SlideShare a Scribd company logo

oVirt 4.3 highlights

Douglas Landgraf
Douglas Landgraf

Presentation from Red Hat Summit Community Center 2019. Highlights from oVirt 4.3 by Douglas Schilling Landgraf

Technology
1 of 29
Download to read offline
oVirt 4.3 Highlights Douglas Schilling Landgraf <dougsland@redhat.com> oVirt/RHV Engineer 05/2019 - Red Hat Summit This presentation is licensed under a Creative Commons Attribution 4.0 International License
3 Quick recap about oVirt What is oVirt ? Why oVirt?
3 Quick recap about oVirt
3 Quick recap about oVirt Which platforms are supported?
3 Quick recap about oVirt
3 Quick recap about oVirt
3 Quick recap about oVirt Also available a Hypervisor ISO, oVirt Node
4 Highlights from 4.3
3 General: Python3 - improved support ● engine-setup ● otopi ● ovirt-engine-lib ● ovirt-host-deploy ● ovirt-log-collector ● ovirt-engine-dwh
3 VM Portal - New dashboard and forms
3 VM Portal - New dashboard and forms
3 Added new CPU Type
3 Hosted Engine ● Support deployment with static IPv6 ● Deploy with Ansible Roles ● Iptables is not required anymore for deployments ● --restore-from-file option to restore the Manager backup during the deployment
3 oVirt Engine ● Replaced fluentd with rsyslog ● Fully support to IPV6 ● Improved v2v feature ● Support to Keycloak Project/Red Hat Single Sign One
3 oVirt Engine - Update the Cluster
3 OpenStack 14 certified
3 Cinderlib - Cinder Block Storage ● Better integration with cinderlib ● Users are able to consume any storage backend supported in Cinder in order to create virtual disks for its VMs, without the need of a full OpenStack deployment. ● Use any storage vendor supported in Cinder (over 80 storage drivers) # engine-config -s ManagedBlockDomainSupported=true Please select a version: 1. 4.1 2. 4.2 3. 4.3 3 # systemctl restart ovirt-engine.service
3 Cinderlib - Cinder Block Storage
3 Database and Ansible updated ● PostgreSQL 10 is now supported ● Ansible requirement now is 2.7.2+ ○ python2.6 deprecated, now support python3 (host still requires python2)
3 oVirt Windows Guest Tools ● Add qemufwcfg driver in windows guest tools Prevents Windows Device Manager to display the device as unrecognized. ● Added smbus driver in windows guest tools When a guest running Windows 2008 with Q35 bios an unknown device is listed in Device Manager.
3 Security - Transport Layer Security ● Removed support to insecure TLSv1 and TLSv1.1 and leave only most secure TLSv1.2 ● Enable TLSv1.2 or higher (vdsm - engine) $ openssl s_client -connect localhost:54321 -tls1 -CAfile /etc/pki/vdsm/certs/cacert.pem or $ openssl s_client -connect localhost:54321 -tls1_1 -CAfile /etc/pki/vdsm/certs/cacert.pem CONNECTED(00000003) write:errno=104 --- no peer certificate available
3 Security - Transport Layer Security $ openssl s_client -connect localhost.localdomain:54321 -tls1_2 -CAfile /etc/pki/vdsm/certs/cacert.pem CONNECTED(00000003) …. --- Server certificate -----BEGIN CERTIFICATE----- MIIEUDCCAzigAwIBAgICEA0wDQYJKoZIhvcNAQELBQAwRjELMAkGA1UEBhMCVVMx FDASBgNVBAoMC2xvY2FsZG9tYWluMSEwHwYDVQQDDBhlbmdpbmUubG9jYWxkb21h aW4uOTMxNjcwHhcNMTkwNDIxMTYxNTIwWhcNMjQwNDIwMTYxNTIwWjAyMRQwEgYD …..
3 Security - OpenSCAP and STIGs ● Added OpenSCAP tools into oVirt-Node “The OpenSCAP ecosystem provides multiple tools to assist administrators and auditors with assessment, measurement, and enforcement of security baselines.” https://www.open-scap.org/ ● oVirt Engine Appliance meet Security Technical Implementation Guides standards.
3 Security - Secure Hash Algorithm ● engine-backup now support SHA256 (required by FIPS mode) $ tar xvf /var/lib/ovirt-engine-backup/ovirt-engine-backup-20190424154138.backup $ cat ./sha256sum c746505ab9eee105b59e0354d226974954e4218ab9c2e455b40156e05c036927 db/engine_backup.db 8b72cffd6773a6f40cd20654a4e48bd0509bac1169e7ef05ad099aafdf6e1039 db/dwh_backup.db 00c7c19df07fad786cbfed308a9ff2ddb793ed714b9f1c6267041f1296bfa8fa files 8db64ff64f529a47b944b4dd96f2eda3f540137609e359d784210280e44085c0 version 6e7135e172b14539ad9aee8a4316a3c240ec20280fa39613d1a9513e39793870 os_version 4389da2b2c4927e7aaa457c7f1549d5b23616c96a13da1075032c52022b1b01f config Federal Information Processing Standard (FIPS) is a computer security standard, developed by the U.S. Government and industry working group to validate the quality of cryptographic modules.
3 Dropped Functionality ● Dropped 3.6 and 4.0 datacenter/cluster level
3 Dropped Functionality ● Dropped Conroe and Penryn CPU Types from Compatibility Version 4.3
3 Dropped Functionality ● Removed support to API v3 ● Dropped ovirt-engine-cli (ovirt-shell) dependency (used version 3 REST API) ● Disks scan alignment
3 Upgrading your environment? ● Use engine-backup tool to create a backup before upgrades! ;-) ● Engine upgrades are incremental ● Environment must be in 4.1 datacenter/cluster before upgrading to 4.3
Thank you! https://ovirt.org/ users@ovirt.org dougsland@redhat.com https://www.meetup.com/Boston-oVirt-Community/ @ovirt @dougsland This presentation is licensed under a Creative Commons Attribution 4.0 International License

