2024.1 Series Release Notes¶
16.2.0-13¶
New Features¶
Adds the internal VIP to the NOPROXY/noproxy environment variables.
Adds support for using Cumulus switches (NCLU and NVUE) with Networking Generic Switch.
Upgrade Notes¶
Bumps the
stackhpc.linux
collection to 1.3.0. Note this version uses systemd to activate virtual functions. This change is restricted to thestackhpc.linux.sriov
role, which is not used by Kayobe. If a custom playbook uses this role, you can retain existing behaviour by settingsriov_numvfs_driver
toudev
.
Security Issues¶
When running API requests from a host configured with kayobe, traffic destined for the internal VIP is sent via the default proxy. This can be a security issue if not using TLS as the proxy will be able to intercept the traffic. If using an untrusted proxy, with TLS disabled on the internal VIP, it is recommended that you run
kayobe overcloud host configure -t proxy
,kayobe seed hypervisor host configure -t proxy
,kayobe seed host configure -t proxy
, andkayobe infra vm host configure -t proxy
, to add the internal VIP to the no proxy configuration. This is considered a minor issue as traffic between containers will not use the proxy by default. LP#2087556
Bug Fixes¶
Fixes IPA and host image build failures when Git was not installed on the build host. LP#2058922
The
proxysql
image is now built whenkolla_enable_proxysql
is set totrue
.
Updates the group and mode set on the
/var/log/journal
directory to match default ownership and permissions used bysystemd-journald
. LP#2083494
Fixes generation of kernel parameters when the GRUB_CMDLINE_LINUX_DEFAULT variable is absent from
/etc/default/grub
. LP#2083874.
Changes the default cloud image for seed and infra VMs to use Rocky Linux 9.3 when using
bios
boot mode, to fix boot failures with newer cloud images. When deploying new VMs, it is recommended to setinfra_vm_boot_firmware
andseed_vm_boot_firmware
toefi
.
Fixes an issue when using overcloud Ironic with a shared Ansible control host. The use of a shared cache directory could lead to a failure to download Ironic Python Agent (IPA) images. LP#2069845
16.2.0¶
New Features¶
Adds support for specifying
boot_firmware
andmachine
variables to seed and infra VMs. This can be used to launch VMs in UEFI boot mode with Q35 machine type.
Bumps stackhpc.libvirt-vm Ansible role to
v1.16.1
.
Bug Fixes¶
eos_config
does not support theprovider
parameter since Ansible 7. Users are required to update their configuration according to Arista EOS documentation.
Fixes a bug where systemd-networkd was not permanently enabled when the unit was already in state
runtime-enabled
. LP#2073100
16.0.0¶
New Features¶
Adds the command
kayobe baremetal introspection data save
to save the hardware introspection data gathered bykayobe baremetal compute inspect
.
Adds a new variable
kolla_build_neutron_ovs
which gives users the option to build Neutron OVS container images while the system is using OVN. This is useful when users want to build all Neutron container images at the same time.
Configures journald to use a persistent storage by default. This allows you to keep journald logs across reboots and is controlled by the
journald_storage
variable. See Kayobe documentation for more details.
Adds the command
kayobe seed service destroy
. This can be used to clean up all services on the seed host. Caution is advised when using this command as it will delete all of the data on the seed.
Adds support for auth configuration for Apt respositories and proxies using
auth.conf
files.
This patch adds experimental functionality to enroll baremetal nodes into Ironic using Kayobe via a new playbook
baremetal-compute-register.yml
and addskayobe baremetal compute register
into the Kayobe CLI.
kayobe overcloud deprovision
now requires confirmation before any hosts are deprovisioned. Automatic confirmation can still be achieved by settingconfirm_deprovision
toyes
.
Adds support for specifying credentials (username and password) for custom DNF repositories.
Adds support for defining custom playbook hooks in Kayobe environments.
kayobe kolla ansible run
will now generate Kolla-Ansible configuration before the command is run. You can use--skip-tags kolla-openstack
to skip this for commands that do not require the kolla config.
