Current Series Release Notes

31.0.0.0b1

Prelude

In order to support efforts on aligning Cinder service type naming across various deployments and move on from version-specific service type to a generic one, a Cinder service will be named as block-storage from now on, which will be reflected in Keystone service catalog and endpoints. Please check upgrade notes for more details.

Implemented a standalone role httpd for Apache Web Server (HTTPD) configuration that aims to be included in various roles that require Apache2 (i.e. keystone, horizon, skyline, etc).

New Features

• Support has been added for defining a custom sysctl config path using openstack_sysctl_file and/or haproxy_sysctl_file. The default remains /etc/sysctl.conf to preserve backwards compatibility.

• Created a common httpd role to unify approach for managing Apache2 instalaltion and configuration across roles. Role is written in relatively agnostic way and should be suitable for usage outside of OpenStack-Ansible deployments as well.

• Added variable repo_server_directory_root which by default points to /var/www/repo and used instead of repo_service_home_folder as Apache DirectoryRoot for the virtual host.

• Keys for static_routes were liberalized and now can accept any parameter supported by [Route] section of systemd-networkd.

• Implemented flag network_overrides_only which is applicable to systemd_networks. When this flag is used no .network or .link defenition is created - only {{ filename }}.network.d/overrides.conf configuration file, which contains arbitrary data from config_overrides This can be used to extend existing interface configuration, which is not managed by the role directly (ie managed through netplan).

• Added routing_rules to manage routing policy rules for the network interface. It is a list of mappings, where each mapping accept keys applicable for section RoutingPolicyRule of systemd.network. You can check documentation for systemd.network for more details.

• Implemented TLS encryption for the communication between Load Balancer (HAProxy) and Skyline backends if openstack_service_backend_ssl is set to True.

Upgrade Notes

• Please be aware that the way Ceilometer defines resulting content for pipeline.yaml has changed. The role now applies _ceilometer_pipeline_yaml_overrides to all environments where ceilometer_pipeline_user_content is not explicitly set. To restore the previous behavior, add _ceilometer_pipeline_yaml_overrides: {} to user_variables.yml.

• In order to align with recommendations on Cinder service naming, os_cinder role will introduce a new service in catalog named cinder of type block-storage and corresponding set of endpoints representing them. Upgrade script will create a new file /etc/openstack_deploy/user_epoxy_upgrade.yml with defining cinder_service_v3_enabled: true which aims to keep old version-based service type and endpoints intact. If you want to remove old versioned-based endpoints and service type from catalog you may simply undefine that variable, as it is False by default.

  All new deployments will not have cinderv3/volumev3 service unless cinder_service_v3_enabled: true is defined.

• The os_skyline role was switched to using a standalone httpd role from the in-role httpd deployment.

• The repo_server role was switched to using a standalone HTTPD role from the in-role HTTPD deployment.

• In case of using custom path for the repo server vhost, please ensure to use repo_server_directory_root variable instead of repo_service_home_folder.

• Following keys for static_routes list were renamed in order to match with options available in systemd-networkd configuration files:

  • cidr -> Destination

  • gateway -> Gateway

  While backwards compatability was kept, it’s highly recommended to use new keys as support for old key names will be removed in the future.

• The ml2.lxb (LinuxBridge) plugin has been removed from Neutron in this release and can no longer be used. Make sure to migrate to a supported Neutron driver before upgrading to this OpenStack version. Unfortunately, there is currently no automated process for this migration. For guidance, refer to the blog post Migrating from LinuxBridge to OVN, which outlines how similar migrations have been performed in the past.

• A uWSGI for Neutron has been disabled again by default in favor of eventlet server. This also stops and disables following services needed for uWSGI mode:

  • neutron-periodic-workers

  • neutron-ovn-maintenance-worker

  • neutron-rpc-server

• Any deployments using the amqp1 oslo.messaging driver should be migrated to use the default rabbitmq oslo.messaging driver. Previously deprecated support for amqp1 has been removed from oslo.messaging for the Epoxy release, see https://review.opendev.org/c/openstack/oslo.messaging/+/934116. Accordingly, support for amqp1 messaging and deployment of qdrouterd has been removed from OpenStack-Ansible. A migration away from amqp1 is required before any upgrade of OpenStack-Ansible to the Epoxy release. qdrouterd can be removed entirely from the deployment and ansible inventory once the migration to rabbitmq is complete.

Deprecation Notes

• In order to accomplish Cinder service naming alignment we had revised our prior decision on deprecating following variables, which was introduced previous cycle. Following variables should NOT be considered as deprecated anymore:

  • cinder_service_description

  • cinder_service_publicuri_proto

  • cinder_service_adminuri_proto

  • cinder_service_internaluri_proto

  • cinder_service_type

  • cinder_service_publicuri

  • cinder_service_adminuri

  • cinder_service_internaluri

• Usage of version-based (cinderv3/volumev3) endpoints and service type for Cinder is considered as a deprecated behaviour and will be removed in the future.

