Current Series Release Notes

Current Series Release Notes

New Features

  • Octavia now has an administrative API that updates the amphora agent configuration on running amphora.
  • Octavia now has flavors support which allows the operator to define, named, custom configurations that users can select from when creating a load balancer.
  • Amphora API now can return the field compute_flavor which is the ID of the compute instance flavor used to boot the amphora.
  • You can now filter API queries by the object tag.
  • Operators can now use the ‘compute_flavor’ Octavia flavor capability when using the amphora provider driver. This allows custom compute driver flavors to be used per-load balancer. If this is not defined in an Octavia flavor, the amp_flavor_id Octavia configuration file setting will continue to be used.
  • Added new tool octavia-status upgrade check. This framework allows adding various checks which can be run before a Octavia upgrade to ensure if the upgrade can be performed safely.
  • The Octavia API now supports Cloud Auditing Data Federation (CADF) auditing.
  • Added tags property for Octavia resources. It includes:

    • Load balancer
    • Listener
    • Member
    • Pool
    • L7rule
    • L7policy
    • Health Monitor
  • Listeners default timeouts can be set by config in section haproxy_amphora:

    • timeout_client_data: Frontend client inactivity timeout
    • timeout_member_connect: Backend member connection timeout
    • timeout_member_data: Backend member inactivity timeout
    • timeout_tcp_inspect: Time to wait for TCP packets for content inspection

    The value for all of these options is expected to be in milliseconds.

  • This will speed up lb creation by allocating AAP ports in parallel for LBs with more than one amp. As a side effect the AAP driver will be simplified and thus easier to mainain.
  • Adds an administrator API to access per-amphora statistics.
  • Support REDIRECT_PREFIX action for L7Policy
  • Support remote debugging with PyDev. Please refer to the Contributor documentation section to find more details.

Upgrade Notes

  • When the amphora agent configuration update API is called on an amphora running a version of the amphora agent that does not support configuration updates, an ERROR log message will be posted to the controller log file indicating that the amphora does not support agent configuration updates. In this case, the amphora image should be updated to a newer version.
  • To enable UDP listener monitoring when no pool is attached, the amphora image needs to be updated and load balancers with UDP listeners need to be failed over to the new image.
  • Operator can now use new CLI tool octavia-status upgrade check to check if Octavia deployment can be safely upgraded from N-1 to N release.
  • To fix IPv6 VIP addresses, you must run the “octavia-db-manage upgrade head” migration script.
  • To resolve the IPv6 VIP issues on active/standby load balancers you need to build a new amphora image.
  • The following configuration settings have reached the end of their deprecation period and are now removed from the [default] section of the configuration. These will only be available in the [api_settings] section going forward.
    • [DEFAULT] bind_host
    • [DEFAULT] bind_port
    • [DEFAULT] auth_strategy
    • [DEFAULT] api_handler

Deprecation Notes

  • The following configuration settings have reached the end of their deprecation period and are now removed from the [default] section of the configuration. These will only be available in the [api_settings] section going forward.
    • [DEFAULT] bind_host
    • [DEFAULT] bind_port
    • [DEFAULT] auth_strategy
    • [DEFAULT] api_handler
  • Finally completely the remove user_group option, as it was deprecated in Pike.
  • status_update_threads config option for healthmanager is deprecated because it is replaced as health_update_threads and stats_update_threads.

Security Issues

  • Adds a configuration option, “reserved_ips” that allows the operator to block addresses from being used in load balancer members. The default setting blocks the nova metadata service address.
  • Fixed a debug level logging of Amphora certificates for flows such as ‘octavia-create-amp-for-lb-subflow-octavia-generate-serverpem’ (triggered with loadbalancer failover) and ‘octavia-create-amp-for-lb-subflow-octavia-update-cert-expiration’.

Bug Fixes

  • Fixed a performance regression in the Octavia v2 API when using the “list” APIs.
  • Fully expanded IPv6 VIP addresses would fail to store with “Data too long for column ‘ip_address’ at row 1”. This patch includes a database migration to fix this column.
  • Fixes creating a fully populated load balancer with not REDIRECT_POOL type L7 policy and default_pool field.
  • Fixed an issue when Octavia cannot reach the database (all database instances are down) bringing down all running loadbalancers. The Health Manager is more resilient to DB outages now.
  • Fixes issues using IPv6 VIP addresses with load balancers configured for active/standby topology. This fix requires a new amphora image to be built.
  • Add new parameters to specify the number of threads for updating amphora health and stats.
  • This will automatically nova delete zombie amphora when they are detected by Octavia. Zombie amphorae are amphorae which report health messages but appear DELETED in Octavia’s database.

Other Notes

  • Processing zombie amphora is already expensive and this adds another step which could increase the load on Octavia Health Manager, especially during Nova API slowness.
Creative Commons Attribution 3.0 License

Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.