Recommended

Introduction to oVirt
Introduction to oVirtIntroduction to oVirt
Introduction to oVirtAll Things Open
 
Virtualization Management The oVirt Way (August Penguin 2015)
Virtualization Management The oVirt Way (August Penguin 2015)Virtualization Management The oVirt Way (August Penguin 2015)
Virtualization Management The oVirt Way (August Penguin 2015)Allon Mureinik
 
oVirt – open your virtual datacenter
oVirt – open your virtual datacenteroVirt – open your virtual datacenter
oVirt – open your virtual datacenterBergamo Linux Users Group
 
oVirt Introduction
oVirt IntroductionoVirt Introduction
oVirt IntroductionRoozbeh Shafiee
 
Kvm forum 2013 - future integration points for oVirt storage
Kvm forum 2013 - future integration points for oVirt storageKvm forum 2013 - future integration points for oVirt storage
Kvm forum 2013 - future integration points for oVirt storageSean Cohen
 
Managing ceph through_oVirt_using_Cinder
Managing ceph through_oVirt_using_CinderManaging ceph through_oVirt_using_Cinder
Managing ceph through_oVirt_using_CinderMaor Lipchuk
 
oVirt 3.5 Storage Features Overview
oVirt 3.5 Storage Features OverviewoVirt 3.5 Storage Features Overview
oVirt 3.5 Storage Features OverviewAllon Mureinik
 
Gluster ovirt integration_gluster_meetup_pune_2015
Gluster ovirt integration_gluster_meetup_pune_2015Gluster ovirt integration_gluster_meetup_pune_2015
Gluster ovirt integration_gluster_meetup_pune_2015Ramesh Nachimuthu
 

Recommended

Introduction to oVirt
Introduction to oVirtIntroduction to oVirt
Introduction to oVirtAll Things Open
 
Virtualization Management The oVirt Way (August Penguin 2015)
Virtualization Management The oVirt Way (August Penguin 2015)Virtualization Management The oVirt Way (August Penguin 2015)
Virtualization Management The oVirt Way (August Penguin 2015)Allon Mureinik
 
oVirt – open your virtual datacenter
oVirt – open your virtual datacenteroVirt – open your virtual datacenter
oVirt – open your virtual datacenterBergamo Linux Users Group
 
oVirt Introduction
oVirt IntroductionoVirt Introduction
oVirt IntroductionRoozbeh Shafiee
 
Kvm forum 2013 - future integration points for oVirt storage
Kvm forum 2013 - future integration points for oVirt storageKvm forum 2013 - future integration points for oVirt storage
Kvm forum 2013 - future integration points for oVirt storageSean Cohen
 
Managing ceph through_oVirt_using_Cinder
Managing ceph through_oVirt_using_CinderManaging ceph through_oVirt_using_Cinder
Managing ceph through_oVirt_using_CinderMaor Lipchuk
 
oVirt 3.5 Storage Features Overview
oVirt 3.5 Storage Features OverviewoVirt 3.5 Storage Features Overview
oVirt 3.5 Storage Features OverviewAllon Mureinik
 
Gluster ovirt integration_gluster_meetup_pune_2015
Gluster ovirt integration_gluster_meetup_pune_2015Gluster ovirt integration_gluster_meetup_pune_2015
Gluster ovirt integration_gluster_meetup_pune_2015Ramesh Nachimuthu
 
Disaster Recovery in oVirt
Disaster Recovery in oVirtDisaster Recovery in oVirt
Disaster Recovery in oVirtMaor Lipchuk
 
oVirt and OpenStack
oVirt and OpenStackoVirt and OpenStack
oVirt and OpenStackDave Neary
 
