Current Series Release Notes

17.0.0.0rc1-64

New Features

  • Adds the kolla feature flag: kolla_enable_ironic_inspector. This defaults to true if you have enabled Ironic as Kayobe makes extensive use of introspection rules. Please note that whilst ironic inspector is deprecated, some features, such as introspection rules are not currently implemented in the replacement implementation built-in to Ironic. See Ironic documentation for more details.

  • Adds support for the Podman container engine as an alternative to Docker. See Kayobe docs for futher information.

  • Adds variables to configure authentication parameters in the image-download role, which is used to download IPA images. The new variables are image_download_url_username, image_download_url_password, image_download_force_basic_auth and image_download_unredirected_headers. See documentation of the get_url and uri Ansible modules for more details on how to use these variables.

  • Deploying and destroying infrastructure VMs is now significantly faster as only the required variables are passed to the relevant tasks as opposed to the entire collection of hostvars for each VM.

  • Adds dynamic-login to the default list of DIB elements included in Ironic Python Agent (IPA) images. This element can dynamically configure credentials at boot time, which is especially useful for troubleshooting.

  • Supports forcing time synchronisation after configuring chrony if ntp_force_sync is changed to True.

  • Using --list-tasks flag is now supported in commands that use kolla-ansible such as kayobe overcloud service deploy --list-tasks. This will now show the name of tasks and any tags associated with them.

  • Allows running without root privileges, provided that all Kayobe package dependencies are installed and all configured paths are writable for the current user, e.g. Python virtualenvs and output directories. To use this feature set kayobe_control_host_become to false in $KAYOBE_CONFIG_PATH/globals.yml.

Known Issues

  • On Ubuntu 22.04, when using podman, containers may get stuck in the creating state when using a 6.5.x series (or newer) kernel. See LP#2056210 for more details. The bug has been fixed upstream in crun, but we are awaiting a new Ubuntu 22.04 package to be released.

Upgrade Notes

  • The docker group has been renamed to container-engine.

  • The kayobe-config configuration file docker.yml has been renamed to container-engine.yml.

  • Updates the mrlesmithjr.chrony role to v0.1.6.

  • Updates the maximum supported version of Ansible from 11 (ansible-core 2.17) to 12 (ansible-core 2.18). The minimum supported version is updated from 9.x to 10.x. This is true for both Kayobe and Kolla Ansible.

  • Stops automatically removing the inspection_store and opensm containers when they become disabled in Kayobe configuration. Manual container removal is now necessary, except in the case of a full service destroy.

Bug Fixes

  • Fixes public-openrc.sh missing the OS_CACERT variable when absent from admin-openrc.sh. LP#2110549

  • Bumps the MichaelRigart.interfaces role to v1.15.3 to fix an issue where NetworkManager was not restarted before bouncing network interfaces. LP#2100792

  • Bumps the MichaelRigart.interfaces role to v1.15.4 to fix compatibility with CentOS Stream 9 due to changes in the iproute package.

  • Fixes ipa_kernel_options_default when ipa_collect_lldp is set to false. LP#2110505

  • Fixes incomplete removal of netplan packages which was preventing generated network configuration from getting applied with host configure commands. LP#2103794

  • Fixes a bug where non-overcloud hosts would show up in the confirmation prompt for kayobe overcloud deprovision LP#2091703

  • Bumps MichaelRigart.interfaces to fix an issue where kayobe overcloud host configure would fail to template during the networking tasks on Rocky hosts, with the error Could not load "ipaddr". LP#2107335

  • Fixes an issue where slave interfaces would not be brought back up when bouncing the master interface. LP#2072340.

  • Fixes an issue on boot where vgpu devices would fail to start due to a race condition in the startup logic. See LP#2102153 for more details.

  • Updates overcloud-deprovision.yml to use ansible.builtin.pause when prompting to confirm deprovisioning. This is the recommended workaround to Ansible issue 84515.

  • Pin requirements for IPA image build to ensure that the ironic-lib version matches ironic-python-agent. LP#2089263

  • Adds a name field to elements of apt_repositories, which specifies the name of the repository file (without the .sources suffix). The default value of this field is kayobe and it may be omitted. The user can override the default by providing a different name, such as ubuntu, and new repository data. This way, the default file, /etc/apt/source.list.d/ubuntu.sources, will be overwritten by the provided repository configuration. LP#2107280

17.0.0.0rc1

Security Issues

  • Avoid leaking DNF repository username/password credentials in the Kayobe output by adding loop control to print only the repository key. LP#2087938

Bug Fixes

  • Avoid leaking DNF repository username/password credentials in the Kayobe output by adding loop control to print only the repository key. LP#2087938