Stein Series Release Notes

14.4.0-24

New Features

• Adds –all-cells to the archive command based on an empty_table boolean flag. If true, it will run in archive command on all configured cells.

• Adds –before to the archive command based on age parameter provided. If added, it will run with –before date –date=’today - age days’ +\%F

• Add parameter num_pcie_ports to specify the number of PCIe ports an instance will get. Libvirt allows a custom number of PCIe ports (pcie-root-port controllers) a target instance will get. Some will be used by default, rest will be available for hotplug use.

• Adds log_filters parameter to nova::compute::libvirt. Defines a filter to select a different logging level for a given category log outputs, as specified in https://libvirt.org/logging.html . Default undef

• Add tls_priority parameter to nova::compute::libvirt class to override the compile time default TLS priority string. The default is usually “NORMAL” unless overridden at build time. Only set this if it is desired for libvirt to deviate from the global default settings.

• Add parameter live_migration_wait_for_vif_plug to whether to wait for network-vif-plugged events before starting guest transfer.

• Add parameter mem_stats_period_seconds to specify number of seconds to memory usage statistics period, zero or negative value mean to disable memory usage statistics.

• The libvirt driver allows passing different mount options to the nfs client. [libvirt]/nfs_mount_options, defaulting to <None>.

• Add parameter limit_tenants_to_placement_aggregate which allows to have tenant isolation with placement. It ensures hosts are in tenant-isolated host aggregate and availability zones will only be available to specific set of tenants.

• Add parameter placement_aggregate_required_for_tenants which controls whether or not a tenant with no aggregate affinity will be allowed to schedule to any available node, when limit_tenants_to_placement_aggregate is set to True. Default value for this parameter is False.

• Add parameter query_placement_for_availability_zone that allows the scheduler to look up a host aggregate with metadata key of availability zone set to the value provided by incoming request, and request result from placement be limited to that aggregate. Default value for this parameter is false.

Bug Fixes

• Add cinder credentials in cinder section of nova conf to fix issue when reclaim_instance_interval > 0 and delete instance which booted from volume ‘delete_on_termination’ set as true. The volume status showing attached and in-use, even after instance deletion, since the admin context didn’t have any token info hence call to cinder api failed. In case when context is is_admin and without token,added cinder creds used to do authentication with user/project info to call cinder api. [Bug 1734025]

14.4.0

New Features

• Add the log_file option for logging.

14.3.0

Prelude

In this release Ubuntu has moved all projects that supported it to python3 which means that there will be a lot of changes. The Puppet OpenStack project does not test the upgrade path from python2 to python3 packages so there might be manual steps required when moving to the python3 packages.

New Features

• https://review.openstack.org/625216 introduces a new setting which needs set to true if native TLS for migration and disks over NBD is being used.

• Service_token_roles_required missing in the server config file which allows backwards compatibility to ensure that the service tokens are compared against a list of possible roles for validity.

Upgrade Notes

• Add support to enable/disable live-migration for NUMA topology instances

  Add configuration parameter workarounds/enable_numa_live_migration (defaults to false) which allows to enable/disable live-migration for NUMA topology instances.

• This module now requires a puppetlabs-mysql version >= 6.0.0

• Ubuntu packages are now using python3, the upgrade path is not tested by Puppet OpenStack. Manual steps may be required when upgrading.

• The deprecated parameters use_syslog, use_stderr, log_facility, log_dir and debug in the init class is now removed. Please set them in the logging class.

Deprecation Notes

• The deployment of the Placement service using the following puppet-nova classes is now deprecated in favour of the puppet-placement module:

  • nova::placement

  • nova::db::mysql_placement

  • nova::keystone::auth_placement

  • nova::wsgi::apache_placement

  The following parameters are deprecated for removal:

  • nova::placement_database_connection

  • nova::placement_slave_connection

  • nova::placement::enabled

  • nova::placement::manage_service

  • nova::placement::package_name

  • nova::placement::service_name

  • nova::placement::ensure_package

  • nova::db::placement_database_connection

  • nova::db::placement_slave_connection

  • nova::db::mysql_placement::password

  • nova::db::mysql_placement::dbname

  • nova::db::mysql_placement::user

  • nova::db::mysql_placement::host

  • nova::db::mysql_placement::charset

  • nova::db::mysql_placement::collate

  • nova::db::mysql_placement::allowed_hosts

  • nova::keystone::auth_placement::password,

  • nova::keystone::auth_placement::auth_name

  • nova::keystone::auth_placement::service_name

  • nova::keystone::auth_placement::service_description

  • nova::keystone::auth_placement::region

  • nova::keystone::auth_placement::tenant

  • nova::keystone::auth_placement::email

  • nova::keystone::auth_placement::public_url

  • nova::keystone::auth_placement::internal_url

  • nova::keystone::auth_placement::admin_url

  • nova::keystone::auth_placement::configure_endpoint

  • nova::keystone::auth_placement::configure_user

  • nova::keystone::auth_placement::configure_user_role

  • nova::wsgi::apache_placement::servername

  • nova::wsgi::apache_placement::api_port

  • nova::wsgi::apache_placement::bind_host

  • nova::wsgi::apache_placement::path

  • nova::wsgi::apache_placement::ssl

  • nova::wsgi::apache_placement::workers

  • nova::wsgi::apache_placement::ssl_cert

  • nova::wsgi::apache_placement::ssl_key

  • nova::wsgi::apache_placement::ssl_chain

  • nova::wsgi::apache_placement::ssl_ca

  • nova::wsgi::apache_placement::ssl_crl_path

  • nova::wsgi::apache_placement::ssl_crl

  • nova::wsgi::apache_placement::ssl_certs_dir

  • nova::wsgi::apache_placement::wsgi_process_display_name

  • nova::wsgi::apache_placement::threads

  • nova::wsgi::apache_placement::priority

  • nova::wsgi::apache_placement::ensure_package

  • nova::wsgi::apache_placement::access_log_file

  • nova::wsgi::apache_placement::access_log_format

  • nova::wsgi::apache_placement::error_log_file

  • nova::wsgi::apache_placement::custom_wsgi_process_options

  The nova::placement class will continue to be used to configure the [placement] section of nova.conf.

  These deprecations come ahead of the planned extraction of the Placement service from the Nova project early in the upcoming OpenStack Train release development cycle.

14.2.0

New Features

• nova::db::postgresql now creates the nova_cell0 database

• Added new parameter nova::network::neutron::neutron_timeout that replaces the current neutron_url_timeout parameter.

• Added new parameter nova::network::neutron::neutron_valid_interfaces which can be used to override the keystone catalog interface nova should lookup for the neutron endpoint.

• Added new parameter nova::network::neutron::neutron_endpoint_override that can be used to force the endpoint nova should use to talk to neutron, otherwise it will be looked up in the keystone endpoint catalog.

Upgrade Notes

• nova::db::postgresql now creates the nova_cell0 database, you can disable this behaviour by setting setup_cell0 to false.

• The deprecated parameter auth_uri is now removed, please use www_authenticate_uri.

Deprecation Notes

• check_revocations_for_cached option is now deprecated for removal, the parameter has no effect.

• hash_algorithms option is now deprecated for removal, the parameter has no effect.

• nova::network::neutron::neutron_url is deprecated and will be removed in a future release. Nova will default to looking up the neutron endpoint in the keystone catalog, you can override the endpoint type with neutron_endpoint_type or by overriding the endpoint with the neutron_endpoint_override parameter.

• nova::network::neutron::neutron_url_timeout is deprecated, please use neutron_timeout instead.

• nova::network::bridge class is deprecated and will be removed in a future release because it doesn’t align with this modules purpose to configure nova nad not networking interfaces.

• nova::network::flat, nova::network::flatdhcp and nova::network::vlan classes is now deprecated and will be removed in a future release. Nova-network is deprecated in nova and will be removed in a future release.

• firewall_driver and dhcp_domain parameters in nova::network::neutron is deprecated and will be removed in a future release. These are replaced by use_neutron and DNS domain functionality in neutron, these were focused on supporting nova-network and will be removed when nova-network support is removed from nova.