VIO on Cisco UCS and Network
VIO on Cisco UCS and NetworkVIO on Cisco UCS and Network
VIO on Cisco UCS and NetworkYousef Morcos
 
Storage best practices
Storage best practicesStorage best practices
Storage best practicesMaor Lipchuk
 
OpenNebulaConf 2016 - OpenNebula 5.0 Highlights and Beyond by Ruben S. Monter...
OpenNebulaConf 2016 - OpenNebula 5.0 Highlights and Beyond by Ruben S. Monter...OpenNebulaConf 2016 - OpenNebula 5.0 Highlights and Beyond by Ruben S. Monter...
OpenNebulaConf 2016 - OpenNebula 5.0 Highlights and Beyond by Ruben S. Monter...OpenNebula Project
 
Running FreeRTOS on Digilent Zybo board
Running FreeRTOS on Digilent Zybo boardRunning FreeRTOS on Digilent Zybo board
Running FreeRTOS on Digilent Zybo boardVincent Claes
 
High Performance Linux Virtual Machine on Microsoft Azure: SR-IOV Networking ...
High Performance Linux Virtual Machine on Microsoft Azure: SR-IOV Networking ...High Performance Linux Virtual Machine on Microsoft Azure: SR-IOV Networking ...
High Performance Linux Virtual Machine on Microsoft Azure: SR-IOV Networking ...LinuxCon ContainerCon CloudOpen China
 
Integrating a custom AXI IP Core in Vivado for Xilinx Zynq FPGA based embedde...
Integrating a custom AXI IP Core in Vivado for Xilinx Zynq FPGA based embedde...Integrating a custom AXI IP Core in Vivado for Xilinx Zynq FPGA based embedde...
Integrating a custom AXI IP Core in Vivado for Xilinx Zynq FPGA based embedde...Vincent Claes
 
Percepio Tracealyzer for FreeRTOS on MiniZED
Percepio Tracealyzer for FreeRTOS on MiniZEDPercepio Tracealyzer for FreeRTOS on MiniZED
Percepio Tracealyzer for FreeRTOS on MiniZEDVincent Claes
 
Libvirt/KVM Driver Update (Kilo)
Libvirt/KVM Driver Update (Kilo)Libvirt/KVM Driver Update (Kilo)
Libvirt/KVM Driver Update (Kilo)Stephen Gordon
 
Networking in the cloud
Networking in the cloudNetworking in the cloud
Networking in the cloudCliff Chao-kuan Lu
 
OpenNebulaConf 2016 - VTastic: Akamai Innovations for Distributed System Test...
OpenNebulaConf 2016 - VTastic: Akamai Innovations for Distributed System Test...OpenNebulaConf 2016 - VTastic: Akamai Innovations for Distributed System Test...
OpenNebulaConf 2016 - VTastic: Akamai Innovations for Distributed System Test...OpenNebula Project
 
Containers for the Enterprise: Delivering OpenShift on OpenStack for Performa...
Containers for the Enterprise: Delivering OpenShift on OpenStack for Performa...Containers for the Enterprise: Delivering OpenShift on OpenStack for Performa...
Containers for the Enterprise: Delivering OpenShift on OpenStack for Performa...Stephen Gordon
 
UEFI HTTP/HTTPS Boot
UEFI HTTP/HTTPS BootUEFI HTTP/HTTPS Boot
UEFI HTTP/HTTPS BootLinuxCon ContainerCon CloudOpen China
 
Mi-Cloud Deployment Scenarios - Nazarudin Wijee
Mi-Cloud Deployment Scenarios - Nazarudin WijeeMi-Cloud Deployment Scenarios - Nazarudin Wijee
Mi-Cloud Deployment Scenarios - Nazarudin WijeeOpenNebula Project
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityAnshul Patel
 
Practical CNI
Practical CNIPractical CNI
Practical CNILinuxCon ContainerCon CloudOpen China
 
OpenNebula Networking - Rubén S. Montero
OpenNebula Networking - Rubén S. MonteroOpenNebula Networking - Rubén S. Montero
OpenNebula Networking - Rubén S. MonteroOpenNebula Project
 
OpenNebulaConf2015 1.10 OpenNebula Networking: SDNs & NFVs - Ruben S. Montero
OpenNebulaConf2015 1.10 OpenNebula Networking: SDNs & NFVs - Ruben S. MonteroOpenNebulaConf2015 1.10 OpenNebula Networking: SDNs & NFVs - Ruben S. Montero
OpenNebulaConf2015 1.10 OpenNebula Networking: SDNs & NFVs - Ruben S. MonteroOpenNebula Project
 
Docker Internet Money Gateway
Docker Internet Money GatewayDocker Internet Money Gateway
Docker Internet Money GatewayMathieu Buffenoir
 
