Wallaby Series Release Notes

10.5.0-3

New Features

  • The new filter net_no_ip adds the attribute no_ip which can be set to true to skip IP address allocation and configuration for specific networks.

  • Updates base CentOS Stream 8 cloud image to CentOS-Stream-GenericCloud-8-20220913.0.x86_64.

Bug Fixes

  • Fixes an error when generating passwords.yml if an unencrypted file exists but a password has been supplied.

10.5.0

Bug Fixes

  • Fixes an issue with systemd-networkd configuration for VLAN interfaces when the interface is untagged.

  • Fixes an issue with nclu-switch command ordering, when description was applied first to a non-existent (virtual) interface. See story 2010279 for details.

10.4.0

Bug Fixes

  • Fixes an issue where a custom playbook using become_user could fail when setting permissions on temporary files. The acl package is now installed on all systems by default.

10.3.0

Bug Fixes

  • Fixes an issue with undefined kolla_enable_hacluster variable.

10.2.0

New Features

  • Enables hardware clock (RTC) synchronisation by default when applying the chrony role. This setting is configurable with the new variable chrony_rtcsync_enabled.

  • Adds support for inspection of L3-routed Ironic networks via DHCP-relay.

  • Adds support for running package updates on Ubuntu hosts via the following existing commands:

    • kayobe seed host package update --packages <packages>

    • kayobe seed hypervisor host package update --packages <packages>

    • kayobe infra vm host package update --packages <packages>

    • kayobe overcloud host package update --packages <packages>

Security Issues

  • Fixes an issue where any passwords in kolla_ansible_custom_passwords were exposed in Ansible logs. When using verbosity level 3 (-vvv), they were also exposed in Ansible output.

Bug Fixes

  • In production environments, the provision network may be separated from the other networks, so in this case, if you want Bifrost’s DHCP service provides the correct gateway for the clients the inspection_gateway should be used instead of the gateway attribute for the provision network. This also avoids configuring the multiple IP gateways on a single host which leads to unpredictable results.

  • Fixes an issue where the Neutron SR-IOV agent image is not built when the service is enabled.

  • Fixes an issue with idempotence of local Kolla Ansible configuration generation.

  • Fixes an issue with the seed’s configdrive when the admin network is a VLAN. See story 2008089 for details.

  • Enables deployment of Grafana when Monasca is enabled, as a replacement for the retired monasca-grafana image. See story 2009717 for details.

  • Fixes Ansible inventory generation with some custom group mappings using the same group names for Kayobe and Kolla Ansible. See story 2009927 for details.

  • The set of commands starting with kayobe overcloud database now generate the kolla configuration necessary to login to the nodes running the database.

  • Fixes an issue with config drive generation for infrastructure and seed VMs when using untagged interfaces. The symptom of this issue is that kayobe cannot login to the instance. If you check the libvirt console log, you will see KeyError: 'vlan_link'. See story 2009910 for details.

  • Fixes an issue where hacluster images are not built when the service is enabled.

  • Fixes an issue with IPA image builds which used the master branch of ironic-python-agent, even on stable releases of Kayobe, or when explicitly setting ipa_build_source_version.

  • Fixes an issue where any passwords in kolla_ansible_custom_passwords were exposed in Ansible logs. When using verbosity level 3 (-vvv), they were also exposed in Ansible output.

  • Fixes an issue where patch links could be erroneously created on hosts not in the overcloud group. See Story 2009911 for details.

  • Pins Jinja2 to less than 3.1.0 to avoid breaking changes.

  • Fixes an issue where the MTU defined in Kayobe was not applied to Ironic provisioning and cleaning networks in Neutron.

  • Deployment image (IPA) build no longer uses master version of upper-constraints. Instead, it defaults to using the constraints for the OpenStack release associated with the version of Kayobe being used. See story 2009810 for details.

  • Fixes failures to run kayobe overcloud bios raid configure by upgrading the stackhpc.drac role to version 1.1.6.

  • Fixes an issue with masking NTP services which are not found. See story 2009821 for details.

10.1.0

New Features

  • Adds support for configuring apt’s proxy setting for Ubuntu hosts. See story 2009035 for details.

  • Adds a new kolla_bifrost_use_firewalld variable used to define whether Bifrost uses firewalld, which is now disabled by default.

