The compute improvements in Gazpacho are directly tied to what operators migrating from VMware have been requesting. The headline Nova feature is parallel live migrations. The concept of a live migration in VMware is commonly known as vMotion and is often cited as a critical feature by users in their deployments.
Previously, live migration in OpenStack used a single memory transfer connection to copy VM memory from one host to another. The process works by copying the full memory state, then copying incremental deltas until no delta remains and the cutover can complete. That transfer ran as a single thread.
Gazpacho changes the underlying algorithm. Multiple memory transfer connections now run simultaneously, fragmenting the network transfer across parallel threads. “This process of transferring the memory is happening through multiple threads,” Carrez said. “It’s no longer, let’s transfer the whole thing and then transfer the new delta, and then the new new delta.”
Carrez said the performance improvement brings OpenStack’s live migration behavior closer to what operators experienced in VMware environments. The feature has been in high demand from operators deploying OpenStack as a VMware replacement.
The second major Nova addition is live migration support for instances backed by a virtual Trusted Platform Module (vTPM), which store cryptographic secrets used to protect workload data. Moving a VM that relies on a vTPM has historically required separate handling of the secret material, since the secret stored in one instance’s vTPM cannot automatically transfer to a destination host.
Gazpacho addresses this by persisting the TPM secret in Barbican, OpenStack’s key management service, and transferring to the destination host during migration. “It allows the secret to be restored into the next vTPM, and that’s really enabling the secure movement of sensitive workloads,” Carrez said.
