Train Series Release Notes


New Features

  • The overcloud delete subcommand now supports cleaning up overcloud hosts, services, and DNS entries in FreeIPA. This is applicable to deployments with TLS support enabled since FreeIPA serves DNS and manages certificates for overcloud infrastructure. This subcommand also includes a new option called --skip-ipa-cleanup that allows the caller to forego cleaning up FreeIPA. This may be useful when deployers want to forcibly cleanup overcloud stacks and leave FreeIPA entries intact (e.g., network partition events where the FreeIPA server isn’t reachable). Note that you will need to manually cleanup FreeIPA if you use --skip-ipa-cleanup.

  • Add –work-dir to openstack overcloud container image build command and every run will create a unique workspace which where will be stored Kolla configs and build logs. Default directory will be in /tmp/container-builds. UUIDs are used to identify each time we run the command and will be the directory name in the work dir.

  • Added –overcloud-ssh-enable-timeout to allow end users to increase the wait time during the deploy, ffu, upgrade and admin actions. By default this is 600 seconds.

  • Added –overcloud-ssh-port-timeout to allow end users to increase the time we wait for ssh to become ready on the hosts during the deploy, ffu, upgrade and admin actions. On older hardware or slow booting hardware, the 300 seconds we wait by default for the port to come up may not be sufficient.

  • The network interface drivers for the Baremetal service on the undercloud is now configurable. New undercloud.conf options enabled_network_interfaces (Default: flat) and default_network_interface (Default: flat) control the enabled network interface and the default network interface when enrolling nodes.

  • The upgrade/update commands have a prompt by default now that ask for confirmation before proceeding. It’ll prevent an operator to run the command and cause the problems to infrastructure. This prompt can be skipped with –yes/-y argument.

  • The TripleO Validator CLI has now a new logging feature which keep every validation execution log in the Undercloud (/var/log/validations/). The CLI is able to display the history and allow the user to get the full execution details.

Upgrade Notes

  • The undercloud.conf file is now strictly parsed. If there are detected issues within the undercloud.conf configuration file operations will halt, producing an error and highlighting how to resolve the issue.

Deprecation Notes

  • The ffwd-upgrade command isn’t needed anymore since Queens. The ffwd upgrade now relies on the overcloud upgrade commands, therefore there is no need to keep the old ffwd-upgrade commands around as they could just cause confusion to the user.

Bug Fixes

  • Ansible connection timeout used for config download and the deployment timeout now will be given proper values. It fixes bug 1868063.

  • The client (tripleoclient) now raises a new exception, ConfigDownloadInProgress, if there is already an instance of the tripleo.deployment.v1.config_download_deploy workflow in progress for the current stack.

  • The undercloud.conf file is now strictly parsed which ensures a clean configuration when deploying the undercloud.


New Features

  • A new command “openstack overcloud export” is added. The command is used to export the data from a control stack for use in a compute stack for the multi-stack feature.

Deprecation Notes

  • The TripleO Validator CLI doesn’t support Mistral anymore for listing and running the Validations. Ansible is now the way to run them.

  • The TripleO Validator was using Mistral to get all the Validations available on the Undercloud. From now, The CLI is parsing the Validations directly from the filesystem and the Mistral support has been removed.

Bug Fixes

  • Fixed an issue where the DHCP server for ironic-inspector was configured to operate in DHCPv6-stateful mode when the undercloud configuration specified DHCPv6-stateless mode. (See bug: 1853334)


New Features

  • The IPv6 addressing mode is now configurable for the undercloud provisioning network. The option ipv6_address_mode (default: dhpcv6-stateless) in undercloud.conf is used to control the addressing mode. Possible values:

    • dhpcv6-stateless: Address configuration using RA and optional information using DHCPv6.

    • dhcpv6-stateful: Address configuration and optional information using DHCPv6.

Deprecation Notes

  • openstack overcloud container image prepare has been deprecated and replaced by openstack tripleo container image prepare

  • openstack overcloud container image tag discover has been deprecated and replaced by openstack tripleo container image prepare

Bug Fixes

  • The MTU setting was not configured for Ironic Inspector DHCP (dnsmasq) service. This caused inspection to fail when operating on a network with < 1500 bytes MTU. See bug: 1845487.


New Features

  • The ‘openstack tripleo validator list’ subcommand can only display all the available parameters for the validations using the new –parameters argument and extract them to a file using the new –create-vars-file argument.

  • The operator is now able to pass extra variables while executing validations through the command line. The command line will accept either a Dict with the new –extra-vars argument or the absolute path of a file (JSON or YAML when using ansible and JSON only when using Mistral) with the new –extra-vars-file argument.

  • Enable new preflight check on the undercloud, using ansible playbooks from openstack-tripleo-validations.

  • Check runs differently if we’re on a brand new deploy or an upgrade, as we don’t need the same amount of free space.

  • Disable the container healthchecks on the Undercloud in the undercloud.conf with the new option container_healthcheck_disabled, false by default.

  • Introduce new “–inflight-validations” option in order to activate those validations. It defaults to “False”, since we don’t want them by default.

  • New command “openstack overcloud node unprovision”

    This is a companion command to “openstack overcloud node provision” which is required for scale-down and should be run after “openstack overcloud deploy”.

    It will undeploy any instance which has provisioned=False in the supplied roles yaml.

  • With the new podman container setup comes an Apache served local image registry.

    openstack tripleo container image push allows you to maintain those images, and add new images as required.

Upgrade Notes

  • Support for the cisco-ucs-managed and cisco-ucs-standalone hardware types has been removed since these hardware types have been removed from Ironic due to lack of maintenance.


New Features

  • The validations can now be performed by calling Mistral or by calling ansible-playbook. By default, the latter is used. The new --use-mistral option allows to execute either groups or a set of specific validations by calling Mistral instead of using the default mechanism, ie. ansible-playbook.

  • Undercloud ctlplane subnets can now have individual nameservers (per-subnet option dns_nameservers). If no subnet specific nameservers are specified for a subnet it will fall back to undercloud_nameservers.

  • With the new podman container setup comes an Apache served local image registry.

    openstack tripleo container image delete allows you to maintain those images, and remove those that are no longer required.

  • With the new podman container setup comes an Apache served local image registry.

    openstack tripleo container image list gives you insight into your images.

  • With the new podman container setup comes an Apache served local image registry.

    openstack tripleo container image show will perform an inspection on a given image, and present the details.

  • Adds openstack undercloud minion install and openstack undercloud minion upgrade to install or upgrade an undercloud minion that can be used to scale heat-engine and ironic-conductor horizontally.

Upgrade Notes

  • The openstack undercloud deploy command has been removed. Use openstack tripleo deploy instead.

Other Notes

  • When running with –config-download-only, the enable ssh admin will now be skipped. Skipping the ssh admin workflow saves time when trying to do the config download workflow only. If the ssh admin workflow needs to be rerun, the “openstack overcloud admin” command can be used.


New Features

  • Added a y/n prompt to the node delete command to prevent a user from accidently executing a node delete action since it’s a destructive action.

Upgrade Notes

  • enable_ui has been removed from the undercloud configuration options.

Deprecation Notes

  • The scale and flavor params have been deprecated since Newton. This is the start of the process to removing these params. The CLI will now throw an error if any of the old scale and/or flavor params are passed. This check should be removed in a future release.

Bug Fixes

  • The verbosity of the config-download ansible tasks for deployment are now controlled by the verbosity level specified on the command line.