Releases: ChameleonCloud/chi-in-a-box
v2023-09.21
It's been a while since our last "release", but we've added two main features of interest:
Large Instance Launches
Large instance launches with baremetal are much improved, leveraging the "batching" feature from upstream networking-generic-switch.
https://docs.openstack.org/networking-generic-switch/latest/configuration.html#batching
To enable:
- enable etcd by setting
enable_etcd: true
in defaults.yml, then rundeploy --tags etcd
- Select etcd as the coordination backend for networking-generic-switch. This should be done automatically when you reconfigure neutron with
enable_etcd
set, but you can also set it manually by specifying ngs_backend_url - Enable batching for each switch that you'd like to use this feature: Under the switch's entry in defaults.yml, set
ngs_batch_requests: true
. After making the changes, rundeploy --tags neutron
Initial support for ironic node inspection
We're still working on generating the reference-repository data from it, but you can now use ironic inspection as a way to "healthcheck" your nodes. As of this release, you can enable the feature by editing your ansible hosts file to add ironic
under the group ironic-inspector:children
as seen here, then running deploy --tags ironic
For nodes already enrolled, you'll need to update the ironic "inspect interface" by running openstack baremetal node set --reset-inspect-interface
for each node.
After this, you can inspect a node by the following sequence of commands:
openstack baremetal node manage <node>
openstack baremetal node inspect <node>
- After inspection completes, run
openstack baremetal node provide <node>
to make it available for use again
This procedure will exercise all features needed to boot a node, including setting the boot order on the node, baremetal switch networking, neutron dhcp config, routing from the provisioning network to the ironic pxe/ipxe service, and launching the ironic agent, only excluding the use of glance images.
Not yet included:
In a forthcoming release we will use the information gathered by inspection to verify the network port configuration on nodes, as well as auto-populate a searchable inventory and blazar reservation labels.
Note:
We've moved our image hosting to the github container registry. You'll note that docker images names have changes from docker.chameleoncloud.org/kollla/...
to ghcr.io/chameleoncloud/kolla/...
. This was done to improve the speed and reliability of container image hosting, and to better integrate with our CI/CD process for container image releases.
Full Changelog: v2022-10.12...v2023-09.21
v2022-12.01
CHI@Edge device owners can now restrict devices (and containers on them), from sending traffic to local IP addresses. This provides additional assurances if devices must share an access network, for example with classroom computers.
What's Changed
- 209-chiedge-depending-on-label-block-traffic-to-local-networks by @msherman64 in #244
Full Changelog: v2022-10.12...v2022-11.07
v2022-11.01
This release brings a number of operator facing features and bugfixes.
Highlights
Features
- Deploy CHI@Edge V2: Now in "Public Preview", you can now use CHI-in-a-Box to deploy Openstack Zun, with Kubernetes as the container backend. This Preview includes the control plane, and ability to enroll "vanilla" k3s worker nodes. Following releases will include Blazar support for reserving these worker nodes, as well as management of Wireguard tunnels to attach remote devices.
- Prometheus Ironic Exporter: See metrics (temperature, power, etc) from baremetal nodes in Grafana, and look them up by user_id, instance_id, or baremetal node name or id.
- HAProxy certificates managed by letsencrypt are are now reloaded automatically
Bugfixes
- Doni worker tasks should no longer get stuck "In Progress"
- Slow network configuration mitigated with exponential backoff in Ironic
- [ironic] fix encryption of root password for debug login
Full List
- Update default reviewers by @msherman64 in #202
- [ironic] fix encryption of root password for debug login by @msherman64 in #203
- Make ironic backoff on neutron api failures by @msherman64 in #205
- add support for ipa image distribution by @zhenz in #204
- only set default pxe images if defined by @msherman64 in #213
- download default images from object store by @msherman64 in #215
- enable use of ansible collections by @msherman64 in #219
- deploy chi@edge v2 by @msherman64 in #206
- Document how to set default ironic images by @msherman64 in #201
- Install compatible version of PyOpenSSL by @msherman64 in #224
- Bump ansible version to 4.10 by @msherman64 in #227
- Add networkd-dispatcher hook for corsa NAT by @msherman64 in #240
- allow mariadb backup defining user and group by @zhenz in #239
- Automatically set
kolla_externally_managed_cert
when Let's Encrypt is enabled by @super-cooper in #237 - add prometheus ironic exporter by @msherman64 in #238
New Contributors
- @super-cooper made their first contribution in #237
Full Changelog: v2022-07.01...v2022-10.12
v2022-07.01
This release brings the Xena upgrade to CHI-in-a-box, along with many other quality of life changes!
Upgrade Notes
Docs and tools for the upgrade procedure are coming shortly, but it's ready to use for new installations now.
