Rocky Series Release Notes

Rocky Series Release Notes

7.0.0

Prelude

Since Ceph Luminous release, bluestore OSDs are recommended. Kolla Ceph currently only supports filestore. Bluestore is required in Kolla Ceph.

New Features

  • Add blazar-dashboard to horizon.
  • Add congress-dashboard to horizon.
  • Adds a new argument to the kolla-ansible command, --forks NUM. This argument is passed through directly to ansible-playbook.
  • Add a kolla-ansible role for freezer-scheduler
  • The settings file {{ node_custom_config}}/horizon/custom_local_settings can be used in Horizon to overwrite the default local_settings without a need to sync it at image build time.
  • Add a role for deploying Apache Kafka, a distributed streaming platform. See https://kafka.apache.org/ for more details. Requires Apache Zookeeper to be configured.
  • Add support for deploying the Monasca Log API which forms part of the Monasca distributed monitoring and logging as a service platform. See https://wiki.openstack.org/wiki/Monasca for more details.
  • Add support for deploying the Monasca Log Persister. The Log Persister is responsible for reading logs from the Kafka processed logs topic and writing them to Elasticsearch.
  • Add support for deploying the Monasca Log Transformer for providing log standardisation in Monasca.
  • Add support for the configuration of Infoblox as a pluggable IPAM driver in neutron. Configure by selecting ‘infoblox’ as the ‘neutron_ipam_driver’. In addition to handling IP address management within neutron, an agent will be started to automatically manage DNS entries within the Infoblox appliance.
  • Add Octavia Horizon plugin
  • Add “enable_trove_singletenant” option to enable the Trove single tenant functionnality. This feature will allow Trove to create Nova instances in a different tenant than the user tenant.
  • Add a configuration option enable_nova_ssh to allow disabling the service. This is useful when an operator is not supporting cold-migration and does not want to manage additional SSH keys.
  • Allow overriding the variable glance_backend_swift to enable the swift backend for glance, without requiring swift to be enabled in kolla-ansible. This allows operators to enable an external swift endpoint as the glance backend.
  • Adds support for installing python dependencies into a virtualenv on remote hosts.

    Installing python packages directly to the system site-packages can cause various problems, in particular when pip overwrites a system package. Python virtualenvs are one solution to this issue, as they allow python packages to be installed in an isolated environment. Typically we will need to enable use of system site-packages from within this virtualenv, to support the use of modules such as yum, apt, and selinux, which are not available on PyPI.

    The path to the virtualenv is configured via the virtualenv variable, and access to site-packages is controlled via virtualenv_site_packages. The default value for virtualenv is None, in which case the old behaviour of installing packages directly to the system site-packages is maintained.

    When executing other kolla-ansible commands, the variable ansible_python_interpreter should be set to the python interpreter installed in virtualenv. Note that this variable cannot be templated.