  • Adds support for configuring the filter and gather_subset arguments for the setup module via kayobe_ansible_setup_filter and kayobe_ansible_setup_gather_subset respectively. These can be used to reduce the number of facts, which can have a significant effect on performance of Ansible.

  • Adds a new command, kayobe overcloud facts gather, to gather Ansible facts for overcloud hosts. This may be useful for populating a fact cache.

  • Adds support for the metalink option in custom DNF repositories configured with dnf_custom_repos in dnf.yml.

Upgrade Notes

  • Updates all references to Ansible facts within Kayobe from using individual fact variables to using the items in the ansible_facts dictionary. This allows users to disable fact variable injection in their Ansible configuration, which may provide some performance improvement. Check for facts referenced in local configuration files, and update to use ansible_facts before disabling fact variable injection.

  • Bifrost is now configured to avoid using firewalld, to prevent conflicts with firewall rules set by Kayobe on the seed host. The existing behaviour can be retained by setting kolla_bifrost_use_firewalld to True in bifrost.yml.

Bug Fixes

  • Prevents Bifrost from using firewalld to avoid conflicts with firewall rules set by Kayobe on the seed host. See story 2009252 for more details.

  • Sets proxy option when using dnf during user bootstrapping, before dnf.conf is updated. This allows Kayobe to install Python 3 during host configuration when dnf requires a proxy to operate.

  • Fixes an issue bug where introspection data save would fail. See story 2009129 for more details.

  • Fixes an issue with configuration validation when no public API network is in use. See story 2009134 for details.

  • Filter out 25 Gigabit Ethernet interface names in the Ironic inspector rule setting node names from interface LLDP switch port descriptions.

  • Fixes a failure to detect the Kayobe installation prefix when lib is present multiple times in the installation path. See story 2009721 for details.

  • Fixes an issue with systemd-networkd MTU mismatch in veth pair on Ubuntu. See story 2009072 for details.

10.0.0

New Features

  • Adds support for changing shm_size parameter when deploying custom seed container(s).

  • Adds the following new variables for the Kolla Ansible API VIP address and FQDNs:

    • kolla_internal_vip_address

    • kolla_internal_fqdn

    • kolla_external_vip_address

    • kolla_external_fqdn

    These variables should be used in preference to the vip_address and fqdn network attributes which are deprecated.

  • Adds support for CentOS Stream 8 as a host Operating System and base container image. This is the only distribution of CentOS supported from the Wallaby release. The Victoria release will support both CentOS Linux 8 and CentOS Stream 8 hosts and images, and provides a route for migration.

  • The kayobe * host command run commands now support --show-output which displays both standard output and standard error.

  • Adds a new flag, docker_registry_network_mode, which defaults to host. This may be used to set the network mode of the Docker registry container.

  • Adds support for passing through additional host variables from Kayobe to Kolla Ansible. This is done via the following variables:

    • kolla_seed_inventory_pass_through_host_vars_extra

    • kolla_seed_inventory_pass_through_host_vars_map_extra

    • kolla_overcloud_inventory_pass_through_host_vars_extra

    • kolla_overcloud_inventory_pass_through_host_vars_map_extra

    See story 2008797 for details.

  • Supports extra kernel options specified as strings instead of lists.

  • Adds support for configuring firewalld zone option on network interfaces. See story 2008369 for details.

  • Adds the ipa_build_upper_constraints_file variable to select the upper constraints file used to install diskimage-builder in the virtual environment used for building IPA images. This allows you to install a newer release than the one allowed by the default constraints.

  • Allow users to modify Ironic kolla_ironic_enabled_bios_interfaces and kolla_ironic_default_bios_interface in ironic.yml.

  • Added new option (--nocache) to kayobe seed container image build and kayobe overcloud container image build to skip using build cache.

  • Adds support for managing multiple Kayobe environments from a single configuration repository. See the documentation for more details. Note that this feature is considered experimental: its design may change in future versions without a deprecation period.

  • Adds an os_distribution variable in etc/kayobe/globals.yml, with a default value of centos. The variable can also be set to ubuntu, and sets sensible default values for other variables. Also adds an os_release variable in the same file, with a default value of 8-stream when os_distribution is centos or focal when os_distribution is ubuntu.

