Blazar introduced support for reserving compute instances based on existing Nova flavors. This can be used to provide reservation of GPU instances.

New driver features were added, notably, Dell PowerStore active-active support, Dell PowerStore QoS support, NetApp added support to active/active mode in ISCSI/FC drivers, HPE Nimble replication, and StorPool added support clone-across-pools capability.

Along with many bug fixes, Cinder saw improved checks for images downloaded to volumes to address OSSA-2024-001 and significant improvements to the Fujitsu, HPE, Hitachi, and PowerStore drivers.

The Quobyte volume driver and the GlusterFS backup driver have been deprecated.

Added support of new add/get location APIs which replaces the image-update (old location-add) mechanism for consumers like cinder and nova to address OSSN-0090 and OSSN-0065.

Removed deprecated location_strategy functionality which was used to prioritize location order for downloading the image.

Deprecated metadata_encryption_key config option since it’s related functionality doesn’t serve the purpose of encryption of location metadata.

Horizon now uses new pytest-based integration tests jobs.

Horizon now uses SDK instead of neutronclient for Neutron networks, subnets, trunks, ports and subnetpools.

Ironic has added runbooks, a new API concept to enable self-service of maintenance items on nodes by project members. Runbooks are curated lists of steps that can be run on nodes only associated via traits and used in lieu of an explicit list of steps for manual cleaning or servicing. They also follow RBAC rules, allowing projects to limit who can CRUD and use a runbook.

Ironic has removed the deprecated ibmc, xclarity, and idrac-wsman drivers, in favor of more modern, redfish-based drivers.

Ironic has extended the functionality of the generic virtual media devices API, allowing to fetch the list of virtual media devices attached to a node.

Ironic has updated the Redfish interoperability profile to version 1.1.0 that adds a lot of missing resources and fields, and clarifies their purpose.

Ironic has added the configuration options disallowed_enrollment_boot_modes and disallowed_deployment_boot_modes to allow or disallow specific boot modes for node enrollment and/or deployment. By default all boot modes are allowed.

Ironic now allows to perform firmware updates on active nodes with the firmware interface, using the redfish driver firmware update feature as a service step.

Ironic has enhanced multiple security aspects, for example it now requires rescue passwords to be hashed, it has reduced the logged nodes information during the cleaning phase to avoid showing sensitive data, and it has hardened the communication between the ironic services and the ironic agent requiring an HTTPS url by default.

Ironic now discourages the use of partition images, in favor of whole disk images. UEFI Partition images, where EFI assets are copied from a partition image, are the only partition images Ironic intends to test on a regular basis moving forward.

A new share driver has been added to allow provisioning and managing NFS shares with a VAST DATA Storage appliance. Users can also take point-in-time backups of these shares through snapshots.

Users now have the ability to manipulate storage capabilities through share metadata. Cloud operators can determine which capabilities are updatable; and users are notified about the status of the updates through asynchronous user messages.

It is now possible to specify pre-created NetApp ONTAP efficiency policies through the use of the netapp:efficiency_policy share type extra spec.

The manila-manage service list command can now provide the response in json and yaml formats.

The NetApp ONTAP driver now supports creating Write Once Read Many (WORM) shares through the use of the NetApp storage SnapLock feature.

Manila now supports scheduling shares on hosts that are currently running and marked as being under maintenance (disabled).

When creating access rules with a deletion lock, the corresponding shares will also be locked to prevent disconnections.

Users can now set and unset metadata on share export locations. The behavior is similar to Manila shares. A new configuration option named admin_only_el_metadata was added in order to allow administrators to prevent end users to update certain metadata keys.

Cloud operators can now refresh share export locations through a new API instead of restarting Manila’s share manager service. This improves the uptime and availability of the cloud.

The Shared File Systems service now requires a user’s scope to be set within the OpenStack Identity service by default. This behavior can be turned off, however, it is highly discouraged to do so.

Manager role support was added to the Neutron APIs, meeting the next phase of the Secure RBAC community goals.

All supported mechanism drivers (ML2/OVS, ML2/OVN) can now use the WSGI API module, completing the first phase of eventlet library deprecation.

Changed from using subquery to selectin for the DB load strategy, which should increase performance and reduce complexity.

OVN routers can now be attached to tunnelled external gateway networks.

Support was added for nested SNAT in the ML2/OVN driver, bringing it in line with existing behavior in other drivers.

With the libvirt driver and libvirt version 7.3.0 or newer, mediated devices for vGPUs are now persisted across reboots of a compute host.

Instances with UEFI firmware can now be launched with stateless firmware if their image has the hw_firmware_stateless property and if the compute services have libvirt 8.6.0 or later.

Nova now automatically detects vTPM support for compute services if libvirt version is above 8.0.0 and if swtpm is installed on the node. It will also automatically get the TPM models that are supported.

You can now require TLS connections for SPICE consoles if you set the [spice]/require_secure configuration option to True.

AggregateMultitenancyIsolation scheduler filter now supports multiple aggregate keys prefixed by filter_tenant_id which removes the limitation on the number of tenants an aggregate of hosts can relate to.

A couple of other improvements target reducing the number of bugs we have: one is changing how the Ironic driver sends metadata to the Ironic API, and another one created a new nova.wsgi WSGI module that allows different WSGI servers to set their WSGI application the same way (using module instead of a binary).

Added support for deployment on Ubuntu 24.04 (Noble Numbat)

Ansible Core version is updated to 2.17 series.

Adopted usage of deb822 format for APT repositories for Debian and Ubuntu. This is not a backwards compatible change, so all deployments defining custom repositories will need to adapt their variables to match the deb822 format during upgrade.

All playbooks were moved into the openstack.osa collection. They were also renamed to better describe the playbook purpose. So now you can run playbooks like this from any directory: openstack-ansible openstack.osa.nova Playbooks inside the integrated repository were left for backwards compatibility, but they simply import the corresponding playbook from the openstack.osa collection.

Revise for getting better performance of list APIs.

Introduce VNF package generator which enables users to setup the packages from simple command line tool.

Migrate SQLAlchemy from 1.0 to 2.0.

Refactor functional tests to reduce failures of a wrong status transitions of VNFs, an unexpected timeout of operation or wrong configuration.

Revise document structure and the contents of whole usecases and CLI documents.