Release Notes

Red Hat OpenStack Platform 16.2

Release details for Red Hat OpenStack Platform 16.2

OpenStack Documentation Team

Red Hat Customer Content Services

Abstract

This document outlines the major features, enhancements, and known issues in this release of Red Hat OpenStack Platform.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. We are beginning with these four terms: master, slave, blacklist, and whitelist. Because of the enormity of this endeavor, these changes will be implemented gradually over several upcoming releases. For more details, see our CTO Chris Wright’s message.

Providing feedback on Red Hat documentation

We appreciate your input on our documentation. Tell us how we can make it better.

Using the Direct Documentation Feedback (DDF) function

Use the Add Feedback DDF function for direct comments on specific sentences, paragraphs, or code blocks.

  1. View the documentation in the Multi-page HTML format.
  2. Ensure that you see the Feedback button in the upper right corner of the document.
  3. Highlight the part of text that you want to comment on.
  4. Click Add Feedback.
  5. Complete the Add Feedback field with your comments.
  6. Optional: Add your email address so that the documentation team can contact you for clarification on your issue.
  7. Click Submit.

Chapter 1. Introduction

1.1. About this Release

This release of Red Hat OpenStack Platform is based on the OpenStack "Train" release. It includes additional features, known issues, and resolved issues specific to Red Hat OpenStack Platform.

Only changes specific to Red Hat OpenStack Platform are included in this document. The release notes for the OpenStack "Train" release itself are available at the following location: https://releases.openstack.org/train/index.html.

Red Hat OpenStack Platform uses components from other Red Hat products. For specific information pertaining to the support of these components, see https://access.redhat.com/site/support/policy/updates/openstack/platform/.

To evaluate Red Hat OpenStack Platform, sign up at http://www.redhat.com/openstack/.

Note

The Red Hat Enterprise Linux High Availability Add-On is available for Red Hat OpenStack Platform use cases. For more details about the add-on, see http://www.redhat.com/products/enterprise-linux-add-ons/high-availability/. For details about the package versions to use in combination with Red Hat OpenStack Platform, see https://access.redhat.com/site/solutions/509783.

1.2. Requirements

This version of Red Hat OpenStack Platform runs on the most recent fully supported release of Red Hat Enterprise Linux 8.4.

The Red Hat OpenStack Platform dashboard is a web-based interface that allows you to manage OpenStack resources and services.

  • Chrome
  • Mozilla Firefox
  • Mozilla Firefox ESR
  • Internet Explorer 11 and later (with Compatibility Mode disabled)

    Note

    You can use Internet Explorer 11 to display the dashboard but expect a degradation of some functionalities because the browser is no longer maintained.

Note

Prior to deploying Red Hat OpenStack Platform, it is important to consider the characteristics of the available deployment methods. For more information, see Installing and Managing Red Hat OpenStack Platform.

1.3. Deployment Limits

For a list of deployment limits for Red Hat OpenStack Platform, see Deployment Limits for Red Hat OpenStack Platform.

1.4. Database Size Management

For recommended practices on maintaining the size of the MariaDB databases in your Red Hat OpenStack Platform environment, see Database Size Management for Red Hat Enterprise Linux OpenStack Platform.

1.5. Certified Drivers and Plug-ins

For a list of the certified drivers and plug-ins in Red Hat OpenStack Platform, see Component, Plug-In, and Driver Support in Red Hat OpenStack Platform.

1.6. Certified Guest Operating Systems

For a list of the certified guest operating systems in Red Hat OpenStack Platform, see Certified Guest Operating Systems in Red Hat OpenStack Platform and Red Hat Enterprise Virtualization.

1.7. Product Certification Catalog

For a list of the Red Hat Official Product Certification Catalog, see Product Certification Catalog.

1.8. Bare Metal Provisioning Operating Systems

For a list of the guest operating systems that can be installed on bare metal nodes in Red Hat OpenStack Platform through Bare Metal Provisioning (ironic), see Supported Operating Systems Deployable With Bare Metal Provisioning (ironic).

1.9. Hypervisor Support

This release of the Red Hat OpenStack Platform is supported only with the libvirt driver (using KVM as the hypervisor on Compute nodes).

This release of the Red Hat OpenStack Platform runs with Bare Metal Provisioning.

Bare Metal Provisioning has been fully supported since the release of Red Hat OpenStack Platform 7 (Kilo). Bare Metal Provisioning allows you to provision bare-metal machines using common technologies (such as PXE and IPMI) to cover a wide range of hardware while supporting pluggable drivers to allow the addition of vendor-specific functionality.

Red Hat does not provide support for other Compute virtualization drivers such as the deprecated VMware "direct-to-ESX" hypervisor or non-KVM libvirt hypervisors.

1.10. Content Delivery Network (CDN) Repositories

This section describes the repositories required to deploy Red Hat OpenStack Platform 16.2.

You can install Red Hat OpenStack Platform 16.2 through the Content Delivery Network (CDN) using subscription-manager. For more information, see Preparing the undercloud.

Warning

Some packages in the Red Hat OpenStack Platform software repositories conflict with packages provided by the Extra Packages for Enterprise Linux (EPEL) software repositories. The use of Red Hat OpenStack Platform on systems with the EPEL software repositories enabled is unsupported.

1.10.1. Undercloud repositories

Red Hat OpenStack Platform 16.2 runs on Red Hat Enterprise Linux 8.4. As a result, you must lock the content from these repositories to the respective Red Hat Enterprise Linux version.

Note

If you synchronize repositories with Red Hat Satellite, you can enable specific versions of the Red Hat Enterprise Linux repositories. However, the repository remains the same despite the version you choose. For example, you can enable the 8.4 version of the BaseOS repository, but the repository name is still rhel-8-for-x86_64-baseos-eus-rpms despite the specific version you choose.

Warning

Any repositories outside the ones specified here are not supported. Unless recommended, do not enable any other products or repositories outside the ones listed in the following tables or else you might encounter package dependency issues. Do not enable Extra Packages for Enterprise Linux (EPEL).

Core repositories

The following table lists core repositories for installing the undercloud.

NameRepositoryDescription of requirement

Red Hat Enterprise Linux 8 for x86_64 - BaseOS (RPMs) Extended Update Support (EUS)

rhel-8-for-x86_64-baseos-eus-rpms

Base operating system repository for x86_64 systems.

Red Hat Enterprise Linux 8 for x86_64 - AppStream (RPMs)

rhel-8-for-x86_64-appstream-eus-rpms

Contains Red Hat OpenStack Platform dependencies.

Red Hat Enterprise Linux 8 for x86_64 - High Availability (RPMs) Extended Update Support (EUS)

rhel-8-for-x86_64-highavailability-eus-rpms

High availability tools for Red Hat Enterprise Linux. Used for Controller node high availability.

Red Hat Ansible Engine 2.9 for RHEL 8 x86_64 (RPMs)

ansible-2.9-for-rhel-8-x86_64-rpms

Ansible Engine for Red Hat Enterprise Linux. Used to provide the latest version of Ansible.

Red Hat Satellite Tools for RHEL 8 Server RPMs x86_64

satellite-tools-<satellite-version>-for-rhel-8-x86_64-rpms

Tools for managing hosts with Red Hat Satellite 6, where <satellite-version> is the version of Red Hat Satellite Server that you use.

