Pike Series Release Notes

5.0.3

Bug Fixes

  • Fixes a bug where the Baremetal Introspection service’s public endpoint registered in the Identity service referenced the internal API endpoint.

5.0.0

Prelude

The Data Plane Development Kit (DPDK) is a collection of userspace libraries and tools that facilitate the development of high-performance userspace networking applications. During the Pike cycle, kolla has been extended to support deploying OpenvSwitch with the dpdk netdev dataplane.

New Features

  • Cleanup-images support advanced features such as remove all kolla images, remove dangling images, delete user selected images and remove images from specific kolla_version.

  • Add a new flag to explicitly enable provider networks, i.e. networks where instances directly connect to the physical networks (flat,VLAN). In such cases external bridges must be configured on compute nodes, like it is done for self-service (tenant manageable) networks in DVR mode. Otherwise this flag allows to avoid unnecessary interface and bridge setup on compute nodes in case of tenant networks in non-DVR mode.

  • Add Glance Swift backend support

  • Add graceful timeout argument to kolla_docker library for stoping, restaring container.

  • Add kolla-ansible bash-completion script under contrib/bash-completion folder.

  • Added playbooks and default configuration for neutron-bgp-dragent service

  • Add qdrouterd ansible role (apache qpid-dispatch-router) for direct messaging infrastructure component. Oslo.messaging amqp driver supports qdrouterd for rpc messaging backend communications.

  • Add ceph-rgw object store support to Trove

  • Cinder-api service has been migrated to run under an apache wsgi process.

  • Add a new subcommand ‘check’ to kolla-ansible, used to run the smoke/sanity checks.

  • Allow users to set neutron type drivers and tenant network types. These are configurable via ‘neutron_type_drivers’ and ‘neutron_tenant_network_types’ variables correspondingly. Tenant network types are checked against a list of type drivers. Also ‘flat’ network type is checked in the lists for Ironic.

  • Run ansible playbooks in serial is disabled by default now. Serial is not recommended. But you can enable it by configuring ANSIBLE_SERIAL environment variable.

  • Neutron port_security extension driver is enabled by default.

  • Implement Nova-HyperV ansible role

  • Add a Kolla ‘devstack’ mode. See doc/kolla-for-openstack-development.rst for more info.

  • Redis has been implemented as mistral coordination backend.

  • Add support for basic multiple regions, that is to say, many OpenStack with a shared Keystone (same users) and Horizon.

  • RabbitMQ now has a vhost entry so the engine can communicate with murano agents running in user VMs.

  • Add OpenDaylight role

  • Osprofiler support has been implemented in OpenStack services

  • Add a new ‘outward facing’ rabbitmq, for services which require a user facing message queue such as Murano or Trove.

  • A new ovs-dpdk role has been introduced to support deploy OpenvSwitch with the userspace DPDK dataplane. This playbook has been tested on Centos and Ubuntu hosts and introduces a new enable_ovs_dpdk variable to control deployment of OVS with DPDK instead of kernel ovs.

  • The ovs-dpdkctl.sh tool has been enhanced to enable automatic loading of DPDK compatible kernel modules.

  • The ovs-dpdkctl.sh tool has been extended to configure per host tunnel ip address to enable vxlan and other tunnel networking.

  • OpenVSwitch was split to separate role (was part of neutron role)

  • Kolla-ansible reconfigure rework to increase reconfigure performance

  • Add OpenStack VMWare NSX support into neutron service.

  • New Tacker conductor service is implemented.

  • Unmount Ceph OSD disks as part of ‘kolla-ansible destroy’

Known Issues

  • The ovs-dpdk role introduced this release has been tested on centos 7 and ubuntu 16.04 hosts. While both host operating systems can be used to deploy ovs-dpdk containers a conflict exists between the cgroups created by docker and systemd on centos. These conflicts prevent restarting the ovs-dpdk containers once deployed. This issue is not present on Ubuntu and is fixed in newer versions of systemd. Deploying the ovs-dpdk role on centos is not advised in production on CentOS hosts unless you have validated that this issue has been addressed.

Upgrade Notes

  • The default multinode inventory now specifies a second network node for high availability of the VIP.

  • By default this flag is disabled. If provider networks were used in previous releases please set ‘enable_neutron_provider_networks’ property to ‘yes’.

  • Fixes an issue with the barbican service when using the simple_crypto plugin whereby an invalid value is generated and used as the plugin’s encryption key.

    The encryption key is configured via the [simple_crypto_plugin]: kek configuration option in barbican.conf. This option was previously configured using the kolla-ansible variable barbican_crypto_password, but is now configured using barbican_crypto_key which uses the correct format.

    Operators that have set barbican_crypto_password to a valid value to work around this issue should ensure that barbican_crypto_key is configured in passwords.yml with the same value that was used for barbican_crypto_password. This will ensure that existing barbican secrets can be decrypted.

    The variable barbican_crypto_password may safely be removed from passwords.yml.

  • ceph_rgw_keystone_password is required in passwords.yml file. And ceph-rgw depends on a separate user rather than keystone admin user now.

  • Default neutron_tenant_network_types list consist of ‘vxlan’. Ironic users should add ‘flat’ to the list. Also for Hyper-V the list should contain ‘vlan’.

  • Keystone version will be removed from keystone endpoints while upgrading to Pike.

  • Designate mDNS container now runs on network nodes, ensure designate-mdns group in your inventory has network as parent group.

  • Redis is a required feature for mistral, please ensure redis is enabled before upgrading mistral.

  • chrony server high available is implemented. And it depends on VIP now. chrony-server group is moved to network node in default and must be the same with haproxy group.

  • When upgrading ovs-dpdk it should be noted that this will alway invovle a dataplane outage. Unlike kernel OVS the dataplane for ovs-dpdk executes in the ovs-vswitchd process. As such it is recommended to always evacuate all vm workloads from a node running ovs-dpdk prior to upgrading.

  • A new group openvswitch is required in inventory file prior to upgrade.

  • ceilometer-api is marked as deprecated and useless now by Ib88957001de2a61f9625ca5584a2129216647841, it will not be deployed. ceilometer-notification is marked as deprecated and useless now by I25a6e0b9221844adb4412f1829d9e290b6e198a3, it will not be deployed. ceilometer_database_type and ceilometer_event_type variable is ignored.

  • cinder_rbd_secret_uuid variable is requirement in passwords.yml file

  • To support new tacker-conductor service, tacker role has been reformated, before upgrade, tacker-server and tacker-conductor groups should be included in inventory files.

  • Tacker requires Mistral service to be enabled as of Pike release to implement vim monitoring.

Deprecation Notes

  • The following files are deprecated and should be removed during Queens cycle, use /etc/kolla/config/global.conf instead:

    • /etc/kolla/config/database.conf

    • /etc/kolla/config/messaging.conf

  • Ubuntu 14.04 related stuff has been removed. Last Openstack version supported on Ubuntu 14.04 was Mitaka.

Other Notes

  • Reconfiguring form kernel based OVS to OVS with DPDK has not been tested in this release. Changing ovs datapaths on a deployed node requires neutron config changes and libvirt xml changes for all running instances including a hard reboot of the vm. VMs deployed to an node running ovs-dpdk require hugepage backed memory to function correctly. As such it is not advised to convert an existing compute node to use ovs-dpdk if it currently has VMs deployed.