Nested virtualization & PCI pass-through
Nested virtualization & PCI pass-throughNested virtualization & PCI pass-through
Nested virtualization & PCI pass-throughOpenNebula Project
 
Tick Stack - Listen your infrastructure and please sleep
Tick Stack - Listen your infrastructure and please sleepTick Stack - Listen your infrastructure and please sleep
Tick Stack - Listen your infrastructure and please sleepGianluca Arbezzano
 

More Related Content

What's hot

Disaster Recovery in oVirt
Disaster Recovery in oVirtDisaster Recovery in oVirt
Disaster Recovery in oVirtMaor Lipchuk
 
oVirt and OpenStack
oVirt and OpenStackoVirt and OpenStack
oVirt and OpenStackDave Neary
 
VIO on Cisco UCS and Network
VIO on Cisco UCS and NetworkVIO on Cisco UCS and Network
VIO on Cisco UCS and NetworkYousef Morcos
 
Storage best practices
Storage best practicesStorage best practices
Storage best practicesMaor Lipchuk
 
OpenNebulaConf 2016 - OpenNebula 5.0 Highlights and Beyond by Ruben S. Monter...
OpenNebulaConf 2016 - OpenNebula 5.0 Highlights and Beyond by Ruben S. Monter...OpenNebulaConf 2016 - OpenNebula 5.0 Highlights and Beyond by Ruben S. Monter...
OpenNebulaConf 2016 - OpenNebula 5.0 Highlights and Beyond by Ruben S. Monter...OpenNebula Project
 
Running FreeRTOS on Digilent Zybo board
Running FreeRTOS on Digilent Zybo boardRunning FreeRTOS on Digilent Zybo board
Running FreeRTOS on Digilent Zybo boardVincent Claes
 
High Performance Linux Virtual Machine on Microsoft Azure: SR-IOV Networking ...
High Performance Linux Virtual Machine on Microsoft Azure: SR-IOV Networking ...High Performance Linux Virtual Machine on Microsoft Azure: SR-IOV Networking ...
High Performance Linux Virtual Machine on Microsoft Azure: SR-IOV Networking ...LinuxCon ContainerCon CloudOpen China
 
Integrating a custom AXI IP Core in Vivado for Xilinx Zynq FPGA based embedde...
Integrating a custom AXI IP Core in Vivado for Xilinx Zynq FPGA based embedde...Integrating a custom AXI IP Core in Vivado for Xilinx Zynq FPGA based embedde...
Integrating a custom AXI IP Core in Vivado for Xilinx Zynq FPGA based embedde...Vincent Claes
 
Percepio Tracealyzer for FreeRTOS on MiniZED
Percepio Tracealyzer for FreeRTOS on MiniZEDPercepio Tracealyzer for FreeRTOS on MiniZED
Percepio Tracealyzer for FreeRTOS on MiniZEDVincent Claes
 
Libvirt/KVM Driver Update (Kilo)
Libvirt/KVM Driver Update (Kilo)Libvirt/KVM Driver Update (Kilo)
Libvirt/KVM Driver Update (Kilo)Stephen Gordon
 
OpenNebulaConf 2016 - VTastic: Akamai Innovations for Distributed System Test...
OpenNebulaConf 2016 - VTastic: Akamai Innovations for Distributed System Test...OpenNebulaConf 2016 - VTastic: Akamai Innovations for Distributed System Test...
OpenNebulaConf 2016 - VTastic: Akamai Innovations for Distributed System Test...OpenNebula Project
 
Containers for the Enterprise: Delivering OpenShift on OpenStack for Performa...
Containers for the Enterprise: Delivering OpenShift on OpenStack for Performa...Containers for the Enterprise: Delivering OpenShift on OpenStack for Performa...
Containers for the Enterprise: Delivering OpenShift on OpenStack for Performa...Stephen Gordon
 
Mi-Cloud Deployment Scenarios - Nazarudin Wijee
Mi-Cloud Deployment Scenarios - Nazarudin WijeeMi-Cloud Deployment Scenarios - Nazarudin Wijee
Mi-Cloud Deployment Scenarios - Nazarudin WijeeOpenNebula Project
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityAnshul Patel
 
OpenNebula Networking - Rubén S. Montero
OpenNebula Networking - Rubén S. MonteroOpenNebula Networking - Rubén S. Montero
OpenNebula Networking - Rubén S. MonteroOpenNebula Project
 
OpenNebulaConf2015 1.10 OpenNebula Networking: SDNs & NFVs - Ruben S. Montero
OpenNebulaConf2015 1.10 OpenNebula Networking: SDNs & NFVs - Ruben S. MonteroOpenNebulaConf2015 1.10 OpenNebula Networking: SDNs & NFVs - Ruben S. Montero
OpenNebulaConf2015 1.10 OpenNebula Networking: SDNs & NFVs - Ruben S. MonteroOpenNebula Project
 