Adds support for setting the max fail percentage for Ansible plays via
kayobe_max_fail_percentage
. It can also be set on a per-playbook basis, e.g.time_max_fail_percentage
.
Adds support for specifying IP policy-based routing rules using the dict-based format on CentOS Stream and Rocky Linux systems. The string-based format is still supported on these systems.
Adds new Redfish rules to Ironic and Bifrost introspection. The following variables are added:
inspector_rules_redfish_enabled
inspector_redfish_username
inspector_redfish_password
inspector_rule_var_redfish_verify_ca
inspector_rules_ipmi_enabled
kolla_bifrost_inspector_redfish_username
kolla_bifrost_inspector_redfish_password
Custom telegraf configuration is now supported. See Kayobe documentation on configuring kolla-ansible services.
Upgrade Notes¶
Updates the maximum supported version of Ansible from 8.x (ansible-core 2.15) to 9.x (ansible-core 2.16). The minimum supported version is updated from 7.x to 8.x. This is true for both Kayobe and Kolla Ansible.
Bumps
stackhpc.linux
collection to 1.2.0 to include new roles. Addsstackhpc.network
andstackhpc.openstack
collections to requirements. Refactors invocation of the roles moved into collections mentioned above, and updates the documentation - role names and outdated Ansible Galaxy documentation links.
kayobe overcloud deprovision
now requires confirmation before any hosts are deprovisioned. Automatic confirmation can still be achieved by settingconfirm_deprovision
toyes
.
Support for deploying Murano has been dropped.
Support for deploying Sahara has been dropped.
Support for deploying Senlin has been dropped.
Support for deploying Solum has been dropped.
Support for deploying Vitrage has been dropped.
kayobe kolla ansible run
will now generate Kolla-Ansible configuration before the command is run. You can use--skip-tags kolla-openstack
to skip this for commands that do not require the kolla config.
Support for the
devicemapper
Docker storage driver is removed following its removal from Docker Engine 25.0. Operators usingdevicemapper
should migrate to a supported storage driver before updating Docker to 25.0 or later.
Support for deploying Freezer has been dropped.
Bug Fixes¶
Added fix for the custom RabbitMQ configuration. Fixed incorrect path and glob, so now you can template also all other configuration files such as
advanced.config
,definitions.json
,enabled_plugins
, anderl_inetrc
together withrabbitmq.conf
andrabbitmq-env.conf
.
Fixes an issue where Dell OS6 and Dell OS9 switch configuration was not applied correctly. LP#2061102.
letsencrypt
andhaproxy-ssh
images are now built whenkolla_enable_letsencrypt
is set totrue
.
Fixes issue of ironic files being left behind after node deprovision which prevents it from being enrolled and provisioned again.
Fixes default Ubuntu Apt keyrings location to the recommended
/etc/apt/keyrings
.
Fixes gateway assignment when seed SNAT is disabled. In this circumstance Bifrost was generating ConfigDrive data with the default gateway unset even when one is available on the admin network.
Fixes the bug where /etc/hosts was not populated correctly when running Kayobe using a host limit. LP#2051714
Fixes issue building container images when docker registry contained a port. See LP#2054715 for more details.
Fixes an issue with overcloud service destroy where it failed to remove the inspection store docker volume. See LP#2050092.
Fixes bugs with the
kolla_enable_letsencrypt
variable which were causing overcloud container image build to fail, or to includeletsencrypt
images when disabled.
Fixes a bug where NetworkManager would overwrite resolv.conf when
resolv_is_managed
is set toTrue
. LP#2044537
Fixes the
wipe-disks
role which was failing on supported host operating systems due to a change in the output format oflsblk -J
inutil-linux
version2.37
. LP#2051859
Other Notes¶
Kayobe networking documentation for IP rules on CentOS Stream/Rocky Linux systems has been updated to reflect that routing tables must be specified by ID rather than by name.