Queens Series Release Notes


Upgrade Notes

  • For the kuryr kubernetes watcher, a new option ‘watch_retry_timeout’ has been added. The following should be modified at kuryr.conf:

    # 'watch_retry_timeout' field is optional,
    # default = 60 if not set.
    watch_retry_timeout = <Time in seconds>
  • As the openstack performance differs in production environments, fixed timeout of LBaaS activation might create the kuryr-kubernetes error. In order to adapt to the environment, a new option [neutron_defaults]lbaas_activation_timeout was added.

Bug Fixes

  • K8s api server is often temporarily down and restored soon in production environment. Since kuryr-kubernetes watches k8s resources by connecting k8s api server, watcher fails to watch the resources if k8s api server is down. In order to fix it, we made watcher retry connecting to k8s api server for specific time duration when an exception is raised.


Upgrade Notes

  • For the external services (type=LoadBalancer) case, a new field ‘external_svc_net’ was added and the ‘external_svc_subnet’ field become optional. The following should be modified at kuryr.conf:

    external_svc_net= <id of external network>
    # 'external_svc_subnet' field is optional, set this field in case
    # multiple subnets attached to 'external_svc_net'
    external_svc_subnet= <id of external subnet>

Bug Fixes

  • It is very common for production environments to only allow access to the public network and not the associated public subnets. In that case, we fail to allocate a floating IP to the Loadbalancer service type. In order to fix it, we added an option for specifying the network id instead and switch the subnet config option to being optional.


New Features

  • Kuryr can now be run in containers on top of K8s cluster it is providing networking for. A tool to generate K8s resource definitions is provided. More information can be found in the kuryr-kubernetes documentation.

  • Introduced kuryr-daemon service. Daemon is an optional service that should run on every Kubernetes node. It is responsible for watching pod events on the node it’s running on, answering calls from CNI Driver and attaching VIFs when they are ready. This helps to limit the number of processes spawned when creating multiple Pods, as a single Watcher is enough for each node and CNI Driver will only wait on local network socket for response from the Daemon.


New Features

  • oslo.cache support has been added to the default_subnet driver. This allows to skip unnecessary calls to neutron to retrieve network and subnet information that can be cached and retrieved faster. It includes the generic oslo caching options to enable/disable it as well as to specify the backend to use (dogpile.cache.memory by default). In addition it includes the specific options ofr the subnet driver, to enable/disable it just for this driver, as well as to specify the cache time. To change default configurations, the next can be modified at kuryr.conf


Other Notes

  • Started using reno for release notes.