Docker Internet Money Gateway
Docker Internet Money GatewayDocker Internet Money Gateway
Docker Internet Money GatewayMathieu Buffenoir
 

What's hot (20)

Disaster Recovery in oVirt
Disaster Recovery in oVirtDisaster Recovery in oVirt
Disaster Recovery in oVirt
 
oVirt and OpenStack
oVirt and OpenStackoVirt and OpenStack
oVirt and OpenStack
 
VIO on Cisco UCS and Network
VIO on Cisco UCS and NetworkVIO on Cisco UCS and Network
VIO on Cisco UCS and Network
 
Storage best practices
Storage best practicesStorage best practices
Storage best practices
 
OpenNebulaConf 2016 - OpenNebula 5.0 Highlights and Beyond by Ruben S. Monter...
OpenNebulaConf 2016 - OpenNebula 5.0 Highlights and Beyond by Ruben S. Monter...OpenNebulaConf 2016 - OpenNebula 5.0 Highlights and Beyond by Ruben S. Monter...
OpenNebulaConf 2016 - OpenNebula 5.0 Highlights and Beyond by Ruben S. Monter...
 
Running FreeRTOS on Digilent Zybo board
Running FreeRTOS on Digilent Zybo boardRunning FreeRTOS on Digilent Zybo board
Running FreeRTOS on Digilent Zybo board
 
High Performance Linux Virtual Machine on Microsoft Azure: SR-IOV Networking ...
High Performance Linux Virtual Machine on Microsoft Azure: SR-IOV Networking ...High Performance Linux Virtual Machine on Microsoft Azure: SR-IOV Networking ...
High Performance Linux Virtual Machine on Microsoft Azure: SR-IOV Networking ...
 
Integrating a custom AXI IP Core in Vivado for Xilinx Zynq FPGA based embedde...
Integrating a custom AXI IP Core in Vivado for Xilinx Zynq FPGA based embedde...Integrating a custom AXI IP Core in Vivado for Xilinx Zynq FPGA based embedde...
Integrating a custom AXI IP Core in Vivado for Xilinx Zynq FPGA based embedde...
 
Percepio Tracealyzer for FreeRTOS on MiniZED
Percepio Tracealyzer for FreeRTOS on MiniZEDPercepio Tracealyzer for FreeRTOS on MiniZED
Percepio Tracealyzer for FreeRTOS on MiniZED
 
Libvirt/KVM Driver Update (Kilo)
Libvirt/KVM Driver Update (Kilo)Libvirt/KVM Driver Update (Kilo)
Libvirt/KVM Driver Update (Kilo)
 
Networking in the cloud
Networking in the cloudNetworking in the cloud
Networking in the cloud
 
OpenNebulaConf 2016 - VTastic: Akamai Innovations for Distributed System Test...
OpenNebulaConf 2016 - VTastic: Akamai Innovations for Distributed System Test...OpenNebulaConf 2016 - VTastic: Akamai Innovations for Distributed System Test...
OpenNebulaConf 2016 - VTastic: Akamai Innovations for Distributed System Test...
 
Containers for the Enterprise: Delivering OpenShift on OpenStack for Performa...
Containers for the Enterprise: Delivering OpenShift on OpenStack for Performa...Containers for the Enterprise: Delivering OpenShift on OpenStack for Performa...
Containers for the Enterprise: Delivering OpenShift on OpenStack for Performa...
 
UEFI HTTP/HTTPS Boot
UEFI HTTP/HTTPS BootUEFI HTTP/HTTPS Boot
UEFI HTTP/HTTPS Boot
 
Mi-Cloud Deployment Scenarios - Nazarudin Wijee
Mi-Cloud Deployment Scenarios - Nazarudin WijeeMi-Cloud Deployment Scenarios - Nazarudin Wijee
Mi-Cloud Deployment Scenarios - Nazarudin Wijee
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
 
Practical CNI
Practical CNIPractical CNI
Practical CNI
 
OpenNebula Networking - Rubén S. Montero
OpenNebula Networking - Rubén S. MonteroOpenNebula Networking - Rubén S. Montero
OpenNebula Networking - Rubén S. Montero
 
OpenNebulaConf2015 1.10 OpenNebula Networking: SDNs & NFVs - Ruben S. Montero
OpenNebulaConf2015 1.10 OpenNebula Networking: SDNs & NFVs - Ruben S. MonteroOpenNebulaConf2015 1.10 OpenNebula Networking: SDNs & NFVs - Ruben S. Montero
OpenNebulaConf2015 1.10 OpenNebula Networking: SDNs & NFVs - Ruben S. Montero
 
Docker Internet Money Gateway
Docker Internet Money GatewayDocker Internet Money Gateway
Docker Internet Money Gateway
 

