2024.1 Series Release Notes

16.3.0

New Features

  • Adds the internal VIP to the NOPROXY/noproxy environment variables.

  • Adds support for using Cumulus switches (NCLU and NVUE) with Networking Generic Switch.

Upgrade Notes

  • Bumps the stackhpc.linux collection to 1.3.0. Note this version uses systemd to activate virtual functions. This change is restricted to the stackhpc.linux.sriov role, which is not used by Kayobe. If a custom playbook uses this role, you can retain existing behaviour by setting sriov_numvfs_driver to udev.

Security Issues

  • When running API requests from a host configured with kayobe, traffic destined for the internal VIP is sent via the default proxy. This can be a security issue if not using TLS as the proxy will be able to intercept the traffic. If using an untrusted proxy, with TLS disabled on the internal VIP, it is recommended that you run kayobe overcloud host configure -t proxy, kayobe seed hypervisor host configure -t proxy, kayobe seed host configure -t proxy, and kayobe infra vm host configure -t proxy, to add the internal VIP to the no proxy configuration. This is considered a minor issue as traffic between containers will not use the proxy by default. LP#2087556

Bug Fixes

  • Fixes IPA and host image build failures when Git was not installed on the build host. LP#2058922

  • The proxysql image is now built when kolla_enable_proxysql is set to true.

  • Updates the group and mode set on the /var/log/journal directory to match default ownership and permissions used by systemd-journald. LP#2083494

  • Fixes generation of kernel parameters when the GRUB_CMDLINE_LINUX_DEFAULT variable is absent from /etc/default/grub. LP#2083874.

  • Changes the default cloud image for seed and infra VMs to use Rocky Linux 9.3 when using bios boot mode, to fix boot failures with newer cloud images. When deploying new VMs, it is recommended to set infra_vm_boot_firmware and seed_vm_boot_firmware to efi.

  • Fixes an issue when using overcloud Ironic with a shared Ansible control host. The use of a shared cache directory could lead to a failure to download Ironic Python Agent (IPA) images. LP#2069845

16.2.0

New Features

  • Adds support for specifying boot_firmware and machine variables to seed and infra VMs. This can be used to launch VMs in UEFI boot mode with Q35 machine type.

  • Bumps stackhpc.libvirt-vm Ansible role to v1.16.1.

Bug Fixes

  • eos_config does not support the provider parameter since Ansible 7. Users are required to update their configuration according to Arista EOS documentation.

  • Fixes a bug where systemd-networkd was not permanently enabled when the unit was already in state runtime-enabled. LP#2073100

16.0.0

New Features

  • Adds the command kayobe baremetal introspection data save to save the hardware introspection data gathered by kayobe baremetal compute inspect.

  • Adds a new variable kolla_build_neutron_ovs which gives users the option to build Neutron OVS container images while the system is using OVN. This is useful when users want to build all Neutron container images at the same time.

  • Configures journald to use a persistent storage by default. This allows you to keep journald logs across reboots and is controlled by the journald_storage variable. See Kayobe documentation for more details.

  • Adds the command kayobe seed service destroy. This can be used to clean up all services on the seed host. Caution is advised when using this command as it will delete all of the data on the seed.

  • Adds support for auth configuration for Apt respositories and proxies using auth.conf files.

  • This patch adds experimental functionality to enroll baremetal nodes into Ironic using Kayobe via a new playbook baremetal-compute-register.yml and adds kayobe baremetal compute register into the Kayobe CLI.

  • kayobe overcloud deprovision now requires confirmation before any hosts are deprovisioned. Automatic confirmation can still be achieved by setting confirm_deprovision to yes.

  • Adds support for specifying credentials (username and password) for custom DNF repositories.

  • Adds support for defining custom playbook hooks in Kayobe environments.

  • kayobe kolla ansible run will now generate Kolla-Ansible configuration before the command is run. You can use --skip-tags kolla-openstack to skip this for commands that do not require the kolla config.

