Rocky (5.x.y) Series Release Notes


New Features

  • Added commands to enable and disable the Ironic serial console. This allows you to use the serial console from within Horizon.
  • Added the ability to configure baremetal serial consoles during the post configure step. This is controlled via ironic_serial_console_autoenable in etc/kayobe/ironic.yml.
  • Adds support for specifying a CA certificate when accessing APIs. The path to the CA certificate may be specified via openstack_cacert , which takes its default value from the OS_CACERT environment variable. See story 2004911 for details.
  • Adds support for the defroute network attribute. This attribute can be used to disable configuration of the default gateway by a specific interface. This is particularly useful to ignore a gateway address provided via DHCP. Note that this attribute is only supported on distributions of the Red Hat family.
  • Adds support for configuring the Docker Registry by providing environment variables to its container via the docker_registry_env Ansible variable. For example, the registry can be configured as a pull through cache to Docker Hub using:


    Note that it is not possible to push to a registry configured as a pull through cache. See story 2004817 for details and the Docker documentation for the full list of configuration options.

  • Supports fluentd custom input configuration
  • Add commands to run commands on seed hypervisor, seed and overcloud hosts:

    kayobe seed hypervisor host command run --command <command> kayobe seed host command run --command <command> kayobe overcloud host command run --command <command>

  • Adds support for setting the kolla_external_fqdn_cacert variable which allows customizing the CA certificate file to be used as the OS_CACERT environment variable in openrc files when TLS is enabled.
  • Kayobe no longer requires a checkout of the source code repository to function. The files needed to run kayobe are now shipped as part of the python package. Please see: Story 2004252 for more details.
  • Adds support for a --disable-discovery argument to the kayobe physical network configure command. This can be used to configure the physical network after discovery of bare metal compute nodes is complete, to return the network to a normal state. The interface configuration to be applied is configured via switch_interface_config_disable_discovery.
  • Updates dependencies to use the OpenStack Rocky release.
  • Adds support for including or excluding files from the output of kayobe overcloud service configuration save. This is particularly useful for large files such as the Ironic IPA images.
  • Adds support for configuring LVM volume groups on the seed hypervisor. Setting the seed_hypervisor_lvm_groups variable in $KAYOBE_CONFIG_PATH/seed-hypervisor.yml to "{{ seed_hypervisor_lvm_groups_with_data }}" and providing a list of storage devices via the seed_hypervisor_lvm_group_data_disks variable will configure a logical volume mounted to /var/lib/libvirt/images. No LVM volume groups are configured by default.
  • Adds a new command to upgrade containerised seed services, kayobe seed service upgrade.
  • Adds support for configuration of options in /etc/yum.conf, via the yum_config variable.

Upgrade Notes

  • When enabled, a Docker Registry is now deployed on hosts in the docker-registry group, which defaults to include the seed. The existing behaviour of deploying on the first controller can be retained by removing the seed group from [docker-registry:children] in $KAYOBE_CONFIG_PATH/inventory/groups` and creating a ``[docker-registry] group including the name of the first controller.
  • Modifies the default value of docker_registry_image variable to not use a private registry in the image name by default. This avoids a potential circular dependency during deployment of the registry container.
  • Modifies the default value of kolla_docker_registry variable to the value of the docker_registry variable. The default value of docker_registry is unset. This avoids needing to set the same value in two places when a private Docker registry is in use.
  • The manage-lvm Ansible role was upgraded to version v0.1.4. If you are overriding variables to customize definitions of volume groups, you need to change the value of the disks parameter from a comma-separated string to a list. For example, change disks: "/dev/sda,/dev/sdb" to:

      - "/dev/sda"
      - "/dev/sdb"
  • Modifications to the kayobe source tree will no longer have an immediate effect. This is because the ansible playbooks are now shipped as part of the kayobe package. You must reinstall the package, or use an editable package install, see: pip editable-installs, to replicate the old behaviour.
  • Overcloud Ironic must now be configured with the variable kolla_ironic_enabled_hardware_types; kolla_ironic_drivers has been removed.
  • Bifrost’s kolla_bifrost_enable_ipmitool_drivers and kolla_bifrost_enable_pxe_drivers variables have been removed. Bifrost must now be configured by setting the variable kolla_bifrost_enabled_hardware_types to be a list of hardware types to enable.

Deprecation Notes

  • The switch configuration variable switch_interface_config_discovery has been deprecated in favour of switch_interface_config_enable_discovery. Support for switch_interface_config_discovery will be removed in the T* release.
  • First class support in Kayobe for deploying cAdvisor has been removed since this is now supported via Kolla-Ansible.
  • First class support in Kayobe for deploying Prometheus Node exporter has been removed since this is now supported via Kolla-Ansible.

Bug Fixes

  • Fixes an issue with the --ask-vault-pass argument, where Kayobe would fail to generate the Kolla Ansible passwords.yml file. Also ensures that the user is only prompted for the password once per execution of kayobe.
  • Fixes a compatibility issue with Ansible modules for Dell switches which was preventing physical network configuration for this type of hardware. See Story 2004588 for details.
  • Fixes an issue where if a host has the same name as a group that it is in, configuration of kolla ansible inventory host variables could fail to override the defaults. See story 2004418 for details.
  • Fixes an issue where CLI arguments containing whitespace that are passed to Ansible needed to be quoted. See Story 2004379 for details.
  • Fixes an issue where the seed hypervisor user bootstrapping is not performed when executing kayobe seed hypervisor host configure. See story 2004401 for details.
  • The file generated by Kayobe now uses the public network FQDN for populating the OS_AUTH_URL variable instead of using the public virtual IP address. If the FQDN variable is not set, the virtual IP address remains used. This ensures better compatibility with TLS-enabled deployments where certificates are generally tied to a hostname.