The OpenStack cloud infrastructure project continues to evolve with the recent release of its 32nd version, OpenStack Flamingo. This version marks significant progress in addressing technical debt while enhancing security features. OpenStack, originally developed through collaboration between NASA and Rackspace, has now been in operation for over 15 years.
Flamingo has seen contributions from around 480 contributors across multiple organizations, including Ericsson, Rackspace, Red Hat, Walmart, Samsung SDS, SAP, and Nvidia. This latest release introduces nearly 8,000 changes mainly focused on reducing long-standing technical debt and improving overall security.
One of the critical areas for improvement in Flamingo is the migration away from Eventlet, the concurrency library initially created for Python 2. As the Python ecosystem transitioned to Python 3, OpenStack continued to rely on Eventlet, which has been declining in maintenance. During the Flamingo development, multiple components—including the Ironic bare metal service and the Mistral workflow service—successfully transitioned to use Python 3’s native asyncio framework. This migration is a vital architectural change that promises long-term sustainability for OpenStack.
In addition to addressing technical debt, Flamingo brings various security enhancements. Key features include support for one-time-use passthrough devices in the Nova compute project, which remain reserved after instance deletion, allowing for crucial security checks before reallocation. Furthermore, Nova now supports AMD’s Secure Encrypted Virtualization, which bolsters confidential computing by protecting guest memory and CPU registers.
Other security improvements include the Magnum service enabling Kubernetes cluster credential rotation and Manila supporting bring-your-own-key encryption for shared file systems. The Horizon dashboard has also improved its multi-factor authentication configuration by allowing the display of QR codes for setting up time-based one-time passwords.
Flamingo’s Neutron networking project has introduced several enhancements to improve integration with Open Virtual Network (OVN), streamlining the architecture for operators. The release allows certain configurations to use stateless NAT rules to enhance performance, particularly in high-throughput scenarios, and adds granular policy control to manage access rights effectively.
Looking forward, the OpenStack community plans to complete the migration from Eventlet to asynchronous mechanisms across all projects. The next release, slated for April 2026, is expected to include continued advancements in artificial intelligence workloads as they become increasingly integral to cloud computing infrastructure.
