Victoria Series Release Notes¶
17.1.1-19¶
Other Notes¶
The
OVN Metadata Agent
now creates the network namespaces including the Neutron network UUID in its name. Previously, the OVN datapath UUID was used and it was not obvious for operators and during debugging to figure out which namespace corresponded to what Neutron network.
17.1.1¶
Bug Fixes¶
Fixes a configuration problem in the OVN driver that prevented external IGMP queries from reaching the Virtual Machines. See bug 1918108 for details.
Other Notes¶
To improve performance of the DHCP agent, it will no longer configure the DHCP server for every port type created in Neutron. For example, for floating IP or router HA interfaces there is no need since a client will not make a DHCP request for them
17.1.0¶
Known Issues¶
Even with the “igmp_snooping_enable” configuration option stating that traffic would not be flooded to unregistered VMs when this option was enabled, the ML2/OVN driver didn’t follow that behavior. This has now been fixed and ML2/OVN will no longer flood traffic to unregistered VMs when this configuration option is set to True.
Bug Fixes¶
Stop sending agent heartbeat from ovs agent when it detects OVS is dead. This helps to alarm cloud operators that there is something wrong on the given node.
Fixed MAC learning issue when ovs offload enabled. OVS firewall reduce the usage of normal actions to reduce cpu utilization. This causing flood rule because there is no MAC learning on ingress traffic. While this ok for none offload case, when using ovs offload flood rule is not offloaded. This fix the MAC learning in the offload, so we avoid flood rule. #1897637.
17.0.0¶
Prelude¶
Added support for floating IPs port forwarding in OVN.
New Features¶
A new configuration option
http_retries
was added. This option allows configuring the number of times the nova or ironic client should retry on a failed HTTP call.
New config option
keepalived_use_no_track
was added. If keepalived version used on the deployment does not supportno_track
flag in its config file (e.g. keepalived 1.x), this option should be set toFalse
. Default value of this option isTrue
.
DVR
routers now supportflat
networks.
The dns-assignment will reflect the dns-domain defined in the network or sent by user when creating the port using –dns-domain rather than just take the dns-domain defined in the neutron configuration
Support for floating IPs port forwarding has been added to OVN backend.
Make the metadata service available over the IPv6 link-local address
fe80::a9fe:a9fe
. Metadata over IPv6 works on both isolated networks and networks with an IPv6 subnet connected to a Neutron router as well as on dual-stack and on IPv6-only networks. There are no new config options. The usual config options (enable_isolated_metadata
,force_metadata
,enable_metadata_proxy
) now control the metadata service over both IPv4 and IPv6. This change only affects the guests’ access to the metadata service over tenant networks. This feature changes nothing about how the metadata-agent talks to Nova’s metadata service. The guest OS is expected to pick up routes from Router Advertisements for this feature to work on networks connected to a router. At least the following IPv6 subnet modes work:--ipv6-ra-mode slaac --ipv6-address-mode slaac
--ipv6-ra-mode dhcpv6-stateless --ipv6-address-mode dhcpv6-stateless
--ipv6-ra-mode dhcpv6-stateful --ipv6-address-mode dhcpv6-stateful
Please note that the metadata IPv6 address (being link-local) is not complete without a zone identifier (in a Linux guest that is usually the interface name concatenated after a percent sign). Please also note that in URLs you should URL-encode the percent sign itself. For example, assuming that the primary network interface in the guest is
eth0
the base metadata URL ishttp://[fe80::a9fe:a9fe%25eth0]:80/
.
Added support for router availability zones in OVN. The OVN driver can now read from the router’s availability_zone_hints field and schedule router ports accordingly with the given availability zones.
A previous change to set neutron-server child process names also modified neutron agent ones. This can impact monitoring systems relying on /proc/PID/environ formatting or ps -e output. Now neutron agents all have process names formatted this way (showing both an old style process name and full process name visible in recent releases)
neutron-agent-name
(original process name including interpreter
)See bug 1881297 for more details.
Upgrade Notes¶
The configuration option
firewall_driver
is no longer used by neutron-server, it only applies to the L2 agent. This was required for backward-compatibility for hybrid plugging, but since the Newton release the L2 agent has been able to report hybrid plugging is needed in it’s report message back to the server.
Limit the ML2 VLAN allocations to [1, 4094] values in the database engine. This constraint, enforced in the database engine, could not be supported yet. In this case, it will be ignored. For more information, see the note in
neutron.db.migration.alembic_migrations.versions.victoria.expand.dfe425060830_limit_vlan_allocation_id_values.py
.
The metadata over IPv6 feature makes each dhcp-agent restart trigger a quick restart of dhcp-agent-controlled metadata-proxies, so they can pick up their new config making them also bind to
fe80::a9fe:a9fe
. These restarts make the metadata service transiently unavailable. This is done in order to enable the metadata service on pre-existing isolated networks during an upgrade. Please also note that pre-existing instances may need to re-acquire all information acquired over Router Discovery and/or DHCP for this feature to start working.
The default value for the
metadata_workers
configuration option has changed to 2 for the ML2/OVN driver. For ML2/OVS the default value remains the same. Each driver has different approaches when serving metadata to the instances and the previous default value of “<number of CPUs> / 2” did not make sense for ML2/OVN as the OVN metadata agents are distributed running on Compute nodes instead of Controller nodes. In fact, the previous default value could cause scalability issues with ML2/OVN and was overwritten by the deployment tools to avoid problems.
Monitoring tools relying on exact process names should be checked after upgrade, and modified if needed.
Deprecation Notes¶
Abstract method
plug_new
from the neutron.agent.linux.interface.LinuxInterfaceDriver class now accepts an optional parameterlink_up
. Usage of this method, which takes from 5 to 9 positional arguments, withoutlink_up
is now deprecated and will not be possible starting in the W release. Third-party drivers which inherit from this base class should update the implementation of theirplug_new
method.
Deprecate the use of
remote_ip_prefix
in metering label rules, and it will be removed in future releases. One should use instead thesource_ip_prefix
and/ordestination_ip_prefix
parameters. For more details, please refer to the spec: https://review.opendev.org/#/c/744702/.
Terminology such as
master
andslave
have been replaced with more inclusive words, such asprimary
andbackup
wherever possible.The configuration option
vnic_type_blacklist
has been deprecated for both the OpenvSwitch and SRIOV mechanism drivers, and replaced withvnic_type_prohibit_list
. They will be removed in a future release.
Bug Fixes¶
1671448 Access for Neutron quotas now governed using standard configurable RBAC policies: ‘get_quota’, ‘update_quota’, ‘delete_quota’
1875981 Neutron now correctly removes associated DNS records when an admin deletes ports, servers or floation IPs.
Fixed bug 1876092 which caused DUP ICMP replies on the
flat
networks used withDVR
routers.
Fixed an issue where the client on a dual-stack (IPv4 + IPv6) network failed to get configuration from the dnsmasq DHCP server. See bug: 1876094.
Other Notes¶
When
uplink-status-propagation
extension is enabled, new ports created will default the value ofpropagate_uplink_status
to True.