Red Hat OpenStack Platform 16.2 for RHEL 8 (RPMs)

openstack-16.2-for-rhel-8-x86_64-rpms

Core Red Hat OpenStack Platform repository, which contains packages for Red Hat OpenStack Platform director.

Red Hat Fast Datapath for RHEL 8 (RPMS)

fast-datapath-for-rhel-8-x86_64-rpms

Provides Open vSwitch (OVS) packages for OpenStack Platform.

Red Hat Advanced Virt for RHEL 8 (RPMS)

advanced-virt-for-rhel-8-x86_64-rpms

Provides advanced virtualization packages for OpenStack Platform.

Ceph repositories

The following table lists Ceph Storage related repositories for the undercloud.

NameRepositoryDescription of Requirement

Red Hat Ceph Storage Tools 4 for RHEL 8 x86_64 (RPMs)

rhceph-4-tools-for-rhel-8-x86_64-rpms

Provides tools for nodes to communicate with the Ceph Storage cluster. The undercloud requires the ceph-ansible package from this repository if you plan to use Ceph Storage in your overcloud or if you want to integrate with an existing Ceph Storage cluster.

IBM POWER repositories

The following table contains a list of repositories for Red Hat Openstack Platform on POWER PC architecture. Use these repositories in place of equivalents in the Core repositories.

NameRepositoryDescription of requirement

Red Hat Enterprise Linux for IBM Power, little endian - BaseOS (RPMs)

rhel-8-for-ppc64le-baseos-rpms

Base operating system repository for ppc64le systems.

Red Hat Enterprise Linux 8 for IBM Power, little endian - AppStream (RPMs)

rhel-8-for-ppc64le-appstream-rpms

Contains Red Hat OpenStack Platform dependencies.

Red Hat Enterprise Linux 8 for IBM Power, little endian - High Availability (RPMs)

rhel-8-for-ppc64le-highavailability-rpms

High availability tools for Red Hat Enterprise Linux. Used for Controller node high availability.

Red Hat Fast Datapath for RHEL 8 IBM Power, little endian (RPMS)

fast-datapath-for-rhel-8-ppc64le-rpms

Provides Open vSwitch (OVS) packages for OpenStack Platform.

Red Hat Ansible Engine 2.9 for RHEL 8 IBM Power, little endian (RPMs)

ansible-2.9-for-rhel-8-ppc64le-rpms

Ansible Engine for Red Hat Enterprise Linux. Provides the latest version of Ansible.

Red Hat OpenStack Platform 16.2 for RHEL 8 (RPMs)

openstack-16.2-for-rhel-8-ppc64le-rpms

Core Red Hat OpenStack Platform repository for ppc64le systems.

1.10.2. Overcloud repositories

Red Hat OpenStack Platform 16.2 runs on Red Hat Enterprise Linux 8.4. As a result, you must lock the content from these repositories to the respective Red Hat Enterprise Linux version.

Note

If you synchronize repositories with Red Hat Satellite, you can enable specific versions of the Red Hat Enterprise Linux repositories. However, the repository remains the same despite the version you choose. For example, you can enable the 8.4 version of the BaseOS repository, but the repository name is still rhel-8-for-x86_64-baseos-eus-rpms despite the specific version you choose.

Warning

Any repositories outside the ones specified here are not supported. Unless recommended, do not enable any other products or repositories outside the ones listed in the following tables or else you might encounter package dependency issues. Do not enable Extra Packages for Enterprise Linux (EPEL).

Controller node repositories

The following table lists core repositories for Controller nodes in the overcloud.

NameRepositoryDescription of requirement

Red Hat Enterprise Linux 8 for x86_64 - BaseOS (RPMs) Extended Update Support (EUS)

rhel-8-for-x86_64-baseos-eus-rpms

Base operating system repository for x86_64 systems.

Red Hat Enterprise Linux 8 for x86_64 - AppStream (RPMs)

rhel-8-for-x86_64-appstream-eus-rpms

Contains Red Hat OpenStack Platform dependencies.

Red Hat Enterprise Linux 8 for x86_64 - High Availability (RPMs) Extended Update Support (EUS)

rhel-8-for-x86_64-highavailability-eus-rpms

High availability tools for Red Hat Enterprise Linux.

Red Hat Ansible Engine 2.9 for RHEL 8 x86_64 (RPMs)

ansible-2.9-for-rhel-8-x86_64-rpms

Ansible Engine for Red Hat Enterprise Linux. Used to provide the latest version of Ansible.

Advanced Virtualization for RHEL 8 x86_64 (RPMs)

advanced-virt-for-rhel-8-x86_64-rpms

Provides virtualization packages for OpenStack Platform.

Red Hat OpenStack Platform 16.2 for RHEL 8 (RPMs)

openstack-16.2-for-rhel-8-x86_64-rpms

Core Red Hat OpenStack Platform repository.

Red Hat Fast Datapath for RHEL 8 (RPMS)

fast-datapath-for-rhel-8-x86_64-rpms

Provides Open vSwitch (OVS) packages for OpenStack Platform.

Red Hat Ceph Storage Tools 4 for RHEL 8 x86_64 (RPMs)

rhceph-4-tools-for-rhel-8-x86_64-rpms

Tools for Red Hat Ceph Storage 4 for Red Hat Enterprise Linux 8.

Red Hat Satellite Tools for RHEL 8 Server RPMs x86_64

satellite-tools-<satellite-version>-for-rhel-8-x86_64-rpms

Tools for managing hosts with Red Hat Satellite 6, where <satellite-version> is the version of Red Hat Satellite Server that you use.

Compute node repositories

The following table lists core repositories for Compute nodes in the overcloud.

NameRepositoryDescription of requirement

Red Hat Enterprise Linux 8 for x86_64 - BaseOS (RPMs) Extended Update Support (EUS)

rhel-8-for-x86_64-baseos-eus-rpms

Base operating system repository for x86_64 systems.

Red Hat Enterprise Linux 8 for x86_64 - AppStream (RPMs)

rhel-8-for-x86_64-appstream-eus-rpms

Contains Red Hat OpenStack Platform dependencies.

Red Hat Enterprise Linux 8 for x86_64 - High Availability (RPMs) Extended Update Support (EUS)

rhel-8-for-x86_64-highavailability-eus-rpms

High availability tools for Red Hat Enterprise Linux.

Red Hat Ansible Engine 2.9 for RHEL 8 x86_64 (RPMs)

ansible-2.9-for-rhel-8-x86_64-rpms

Ansible Engine for Red Hat Enterprise Linux. Used to provide the latest version of Ansible.

Advanced Virtualization for RHEL 8 x86_64 (RPMs)

advanced-virt-for-rhel-8-x86_64-rpms

Provides virtualization packages for OpenStack Platform.

Red Hat OpenStack Platform 16.2 for RHEL 8 (RPMs)

openstack-16.2-for-rhel-8-x86_64-rpms

Core Red Hat OpenStack Platform repository.

Red Hat Fast Datapath for RHEL 8 (RPMS)

fast-datapath-for-rhel-8-x86_64-rpms

Provides Open vSwitch (OVS) packages for OpenStack Platform.

Red Hat Ceph Storage Tools 4 for RHEL 8 x86_64 (RPMs)

rhceph-4-tools-for-rhel-8-x86_64-rpms

Tools for Red Hat Ceph Storage 4 for Red Hat Enterprise Linux 8.