  • Adds a new kayobe overcloud service prechecks command to run Kolla Ansible prechecks without deploying services.

  • Adds initial support for routed control plane networks. This feature allows scaling clouds beyond the limit of a single broadcast domain or subnet. See story 2008180 for details.

  • Updates the default image for the seed VM to CentOS 8.3.

  • Adds support for Ubuntu Focal 20.04 as a host and container Operating System for seed, seed hypervisor and overcloud hosts.

Upgrade Notes

  • Updates the maximum supported version of Ansible from 2.9 to 2.10. The minimum supported version is updated from 2.8 to 2.9. This is true for both Kayobe and Kolla Ansible.

  • When interacting with Bifrost, sourcing the env-vars file is not supported anymore. Set the OS_CLOUD environment variable to bifrost instead or run . ~/openrc bifrost.

  • When interacting with Bifrost, it is recommended to use the ironic native baremetal command instead of openstack baremetal, as the availability of OpenStackClient inside the Bifrost container is not guaranteed.

  • CentOS Linux 8 is no longer supported as a host Operating System or base container image. CentOS users should migrate to CentOS Stream 8. The Victoria release will support both CentOS Linux 8 and CentOS Stream 8 hosts and images, and provides a route for migration.

  • Until the Victoria release, Bifrost disabled node cleaning, however it became enabled in Victoria. To maintain backward compatibility, Kayobe now modifies the configuration in Bifrost to disable node cleaning of overcloud hosts.

  • The docker_registry network mode has been changed from bridge to host for compatibility when Docker is prevented from manipulating iptables (default behaviour in Wallaby).

  • Updates the NTP implementation from the chrony container deployed by kolla-ansible to configuring chrony as a host service. Chrony is now installed on all hosts in the ntp group, which defaults to include the seed, overcloud, and seed-hypervisor groups. On existing deployments, you should run kayobe overcloud host configure to migrate from the kolla-ansible deployed container. This can optionally be scoped to just use the ntp tag. You can continue to use the kolla container by setting kolla_enable_chrony to true.

  • Modifies the default value of controller_bootstrap_user, compute_bootstrap_user, seed_bootstrap_user, seed_hypervisor_bootstrap_user and storage_bootstrap_user from using the $USER environment variable of the Ansible control host to os_distribution. This provides a more predictable default that does not depend on the Ansible execution environment.

  • Timezone configuration was moved from the ntp.yml configuration file to time.yml in the Ussuri release. The ntp.yml file has now been removed.

  • Removes the workaround for bogus name server entries in some CentOS 7 images, together with the overcloud_host_image_workaround_resolv_enabled variable.

Deprecation Notes

  • The vip_address and fqdn network attributes are deprecated in favour of the following variables:

    • kolla_internal_vip_address

    • kolla_internal_fqdn

    • kolla_external_vip_address

    • kolla_external_fqdn

  • When interacting with Bifrost, the use of OS_CLOUD=bifrost-inspector is deprecated and should be replaced by OS_CLOUD=bifrost.

Bug Fixes

  • Fixes failure in the kayobe seed deployment image build command due to changes in Bifrost.

  • Fixes a number of issues with using Kayobe on CentOS 8.3.

  • Fixes formatting of extra kernel options configured with kolla_bifrost_extra_kernel_options when passed to Bifrost. See story 2008714 for details.

  • Fixes an issue when using the --limit argument with a host pattern including commas. See story 2008255 for details.

  • Fixes an issue with Python setup when venv is not used. See story 2008378 for details.

  • Fixes an issue where custom SSH arguments, such as when setting ansible_ssh_extra_args, were not being respected when rebooting a host to disable selinux.

  • Fixes an issue with container image builds by using host as the default network_mode for kolla-build. See story 2008942 for details.

  • Fixes calls to kolla-ansible when arguments to --kolla-limit contain special characters such as ~ or &.

  • Fix the implementation of the kayobe seed hypervisor host package update command, which was incomplete. See story 2008458 for details.

  • Fixes an issue with copying Swift ring files. See story 2007297 for details.

  • Fixes issue with deleting swift ring temporary files. See story 2008354 for details.

  • Fixes an issue with the kayobe seed service deploy command on CentOS 8.3 release. See story 2008430 for details.