Chapter 3. OpenShift Virtualization release notes

3.1. About Red Hat OpenShift Virtualization

Red Hat OpenShift Virtualization enables you to bring traditional virtual machines (VMs) into OpenShift Container Platform where they run alongside containers, and are managed as native Kubernetes objects.

OpenShift Virtualization is represented by the icon.

You can use OpenShift Virtualization with either the OVN-Kubernetes or the OpenShiftSDN default Container Network Interface (CNI) network provider.

Learn more about what you can do with OpenShift Virtualization.

3.1.1. OpenShift Virtualization supported cluster version

OpenShift Virtualization 4.9 is supported for use on OpenShift Container Platform 4.9 clusters. To use the latest z-stream release of OpenShift Virtualization, you must first upgrade to the latest version of OpenShift Container Platform.

3.1.2. Supported guest operating systems

OpenShift Virtualization guests can use the following operating systems:

Red Hat Enterprise Linux 6, 7, and 8.
Red Hat Enterprise Linux 9 Alpha (Technology Preview).
Microsoft Windows Server 2012 R2, 2016, and 2019.
Microsoft Windows 10.

Other operating system templates shipped with OpenShift Virtualization are not supported.

3.2. Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. We are beginning with these four terms: master, slave, blacklist, and whitelist. Because of the enormity of this endeavor, these changes will be implemented gradually over several upcoming releases. For more details, see our CTO Chris Wright’s message.

3.3. New and changed features

OpenShift Virtualization is certified in Microsoft’s Windows Server Virtualization Validation Program (SVVP) to run Windows Server workloads.
The SVVP Certification applies to:
- Red Hat Enterprise Linux CoreOS workers. In the Microsoft SVVP Catalog, they are named Red Hat OpenShift Container Platform 4 on RHEL CoreOS.
- Intel and AMD CPUs.

High-performance virtual machine templates are now available for supported Windows operating systems.

If your OpenShift Virtualization Operator subscription used any update channel other than stable, it is now automatically subscribed to the stable channel. This single update channel delivers z-stream and minor version updates and ensures that your OpenShift Virtualization and OpenShift Container Platform versions are compatible.

You can now use the virtctl guestfs command to maintain, repair, and debug virtual machine disks.

You can now boot virtual machines with EFI mode without mandatory Secure Boot.

3.3.1. Quick starts

Quick start tours are available for several OpenShift Virtualization features. To view the tours, click the Help icon ? in the menu bar on the header of the OpenShift Virtualization console and then select Quick Starts. You can filter the available tours by entering the virtualization keyword in the Filter field.

3.3.2. Installation

You can now deploy OpenShift Virtualization on FIPS-enabled clusters.
You can now download the virtctl client even if the cluster is offline by using the ConsoleCLIDownload custom resource (CR).

3.3.3. Networking

You can now enable or disable MAC spoof filtering on secondary networks by configuring a Linux bridge network attachment definition in the CLI.

3.3.4. Storage

You can use storage profiles to set a default cloning method for a storage class, creating a cloning strategy. Setting cloning strategies can be helpful, for example, if your storage vendor only supports certain cloning methods. It also allows you to select a method that limits resource usage or maximizes performance. In addition to previously available cloning methods such as snapshots and host-assisted cloning, you can now specify csi-clone as the default cloning behavior, which uses the CSI clone API to efficiently clone an existing volume without using an interim volume snapshot.

You can now take a snapshot of an online virtual machine. If the QEMU guest agent is installed, the file system is quiesced when taking the snapshot, maximizing data integrity.

3.3.5. Web console

You can now automate your Windows virtual machine setup by uploading answer files in XML format in the Advanced SysPrep section of the Create virtual machine from template wizard.

You can use the OpenShift Virtualization dashboard in the web console to get data on resource consumption for virtual machines and associated pods. The dashboard provides visual representations of cluster metrics so you can quickly understand the state of your cluster.

3.4. Removed features

Removed features are not supported in the current release.

Importing a single virtual machine from Red Hat Virtualization (RHV) or VMware is removed from OpenShift Virtualization 4.9. This feature is replaced by the Migration Toolkit for Virtualization.

3.5. Technology Preview features

Some features in this release are currently in Technology Preview. These experimental features are not intended for production use. Note the following scope of support on the Red Hat Customer Portal for these features:

Technology Preview Features Support Scope

You can now enable automatic updates for OpenShift Virtualization workloads, such as virt-launcher pods. Configure workload update strategies by editing the HyperConverged custom resource.
You can now hot-plug and hot-unplug virtual disks when you want to add or remove them from your virtual machine without stopping the virtual machine instance.
You can now use the Red Hat Enterprise Linux 9 Alpha template to create virtual machines.
You can now deploy OpenShift Virtualization on AWS bare metal nodes.