Red Hat Satellite Tools for RHEL 8 Server RPMs x86_64

satellite-tools-<satellite-version>-for-rhel-8-x86_64-rpms

Tools for managing hosts with Red Hat Satellite 6, where <satellite-version> is the version of Red Hat Satellite Server that you use.

Real Time Compute repositories

The following table lists repositories for Real Time Compute (RTC) functionality.

NameRepositoryDescription of requirement

Red Hat Enterprise Linux 8 for x86_64 - Real Time (RPMs)

rhel-8-for-x86_64-rt-rpms

Repository for Real Time KVM (RT-KVM). Contains packages to enable the real time kernel. Enable this repository for all Compute nodes targeted for RT-KVM. NOTE: You need a separate subscription to a Red Hat OpenStack Platform for Real Time SKU to access this repository.

Red Hat Enterprise Linux 8 for x86_64 - Real Time for NFV (RPMs)

rhel-8-for-x86_64-nfv-rpms

Repository for Real Time KVM (RT-KVM) for NFV. Contains packages to enable the real time kernel. Enable this repository for all NFV Compute nodes targeted for RT-KVM. NOTE: You need a separate subscription to a Red Hat OpenStack Platform for Real Time SKU to access this repository.

Ceph Storage node repositories

The following table lists Ceph Storage related repositories for the overcloud.

NameRepositoryDescription of requirement

Red Hat Enterprise Linux 8 for x86_64 - BaseOS (RPMs)

rhel-8-for-x86_64-baseos-rpms

Base operating system repository for x86_64 systems.

Red Hat Enterprise Linux 8 for x86_64 - AppStream (RPMs)

rhel-8-for-x86_64-appstream-rpms

Contains Red Hat OpenStack Platform dependencies.

Red Hat Ansible Engine 2.9 for RHEL 8 x86_64 (RPMs)

ansible-2.9-for-rhel-8-x86_64-rpms

Ansible Engine for Red Hat Enterprise Linux. Used to provide the latest version of Ansible.

Red Hat OpenStack Platform 16.2 Director Deployment Tools for RHEL 8 x86_64 (RPMs)

openstack-16.2-deployment-tools-for-rhel-8-x86_64-rpms

Packages to help director configure Ceph Storage nodes. This repository is included with standalone Ceph Storage subscriptions. If you use a combined OpenStack Platform and Ceph Storage subscription, use the openstack-16.2-for-rhel-8-x86_64-rpms repository.

Red Hat OpenStack Platform 16.2 for RHEL 8 (RPMs)

openstack-16.2-for-rhel-8-x86_64-rpms

Packages to help director configure Ceph Storage nodes. This repository is included with combined OpenStack Platform and Ceph Storage subscriptions. If you use a standalone Ceph Storage subscription, use the openstack-16.2-deployment-tools-for-rhel-8-x86_64-rpms repository.

Red Hat Ceph Storage Tools 4 for RHEL 8 x86_64 (RPMs)

rhceph-4-tools-for-rhel-8-x86_64-rpms

Provides tools for nodes to communicate with the Ceph Storage cluster.

IBM POWER repositories

The following table lists repositories for Openstack Platform on POWER PC architecture. Use these repositories in place of equivalents in the Core repositories.

NameRepositoryDescription of requirement

Red Hat Enterprise Linux for IBM Power, little endian - BaseOS (RPMs)

rhel-8-for-ppc64le-baseos-rpms

Base operating system repository for ppc64le systems.

Red Hat Enterprise Linux 8 for IBM Power, little endian - AppStream (RPMs)

rhel-8-for-ppc64le-appstream-rpms

Contains Red Hat OpenStack Platform dependencies.

Red Hat Enterprise Linux 8 for IBM Power, little endian - High Availability (RPMs)

rhel-8-for-ppc64le-highavailability-rpms

High availability tools for Red Hat Enterprise Linux. Used for Controller node high availability.

Red Hat Fast Datapath for RHEL 8 IBM Power, little endian (RPMS)

fast-datapath-for-rhel-8-ppc64le-rpms

Provides Open vSwitch (OVS) packages for OpenStack Platform.

Red Hat Ansible Engine 2.9 for RHEL 8 IBM Power, little endian (RPMs)

ansible-2.9-for-rhel-8-ppc64le-rpms

Ansible Engine for Red Hat Enterprise Linux. Used to provide the latest version of Ansible.

Red Hat OpenStack Platform 16.2 for RHEL 8 (RPMs)

openstack-16.2-for-rhel-8-ppc64le-rpms

Core Red Hat OpenStack Platform repository for ppc64le systems.

1.11. Streamlined container build

In Red Hat OpenStack Platform 16.2 the container build has been streamlined. As a result, several containers have been removed:

  • registry.redhat.io/rhosp-rhel8/openstack-glance-base
  • registry.redhat.io/rhosp-rhel8/openstack-rsyslog-base
  • registry.redhat.io/rhosp-rhel8/openstack-panko-base
  • registry.redhat.io/rhosp-rhel8/openstack-keystone-base
  • registry.redhat.io/rhosp-rhel8/openstack-openvswitch-base
  • registry.redhat.io/rhosp-rhel8/openstack-redis-base
  • registry.redhat.io/rhosp-rhel8/openstack-placement-base
  • registry.redhat.io/rhosp-rhel8/openstack-zaqar-base

1.12. Product Support

Available resources include:

Customer Portal

The Red Hat Customer Portal offers a wide range of resources to help guide you through planning, deploying, and maintaining your Red Hat OpenStack Platform deployment. Facilities available via the Customer Portal include:

  • Product documentation
  • Knowledge base articles and solutions
  • Technical briefs
  • Support case management

Access the Customer Portal at https://access.redhat.com/.

Mailing Lists

Red Hat provides these public mailing lists that are relevant to Red Hat OpenStack Platform users:

  • The rhsa-announce mailing list provides notification of the release of security fixes for all Red Hat products, including Red Hat OpenStack Platform.

Subscribe at https://www.redhat.com/mailman/listinfo/rhsa-announce.

1.13. Unsupported Features

The following features are not supported in Red Hat OpenStack Platform:

  • Custom policies, which includes modification of policy.json files either manually or through any *Policies heat parameters. Do not modify the default policies unless the documentation contains explicit instructions to do so.

Containers are not available for the following packages, therefore they are not supported in RHOSP:

  • nova-serialproxy
  • nova-spicehtml5proxy

If you require support for any of these features, please contact the Red Hat Customer Experience and Engagement team to obtain a support exception.

Chapter 2. Top New Features

This section provides an overview of the top new features in this release of Red Hat OpenStack Platform.

2.1. Red Hat OpenStack Platform director

This section outlines the top new features for Red Hat OpenStack Platform director.

Validation framework output formats

Red Hat OpenStack Platform contains a validation framework to help verify the requirements and functionality of the undercloud and overcloud. The framework includes new output formats for validation logs:

validation_json
The framework saves JSON-formatted validation results as a log file in /var/logs/validations. This is the default callback for the validation framework.
validation_stdout
The framework displays JSON-formatted validation results on screen.
http_json
The framework sends JSON-formatted validation results to an external logging server.

Set the desired format using the ANSIBLE_STDOUT_CALLBACK environment variable with your openstack tripleo validator run command:

$ openstack tripleo validator run --extra-env-vars ANSIBLE_STDOUT_CALLBACK=<callback> --validation check-ram

2.2. Compute

This section outlines the top new features for the Compute service.