  • Adds support for setting the max fail percentage for Ansible plays via kayobe_max_fail_percentage. It can also be set on a per-playbook basis, e.g. time_max_fail_percentage.

  • Adds support for specifying IP policy-based routing rules using the dict-based format on CentOS Stream and Rocky Linux systems. The string-based format is still supported on these systems.

  • Adds new Redfish rules to Ironic and Bifrost introspection. The following variables are added:

    • inspector_rules_redfish_enabled

    • inspector_redfish_username

    • inspector_redfish_password

    • inspector_rule_var_redfish_verify_ca

    • inspector_rules_ipmi_enabled

    • kolla_bifrost_inspector_redfish_username

    • kolla_bifrost_inspector_redfish_password

Upgrade Notes

  • Updates the maximum supported version of Ansible from 8.x (ansible-core 2.15) to 9.x (ansible-core 2.16). The minimum supported version is updated from 7.x to 8.x. This is true for both Kayobe and Kolla Ansible.

  • Bumps stackhpc.linux collection to 1.2.0 to include new roles. Adds stackhpc.network and stackhpc.openstack collections to requirements. Refactors invocation of the roles moved into collections mentioned above, and updates the documentation - role names and outdated Ansible Galaxy documentation links.

  • kayobe overcloud deprovision now requires confirmation before any hosts are deprovisioned. Automatic confirmation can still be achieved by setting confirm_deprovision to yes.

  • Support for deploying Murano has been dropped.

  • Support for deploying Sahara has been dropped.

  • Support for deploying Senlin has been dropped.

  • Support for deploying Solum has been dropped.

  • Support for deploying Vitrage has been dropped.

  • kayobe kolla ansible run will now generate Kolla-Ansible configuration before the command is run. You can use --skip-tags kolla-openstack to skip this for commands that do not require the kolla config.

  • Support for the devicemapper Docker storage driver is removed following its removal from Docker Engine 25.0. Operators using devicemapper should migrate to a supported storage driver before updating Docker to 25.0 or later.

  • Support for deploying Freezer has been dropped.

Bug Fixes

  • Added fix for the custom RabbitMQ configuration. Fixed incorrect path and glob, so now you can template also all other configuration files such as advanced.config, definitions.json, enabled_plugins, and erl_inetrc together with rabbitmq.conf and rabbitmq-env.conf.

  • Fixes an issue where Dell OS6 and Dell OS9 switch configuration was not applied correctly. LP#2061102.

  • letsencrypt and haproxy-ssh images are now built when kolla_enable_letsencrypt is set to true.

  • Fixes issue of ironic files being left behind after node deprovision which prevents it from being enrolled and provisioned again.

  • Fixes default Ubuntu Apt keyrings location to the recommended /etc/apt/keyrings.

  • Fixes gateway assignment when seed SNAT is disabled. In this circumstance Bifrost was generating ConfigDrive data with the default gateway unset even when one is available on the admin network.

  • Fixes the bug where /etc/hosts was not populated correctly when running Kayobe using a host limit. LP#2051714

  • Fixes issue building container images when docker registry contained a port. See LP#2054715 for more details.

  • Fixes an issue with overcloud service destroy where it failed to remove the inspection store docker volume. See LP#2050092.

  • Fixes bugs with the kolla_enable_letsencrypt variable which were causing overcloud container image build to fail, or to include letsencrypt images when disabled.

  • Fixes a bug where NetworkManager would overwrite resolv.conf when resolv_is_managed is set to True. LP#2044537

  • Fixes the wipe-disks role which was failing on supported host operating systems due to a change in the output format of lsblk -J in util-linux version 2.37. LP#2051859

Other Notes

  • Kayobe networking documentation for IP rules on CentOS Stream/Rocky Linux systems has been updated to reflect that routing tables must be specified by ID rather than by name.