General Upgrade Notes
Java version upgraded to Java 17
As of Apache CloudStack 4.20, support for running with Java 17 has been added. In later versions, support for Java 11 will be removed.
- If you are running CloudStack with Java 17, for CloudStack versions 4.20 and later:
Verify /etc/default/cloudstack-management is consistent with https://github.com/apache/cloudstack/blob/main/packaging/systemd/cloudstack-management.default; Specifically, ensure that the following is present in the JAVA_OPTS:
--add-opens=java.base/java.lang=ALL-UNNAMED --add-exports=java.base/sun.security.x509=ALL-UNNAMED
Verify /etc/default/cloudstack-usage is also consistent with the same file in the repository.
Perform the same check for /etc/default/cloudstack-agent on the hypervisor hosts.
Java Version Requirement
CloudStack 4.20 requires installation of Java 17 JRE for management server and the KVM agent. On installing or upgrading cloudstack-management and/or cloudstack-agent packages, please configure Java 17 as the default java version using:
$ sudo alternatives --config java
Note: For Ubuntu distributions where the openjdk-17 packages are not available from the main repositories, the JRE can be installed from an external PPA such as openjdk-r. The PPA can be added before installation/upgrade:
$ sudo add-apt-repository ppa:openjdk-r/ppa $ sudo apt-get update
Java version upgraded to Java 11
As of Apache CloudStack 4.14, Java version required is 11 for the management-server, cloudstack-usage, KVM agent and system-VMs.
Java Version Requirement
CloudStack 4.20 requires installation of Java 17 JRE for management server and the KVM agent. On installing or upgrading cloudstack-management and/or cloudstack-agent packages, please configure Java 17 as the default java version using:
$ sudo alternatives --config java
Note: For Ubuntu distributions where the openjdk-17 packages are not available from the main repositories, the JRE can be installed from an external PPA such as openjdk-r. The PPA can be added before installation/upgrade:
$ sudo add-apt-repository ppa:openjdk-r/ppa $ sudo apt-get update
UI Deprecation and Removal Notice
The current jQuery-based CloudStack UI is deprecated in this release of CloudStack and will be removed in the next release of Apache CloudStack.
Migrating to dynamic roles feature
As of Apache CloudStack 4.9, dynamic roles feature can be enabled after an upgrade. Dynamic roles feature is enabled by default on new installations.
Please read more about Using Dynamic Roles feature and process of migrating to using this after an upgrade.
Agent and KVM Host Security
Starting 4.11, a new CA framework has been introduced that is used to secure agent and management server connections. Starting 4.11.1, KVM hosts in UP state that are not secured (i.e. the KVM host agent and libvirtd don’t have CA framework provisioned X509 certificates) will show up as ‘Unsecure’. A new button in the UI is available as well as an API to secure and onboard such hosts.
Please read more about Security and the process of migrating existing KVM hosts and agents to use the new security feature.
OVS plug-in
OVS plug-in functionality is disrupted if ovsdaemon crashes
A critical functionality issue came out with CLOUDSTACK-6779. On XenServer it is observed that on VIF unplug Ovs-Vswitchd is crashing resulting in loosing all the openflow rules added to the bridge. Ovs daemon gets started and creates a bridge but configure openflow rules are lost resulting in the disruption of connectivity for the Instances on the host.
Active-Directory Authentication (LDAP)
If using Active-Directory (LDAP/LDAPs) as User authentication; Upgrading to 4.3 and later require changes in Global Settings. After upgrading CloudStack to 4.3 or latest, following Global Settings must be change:
Global Settings |
Default |
New |
|---|---|---|
ldap.user.object |
inetOrgPerson |
user |
ldap.username.attribute |
uid |
sAMAccountName |
SystemVM 32bit deprecated
32bit versions of System VM Templates are in the process of being deprecated. Upgrade instructions from this Release Notes use 64bit Templates.
Explicit JDBC driver declaration
While upgrading, on some environments the following may be required to be added in CloudStack’s db.properties file:
# Add these to your db.properties file
db.cloud.driver=jdbc:mysql
db.usage.driver=jdbc:mysql
MySQL 8.0 sql mode change
MySQL mode (sql_mode) has changed in CloudStack db.properties to “STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE, ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION”.
This gets automatically applies to the MySQL session used by CloudStack management server.
If the admin uses MySQL directly and wants to query tables it is advised to change the sql_mode in the corresponding session or globally.
- Eg. mysql> set global sql_mode=”STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,
“> ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION”;
Query OK, 0 rows affected (0.00 sec)
- mysql> set sql_mode=”STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,
“> ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION”;
Query OK, 0 rows affected (0.00 sec)