Memory encryption for instances
You can configure AMD SEV Compute nodes to provide cloud users the ability to create instances that use memory encryption. For more information, see Configuring AMD SEV Compute nodes to provide memory encryption for instances.
vGPU resize and cold migration
Instances with a vGPU flavor are automatically re-allocated the vGPU resources after resize and cold migration operations.
Image downloads direct from RBD
When the Image service (glance) uses Red Hat Ceph RADOS Block Device (RBD) as the back end, and the Compute service uses local file-based ephemeral storage, you can configure the Compute service to download images directly from the RBD image repository without using the Image service API. This reduces the time it takes to download an image to the Compute node image cache at instance boot time, which improves instance launch time. For more information, see Configuring image downloads directly from Red Hat Ceph RADOS Block Device (RBD).

2.3. Distributed Compute Nodes (DCN)

This section outlines the top new features for Distributed Compute Nodes (DCN).

ML2/OVN support
In Red Hat OpenStack Platform 16.2, the Modular Layer 2 plug-in with the Open Virtual Network mechanism driver (ML2/OVN) is now fully supported for DCN architectures.
Exclude RAW images from DCN edge sites
In Red Hat OpenStack Platform 16.2, you can use the NovaImageTypeExcludeList with a value of raw to exclude raw images from advertisement on edge sites that do not have Ceph storage. Excluding raw images from sites without storage limits the use of unnecessary network and local storage resources.

2.4. Networking

This section outlines the top new features for the Networking service.

ML2/OVN support for routed provider networks
Starting in Red Hat OpenStack Platform 16.2, you can deploy routed provider networks using the Modular Layer 2 plug-in with the Open Virtual Network mechanism driver (ML2/OVN). Routed provider networks are common in edge distributed compute node (DCN) and spine-leaf routed data center deployments. They enable a single provider network to represent multiple layer 2 networks (broadcast domains) or network segments, permitting the operator to present only one network to users. For more information, see Deploying routed provider networks in the Networking Guide.
Availability zones for ML2/OVS and ML2/OVN
The Red Hat OpenStack Platform Networking service now enables you to group nodes in availability zones (AZs). For nodes that run crucial services, you can schedule these nodes for resources with high availability. AZs are supported only for the Modular Layer 2 plug-in with the Open Virtual Network (ML2/OVN) and Open vSwitch (ML2/OVS) mechanism drivers. For more information, see Using availability zones to make network resources highly available in the Networking Guide.

2.5. Storage

This section outlines the top new features for the Storage service.

Sparse image upload
With the Image service (glance) API, you can enable sparse image upload to reduce demand on the image storage back end. In sparse images, the Image service does not interpret null byte (empty) sequences as data, therefore only the data itself consumes storage. This feature is particularly useful in distributed compute node (DCN) environments. Sparse image upload also reduces network traffic and improves the image upload speed.
Multiple back ends
By default, a standard Shared File Systems deployment environment file has a single back end. With this release, the Shared File Systems service supports using one or more supported back ends.
RBD clone v2 support
This feature allows you to delete snapshots that have snapshot dependencies.
Image pre-caching
Red Hat OpenStack Platform (RHOSP) director can pre-cache images as part of the glance-api service. With this release, the image pre-cache feature is fully supported.

2.6. Bare Metal Service

This section outlines the top new features for the Bare Metal (ironic) service.

Policy-based routing
With this enhancement, you can use policy-based routing for OpenStack nodes to configure multiple route tables and routing rules with os-net-config. Policy-based routing uses route tables where, on a host with multiple links, you can send traffic through a particular interface depending on the source address. You can also define route rules for each interface.

2.7. Network Functions Virtualization

This section outlines the top new features for Network Functions Virtualization (NFV).

Modify kernel args
Red Hat OpenStack Platform 16.2 includes an update so that you can modify the kernel args on a deployed node.
AMD support for SR-IOV and DPDK
Red Hat OpenStack Platform 16.2 includes support for Single Root Input/Output Virtualization(SR-IOV) and Data Plane Development Kit(DPDK) workloads on AMD hosts that have a UEFI NPS (Numa Per Socket) setting of 1. The maximum number of lcores supported by OVS-DPDK is 127.

2.8. Technology Previews

This section provides an overview of the top new technology previews in this release of Red Hat OpenStack Platform.

Note

For more information on the support scope for features marked as technology previews, see Technology Preview Features Support Scope.

Red Hat OpenStack Platform director operator

The Red Hat OpenStack Platform (RHOSP) director operator creates a set of custom resource definitions (CRDs) on top of Red Hat OpenShift to manage resources normally created by the RHOSP undercloud. CRDs are split into two types for hardware provisioning and software configuration. The operator includes CRDs to create and manage overcloud nets (IPAM), VMSets (for RHOSP Controllers), and BaremetalSets (for RHOSP Computes).

For Technology Preview, the software configuration is accomplished with an OpenStackClient pod using traditional RHOSP/TripleO interfaces and CLI commands. Work is ongoing to produce a more scalable Heat to Ansible playbook deployment workflow within the RHOSP director operator.

Transport Layer Security everywhere (TLS-e) now includes memcached
As a technology preview, you can now configure memcached traffic to be encrypted when setting up TLS-e.
Timemaster (Precision Time Protocol and Chrony)
A technology preview is available that supports the use of timemaster to configure Precision Time Protocol (PTP) and Chrony in NFV deployments.

Chapter 3. Release Information

These release notes highlight technology preview items, recommended practices, known issues, and deprecated functionality that you should consider when you deploy this release of Red Hat OpenStack Platform. Notes for updates released during the support lifecycle of this Red Hat OpenStack Platform release appear in the advisory text associated with each update.

3.1. Red Hat OpenStack Platform 16.2 GA

These release notes highlight technology preview items, recommended practices, known issues, and deprecated functionality to be taken into consideration when deploying this release of Red Hat OpenStack Platform.

3.1.1. Advisory List

This release includes the following advisories:

RHEA-2021:3483
Release of components for OSP 16.2
RHEA-2021:3485
Red Hat OpenStack Platform 16.2 deployment images
RHEA-2021:3486
Release of containers for OSP 16.2 director operator tech preview
RHSA-2021:3487
Moderate: Red Hat OpenStack Platform 16.2 (etcd) security update
RHSA-2021:3488
Important: Red Hat OpenStack Platform 16.2 (openstack-neutron) security update
RHEA-2021:3489
Release of components for OSP 16.2 - Containers
RHSA-2021:3490
Moderate: Red Hat OpenStack Platform 16.2 (python-django20) security update

3.1.2. Bug Fix

These bugs were fixed in this release of Red Hat OpenStack Platform:

BZ#1690726
Before this update, writing an image to RBD could be very slow. This update improves the process for writing an image to RBD, which improves the time it takes for images to be written to RBD.
BZ#1772531

Typically, when you create an encrypted volume from a snapshot of an encrypted volume, the source volume is the same size or smaller than the destination volume.

In previous releases, if you created an encrypted volume from a snapshot of an encrypted volume, and the destination volume was close to or equal to the size of the source volume, the Block Storage service (cinder) silently truncated the data in the new destination volume.

With this release, the Block Storage service calculates the size of the destination volume to include the current size of the encryption header, which eliminates the data truncation.

BZ#1844372
Before this update, when you resized or migrated an instance that had a vGPU flavor you needed to rebuild the instance manually to re-allocate the vGPU resources. With this update, instances with a vGPU flavor are automatically re-allocated the vGPU resources after resize and cold migration operations.
BZ#1849843

Previously, the Shared File Systems service (manila) API that brings external shares into service management did not check for duplicated export locations. An existing share brought into the service multiple times results in an inconsistent state.

