Notable improvements include, but are not limited to:

• VMware, out-of-the-box support for VMware that now includes live migration, advanced contextualization, image and network management.
• Self-Service Portal, a new easy-to-use web-based end-user interface that complements the existing GUIs for the operation of the data-center (OpenNebula Sunstone) and for the management of multiple zones (OpenNebula Zones).
• User & Group Management, to easily share virtual resources with other users and groups.
• Improved Security, that fixes security issues and incorporates new authentication drivers and performance improvements.
• Networking Drivers, a new set of drivers are now available to perform networking setup operations.
• Data Center Placement Policies, placement policies can be defined globally to optimize the resources of the datacenter. There are 4 predefined policies: packing, striping, load-aware, and custom.

In the following list you can check the highlights of 3.2 by component, a detailed list of changes can be found here.

Most of the changes in the new release have been done in the OpenNebula core (oned) and libraries to support the following new features:

• Security and User management, is one of the pillars of this release. In particular several potential threats have been secured, and the efficiency of the system has been improved:
  • Users now have a pre-defined driver (set by the admin). One of the issues found is that there are potential security holes if the user is able to choose its own driver through its ONE_AUTH file.
  • Cloud services now use an special authentication mechanism, using special server users. A server user account is granted to authenticate on-behalf of other users. Two mechanism are provided for this: cipher that uses symmetric cryptography, and x509 certificates.
  • Notion of public users, that are restricted to public cloud APIs (e.g. EC2 or OCCI)
  • Restricted attributes in VM Templates: DISK/SOURCE, CONTEXT/FILES, NIC/MAC and NIC/VLAN_ID. These attributes can be easily used to gain oneadmin access or to comprise VMs of any user.
  • Authentication Token caching. As some of the drivers may take some time to authenticate a request (e.g. LDAP), session token can now be cached by OpenNebula.

• Resource Permissions, this new release includes a new permission set to manage access control to virtual resources. The new permissions overcomes the limitations of the previous PUBLIC attribute and allow to share resources between users in multiple ways. Combined with the ACL system (also simplified to match the new permissions) allows the implementation of multiple roles.

• Images and Virtual Networks by Name, by popular request we've brought back this feature. When two resources share the same name, the UID or name of the owner of the resource can be used (defaults to “me”) to select one of them.

• Metadata for Users, Images and Virtual Networks, you can update, and tag these resources with arbitrary metadata, that can be later used by other components.

• Contextualize a VM with User data, now you can easily inject user metadata (e.g. an SSH key) in a VM through the CONTEXT section.

• Image Type can be Changed, either after creating a VM or when saving_as it.

• Improved Network Management, The network operations are now coupled with the VM life-cycle. This simplifies the management of networking (no hooks are needed), and solves previous issues with VLANs when migrating and restoring VMs. The network drivers define three actions (pre-boot, post-boot and clean) that can be easily customized if needed.

• Flexible Network definition. Networks can be now defined with an arbitrary range including an starting and ending IP, network and network mask or CIDR notation. It is possible also to define a network and a starting IP to lease addresses.

• New Lease Operations. Network leases can now be put on hold to reserve them. This comes in handy when there are some IPs within the VLAN already assigned (e.g. .1 to the gateway). When a lease is put on hold OpenNebula will not use it for a VM, til it is released.

OpenNebula 3.2 includes the following new drivers and improvements:

• Networking Drivers, for 8021.Q VLAN tagging, OpenvSwtich and ebtables-based VLANs. The drivers also includes a firewall driver to easily set simple firewalling rules.

• VMware Drivers, for Host and VM monitoring, VM Management and networking

• LDAP Auth Drivers, with base and group filtering

• Server-based Auth Drivers, for Cloud API and OpenNebula front-end servers

The placement of the VMs can now be defined in a VM-basis (restricted to oneadmin) or globally for the data-center. This allows admins to set a global optimization policy to meet specific goals. The scheduling includes four predefined policies: packing, striping, load-aware, and custom.

OpenNebula Self-Service is a new easy-to-use web-based end-user interface. This new GUI will complement the existing GUIs for the operation of the data-center (OpenNebula Sunstone) and for the management of multiple zones and virtual data centers (OpenNebula Zones).

OpenNebula Self-Service is meant to offer a simplified interface to end-users (cloud consumers) of the data center. Self-Service works on top of OpenNebula’s OCCI server and it allows users to easily create, deploy and manage compute, storage (including upload of images) and network resources in seconds.

We've further improved the usability of SunStone, and extend it to catch up with OpenNebula core's new features. Also some of the dialogs has been simplified and polished. The dependencies with third party libraries have been also updated to the latest versions.

OpenNebula Zones is rapidly gaining popularity, and there are a couple of new features result of the feedback we've received:

• ZONA, the ZONes Api, This Ruby API will let you build your own customizations on top of the Zones/VDC component.
• Improved dialogs for the web gui of the component.
• Improved security for storing zone passwords

The OCCI API has been extended to include:

• VM types, can now be defined in the server configuration file and tagged with arbitrary information, like size, QoS parameters or price. These types can be programatically queried through the API.
• Network templates, to support the new VLAN features in OpenNebula the OCCI networks can now be defined through a template, as for Virtual Machines.

OpenNebula 3.2 is API compatible with OpenNebula 3.0, so you should expect that applications, and drivers developed for 3.0 to work with this release, with the exception of custom authentication drivers. A detailed upgrade process can be found in the documentation.

For a complete set of changes to migrate from a 3.0 installation please refer to the Compatibility Guide. You should also read this document if you are an OpenNebula 3.0 user.

OpenNebula is released under the Apache 2.0 open source license. The complete source tree and binary packages for OpenNebula can be downloaded here.

Please report any bug or send feedback at the development portal or at the mailing list.

The documentation of OpenNebula 3.2 can be found here.

The OpenNebula project would like to thank the community for their effort and valuable contributions that made possible this release, and our private sponsor, C12G Labs, for its support and software contributions.

More information about the project can be found at the project web page. You may be also interested in checking the OpenNebula Ecosystem that includes many interesting projects contributed by the community to enhance or add new features to OpenNebula.