The new and shiny Apache CloudStack 4.2

by François Gaudreault

Recently, Apache CloudStack (ACS) released version 4.2 of its well known cloud orchestrator. With more than 160 bug fixes and dozens of new features, this version is by far one of their best, at least on paper. Since we had to upgrade one of our internal environments, we thought it would be an interesting opportunity to share our experiences with the new features present in this release.

Upgrade Process

In normal situations, the upgrade process of the ACS software is straightforward and well documented. Again, it was the case this time. This is something I really like about this product. There are no crazy or high-risk procedures when you upgrade. There is only one little glitch on the scoreboard: we hit a small bug around resource counts in the database, but that apparently will be fixed in the next release.

Note: You can find the solution here ( if you ever encounter the same issue.


The 4.2 release is fully loaded with very interesting new features. I will now discuss the most anticipated features from our point of view (in no particular order).


This feature is similar to AWS regions. From the CloudStack perpective, you can now group your availability zones in a geographical manner and delegate the control of that region to a specific set of management servers running in one of the zones. This helps the availability and scalability of your cloud.

S3 Interface for Secondary Storage

Before ACS 4.2, secondary storage (where the templates, ISOs, and snaphots are stored) was only available through an NFS share. Now, you can connect to an object store using the S3 interface. This is a great feature because you now have access to highly scalable and redundant storage without having to interface your Ceph or Riak-CS.

VPC and NetScalers

CloudStack already supports Virtual Private Cloud (VPC) and NetScalers. However, the product is now able to leverage NetScaler’s load-balancing capabilities in a VPC by allowing inter-tier load balancing. Let’s say you want to load balance database traffic originating at your web-server farm. Since database and web server are likely to be on separate tiers within the same VPC, you will be able to do it. Another NetScaler feature that is now part of the product is GSLB support (Global Server Load Balancing) using DNS redirection.

SolidFire Integration and Storage QoS

In my opinion, this is one of the most useful features of this release. Now that we can use SolidFire as our primary storage provider, we can control the QoS level of all drives. Unfortunately, this function only works for DATA volumes, not ROOT volumes (sad!). We must probably wait until 4.3 to get this function fully integrated, but I think what we have now is a significant improvement over what it was before.

Networking Enhancements

We briefly discussed the NetScaler above, but there are other networking related features that merit some attention. First of all, IPv6 support is now official. Hooray for those of us who want to play with it since it’s not yet widely used in the datacenters. Another great addition is the isolated network VLAN assignments. This was something that irritated most users: you couldn’t control what VLAN ID to give to an isolated network. Now you can, just like shared networks. Other networking changes target Cisco VNMC support, VMWare distributed switches support, and portable IPs across zones.

Dedicated Resources and Anti-Affinity Groups

Starting with this version, you can dedicate VLANs and public IPs to accounts. Plus, you can dedicate pods, cluster, or hosts to a domain or account. These additions provide some manageability and security without having to deal with host tags.

For those who run CloudStack in a production environment, you might find it annoying that you can’t really control where your VMs reside. For example, if you have 2 web servers, you might want to have them on separate hosts all the time to avoid a situation where both VMs are running on the same host, and the host dies. They fixed that problem in 4.2! You can create what they call anti-affinity groups. That way, ACS will make sure your resources run on different hosts.

Storage Migration

In previous ACS versions, you couldn’t migrate a VM from one storage repository to another without shutting down the VM. Not good when your business doesn’t tolerate downtime! With the 4.2 release, you can leverage the Xen StorageMotion and VMWare vMotion features to move a VM from a storage repository in a live fashion. No more downtime.

The Verdict…

I just can’t say anything bad about this release. The feature set is impressive; the product gains in stability and maturity. It’s too early to say whether it is a stable release, since I haven’t run it for more than a week. But so far it, runs great in our environment. Seeing where the product is heading, I am very eager to see the next major release coming with some other great features like Palo Alto firewall support and Juniper Contrail SDN.

Share Your Thoughts!

423 rue Saint-Nicolas, 2nd Floor
Montreal, QC H2Y 2P4

56 Temperance St, 7th Floor
Toronto, ON M5H 3V5
201 Sommerville Ave.
Sommerville, MA 02143