With this release, the API evaluates the export locations of known or existing shares before allowing external shares to be managed, and prevents existing shares from being erroneously brought into the Shared File Systems service again.

BZ#1851051
Before this update, RBD performance was degraded when multiple instances were launched simultaneously. This was due to the Image service starting multiple threads to perform the same copying operation. This update resolves the issue.
BZ#1851797
This update fixes an Image service (glance) configuration error that prevented users from creating a virtual machine with watchdog by setting flavor metadata.
BZ#1884322
In prior releases, you could not delete snapshots that have snapshot dependencies. With this release, you can delete snapshots that have snapshot dependencies.
BZ#1888105
When multiple storage backends are configured on the Shared File Systems service (manila), each storage back end might support a different storage protocol. Before this update, the Shared File Systems service scheduler did not consider the storage protocol and capability of the shared storage back ends when deciding where to place them, which caused share provisioning to fail. With this update, the Shared File Systems service scheduler now automatically considers the share type extra specs with the storage protocol, which makes it possible use the CapabilitiesFilter to compare storage back end capabilities and provision shares successfully.
BZ#1910508
Before this update, validation results were not being logged and validation artifacts were not being collected as the permissions required to access the requested logging directory were not granted. This update resolves the issue, and validation results are successfully logged and validation artifacts are collected.
BZ#1913671
The Unisphere for PowerMax REST endpoints have changed from 91 to 92. This update changes how URIs are created, to allow for full coverage of all possible Unisphere REST API endpoints.
BZ#1919855

When an instance is created, the Compute service (nova) sanitizes the instance display name to generate a valid hostname when DNS integration is enabled in the Networking service (neutron).

Before this update, the sanitization did not replace periods ('.') in instance names, for example, 'rhel-8.4'. This could result in display names being recognized as Fully Qualified Domain Names (FQDNs) which produced invalid hostnames. When instance names contained periods and DNS integration was enabled in the Networking service, the Networking service would reject the invalid hostname resulting in a failure to create the instance and a HTTP 500 server error from the Compute service.

With this update, periods are now replaced by hyphens in instance names to prevent hostnames being parsed as FQDNs. You can continue to use free-form strings for instance display names.

BZ#1923975
Before this update, some exceptions were not being caught during connections to iSCSI portals, such as failures in iscsiadm -m session. This caused _connect_vol threads to abort unexpectedly in some failure patterns, which caused subsequent steps to hang while waiting for results from _connect_vol threads. This update ensures that any exceptions during connections to iSCSI portals are handled correctly in the _connect_vol method, to avoid unhandled exceptions during connecting to iSCSI portals, and unexpected aborts that have no updated thread results.
BZ#1935154
This update adds Challenge Handshake Authentication Protocol (CHAP) support to the Dell EMC PowerStore driver. PowerStore can now be used with enabled CHAP as a storage back end.
BZ#1939394

Before this update, the NetApp SolidFire driver would create a duplicate volume when the API response is lost due to a connection error and the driver retries the API request. This occurred when the SolidFire back end successfully received and processed a create volume operation, but failed to deliver the response back to the driver. This update resolves the issue by:

  1. Checking if the volume name already exists in the backend before trying to create it. If a volume is found, an exception is raised and the process is aborted.
  2. Checking for volume creation right after a read timeout is detected, to prevent invalid API calls.
  3. Adding the ´sf_volume_create_timeout´ option to the SolidFire driver, to allow users to set the appropriate timeout value for their environment.
BZ#1942531
Before this update, execution of the validation package check-latest-packages-version was slow. This update resolves the issue.
BZ#1942717
This release supports port filtering for the Dell EMC XtremeIO driver for the Block Storage service (cinder).
BZ#1953749
Before this update, if PowerStore ports were configured for multiple purposes, such as for iSCSI or Replication, the driver reported that it could find no accessible iSCSI targets. This was because the REST filter was wrong. This update fixes the PowerStore iSCSI targets filtering.
BZ#1956370
Before this update, when iSCSI or FC targets, such as ESXi, were not connected to the RHOSP host, the attach volume operation waited until it timed out. With this update, a new option to support ports filtering has been added to the Dell EMC XtremIO driver for the Block Storage service (cinder).
BZ#1959853
Before this update, the validation variable in one code path was referenced but never assigned, which resulted in an unhandled exception during validation. This has been fixed.
BZ#1960185
Before this update, Ansible redirected output to all registered non-stdout callback plug-ins by default, which resulted in VF callbacks processing information from other processes using ansible runtime. This issue has been resolved and the output of other processes is no longer stored in the validations logging directory.
BZ#1972774
This update fixes an issue that caused Neutron agents, such as Neutron DHCP, to fail when they tried to create resources in OVN because ML2/OVN prevented RPC workers from connecting the OVN southbound database.
BZ#1974979

Before this update, the Shared File Systems service (manila) dashboard had dynamic form elements whose names could potentially cause the forms to become unresponsive. This meant that the creation of share groups, share networks, and shares within share networks did not work.

With this update, dynamic elements whose names could be problematic are encoded, which means that creation of share groups, share networks, and shares within share networks functions normally.

BZ#1976693

The Shared File Systems service (manila) uses the CephFS volume client to communicate with Ceph Storage clusters. Previously, the CephFS volume client package would abort while creating or deleting file systems.

The aborted operations caused the manila-share process within the Shared File Systems service to restart, which caused shares that were being provisioned or deleted to be stuck in creating or deleting states, respectively.

With this release, the CephFS volume client package no longer aborts provisioning or deletion requests, and the manila-share process does not restart during these operations.

BZ#1978158

This update fixes an issue that caused Neutron agents, such as Neutron DHCP, to fail when they tried to create resources in OVN. This was caused by residual data left in the OVN databases when QoS rules were created for floating IPs.

This update eliminates the residual data and fixes the problem.

BZ#1985717

This update fixes a known issue where the Open Virtual Network (OVN) Metadata service was not available to VM instances bound to an SR-IOV virtual function. The issue did not affect network function but these instances did not receive their SSH keys in the absence of a Metadata service connection.

The metadata service connectivity for SR-IOV ports now functions as expected.

BZ#1987092

Before this fix, grub2 tooling wrote kernel argument changes to /boot/grub2/grubenv. This file was not available to UEFI boot systems, and caused kernel argument changes not to persist across reboots on UEFI boot nodes.

This fix changes both the /boot/grub2/grubenv file and the /boot/efi/EFI/redhat/grubenv files when you make kernel argument changes. As a result, RHOSP director now applies persistent Kernel argument changes for UEFI boot nodes.

3.1.3. Enhancements

This release of Red Hat OpenStack Platform features the following enhancements:

BZ#1714772
This enhancement adds support for Entrust nShield HSM deployment in high availability mode with OpenStack Key Manager (barbican).
BZ#1866741
Images with null bytes take up a lot of space. With this release, you can enable sparse image upload and save space when you upload images. Sparse image upload is supported only with Ceph RBD.
BZ#1868940
This enhancement adds the type HostDomain. HostDomain is the same as HostAddress with the added support of the underscore character - RFC1033. Systems such as DomainKeys and service records use the underscore. The Compute service can use the HostDomain type to define live_migration_inbound_addr.
BZ#1880141
Red Hat OpenStack Platform 16.2 includes support for Single Root Input/Output Virtualization (SR-IOV) and Data Plane Development Kit (DPDK) workloads on AMD hosts.
BZ#1897890
This enhancement improves the efficiency, performance, and execution time of deployment and update tasks for environments with a large number of roles. The logging output of the deployment process has been improved to include task IDs for better tracking of specific task executions, which can occur at different times. The task IDs can now be used to correlate timing and execution when troubleshooting executions.
BZ#1900723

During stack update the KernelArgs could be modified or appended. A reboot of the affected nodes needs to be performed manually.

