Current Series Release Notes

19.0.0.0rc1-66

New Features

• Add support for easily viewing the content of kolla/passwords.yml with the new command kayobe overcloud service passwords view.

• Allows configuring inspector_keep_ports for Bifrost via kolla_bifrost_inspector_keep_ports (defaults to present to match Bifrost).

• Adds support for bootstrapping Python on Ubuntu through a proxy.

• Bumps stackhpc.linux Ansible collection to v1.5.1. This adds support for configuring MIG devices without creating vGPUs.

• Adds support for managing the Ansible control host configuration. This is provided by the new kayobe control host configure command, and uses the existing host configuration features in Kayobe.

  Also provided is a kayobe control host command run command for running commands on the Ansible control host, and a kayobe control host package update command for updating its OS packages.

• Configure inspection network DNS servers to enable Ironic inspection when kolla_internal_fqdn is set.

• Added the tag bifrost to kolla-bifrost.yml so that we can easily limit to Bifrost in kayobe seed service deploy.

• Removed the options --kolla-tags and kolla-limit from all commands. Regular --tags and --limit will now be passed directly to the Kolla-Ansible invocations. Added the tag kayobe-generate-config to kolla-ansible.yml and kolla-openstack.yml. This tag is now always called, to allow for limiting to OpenStack services with just one tag, e.g. kayobe overcloud service deploy -t nova`. You can still skip this with ``--skip-tags kayobe-generate-config.

• Skip external connectivity check behind a proxy.

• Adds an opt-in nmstate network engine (network_engine: nmstate) for host network configuration via NetworkManager/libnmstate.

• Supports Ethernet, VLAN, bond, bridge, routes, and routing rules, and adds OVS patch-link veth generation for overcloud bridge-to-OVS connectivity.

• Adds structured ethtool configuration via <network>_ethtool_config for ring parameters and selected offload features.

• The nmstate network engine is only supported on Rocky Linux. Ubuntu Noble is not supported because the required system packages (nmstate, python3-libnmstate) are not available in Ubuntu repositories. Attempting to use nmstate on Ubuntu will fail with a clear error message directing users to use the legacy network engine.

• Adds support for installing and configuring fail2ban. See the docs http://docs.openstack.org/kayobe/latest/configuration/reference/hosts.html#fail2ban for more information.

Known Issues

• NTP configuration was missing from infrastructure VMs because infra-vms was not present under the [ntp] group. Operators should ensure the most recent upstream kayobe-config is merged into their local configuration to resolve this issue.

Upgrade Notes

• Rocky Linux based Ironic Python Agent images are now built in Rocky Linux based deployments rather than CentOS Stream: ipa_build_dib_elements_default uses rocky-container element; ipa_build_dib_packages includes the python3-yaml package; ipa_build_dib_env_default uses specified os_release; and container runtime is set to container_engine.

• baremetal element now included in ipa_build_dib_elements_default

• Updates the maximum supported version of Ansible from 12 (ansible-core 2.19) to 13 (ansible-core 2.20). The minimum supported version is updated from 11.x to 12.x. This is true for both Kayobe and Kolla Ansible.

• Removed the options --kolla-tags and kolla-limit from all commands. Regular --tags and --limit will now be passed directly to the Kolla-Ansible invocations. Added the tag kayobe-generate-config to kolla-ansible.yml and kolla-openstack.yml. This tag is now always called, to allow for limiting to OpenStack services with just one tag, e.g. kayobe overcloud service deploy -t nova`. You can still skip this with ``--skip-tags kayobe-generate-config.

• Python 3.10 and 3.11 are no longer supported on the control host. Use Python 3.12 as a minimum version for the Kayobe virtualenv.

• Introduces network_engine in globals.yml: legacy (default) and nmstate.

• With nmstate, ethtool settings use structured YAML in <network>_ethtool_config. legacy engine behavior is unchanged.

• With network_engine: nmstate, <network>_rules entries must use dict format (keys such as from, to, priority, table). String-format rules are rejected on the nmstate path. legacy engine behavior is unchanged.

• Switching to nmstate may reconfigure host networking and cause temporary connectivity disruption.

Bug Fixes

• Fixes generation of Bifrost host variable files when ipv4_gateway is undefined. LP#2133489

• Bumps stackhpc.linux Ansible collection to v1.5.1. This fixes race conditions in setup of vGPU SR-IOV devices.

• Fixes swap configuration for the seed hypervisor, seed and infra VM hosts. LP#2138800

• Bumps version of nvidia.nvue Ansible collection from 1.2.6 to 1.2.9. This fixes an issue where switch configuration could not be applied to switches running Cumulus Linux 5.13. See LP#2131677 for more details.

• Fixes an issue building diskimage-builder images when EPEL is disabled. See LP#2141684 for more details.

• Fixes an issue building diskimage-builder images when using the podman container engine, See LP#2142501 for more details.

• Fixes host configure regressions when using network_engine: nmstate on Rocky Linux. Kayobe now ensures named route tables from network_route_tables are defined in /etc/iproute2/rt_tables for nmstate-managed hosts. These fixes apply only to the nmstate engine path; legacy engine behavior is unchanged.

• When using network_engine: nmstate with firewalld enabled, Kayobe now reconciles interface-to-zone mappings in both permanent and runtime firewalld configuration for interfaces that define <network>_zone.