• nova_network resource is deprecated and will be removed in a future release.

• nova::compute::neutron class is deprecated and will be removed in a future release.

• nova::manage::network is deprecated and will be removed in a future release.

• nova::use_ipv6 is deprecated and will be removed in a future release.

14.1.0

New Features

• Add support for native TLS encryption on NBD for disk migration

  The NBD protocol previously runs in clear text, offering no security protection for the data transferred, unless it is tunnelled over some external transport like SSH. Such tunnelling is inefficient and inconvenient to manage. Support for TLS to the NBD clients & servers provided by QEMU was added. This adds support to configure ndb related qemu.conf parameters.

• Added new parameter nova::cache::manage_backend_package that is sent to the oslo::cache class which determines if the backend cache python library should be installed or not. Defaults to true same as oslo::cache default value.

• Add nova file_backed_memory and memory_backing_dir support for qemu.conf

  The libvirt driver now allows utilizing file backed memory for qemu/KVM virtual machines, via a new configuration attribute [libvirt]/file_backed_memory, defaulting to 0 (disabled).

  [libvirt]/file_backed_memory specifies the available capacity in MiB for file backed memory, at the directory configured for memory_backing_dir in libvirt’s qemu.conf. When enabled, the libvirt driver will report the configured value for the total memory capacity of the node, and will report used memory as the sum of all configured guest memory.

  Running Nova with file_backed_memory requires libvirt version 4.0.0 and qemu version 2.6.0

• Added new parameter nova::scheduler::workers which can be used to set the amount of scheduler workers.

• Adding nova::compute::sync_power_state_interval parameter that configure the interval to sync power states between the database and the hypervisor. Set to -1 to disable, or to 0 to run the default rate. Defaults to $::os_service_default.

• Add support for libvirt volume_use_multipath the ability to use multipath connection of the iSCSI or FC volume. Volumes can be connected in the LibVirt as multipath devices. Adds new parameter “nova::compute::libvirt::volume_use_multipath”

Known Issues

• The nova::cells::create_cells functionality is not working and will not be fixed and has therefore been removed.

• The nova::quota class now properly sets the config options in the [quota] section and not the [DEFAULT] section which is deprecated.

Upgrade Notes

• The nova::cells::create_cells functionality is deprecated and has no effect since it was broken before and will not be fixed. Cells v1 has been deprecated in Nova since Ocata and will be removed soon.

• The deprecated nova::placement::os_region_name parameter is now removed. Please use the nova::placement::region_name parameter instead.

• Deprecated nova::compute::keymgr_api_class option has been removed.

Deprecation Notes

• The Cell v1 functionality is now deprecated and should not be used. It has been deprecated since Ocata and will be removed soon. This affects nova::cells, nova::manage::cells and the nova_cells resource.

• fping_path option is now deprecated for removal, the parameter has no effect.

• The image_service parameter is deprecated, as we are already using python-glanceclient instead of old glance client.

• nova::compute::vnc_keymap option is now deprecated for removal, the parameter has no effect.

• nova::compute::spice::keymap option is now deprecated for removal, the parameter has no effect.

• The notify_on_api_faults parameter is deprecated as it is also removed from nova config options in change https://review.openstack.org/#/c/505164.

• The following parameters in nova::quota class has been deprecated and has changed name:

  • quota_instances (now instances)

  • quota_cores (now cores)

  • quota_ram (now ram)

  • quota_floating_ips (now floating_ips)

  • quota_fixed_ips (now fixed_ips)

  • quota_metadata_items (now metadata_items)

  • quota_injected_files (now injected_files)

  • quota_injected_file_content_bytes (now injected_file_content_bytes)

  • quota_injected_file_path_length (now injected_file_path_length)

  • quota_security_groups (now security_groups)

  • quota_security_group_rules (now security_group_rules)

  • quota_key_pairs (now key_pairs)

  • quota_server_groups (now server_groups)

  • quota_server_group_members (now server_group_members)

• The nova::placement::os_interface parameter is now deprecated and will be removed the next release. Please use nova::placement::valid_interfaces instead.