For example, if the current deployment has the following configuration, it is possible to change hugepages=64, or add or remove arguments during the stack update:

`KernelArgs: "default_hugepagesz=1GB hugepagesz=1G hugepages=32 intel_iommu=on iommu=pt isolcpus=1-11,13-23"

For example:

KernelArgs: "default_hugepagesz=1GB hugepagesz=1G hugepages=64 intel_iommu=on iommu=pt isolcpus=1-24"
KernelArgs: "isolcpus=1-11,13-23"
Note

Complete removal of KernelArgs during the update is not supported. Also KernelArgs could be newly added as well to an existing overcloud node, however the reboot would be triggered in this case.

BZ#1920229

With this enhancement, you can improve the performance of live migrations by using the following new parameters:

  • NovaLiveMigrationPermitPostCopy - When enabled, the instance is activated on the destination node before migration is complete, and an upper bound is set on the memory that needs to be transferred, which improves the live migration of larger instances. This parameter is enabled by default.
  • NovaLiveMigrationPermitAutoConverge - When enabled, if an on-going live migration is progressing slowly the instance CPU is throttled until the memory copy process is faster than the instance’s memory writes. This parameter is disabled by default. To enable NovaLiveMigrationPermitAutoConverge, add the following configuration to an environment file:

    parameter_defaults:
      ComputeParameters:
        NovaLiveMigrationPermitAutoConverge: true
BZ#1926721
This enhancement improves the performance and application of the check-latest-packages-version validation.
BZ#1926725
This enhancement adds new validation for tripleo-latest-packages-version. This validation checks if the listed tripleo packages are up to date with repositories.
BZ#1938568
Before this update, the PluginInstanceFormat parameter for collectd could specify only one of the following values: 'none', 'name', 'uuid', or 'metadata'. After this update, the PluginInstanceFormat parameter for collectd can now specify more than one value, which results in more information being sent in the plugin_instance label of collectd metrics.
BZ#1977392
With this update, you can use the openstack undercloud backup command with the --db-only option to create a backup of the database that runs on the undercloud node. You can use that backup to recover the state of the database in the event that it becomes corrupted during the upgrade process.

3.1.4. Technology Preview

The items listed in this section are provided as Technology Previews. For further information on the scope of Technology Preview status, and the associated support implications, refer to https://access.redhat.com/support/offerings/techpreview/.

BZ#1825895
In Red Hat OpenStack Platform 16.2, a technology preview is available that supports Precision Time Protocol (PTP) with Timemaster.
BZ#1925999

The Red Hat OpenStack Platform (RHOSP) director Operator creates a set of custom resource definitions (CRDs) on top of Red Hat OpenShift Container Platform (OCP) to manage resources normally created by the RHOSP undercloud. CRDs are split into two types for hardware provisioning and software configuration. The operator includes CRDs to create and manage overcloud networks, manage IP addresses, create VM sets for RHOSP Controllers, and create bare metal sets for RHOSP Computes.

For Technology Preview, the software configuration is accomplished with an OpenStackClient pod, which uses traditional RHOSP/TripleO interfaces and CLI commands. Work is ongoing to produce a more scalable Heat-to-Ansible playbook deployment workflow within the RHOSP director Operator.

3.1.5. Release Notes

This section outlines important details about the release, including recommended practices and notable changes to Red Hat OpenStack Platform. You must take this information into account to ensure the best possible outcomes for your deployment.

BZ#1654408

For glance image conversion, the glance-direct method is not enabled by default. To enable this feature, set enabled_import_methods to [glance-direct,web-download] or [glance-direct] in the DEFAULT section of the glance-api.conf file.

The Image Service (glance) must have a staging area when you use the glance-direct import method. Set the node_staging_uri option int he DEFAULT section of the glance-api.conf file to file://<absolute-directory-path>. This path must be on a shared file system that is available to all Image Service API nodes.

BZ#1906028
The python-networking-fujitsu package is not included with RHOSP 16.2.
BZ#1961784
In this release, EFI bootloader assets for whole-disk images are preserved during deployment, so the shim bootloader is no longer overwritten. This ensures that Secure Boot is switched on after deployment.
BZ#1978286

Starting with Red Hat Ceph Storage 4, you can enable encryption for all traffic generated by the Ceph daemons over the network.

The secure mode setting for messenger v2 encrypts the communication between Ceph daemons and Ceph clients, effecting an end-to-end encryption.

A new tripleo-heat-templates parameter can enable the on-wire encryption between daemons and clients. To configure Ceph to enable the on-wire encryption between daemons and clients, add the following lines to the overcloud deployment environment files:

parameter_defaults:
  CephMsgrSecureMode: true
BZ#1989820
When configuring bandwidth-aware scheduling of SR-IOV workloads use the heat parameter, resource_provider_hypervisors. This parameter defines a paired list <network_device>:<hypervisor>. Ensure that you define each hypervisor using a fully qualified domain name (FQDN).
BZ#1992655

In previous releases, administrators had to add the ceph plugin to the CollectdExtraPlugins parameter in their custom environment files.

With this release, the ceph plugin loads automatically on Ceph Storage nodes. Therefore, before you upgrade from Red Hat OpenStack Platform 13 to 16.2, you must remove the ceph plugin from the CollectdExtraPlugins parameter in your custom environment files.

3.1.6. Known Issues

These known issues exist in Red Hat OpenStack Platform at this time:

BZ#1975240

Starting with Red Hat Enterprise Linux (RHEL) version 8.3, support for the Intel Transactional Synchronization Extensions (TSX) feature is disabled by default. Currently, this causes instance live migration to fail when migrating from hosts where the TSX kernel argument is enabled to hosts where the TSX kernel argument is disabled.

This impact applies only to Intel hosts that support the TSX feature. For more information about the CPUs that are affected by this issue, see Affected Configurations.

For more information, review the following Red Hat Knowledgebase solution Guidance on Intel TSX impact on OpenStack guests.

BZ#1983748

In Red Hat OpenStack Platform (RHOSP) deployments that use the Modular Layer 2 plug-in with the Open vSwitch (ML2/OVS) mechanism driver, there is currently a known issue where the RHOSP Orchestration service (heat) parameter, NeutronL3AgentAvailabilityZone does not set the relevant Neutron L3 agent parameter correctly.

Workaround: use a custom hieradata statement to set this value. In the example that follows, replace [ROLE] with the composable role name that is appropriate for your site.

Example

[ROLE]ExtraConfig:
    neutron::agents::l3::availability_zone: role_availability_zone

For more information, see Puppet: Customizing hieradata for roles in the Advanced Overcloud Customization guide.

BZ#1986423

Rebooting a node with a virtual function (VF) attached to OVS-DPDK (vfio-pci driver) results in VF uninitialized on that physical function (PF). As a result, virtual machines are unable to use the VFs from that PF. If a second VF is used for another OSP network, it will not function as expected after reboot.