  • Add custom option for docker daemon by configure the docker service. An operator named “docker_custom_option” will be added.
  • [blueprint Replace inner-/external computes with a dvr mode variable] A new variable “neutron_compute_dvr_mode” is introduced. This variable controls whether a compute host has external connection and is allowed to do full-blown DVR or distributed routing is only used for tenant networking. Corresponding values are “dvr” and “dvr_no_external” The variable has to be set either globally or per group (per host) to get desired behavior.
  • enable chrony by default.
  • Automatically expire MariaDB binary logs after 14 days.
  • Introduces support to use extra ml2 plugins non maintained by kolla-ansible, an operator may add a file /etc/kolla/config/neutron/plugins/awesome_plugin.ini and will be copied into ml2 plugins folder during runtime.
  • Added the ironic_inspector_kernel_cmdline_extras option to append additional kernel parameters to the kernel used for inspection.
  • HAProxy - Add ability for operators to specify additional options per HTTP or TCP listener stanza.
  • Introduces a new variable, horizon_keystone_url, which facilitates overriding the URL used by Horizon to talk to the identity service (Keystone). Defaults to the identity service’s internal URL.
  • Implement Glance zero-downtime upgrade logic.
  • Implement Ironic rolling upgrade logic, enabled by default at ironic_enable_rolling_upgrade: “yes” in etc/kolla/globals.yml file.
  • Adds support for configuring a default gateway to be used in the Ironic Inspector inspection network. This is configured via the ironic_dnsmasq_default_gateway variable, and is not set by default.
  • Support Kolla Ceph to deploy bluestore OSDs in Rocky release.
  • Add support of custom configuration files for grafana.
  • Add support for the VMware NSX Transformers plugin
  • Add onos support, Networking-onos is Neutron’s sub-project to provide connectivity between Neutron/Neutron’s sub-project’s and ONOS.
  • opendaylight_release variable is removed, version is discovered automatically while booting features.
  • Adds support for skipping the configuration of sudoers files in the kolla-ansible bootstrap-servers command. This depends on the create_kolla_user_sudoers variable, which defaults to the same value as create_kolla_user.
  • Deploy prometheus (prometheus.io) as the timeseries database. Containers for node_exporter, haproxy_exporter and mysqld_exporter are provided and added to prometheus as scrape targets.
  • Add support for ceph-dashboard. It enables ‘dashboard’ module in ceph cluster. Its uses command ‘ceph mgr module enable dashboard’.
  • Support ansible check and diff module for generate configrations. You could use EXTRA_OPTS='--check --diff' kolla-ansible genconfig to check what the configration file will be like in dry-run mode.
  • Set docker runtime directory by configure the docker daemon.An operator named “docker_runtime_directory” will be add.
  • Adds support for booting bare metal nodes with Ironic using iPXE. This is enabled via the enable_ironic_ipxe flag.
  • Add support for configuration of the Ironic Neutron Agent, and the Neutron networking-baremetal ML2 plugin.

Known Issues

  • As of Ceph Luminous 12.2.1 the maximum number of PGs per OSD before the monitor issues a warning has been reduced from 300 to 200 PGs. In addition, Ceph now fails with an error rather than a warning in the case of exeeding the max value. In order to allow Kolla to continue to be used out of the box we have reduced the default values for pg_num and pgp_num from 128 to 8. This will allow a deploy of Kolla with all possible services enabled and then some, with the minimum recommended three OSDs. Operators are highly recommended to review the Ceph documentation regarding these values in order to ensure optimal performance for their own cluster.

Upgrade Notes

  • Added default_docker_volume_type for magnum which is required to specify the default cinder volume type to be used for container storage volume in clusters that specify the docker-volume-size option. For example gp1, io1 etc.
  • Disable ntp service as kolla use chrony container by default.
  • Add option docker_registry_insecure to enable the SSL verification for the docker registry. Default value is true when a private registry is defined.
  • All hosts from “[inner-compute]” and “[external-compute]” can be moved to “[compute]” to avoid problems in OpenStack S release, though the groups still will function well in this release.
  • The neutron-vpnaas-agent has been loaded just inside of the existing l3 agent rather than requiring operators to run a completely different binary with a subclass of the existing L3 agent.

Deprecation Notes

  • Disable glance registry as it is deprecated.
  • Splitting of compute group into inner and external compute hosts is deprecated and will be removed in OpenStack S release.
  • As neutron-vpnaas-agent can be loaded by the neutron l3 agent, neutron-vpnaas standalone mode is not supported. We have already removed the neutron-vpnaas-agent container, currently, there is no need to keep this role.

Security Issues

  • Disable TLS 1.1 on haproxy for external network if tls is enabled.

Bug Fixes

  • External bridge setup on compute hosts that depends on whether DVR mode is enabled is also accompanied by a check for the new variable.
  • fixed ansible warning when using ansible>2.2
  • avoid using ansible reserved action and serial word in playbooks. use kolla_action and kolla_serial instead.
  • Load custom ceph.conf and keyring file from <<node_custom_config>>/gnocchi folder rathen than each folder of gnocchi components.
  • Remove uuid option form keystone_token_provider due to it’s removed in Keystone.
Creative Commons Attribution 3.0 License

Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.