Wallaby Series Release Notes


New Features

  • Support hyperkube_prefix label which defaults to k8s.gcr.io/. Users now have the option to define alternative hyperkube image source since the default source has discontinued publication of hyperkube images for kube_tag greater than 1.18.x. Note that if container_infra_prefix label is define, it still takes precedence over this label.


New Features

  • When creating a cluster template the administrator can use –tags <text> argument to add any information that he considers important. The received text is a comma separated list with the pretended tags. This information is also shown when the user lists all the available cluster templates.

  • Clusters can now be created with empty nodegroups. Existing nodegroups can be set to node_count = 0. min_node_count defaults to 0. This is usefull for HA or special hardware clusters with multiple nodegroups managed by the cluster auto-scaller.

  • Added monitoring_ingress_enabled magnum label to set up ingress with path based routing for all the configured services {alertmanager,grafana,prometheus}. When using this, cluster_root_domain_name magnum label must be used to setup base path where this services are available. Added cluster_basic_auth_secret magnum label to configure basic auth on unprotected services {alertmanager and prometheus}. This is only in effect when app access is routed by ingress.

  • Added metrics_retention_days magnum label allowing user to specify prometheus server scraped metrics retention days (default: 14). Added metrics_retention_size_gi magnum label allowing user to specify prometheus server metrics storage maximum size in Gi (default: 14). Added metrics_interval_seconds allowing user to specify prometheus scrape frequency in seconds (default: 30). Added metrics_storage_class_name allowing user to specify the storageClass to use as external retention for pod fail-over data persistency.

Upgrade Notes

  • A new column was added to the cluster_templates DB table.

  • Configured {alertmanager,grafana,prometheus} services logFormat to json to enable easier machine log parsing.

  • Now the default admission controller list is updated by as “NodeRestriction, PodSecurityPolicy, NamespaceLifecycle, LimitRanger, ServiceAccount, ResourceQuota, TaintNodesByCondition, Priority, DefaultTolerationSeconds, DefaultStorageClass, StorageObjectInUseProtection, PersistentVolumeClaimResize, MutatingAdmissionWebhook, ValidatingAdmissionWebhook, RuntimeClass”

  • The default value of [oslo_policy] policy_file config option has been changed from policy.json to policy.yaml. Operators who are utilizing customized or previously generated static policy JSON files (which are not needed by default), should generate new policy files or convert them in YAML format. Use the oslopolicy-convert-json-to-yaml tool to convert a JSON to YAML formatted policy file in backward compatible way.

  • The default containerd version is updated with 1.4.3.

Deprecation Notes

  • Use of JSON policy files was deprecated by the oslo.policy library during the Victoria development cycle. As a result, this deprecation is being noted in the Wallaby cycle with an anticipated future removal of support by oslo.policy. As such operators will need to convert to YAML policy files. Please see the upgrade notes for details on migration of any custom policy files.

Bug Fixes

  • Fixes a regression which left behind trustee user accounts and certificates when a cluster is deleted.

  • Fixes database migrations with SQLAlchemy 1.3.20.

  • Fixes an issue with cluster deletion if load balancers do not exist. See story 2008548 <https://storyboard.openstack.org/#!/story/2008548> for details.