As a workaround, perform the following steps on the compute node before rebooting the node:

  1. Delete the file "/etc/udev/rules.d/70-os-net-config-sriov.rules"
  2. Modify the "Before" criteria of "/etc/systemd/system/sriov_config.service" file to add "network-pre.target" The modified "Before" should look like:

        Before=network-pre.target openvswitch.service

    The workaround fixes the issue and all the VFs initialize as expected.

BZ#2003708

RHOSP does not yet support ML2/OVN with VXLAN networks. The migration process includes steps to convert VXLAN networks to Geneve. When the migration target version is RHOSP 16.2.0, a bug prevents the expected VXLAN to Geneve conversion, and the networks remain configured as VXLAN.

This bug affects only migrations to ML2/OVN on RHOSP 16.2. It does not affect migrations to ML2/OVN on RHOSP 16.1.

3.1.7. Deprecated Functionality

The items in this section are either no longer supported, or will no longer be supported in a future release.

BZ#1868673
For Distributed Compute Node deployments which use storage, dcn-hci.yaml has been renamed to dcn-storage.yaml because DCN sites with storage have the option of not using HCI (Hyper-Converged Infrastructure). dcn-hci.yaml is deprecated but will remain in the environments directory for backwards compatibility. dcn-hci.yaml will be removed in Red Hat OpenStack platform 17. dcn-storage.yaml should be used in place of dcn-hci.yaml.
BZ#1984484
Block Storage service (cinder) backup with Google Cloud Storage is being deprecated. Support will be removed in the next major release.
BZ#1984887
In this release, Block Storage service (cinder) backup support for Google Cloud Services (GCS) has been deprecated. Support will be removed in Red Hat OpenStack Platform (RHOSP) 17.0.
BZ#1990802

In Red Hat Openstack Platform (RHOSP) 16.2, support for the QXL video model is deprecated, due to the removal of support for the Spice graphics software in RHEL 9. This will cause issues for instances that use QXL when migrating from RHEL-8 to RHEL-9. Red Hat recommends using the virtio video model for both UEFI and BIOS instances, instead of qxl. When creating a new instance from an image, set the video model before launching the new instance:

$ openstack image set --property hw_video_model=virtio <image>

To update the video model for existing instances that use the QXL video model:

  1. Stop the instance.
  2. Snapshot the instance.
  3. Update the image metadata on the instance snapshot image to include the property hw_video_model=virtio.
  4. Create a new instance using the instance snapshot.

    For more information on supported video models, see https://access.redhat.com/documentation/en-us/red_hat_openstack_platform/16.2/html/creating_and_managing_images/appx-image-config-parameters.

Chapter 4. Technical Notes

This chapter supplements the information contained in the text of Red Hat OpenStack Platform "Train" errata advisories released through the Content Delivery Network.

4.1. RHEA-2021:3483 — Release of components for OSP 16.2

Changes to the distribution component:

  • The python-networking-fujitsu package is not included with RHOSP 16.2. (BZ#1906028)

Changes to the openstack-cinder component:

  • Typically, when you create an encrypted volume from a snapshot of an encrypted volume, the source volume is the same size or smaller than the destination volume.

    In previous releases, if you created an encrypted volume from a snapshot of an encrypted volume, and the destination volume was close to or equal to the size of the source volume, the Block Storage service (cinder) silently truncated the data in the new destination volume.

    With this release, the Block Storage service calculates the size of the destination volume to include the current size of the encryption header, which eliminates the data truncation. (BZ#1772531)

  • Before this update, the NetApp SolidFire driver would create a duplicate volume when the API response is lost due to a connection error and the driver retries the API request. This occurred when the SolidFire back end successfully received and processed a create volume operation, but failed to deliver the response back to the driver. This update resolves the issue by:

    1. Checking if the volume name already exists in the backend before trying to create it. If a volume is found, an exception is raised and the process is aborted.
    2. Checking for volume creation right after a read timeout is detected, to prevent invalid API calls.
    3. Adding the ´sf_volume_create_timeout´ option to the SolidFire driver, to allow users to set the appropriate timeout value for their environment. (BZ#1939394)
  • The Unisphere for PowerMax REST endpoints have changed from 91 to 92. This update changes how URIs are created, to allow for full coverage of all possible Unisphere REST API endpoints. (BZ#1913671)
  • This update adds Challenge Handshake Authentication Protocol (CHAP) support to the Dell EMC PowerStore driver. PowerStore can now be used with enabled CHAP as a storage back end. (BZ#1935154)
  • Before this update, if PowerStore ports were configured for multiple purposes, such as for iSCSI or Replication, the driver reported that it could find no accessible iSCSI targets. This was because the REST filter was wrong. This update fixes the PowerStore iSCSI targets filtering. (BZ#1953749)
  • Before this update, when iSCSI or FC targets, such as ESXi, were not connected to the RHOSP host, the attach volume operation waited until it timed out. With this update, a new option to support ports filtering has been added to the Dell EMC XtremIO driver for the Block Storage service (cinder). (BZ#1956370)

Changes to the openstack-glance component:

  • Before this update, RBD performance was degraded when multiple instances were launched simultaneously. This was due to the Image service starting multiple threads to perform the same copying operation. This update resolves the issue. (BZ#1851051)
  • This update fixes an Image service (glance) configuration error that prevented users from creating a virtual machine with watchdog by setting flavor metadata. (BZ#1851797)

Changes to the openstack-ironic-python-agent component:

  • In this release, EFI bootloader assets for whole-disk images are preserved during deployment, so the shim bootloader is no longer overwritten. This ensures that Secure Boot is switched on after deployment. (BZ#1961784)

Changes to the openstack-manila component:

  • Previously, the Shared File Systems service (manila) API that brings external shares into service management did not check for duplicated export locations. An existing share brought into the service multiple times results in an inconsistent state.

    With this release, the API evaluates the export locations of known or existing shares before allowing external shares to be managed, and prevents existing shares from being erroneously brought into the Shared File Systems service again. (BZ#1849843)

  • When multiple storage backends are configured on the Shared File Systems service (manila), each storage back end might support a different storage protocol. Before this update, the Shared File Systems service scheduler did not consider the storage protocol and capability of the shared storage back ends when deciding where to place them, which caused share provisioning to fail. With this update, the Shared File Systems service scheduler now automatically considers the share type extra specs with the storage protocol, which makes it possible use the CapabilitiesFilter to compare storage back end capabilities and provision shares successfully. (BZ#1888105)

Changes to the openstack-manila-ui component:

  • Before this update, the Shared File Systems service (manila) dashboard had dynamic form elements whose names could potentially cause the forms to become unresponsive. This meant that the creation of share groups, share networks, and shares within share networks did not work.

    With this update, dynamic elements whose names could be problematic are encoded, which means that creation of share groups, share networks, and shares within share networks functions normally. (BZ#1974979)

Changes to the openstack-nova component:

  • Before this update, when you resized or migrated an instance that had a vGPU flavor you needed to rebuild the instance manually to re-allocate the vGPU resources. With this update, instances with a vGPU flavor are automatically re-allocated the vGPU resources after resize and cold migration operations. (BZ#1844372)
  • When an instance is created, the Compute service (nova) sanitizes the instance display name to generate a valid hostname when DNS integration is enabled in the Networking service (neutron).

