2025.1 Series Release Notes

20.1.0-17

Upgrade Notes

• Debian container image builds now use Epoxy (2025.1) repositories of Debian OpenStack.

• Debian container image builds now use bookworm suite for RabbitMQ installation.

Bug Fixes

• Ensures Kolla uses only configured APT mirror on Ubuntu for full source control. LP#2112140

• Fixed missing metrics in Prometheus libvirt exporter.

  The Prometheus libvirt exporter has been bumped from v1.6.0 to v2.2.0. This restores some metrics that were lost when the exporter source was changed in a previous release.

  LP#2120639.

• Fix using Cinder as Glance image store when Cinder uses a FC or iSCSI backend by adding the missing lsscsi package to glance-api. LP#2111828

20.1.0

Upgrade Notes

• Backup files are now stored in timestamped directories and have new filenames. This does not affect restore, as Kolla Ansible does not support automated restore; users perform restores manually. A new full backup is recommended after upgrade to ensure incremental backups work correctly.

Bug Fixes

• Fixes incremental MariaDB backups by switching to directory-based base backups, following official Mariabackup recommendations. LP#2111620

• Fix neutron-l3-agent image builds on Rocky Linux by removing dibbler-client dependency. The package is no longer used in Neutron. LP#2112575

20.0.0

New Features

• Adds aarch64 iPXE support to the ironic-pxe image, by adding ipxe-bootimgs-aarch64 RPM package to Rocky Linux ironic-pxe images, and ensuring that an aarch64 iPXE binary is available in Ubuntu ironic-pxe images. No support for aarch64 iPXE in Debian images is included, as the distro packages do not install an aarch64 binary.

• Adds a support for external account binding (EAB) in Let’s Encrypt.

• Extends the support of externally-managed projects provided by the --docker-dir option with an ability to use configure_user jinja2 macros like Kolla built-in projects. The operator should specify “non-default” user details with <custom_user_name>-user configuration section and include info for uid and gid at least.

• Updated the contents of Python package options in documentation to reflect latest customisation methods.

• Added ESP image needed for UEFI virtual media boot. More context in Ironic documentation.

• Improves logging format of kolla containers by adding timestamps with milliseconds, log levels, and a custom date format.

• Add support for patching container images during build. See the build guide for details.

• Upgrade Let’s Encrypt lego from version to version v4.20.4 for better handling of custom ACMEs and general improvements. Changelog: https://github.com/go-acme/lego/compare/v4.15.0…v4.20.4

• Updates Prometheus version to v3.2.1. Also, switches back to the prometheus-server generic image name by removing the v2 part.

Known Issues

• libnetfilter_log, which is required in neutron-l3-agent when fwaas_v2_log is enabled, is not available in official rpm repos and enabling this feature on rpm platforms will prevent neutron-l3-agent from running.

Upgrade Notes

• Kolla toolbox is now using ansible-core 2.18

• The use of UPPER_CONSTRAINTS_FILE environment variable was moved from base_pip_conf block in base Dockerfile to kolla_toolbox_pip_conf block in kolla-toolbox Dockerfile as the environment variable now only affects Kolla-toolbox build. Bifrost python upper-constraints now follows openstack-base’s python upper-constraints instead of UPPER_CONSTRAINTS_FILE environment variable.

• Debian container image builds now use Dalmatian (2024.2) repositories of Debian OpenStack.

• Users who parse Docker container logs should take into account that for example INFO:__main__:Validating config file is now YYYY-MM-DD HH:MM:SS.fff INFO Validating config file.

• RabbitMQ version has been upgraded to 4.0.

• Update Prometheus services to latest releases:

  • prometheus-alertmanager: 0.28.0 -> 0.28.1

  • prometheus-blackbox-exporter: 0.24.0 -> 0.25.0

  • prometheus-cadvisor: 0.49.1 -> 0.49.2

  • prometheus-elasticsearch-exporter: 1.7.0 -> 1.8.0

  • prometheus-memcached-exporter: 0.14.2 -> 0.15.0

  • prometheus-mtail: 3.0.0-rc54 -> 3.0.8

  • prometheus-mysqld-exporter: 0.15.1 -> 0.16.0

  • prometheus-node-exporter: 1.7.0 -> 1.8.2

  • prometheus 2.50.1 -> 2.55.1

  This upgrade migrates to a new TSDB format which is compatible with Prometheus v3.

• Prometheus will be upgraded from v2 to v3 - which introduces minor breaking changes. Make sure there’s version 2.5.5 or later running before attempting an upgrade. Read the official migration guide for more details: https://prometheus.io/docs/prometheus/3.0/migration/.

• uwsgi and uwsgi-plugin-python3 installation has been moved from barbican-base image to openstack-base.

Deprecation Notes

• Building bifrost-deploy container image has been deprecated, in favor of a new ironic standalone deployment using ironic container images that will be implemented in kolla-ansible in the next cycles.

• swift images have been deprecated for removal in 2025.2.

Bug Fixes

• Fixes the inconsistency issue between config.json and real state in the container. LP#2060855

• Python3-pip installs the dependent package tzdata and blocks the mount of the /etc/localtime file in docker. LP#2091161

• Removes Git remote URLs after cloning to prevent credential exposure. LP#2098904

• Ensure that ipxe-snponly-aarch64.efi is available in /tftpboot in Centos and Rocky after bootstrapping ironic-pxe.

• libnnetfilter_log has been added to deb platforms in order to support the fwaas_v2_log feature in neutron l3 agent.

• Fixes a bug with Thales Luna HSM deployments. The new client software version requires the use of a specific group called “hsmusers”, and for consistency reasons, we are specifying both, the user id and the group id, and inserting the Barbican username inside of such a group. More information can be found at LP#Luna

• Remove the gnocchixyz-gnocchi-datasource plugin from grafana due to angular plugins being deprecated

• Fixes ironic-conductor missing mtools package.