on their specific infrastructure requirements, ensuring both performance and reliability in data management.

 

Security Group for Shared Networks in Advanced Zones

CloudStack 4.20 introduces support for Security Groups on Shared Networks within Advanced Zones, enabling users to apply Instance-level security policies in Shared Network environments. Administrators must first configure routing on the underlying network router and define the network’s VLAN. Then, during the creation of the Shared Network in CloudStack, they configure the associated VLAN, IPv4 and/or IPv6 settings, and specify the scope (e.g., ALL, Domain, Account, or Project).

Once the Shared Network is created, Users can define and apply Security Group policies to individual Instances. These policies provide granular control over inbound and outbound traffic using parameters such as IP addresses, protocols, and port ranges. Leveraging Security Groups on Shared Networks ensures tighter control over network access and traffic flow, even when resources are shared on a flat network among multiple Accounts and Domains.