Similar to oVirt 4.3 highlights

Nested virtualization & PCI pass-through
Nested virtualization & PCI pass-throughNested virtualization & PCI pass-through
Nested virtualization & PCI pass-throughOpenNebula Project
 
Tick Stack - Listen your infrastructure and please sleep
Tick Stack - Listen your infrastructure and please sleepTick Stack - Listen your infrastructure and please sleep
Tick Stack - Listen your infrastructure and please sleepGianluca Arbezzano
 
2009-01-20 RHEL 5.3 for System z
2009-01-20 RHEL 5.3 for System z2009-01-20 RHEL 5.3 for System z
2009-01-20 RHEL 5.3 for System zShawn Wells
 
Relax-and-Recover Automated Testing
Relax-and-Recover Automated TestingRelax-and-Recover Automated Testing
Relax-and-Recover Automated TestingGratien D'haese
 
Presentation 12c grid_upgrade
Presentation 12c grid_upgradePresentation 12c grid_upgrade
Presentation 12c grid_upgradeJacques Kostic
 
What_s_New_in_OpenShift_Container_Platform_4.6.pdf
What_s_New_in_OpenShift_Container_Platform_4.6.pdfWhat_s_New_in_OpenShift_Container_Platform_4.6.pdf
What_s_New_in_OpenShift_Container_Platform_4.6.pdfchalermpany
 
Time Series Database and Tick Stack
Time Series Database and Tick StackTime Series Database and Tick Stack
Time Series Database and Tick StackGianluca Arbezzano
 
Assisted-Installer-DevConf-US-2021
Assisted-Installer-DevConf-US-2021Assisted-Installer-DevConf-US-2021
Assisted-Installer-DevConf-US-2021Nir Magnezi
 
"Look Ma, no hands! Zero Touch Provisioning for OpenShift" DevConf.US 2021
"Look Ma, no hands! Zero Touch Provisioning for OpenShift" DevConf.US 2021"Look Ma, no hands! Zero Touch Provisioning for OpenShift" DevConf.US 2021
"Look Ma, no hands! Zero Touch Provisioning for OpenShift" DevConf.US 2021Freddy Rolland
 
Fosdem_Using_SELinux_with_container_runtimes.pdf
Fosdem_Using_SELinux_with_container_runtimes.pdfFosdem_Using_SELinux_with_container_runtimes.pdf
Fosdem_Using_SELinux_with_container_runtimes.pdfnicerussianpainter
 
Containers with systemd-nspawn
Containers with systemd-nspawnContainers with systemd-nspawn
Containers with systemd-nspawnGábor Nyers
 
Red Hat Enterprise Linux: Open, hyperconverged infrastructure
Red Hat Enterprise Linux: Open, hyperconverged infrastructureRed Hat Enterprise Linux: Open, hyperconverged infrastructure
Red Hat Enterprise Linux: Open, hyperconverged infrastructureRed_Hat_Storage
 
oVirt Extension API: The first step for fully modular oVirt
oVirt Extension API: The first step for fully modular oVirtoVirt Extension API: The first step for fully modular oVirt
oVirt Extension API: The first step for fully modular oVirtMartin Peřina
 
Tungsten Fabric Overview
Tungsten Fabric OverviewTungsten Fabric Overview
Tungsten Fabric OverviewMichelle Holley
 
CentOS Linux Server Hardening
CentOS Linux Server HardeningCentOS Linux Server Hardening
CentOS Linux Server HardeningMyOwn Telco
 
ZertoCON_Support_Toolz.pdf
ZertoCON_Support_Toolz.pdfZertoCON_Support_Toolz.pdf
ZertoCON_Support_Toolz.pdftestslebew
 
The New oVirt Extension API: Taking AAA (Authentication Authorization Account...
The New oVirt Extension API: Taking AAA (Authentication Authorization Account...The New oVirt Extension API: Taking AAA (Authentication Authorization Account...
The New oVirt Extension API: Taking AAA (Authentication Authorization Account...Martin Peřina
 
Linux sever building
Linux sever buildingLinux sever building
Linux sever buildingEdmond Yu
 
Spoto updated new
Spoto updated newSpoto updated new
Spoto updated newAmolDhoke3
 
Digital Forensics and Incident Response in The Cloud Part 3
Digital Forensics and Incident Response in The Cloud Part 3Digital Forensics and Incident Response in The Cloud Part 3
Digital Forensics and Incident Response in The Cloud Part 3Velocidex Enterprises
 

Similar to oVirt 4.3 highlights (20)

Nested virtualization & PCI pass-through
Nested virtualization & PCI pass-throughNested virtualization & PCI pass-through
Nested virtualization & PCI pass-through
 
Tick Stack - Listen your infrastructure and please sleep
Tick Stack - Listen your infrastructure and please sleepTick Stack - Listen your infrastructure and please sleep
Tick Stack - Listen your infrastructure and please sleep
 
