We jubilantly announce the release of: nova 26.2.1: Cloud computing fabric controller This release is part of the zed stable release series. The source is available from: https://opendev.org/openstack/nova Download the package from: https://tarballs.openstack.org/nova/ Please report issues through: https://bugs.launchpad.net/nova/+bugs For more details, please see below. 26.2.1 ^^^^^^ Bug Fixes ********* * Previously "switchdev" capabilities should be configured manually by a user with admin privileges using port's binding profile. This blocked regular users from managing ports with Open vSwitch hardware offloading as providing write access to a port's binding profile to non-admin users introduces security risks. For example, a binding profile may contain a "pci_slot" definition, which denotes the host PCI address of the device attached to the VM. A malicious user can use this parameter to passthrough any host device to a guest, so it is impossible to provide write access to a binding profile to regular users in many scenarios. This patch fixes this situation by translating VF capabilities reported by Libvirt to Neutron port binding profiles. Other VF capabilities are translated as well for possible future use. Other Notes *********** * For networks which have any subnets with enabled DHCP, MTU value is not send in the metadata. In such case MTU is configured through the DHCP server. Changes in nova 26.2.0..26.2.1 ------------------------------ 787839f663 Allow live migrate paused instance when post copy is enabled c36e0db957 Translate VF network capabilities to port binding 1b9c4c7e64 Fix rebuild compute RPC API exception for rolling-upgrades e13c86b4f3 add a regression test for all compute RPCAPI 6.x pinnings for rebuild 53e3afe3a6 Decorate only Flavor.get_* methods that execute queries e5eb65e7a0 enable validations in nova-lvm 9e84562976 Add debug logging when Instance raises OrphanedObjectError 2f1d65774f Fix failed count for anti-affinity check 77db64237b Fix get_segments_id with subnets without segment_id 9e86be5a53 Have host look for CPU controller of cgroupsv2 location. 693318573c Save cell socket correctly when updating host NUMA topology d9dfd0e044 Reproduce bug 1995153 ec15df83d2 Don't provide MTU value in metadata service if DHCP is enabled 1e1e40433c libvirt: At start-up rework compareCPU() usage with a workaround Diffstat (except docs and test files) ------------------------------------- .zuul.yaml | 2 - nova/compute/build_results.py | 8 ++ nova/compute/manager.py | 37 +++-- nova/conf/workarounds.py | 7 + nova/exception.py | 9 ++ nova/network/neutron.py | 9 +- nova/objects/flavor.py | 6 +- nova/objects/instance.py | 5 + nova/objects/pci_device.py | 7 + .../functional/regressions/test_bug_1595962.py | 1 + .../functional/regressions/test_bug_1995153.py | 107 +++++++++++++++ .../functional/regressions/test_bug_2040264.py | 56 ++++++++ nova/virt/hardware.py | 1 + nova/virt/libvirt/driver.py | 58 ++++---- nova/virt/libvirt/host.py | 31 ++++- nova/virt/netutils.py | 9 +- ...etworks-with-enabled-dhcp-641506f2a13b540f.yaml | 5 + ...abilities_to_port_binding-48abbfe0ce2923cf.yaml | 16 +++ 36 files changed, 849 insertions(+), 109 deletions(-)