3.6. Bug fixes

The Template provider menu in the web console no longer offers "Red Hat Supported" as a template search filter, to avoid confusion with the "Red Hat Provided" filter. (BZ#1952737)
The KubeVirt plugin now checks the API version available and uses the correct version, rather than defaulting to the v1 API version, which resulted in an API mismatch and prevented virtual machine creation. (BZ#1977037), (BZ#1979114)
The Red Hat Enterprise Linux (RHEL) 6 template is no longer prioritized in the web console. (BZ#1978200)
The Red Hat Enterprise Linux (RHEL) 6 template is no longer labeled as a community-provided template in the web console. (BZ#1978202)
The web console can now retrieve more information from virtual machines, including time zone and number of active users. (BZ#1979190)
Live migration between nodes with incompatible CPUs is now prevented on clusters containing nodes that are not configured identically. (BZ#1760028)
If you initially deployed OpenShift Virtualization version 2.4.z or earlier, you can now upgrade to the latest version without using a workaround. (BZ#1986989)
If you run OpenShift Virtualization 2.6.5 with OpenShift Container Platform 4.8 or later, you can now create a virtual machine from the Customize wizard. (BZ#1979116)
RHV VM import no longer fails if the VM affinity policy is set to Migratable rather than Pinned. (BZ#1977277)
Selecting Create With Import wizard on the Virtualization page of the OpenShift Virtualization web console no longer results in an erroneous error message. (BZ#1974812)

3.7. Known issues

If you use OpenShift Virtualization on OpenShift Container Platform 4.9.4 or earlier with the Border Gateway Protocol daemon running and then you modify the network interface with BPG route entries, the BPG routes will be converted into static routes. nmstate-1.0.2-14.el8_4.noarch, which ships with OpenShift Container Platform 4.9.4, does not handle the Bird Internet Routing Daemon protocol correctly.
You can prevent this issue by upgrading your cluster to OpenShift Container Platform 4.9.5 or later. If BGP routes have already been converted to static routes, you must remove the static routes from the network interface and add the routes manually.
Updating to OpenShift Virtualization 4.9.6 causes some virtual machines (VMs) to get stuck in a live migration loop. This occurs if the spec.volumes.containerDisk.path field in the VM manifest is set to a relative path.
- As a workaround, delete and recreate the VM manifest, setting the value of the spec.volumes.containerDisk.path field to an absolute path. You can then update OpenShift Virtualization.

If you hot-plug a virtual disk and then force delete the virt-launcher pod, you might lose data. This is due to a race condition that can cause the VM disk’s contents to be wiped from the persistent volume. (BZ#2007397)

Editing a virtual machine fails if the VM references a deleted template that was provided by OpenShift Virtualization before version 4.8. In OpenShift Virtualization 4.8 and later, deleted OpenShift Virtualization-provided templates are automatically recreated by the OpenShift Virtualization Operator.
If a cloning operation is initiated before the source is available to be cloned, the operation stalls indefinitely. This is because the clone authorization expires before the cloning operation starts. (BZ#1855182)
- As a workaround, delete the DataVolume object that is requesting the clone. When the source is available, recreate the DataVolume object that you deleted so that the cloning operation can complete successfully.
If your OpenShift Container Platform cluster uses OVN-Kubernetes as the default Container Network Interface (CNI) provider, you cannot attach a Linux bridge or bonding to the default interface of a host because of a change in the host network topology of OVN-Kubernetes. (BZ#1885605)
- As a workaround, you can use a secondary network interface connected to your host, or switch to the OpenShift SDN default CNI provider.

Running virtual machines that cannot be live migrated might block an OpenShift Container Platform cluster upgrade. This includes virtual machines that use hostpath provisioner storage or SR-IOV network interfaces.
- As a workaround, you can reconfigure the virtual machines so that they can be powered off during a cluster upgrade. In the spec section of the virtual machine configuration file:
  1. Remove the evictionStrategy: LiveMigrate field. See Configuring virtual machine eviction strategy for more information on how to configure eviction strategy.
  2. Set the runStrategy field to Always.
- As a workaround, set the default CPU model by running the following command:
  Note
  You must make this change before starting the virtual machines that support live migration.
```
$ oc annotate --overwrite -n openshift-cnv hyperconverged kubevirt-hyperconverged kubevirt.kubevirt.io/jsonpatch='[
  {
      "op": "add",
      "path": "/spec/configuration/cpuModel",
      "value": "<cpu_model>" 1
  }
]'
```
  1
  Replace <cpu_model> with the actual CPU model value. You can determine this value by running oc describe node <node> for all nodes and looking at the cpu-model-<name> labels. Select the CPU model that is present on all of your nodes.
If you enter the wrong credentials for the RHV Manager while importing a RHV VM, the Manager might lock the admin user account because the vm-import-operator tries repeatedly to connect to the RHV API. (BZ#1887140)
- To unlock the account, log in to the Manager and enter the following command:
```
$ ovirt-aaa-jdbc-tool user unlock admin
```
If you run OpenShift Virtualization 2.6.5 with OpenShift Container Platform 4.8 or later, various issues occur. You can avoid these issues by upgrading OpenShift Virtualization to version 4.8 or later.
- In the web console, if you navigate to the Virtualization page and select Create With YAML the following error message is displayed:
```
The server doesn't have a resource type "kind: VirtualMachine, apiVersion: kubevirt.io/v1"
```
  - As a workaround, edit the VirtualMachine manifest so the apiVersion is kubevirt.io/v1alpha3. For example:
    apiVersion: kubevirt.io/v1alpha3 kind: VirtualMachine metadata: annotations: ...
    (BZ#1979114)
- When connecting to the VNC console by using the OpenShift Virtualization web console, the VNC console always fails to respond.
  - As a workaround, create the virtual machine from the CLI or upgrade to OpenShift Virtualization 4.8.
    (BZ#1977037)