Current Series Release Notes¶
Octavia Amphora based load balancers now support using SR-IOV virtual functions (VF) on the VIP port(s) of the load balancer. This is enabled by using an Octavia Flavor that includes the ‘sriov_vip’: True setting.
Added support for Rocky Linux controllers in devstack.
Added support for Rocky Linux amphora images. To enable it, users have to build their amphora images with the
[database] connection_recycle_timeoption is also used by connections in MySQL persistence driver.
You must update the amphora image to support the SR-IOV VIP feature.
Octavia now uses the oslo middleware sizelimit module. It allows to limit the size of the incoming requests in the API. Admins may need to ajust the
[oslo_middleware].max_request_body_sizesetting to their needs. The default value for
max_request_body_sizeis 114688 bytes.
Fixed an issue when using certificates with a blank subject or missing CN.
Fixed a bug that prevented the amphora from being updated by the Amphora Configure API call, the API call was succesfull but the internal flow for updating it failed.
Fixed a potential issue when deleting a load balancer with an amphora that was not fully created, the deletion may have failed when deallocating the VIP port, leaving the load balancer in ERROR state.
Bug fix: The response body of the LB API, when creating a new load balancer, now correctly includes information about the health monitor. Previously, this information was consistently null, despite configuring a health monitor.
Fixed a bug with HTTP/HTTPS health-monitors on pools with ALPN protocols in the amphora-driver. The healthchecks sent by haproxy were flagged as bad requests by the backend servers. Updated haproxy configuration to use ALPN for the heathchecks too.
Fixed an issue with load balancers stuck in a
PENDING_*state during database outages. Now when a task fails in Octavia, it retries to update the
provisioning_statusof the load balancer until the database is back (or it gives up after a really long timeout - around 2h45)
Fixed an issue when using UDP listeners in dual-stack (IPv4 and IPv6) load balancers, some masquerade rules needed by UDP were not correctly set on the member interfaces.
Fixed a race condition in the members batch update API call, the data passed to the Octavia worker service may have been incorrect when quickly sending successive API calls. Then the load balancer was stuck in PENDING_UPDATE provisioning_status.
Fixed a too long timeout when attempting to start the VRRP service in an unreachable amphora during a failover. A specific shorter timeout should be used during the failovers.
Fixed TLS-HELLO health-monitors in the amphora-driver.
Reduce the duration of the failovers of ACTIVE_STANDBY load balancers. Many updates of an unreachable amphora may have been attempted during a failover, now if an amphora is not reachable at the first update, the other updates are skipped.
Reduce the duration of the failovers of ACTIVE_STANDBY load balancers when both amphorae are unreachable.
Amphora images will now be built with nftables by default.
Add fake Amphora stats for when Octavia runs in noop mode / using noop drivers.
Noop certificate manager was added. Now any Octavia certificate operations using noop drivers will be faster (as they won’t be validated).