2009-01-20 RHEL 5.3 for System z
2009-01-20 RHEL 5.3 for System z2009-01-20 RHEL 5.3 for System z
2009-01-20 RHEL 5.3 for System z
 
Relax-and-Recover Automated Testing
Relax-and-Recover Automated TestingRelax-and-Recover Automated Testing
Relax-and-Recover Automated Testing
 
Presentation 12c grid_upgrade
Presentation 12c grid_upgradePresentation 12c grid_upgrade
Presentation 12c grid_upgrade
 
What_s_New_in_OpenShift_Container_Platform_4.6.pdf
What_s_New_in_OpenShift_Container_Platform_4.6.pdfWhat_s_New_in_OpenShift_Container_Platform_4.6.pdf
What_s_New_in_OpenShift_Container_Platform_4.6.pdf
 
Time Series Database and Tick Stack
Time Series Database and Tick StackTime Series Database and Tick Stack
Time Series Database and Tick Stack
 
Assisted-Installer-DevConf-US-2021
Assisted-Installer-DevConf-US-2021Assisted-Installer-DevConf-US-2021
Assisted-Installer-DevConf-US-2021
 
"Look Ma, no hands! Zero Touch Provisioning for OpenShift" DevConf.US 2021
"Look Ma, no hands! Zero Touch Provisioning for OpenShift" DevConf.US 2021"Look Ma, no hands! Zero Touch Provisioning for OpenShift" DevConf.US 2021
"Look Ma, no hands! Zero Touch Provisioning for OpenShift" DevConf.US 2021
 
Fosdem_Using_SELinux_with_container_runtimes.pdf
Fosdem_Using_SELinux_with_container_runtimes.pdfFosdem_Using_SELinux_with_container_runtimes.pdf
Fosdem_Using_SELinux_with_container_runtimes.pdf
 
Containers with systemd-nspawn
Containers with systemd-nspawnContainers with systemd-nspawn
Containers with systemd-nspawn
 
Red Hat Enterprise Linux: Open, hyperconverged infrastructure
Red Hat Enterprise Linux: Open, hyperconverged infrastructureRed Hat Enterprise Linux: Open, hyperconverged infrastructure
Red Hat Enterprise Linux: Open, hyperconverged infrastructure
 
oVirt Extension API: The first step for fully modular oVirt
oVirt Extension API: The first step for fully modular oVirtoVirt Extension API: The first step for fully modular oVirt
oVirt Extension API: The first step for fully modular oVirt
 
Tungsten Fabric Overview
Tungsten Fabric OverviewTungsten Fabric Overview
Tungsten Fabric Overview
 
CentOS Linux Server Hardening
CentOS Linux Server HardeningCentOS Linux Server Hardening
CentOS Linux Server Hardening
 
ZertoCON_Support_Toolz.pdf
ZertoCON_Support_Toolz.pdfZertoCON_Support_Toolz.pdf
ZertoCON_Support_Toolz.pdf
 
The New oVirt Extension API: Taking AAA (Authentication Authorization Account...
The New oVirt Extension API: Taking AAA (Authentication Authorization Account...The New oVirt Extension API: Taking AAA (Authentication Authorization Account...
The New oVirt Extension API: Taking AAA (Authentication Authorization Account...
 
Linux sever building
Linux sever buildingLinux sever building
Linux sever building
 
Spoto updated new
Spoto updated newSpoto updated new
Spoto updated new
 
Digital Forensics and Incident Response in The Cloud Part 3
Digital Forensics and Incident Response in The Cloud Part 3Digital Forensics and Incident Response in The Cloud Part 3
Digital Forensics and Incident Response in The Cloud Part 3
 

Recently uploaded

Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 

Recently uploaded (20)

Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 

oVirt 4.3 highlights

  • 1. oVirt 4.3 Highlights Douglas Schilling Landgraf <dougsland@redhat.com> oVirt/RHV Engineer 05/2019 - Red Hat Summit This presentation is licensed under a Creative Commons Attribution 4.0 International License
  • 2. 3 Quick recap about oVirt What is oVirt ? Why oVirt?
  • 4. 3 Quick recap about oVirt Which platforms are supported?
  • 7. 3 Quick recap about oVirt Also available a Hypervisor ISO, oVirt Node
  • 9. 3 General: Python3 - improved support ● engine-setup ● otopi ● ovirt-engine-lib ● ovirt-host-deploy ● ovirt-log-collector ● ovirt-engine-dwh
  • 10. 3 VM Portal - New dashboard and forms
  • 11. 3 VM Portal - New dashboard and forms
  • 13. 3 Hosted Engine ● Support deployment with static IPv6 ● Deploy with Ansible Roles ● Iptables is not required anymore for deployments ● --restore-from-file option to restore the Manager backup during the deployment
  • 14. 3 oVirt Engine ● Replaced fluentd with rsyslog ● Fully support to IPV6 ● Improved v2v feature ● Support to Keycloak Project/Red Hat Single Sign One
  • 15. 3 oVirt Engine - Update the Cluster
  • 17. 3 Cinderlib - Cinder Block Storage ● Better integration with cinderlib ● Users are able to consume any storage backend supported in Cinder in order to create virtual disks for its VMs, without the need of a full OpenStack deployment. ● Use any storage vendor supported in Cinder (over 80 storage drivers) # engine-config -s ManagedBlockDomainSupported=true Please select a version: 1. 4.1 2. 4.2 3. 4.3 3 # systemctl restart ovirt-engine.service
  • 18. 3 Cinderlib - Cinder Block Storage
  • 19. 3 Database and Ansible updated ● PostgreSQL 10 is now supported ● Ansible requirement now is 2.7.2+ ○ python2.6 deprecated, now support python3 (host still requires python2)
  • 20. 3 oVirt Windows Guest Tools ● Add qemufwcfg driver in windows guest tools Prevents Windows Device Manager to display the device as unrecognized. ● Added smbus driver in windows guest tools When a guest running Windows 2008 with Q35 bios an unknown device is listed in Device Manager.
  • 21. 3 Security - Transport Layer Security ● Removed support to insecure TLSv1 and TLSv1.1 and leave only most secure TLSv1.2 ● Enable TLSv1.2 or higher (vdsm - engine) $ openssl s_client -connect localhost:54321 -tls1 -CAfile /etc/pki/vdsm/certs/cacert.pem or $ openssl s_client -connect localhost:54321 -tls1_1 -CAfile /etc/pki/vdsm/certs/cacert.pem CONNECTED(00000003) write:errno=104 --- no peer certificate available
  • 22. 3 Security - Transport Layer Security $ openssl s_client -connect localhost.localdomain:54321 -tls1_2 -CAfile /etc/pki/vdsm/certs/cacert.pem CONNECTED(00000003) …. --- Server certificate -----BEGIN CERTIFICATE----- MIIEUDCCAzigAwIBAgICEA0wDQYJKoZIhvcNAQELBQAwRjELMAkGA1UEBhMCVVMx FDASBgNVBAoMC2xvY2FsZG9tYWluMSEwHwYDVQQDDBhlbmdpbmUubG9jYWxkb21h aW4uOTMxNjcwHhcNMTkwNDIxMTYxNTIwWhcNMjQwNDIwMTYxNTIwWjAyMRQwEgYD …..
  • 23. 3 Security - OpenSCAP and STIGs ● Added OpenSCAP tools into oVirt-Node “The OpenSCAP ecosystem provides multiple tools to assist administrators and auditors with assessment, measurement, and enforcement of security baselines.” https://www.open-scap.org/ ● oVirt Engine Appliance meet Security Technical Implementation Guides standards.
  • 24. 3 Security - Secure Hash Algorithm ● engine-backup now support SHA256 (required by FIPS mode) $ tar xvf /var/lib/ovirt-engine-backup/ovirt-engine-backup-20190424154138.backup $ cat ./sha256sum c746505ab9eee105b59e0354d226974954e4218ab9c2e455b40156e05c036927 db/engine_backup.db 8b72cffd6773a6f40cd20654a4e48bd0509bac1169e7ef05ad099aafdf6e1039 db/dwh_backup.db 00c7c19df07fad786cbfed308a9ff2ddb793ed714b9f1c6267041f1296bfa8fa files 8db64ff64f529a47b944b4dd96f2eda3f540137609e359d784210280e44085c0 version 6e7135e172b14539ad9aee8a4316a3c240ec20280fa39613d1a9513e39793870 os_version 4389da2b2c4927e7aaa457c7f1549d5b23616c96a13da1075032c52022b1b01f config Federal Information Processing Standard (FIPS) is a computer security standard, developed by the U.S. Government and industry working group to validate the quality of cryptographic modules.
  • 25. 3 Dropped Functionality ● Dropped 3.6 and 4.0 datacenter/cluster level
  • 26. 3 Dropped Functionality ● Dropped Conroe and Penryn CPU Types from Compatibility Version 4.3
  • 27. 3 Dropped Functionality ● Removed support to API v3 ● Dropped ovirt-engine-cli (ovirt-shell) dependency (used version 3 REST API) ● Disks scan alignment
  • 28. 3 Upgrading your environment? ● Use engine-backup tool to create a backup before upgrades! ;-) ● Engine upgrades are incremental ● Environment must be in 4.1 datacenter/cluster before upgrading to 4.3
  • 29. Thank you! https://ovirt.org/ users@ovirt.org dougsland@redhat.com https://www.meetup.com/Boston-oVirt-Community/ @ovirt @dougsland This presentation is licensed under a Creative Commons Attribution 4.0 International License