Host Operating system
As part of this release, we are standardizing on Ubuntu 20.04 for the controller node's operating system. If your controller node is running Ubuntu 18.04, you will be able to do an in-place upgrade. If you're running a centos based operating system (centos7 or 8), we recommend setting up a second node in parallel with ubuntu 20.04, and doing a cut-over to minimize downtime.
New features from the Train -> Xena update:
User Facing
- New usage summary in Horizon, see what instances you have at a glance
- The serial console for baremetal nodes are now more reliable
Operator Facing
- [Ironic] Support for burn-in testing of nodes
- [Ironic] Direct Deploy via HTTP instead of ISCSI
- [Object Store] Configure Ceph RGW for Swift
- [Glance] Multi-backend support, use ceph, swift, etc, in addition to the file backend
- [Kolla-Ansible] Containers now have healthchecks
CHI-in-a-box Changes
- (preview) Deployment of Filesystem, based on Manila + NFS Ganesha, with an external CephFS backend.
- (preview) Deployment of KVM compute nodes by adding hosts to the
[compute]
group in the ansible hosts file - Openstack clients included in chi-in-a-box venv
- Allow setting defaults for pxe deploy kernel and ramdisk
- set defaults for serial console port range, so that you no longer need to set it per node
- Added annotated defaults with explanation of each field
- Allow incremental deployment, starting from minimal dev site (3 lines of config)
Bug Fixes
- Admin-openrc properly templated into site-config when using a deploy host
- better error handling during post-deploy
- Keepalived detects and replaces missing VIPs, even if the interface hasn't gone down.
v2022-03.01
First, the big news: Deprecation of support for Centos7 and Centos8 controller nodes!
We don't advise new sites to use Centos7 or Centos8 for new installations. Current sites will need to set the following in their defaults.yml
files, and plan to upgrade to a supported host OS.
Centos7
kolla_base_distro: ubuntu
neutron_dhcp_agent_image_full: docker.chameleoncloud.org/kolla/centos-source-neutron-dhcp-agent:train-centos7
neutron_l3_agent_image_full: docker.chameleoncloud.org/kolla/centos-source-neutron-l3-agent:train-centos7
neutron_metadata_agent_image_full: docker.chameleoncloud.org/kolla/centos-source-neutron-metadata-agent:train-centos7
neutron_openvswitch_agent_image_full: docker.chameleoncloud.org/kolla/centos-source-neutron-openvswitch-agent:train-centos7
neutron_server_image_full: docker.chameleoncloud.org/kolla/centos-source-neutron-server:train-centos7
ironic_neutron_agent_image_full: docker.chameleoncloud.org/kolla/centos-source-ironic-neutron-agent:train-centos7
Centos8
kolla_base_distro: ubuntu
Notable commits
- enable floating IP reservations by default by @msherman64 in #160
- Add missing bool filter in horizon config by @Mark-Powers in #162
Full Changelog: v2022-01.03...v2022-03.01
v2022-01.03
New features
- We're trialing Github's discussions, please check it out and leave a comment if you have any questions!
- The new allocation tracking system is supported as of #135
- Documented how to set up Host Networking with vEth Pairs, this was a common stumbling block in cases where the same interface was used for the public API and for Neutron Floating IPs
- The QuickStart guide has been updated with more complete requirements.
- Enrolling hardware now supports bulk imports, please refer to the docs!
- Get temperature, power, and other metrics from your nodes with Prometheus-IPMI-exporter
Bugfixes
- Log4j mitigation: Elasticsearch wasn't technically vulnerable, but we recommend pulling and upgrading your container anyway.
- Added defaults for promtheus-ipmi-exporter in #143, so you'll stop getting errors if you don't use it
- Updated how we set the path for
ansible_python_interpreter
in #140, this should now work properly for both all-in-one and deploy host configurations. - Renamed MaxReservationLengthFilter to MaxLeaseDurationFilter to match Blazar's upstream in #141
- Downloading clouds.yaml from horizon's identity page gave an incorrect auth_url, fixed in #138
General Housekeeping
- We now have CI working as of #142, this assisted in solving #140 and #143. We'll be expanding this going forward to both test and document supported configurations.
- Removed some legacy roles that are no longer used in #139
Full Changelog: v2021-11.01...v2022-01.03
v2021-11.01
New features
- Provision both ARM and x86 bare metal hardware within a single site. Prior, a bare metal site had to either be 100% ARM64 nodes or x86 nodes. Now it is possible to have a mixed fleet.
- ARM64 binaries for iPXE are attached to this release, as well as a compatible IPA (Ironic Python Agent) image that is used when preparing the bare metal node for the user's disk image.
- Read the wiki page for more info about how to configure your site using this capability.