    Before this update, the sanitization did not replace periods ('.') in instance names, for example, 'rhel-8.4'. This could result in display names being recognized as Fully Qualified Domain Names (FQDNs) which produced invalid hostnames. When instance names contained periods and DNS integration was enabled in the Networking service, the Networking service would reject the invalid hostname resulting in a failure to create the instance and a HTTP 500 server error from the Compute service.

    With this update, periods are now replaced by hyphens in instance names to prevent hostnames being parsed as FQDNs. You can continue to use free-form strings for instance display names. (BZ#1919855)

Changes to the openstack-tripleo-heat-templates component:

  • This enhancement adds support for Entrust nShield HSM deployment in high availability mode with OpenStack Key Manager (barbican). (BZ#1714772)
  • Images with null bytes take up a lot of space. With this release, you can enable sparse image upload and save space when you upload images. Sparse image upload is supported only with Ceph RBD. (BZ#1866741)
  • In prior releases, you could not delete resources with dependencies, such as snapshots. With this release, you can delete resources with dependencies. (BZ#1884322)
  • For Distributed Compute Node deployments which use storage, dcn-hci.yaml has been renamed to dcn-storage.yaml because DCN sites with storage have the option of not using HCI (Hyper-Converged Infrastructure). dcn-hci.yaml is deprecated but will remain in the environments directory for backwards compatibility. dcn-hci.yaml will be removed in Red Hat OpenStack platform 17. dcn-storage.yaml should be used in place of dcn-hci.yaml. (BZ#1868673)
  • This enhancement improves the efficiency, performance, and execution time of deployment and update tasks for environments with a large number of roles. The logging output of the deployment process has been improved to include task IDs for better tracking of specific task executions, which can occur at different times. The task IDs can now be used to correlate timing and execution when troubleshooting executions. (BZ#1897890)
  • With this enhancement, you can improve the performance of live migrations by using the following new parameters:

    • NovaLiveMigrationPermitPostCopy - When enabled, the instance is activated on the destination node before migration is complete, and an upper bound is set on the memory that needs to be transferred, which improves the live migration of larger instances. This parameter is enabled by default.
    • NovaLiveMigrationPermitAutoConverge - When enabled, if an on-going live migration is progressing slowly the instance CPU is throttled until the memory copy process is faster than the instance’s memory writes. This parameter is disabled by default. To enable NovaLiveMigrationPermitAutoConverge, add the following configuration to an environment file:

      parameter_defaults:
        ComputeParameters:
          NovaLiveMigrationPermitAutoConverge: true

      (BZ#1920229)

Changes to the openstack-tripleo-validations component:

  • This enhancement adds new validation for tripleo-latest-packages-version. This validation checks if the listed tripleo packages are up to date with repositories. (BZ#1926725)

Changes to the puppet-collectd component:

  • Before this update, the PluginInstanceFormat parameter for collectd could specify only one of the following values: 'none', 'name', 'uuid', or 'metadata'. After this update, the PluginInstanceFormat parameter for collectd can now specify more than one value, which results in more information being sent in the plugin_instance label of collectd metrics. (BZ#1938568)

Changes to the python-glance-store component:

  • Before this update, writing an image to RBD could be very slow. This update improves the process for writing an image to RBD, which improves the time it takes for images to be written to RBD. (BZ#1690726)

Changes to the python-networking-ovn component:

  • This update fixes an issue that caused Neutron agents, such as Neutron DHCP, to fail when they tried to create resources in OVN because ML2/OVN prevented RPC workers from connecting the OVN southbound database. (BZ#1972774)
  • This update fixes an issue that caused Neutron agents, such as Neutron DHCP, to fail when they tried to create resources in OVN. This was caused by residual data left in the OVN databases when QoS rules were created for floating IPs.

    This update eliminates the residual data and fixes the problem. (BZ#1978158)

Changes to the python-os-brick component:

  • Before this update, some exceptions were not being caught during connections to iSCSI portals, such as failures in iscsiadm -m session. This caused _connect_vol threads to abort unexpectedly in some failure patterns, which caused subsequent steps to hang while waiting for results from _connect_vol threads. This update ensures that any exceptions during connections to iSCSI portals are handled correctly in the _connect_vol method, to avoid unhandled exceptions during connecting to iSCSI portals, and unexpected aborts that have no updated thread results. (BZ#1923975)

Changes to the python-oslo-config component:

  • This enhancement adds the type HostDomain. HostDomain is the same as HostAddress with the added support of the underscore character - RFC1033. Systems such as DomainKeys and service records use the underscore. The Compute service can use the HostDomain type to define live_migration_inbound_addr. (BZ#1868940)

Changes to the python-tripleoclient component:

  • Before this update, the validation variable in one code path was referenced but never assigned, which resulted in an unhandled exception during validation. This has been fixed. (BZ#1959853)

Changes to the tripleo-ansible component:

  • Starting with Red Hat Enterprise Linux (RHEL) version 8.3, support for the Intel Transactional Synchronization Extensions (TSX) feature is disabled by default. Currently, this causes instance live migration to fail when migrating from hosts where the TSX kernel argument is enabled to hosts where the TSX kernel argument is disabled.

    This impact applies only to Intel hosts that support the TSX feature. For more information about the CPUs that are affected by this issue, see Affected Configurations.

    For more information, review the following Red Hat Knowledgebase solution Guidance on Intel TSX impact on OpenStack guests. (BZ#1975240)

  • In Red Hat OpenStack Platform 16.2, a technology preview is available that supports Precision Time Protocol (PTP) with Timemaster. (BZ#1825895)
  • Before this fix, grub2 tooling wrote kernel argument changes to /boot/grub2/grubenv. This file was not available to UEFI boot systems, and caused kernel argument changes not to persist across reboots on UEFI boot nodes.

    This fix changes both the /boot/grub2/grubenv file and the /boot/efi/EFI/redhat/grubenv files when you make kernel argument changes. As a result, RHOSP director now applies persistent Kernel argument changes for UEFI boot nodes. (BZ#1987092)

  • During stack update the KernelArgs could be modified or appended. A reboot of the affected nodes needs to be performed manually.

    For example, if the current deployment has the following configuration, it is possible to change hugepages=64, or add or remove arguments during the stack update:

    `KernelArgs: "default_hugepagesz=1GB hugepagesz=1G hugepages=32 intel_iommu=on iommu=pt isolcpus=1-11,13-23"

    For example:

    KernelArgs: "default_hugepagesz=1GB hugepagesz=1G hugepages=64 intel_iommu=on iommu=pt isolcpus=1-24"
    KernelArgs: "isolcpus=1-11,13-23"
    Note

    Complete removal of KernelArgs during the update is not supported. Also KernelArgs could be newly added as well to an existing overcloud node, however the reboot would be triggered in this case. (BZ#1900723)

Changes to the validations-common component:

  • Before this update, execution of the validation package check-latest-packages-version was slow. This update resolves the issue. (BZ#1942531)
  • This enhancement improves the performance and application of the check-latest-packages-version validation. (BZ#1926721)
  • Before this update, validation results were not being logged and validation artifacts were not being collected as the permissions required to access the requested logging directory were not granted. This update resolves the issue, and validation results are successfully logged and validation artifacts are collected. (BZ#1910508)
  • Before this update, Ansible redirected output to all registered non-stdout callback plug-ins by default, which resulted in VF callbacks processing information from other processes using ansible runtime. This issue has been resolved and the output of other processes is no longer stored in the validations logging directory. (BZ#1960185)