Current Series Release Notes

33.0.0-85

New Features

• The nova-manage and nova-status CLI commands now support native threading mode via the OS_NOVA_DISABLE_EVENTLET_PATCHING environment variable. This allows CLI commands that perform cross-cell operations using scatter-gather patterns (e.g., nova-manage cell_v2 list_hosts, nova-status upgrade check, nova-manage placement heal_allocations) to benefit from concurrent execution with native threading. For more details, see the concurrency guide: https://docs.openstack.org/nova/latest/admin/concurrency.html

• The default concurrency mode is now switched from eventlet to native threading for nova-conductor, and nova-compute services. The concurrency mode can still be switched back to eventlet if needed per service. Please read the concurrency guide for more details.

• The websocketproxy (nova-novncproxy, nova-serialproxy, and nova-spicehtml5proxy) can now be run in native threading mode instead of with eventlet. This is an experimental feature that is disabled by default. Please read the concurrency guide for more details: https://docs.openstack.org/nova/latest/admin/concurrency.html

Upgrade Notes

• Two indexes were added to the migrations table: migrations_by_src_host_nodes_and_status_idx and migrations_by_dest_host_nodes_and_status_idx. These indexes optimize migration lookups for a specific compute node by source or destination host/node and are used by the _cleanup_incomplete_migrations periodic task (run every 5 minutes by default on each compute service). In environments with large migration tables, this significantly reduces query latency and improves the nova-conductor performance. See bug 2121465 for details.

• Python 3.10 support has been dropped. The minimum version of Python now supported by nova is Python 3.11.

• Linux bridge VIF support has been removed from Nova. The VIF_TYPE_BRIDGE VIF type is no longer supported by the libvirt virt driver.

  Operators using Neutron’s Linux bridge mechanism driver must migrate their deployments to a supported backend such as Open vSwitch (OVS) or OVN before upgrading Nova. Note that neutron removed support for the Linux bridge in 2025.1 (epoxy).

  Impact:

  • Instances with binding:vif_type=bridge ports will fail to start on upgraded compute nodes with a clear error message.

  • Existing instances using Linux bridge VIFs cannot be managed by upgraded compute nodes until migrated to supported VIF types.

  Required Actions:

  • Migrate workloads from Neutron Linux bridge backend to a supported backend before upgrading Nova compute nodes.

  • Update Neutron configuration to use supported mechanism drivers (OVS, OVN, SR-IOV, etc.).

  • Remove any Nova-specific Linux bridge configuration options.

• When you are upgrading to 2026.2 (Hibiscus) or newer the default configuration of nova-conductor, and nova-compute services change to run these services with native threading mode by default instead of the legacy eventlet mode. We recommend to decouple the upgrade from the concurrency mode change to reduce the risk of issues. To do that either test the native threading mode of these services already in 2026.1 (Gazpacho) or ensure that your service configuration is explicitly using the eventlet mode before you upgrade and only change to threading mode after the upgrade was successful. Please read the concurrency guide for more details on how to configure the mode.

Deprecation Notes

• Eventlet based concurrency mode is now deprecated and will be removed in a future release, not earlier than 2027.2. Nova services that are still configured to run with eventlet will log a deprecation warning at startup. Operators should migrate to native threading mode. All Nova services except the console proxy services (nova-novncproxy, nova-serialproxy, nova-spicehtml5proxy) already run in native threading mode by default. The console proxy services still default to eventlet mode and require explicit configuration to enable native threading. Please read the concurrency guide for details on how to configure native threading mode.

Bug Fixes

• Fixes an bug where deleting a volume backed server during the creation phase(building) could leave its cinder volume attachment behind. We will now check for already created BDMs during this deletion phase and will call/notify cinder for deleting these attachments.

• Bug #2105896: Fix error when multiple security groups in a project share the same name. The security group resolution now checks UUIDs before names, ensuring that a request using a specific UUID is never blocked by a naming collision. When a security group is requested by name and multiple groups share that name, a NoUniqueMatch error is raised prompting the user to use a UUID instead.

• Bug #2108974: Fix keypairs lost during cross-cell resize. When an instance was resized across cells, the keypairs stored in the instance_extra table were not loaded from the source cell before cloning the instance to the destination cell. As a result, the keypairs column was written as NULL in the target cell database, effectively losing the server’s keypair data after confirming the resize.

• The ironic virt driver now overrides get_num_instances to use the node cache instead of the default implementation which calls list_instances and loads each instance via a database call. This improves the performance of the sync_power_states periodic task for deployments with a large number of baremetal nodes. See bug 2117700 for details.

• Bug #2134375: Fix ports remain during creating instance with multiple network when error occurs updating first port.

• Bug #2144660: Fix NUMA cell sorting for non-PCI VMs with pack strategy. When using the pack NUMA cell allocation strategy, the compute claim was not passing pci_stats to numa_fit_instance_to_host for VMs without PCI requests. This caused the PCI-aware NUMA cell sort to be skipped, allowing non-PCI VMs to land on NUMA nodes holding PCI devices instead of being steered away from them.

• [bug 2123895] Fixed service endpoint discovery with [oslo_limit] configuration when unified limits quotas are enabled.

• However, nova metadata handler rejects a proxied metadata request if wrong signature was used for the request, but it logged the expected signature. This is now fixed and the expected signature is not present in the warning anymore. In case of concerns regarding the logged signature, it is advised to replace metadata_proxy_shared_secret in nova and neutron configuration. See bug #2150094 description for more details.

Other Notes

• Optimized the discovery of PCI passthrough devices and added caching. Previously libvirt was called 3 times per device, this has been reduced to a single call.

  Note

  Separately, please be aware of an upstream bug in libvirt (< 10.5) that caused an leak of GSource objects, which slowed down queries over time. https://gitlab.com/libvirt/libvirt/-/commit/98f1cf88fa7e0f992d93f376418fbfb3996a9690