• Variables for the repo_server role related to Apache (HTTPD) configuration, like repo_apache_*, as well as some repo_pki_ and repo_ssl_* were deprecated and have no effect now on due to migration to a standalone httpd role. Please, reffer to the httpd role for more details on how to manage deprecated settings.

• The Neutron LinuxBridge (ml2.lxb) plugin, previously marked as experimental, has been removed from the codebase. Ensure that your deployment uses a supported driver before upgrading.

• Use of amqp1 messaging, previously deprecated in oslo.messaging is not supported in the Epoxy release of OpenStack-Ansible. The previously supported provider of amqp1 messaging, qdrouterd, can no longer be deployed using the OpenStack-Ansible playbooks.

Critical Issues

• The Neutron LinuxBridge (ml2.lxb) plugin, previously marked as experimental, has been removed from the codebase. Ensure that your deployment uses a supported driver before upgrading.

Bug Fixes

• The logic for applying enhanced pipelines for Ceilometer+Gnocchi has been corrected. When no custom content is provided, the role now populates sinks and transformation overrides defined in pipeline.yaml with default content, rather than layering them on top of user-defined content.

• A bug related to HashRing generation has been reported when using uWSGI with Neutron. In order to quickly address the bug, uWSGI mode has been disabled again by default for Neutron until a proper fix is provided for uWSGI.

Other Notes

• Scripts openstack-ansible-inventory-manage and openstack-ansible-inventory are now symlinked to /usr/local/bin and should be available for standalone execution.

30.0.0.0rc1

Prelude

Behavior of rabbitmq_upgrade variable has changed. It no longer can be used to reset the cluster state. It now acts solely as a flag to perform a rolling-upgrade of the existing cluster.

New Features

• Added a variable rabbitmq_erlang_package_version that can be used to define an erlang version being used when external_repo is used as package source.

• The neutron firewall-as-a-servie dashboard will be automatically deployed if the FWaaS service is enabled. FWaaS is now an active deliverable again fron the Neutron project.

• RabbitMQ version is upgraded to a new major version 4.0

Upgrade Notes

• uWSGI has been re-enabled by default for Neutron one more time. With that new services are introduced which should ensure adequate functionality of Neutron when uWSGI is being used.

  • neutron-periodic-workers service is enabled for all drivers when WSGI is being used. It runs along with previously existing neutron-rpc-server

  • neutron-ovn-maintenance-worker service is added only if ml2.ovn is being used as neutron_plugin_type. The service will be enabled and running only when WSGI is used for Neutron neutron_use_uwsgi is set to True

• If you are using Ubuntu 22.04 Jammy Jellyfish and install_method: distro please make sure to disable neutron_use_uwsgi as required binaries for this mode to work are missing from packages for this distro.

• Please, make sure you are running RabbitMQ version of 3.13 before proceeding with the upgrade. In case you RabbitMQ version is lower then 3.13 upgrade to 4.0 will fail. You can run upgrade to 3.13 with same version of role by supplying variable rabbitmq_package_version during runtime, for example: openstack-ansible openstack.osa.rabbitmq_server -e rabbitmq_upgrade=true -e rabbitmq_package_version=3.13.7-1 and then re-running upgrade normally to 4.0.

Deprecation Notes

• Following deprecated variables were removed and have no effect:

  • cinder_service_v2_name

  • cinder_service_v2_port

  • cinder_service_v2_proto

  • cinder_service_v2_type

  • cinder_service_v2_description

  • cinder_service_v2_publicuri

  • cinder_service_v2_publicurl

  • cinder_service_v2_adminuri

  • cinder_service_v2_adminurl

  • cinder_service_v2_internaluri

  • cinder_service_v2_internalurl

• Following variables were deprecated and removed in favor of their analogues

  • cinder_service_description -> cinder_service_v3_description

  • cinder_service_publicuri_proto -> cinder_service_v3_publicuri_proto

  • cinder_service_adminuri_proto -> cinder_service_v3_adminuri_proto

  • cinder_service_internaluri_proto -> cinder_service_v3_internaluri_proto

  • cinder_service_type -> cinder_service_v3_type

  • cinder_service_publicuri -> cinder_service_v3_publicurl

  • cinder_service_adminuri -> cinder_service_v3_adminurl

  • cinder_service_internaluri -> cinder_service_v3_internalurl

  • cinder_service_v3_port -> cinder_service_port

  • cinder_service_v3_proto -> cinder_service_proto

• Variable rabbitmq_erlang_version_spec has been deprecated and does not have any effect anymore. Please, use rabbitmq_erlang_package_version instead.

• Variable haproxy_tls_vip_binds has been renamed to haproxy_vip_binds to better reflect variable purpose. Old variable name is still respected but it’s usage is descouraged and old naming will be removed in the future.

Bug Fixes

• The format of kernel and ramdisk images for Ironic is now raw in order to conform to upstream expectations.

  See https://bugs.launchpad.net/ironic/+bug/2074090

• Issues with uWSGI mode for Neutron has been addressed and uWSGI be used for the service.

Other Notes

• Supplying rabbitmq_upgrade=true no longer re-initialize cluster and will perform regular rolling upgrade of the RabbitMQ cluster.