The Big Picture

The most consequential thread of the week wasn't a feature or a release — it was a security and governance debate over whether OpenStack drivers should "phone home" to vendors and how Kolla deployments should protect secrets. That conversation, which spanned Cinder driver behavior and Kolla-Ansible password management, exposed a real tension in the community about defense-in-depth versus operational convenience. Meanwhile, the 2025.2 "Flamingo" cycle marched toward its August 28 feature freeze, the Monasca retirement moved into formal proposal, and RefStack was officially decommissioned.

Releases & Announcements

Goutham Pacha Ravi's TC weekly summary (R-9) reset the clock: the community is about a month from the Flamingo feature freeze, scheduled for 2025-08-28, with teams observing internal deadlines ahead of it. The TC approved revised milestones for the cross-project Eventlet-removal goal, still aiming to drop Eventlet usage completely in the 2027.2 ("J") release. The new "aetos" project now has a canonical service type, metric-storage.

Election logistics are firming up. PTL and TC self-nominations open August 6 and close August 20; to be a PTL candidate you must be an Active Project Contributor over the prior 12 months, while any OpenInfra Foundation member may run for the TC. To vote, ensure your email is in Gerrit and that you've opted in to CIVS before August 20. Anyone expecting to be away during the window can submit an early nomination now.

On the QA side, Ghanshyam Maan proposed Sean Mooney and Tosky for Devstack core, planning to add them by August 8 absent objections. Manila's Flamingo midcycle ran August 6–7 (Carlos Silva), and the Public Cloud SIG held its bi-weekly meeting.

Security

This week's headline debate was about vendor "call home" in storage drivers. Brian Rosmaita laid out a careful position on the IBM SVf driver's proposed callhome plugin, reviewing the NetApp precedent in the process. His read: NetApp's EMS logging sends data to the customer's own storage backend under operator control, which he considers acceptable on privacy grounds — but that is not the same as software reporting back to the vendor. Cinder, he argued, has no precedent for true call-home behavior; if a feature does report to a vendor it must be off by default, and if it doesn't, it shouldn't be called "call home." This is an ongoing review, not a settled decision, and it's a useful signpost for how the Cinder community thinks about driver telemetry.

The companion debate — secure password management in Kolla-Ansible using Castellan/Barbican — was the week's most active thread (10 messages). Satish Patel opened with the pragmatic "why not just use Ansible Vault?", and the discussion broadened into whether application credentials, secret stores, or vault-style encryption best address protecting service secrets that Kolla otherwise renders in clear text inside config files. There's no consensus yet, but the thread is a good snapshot of current thinking for operators worried about secrets-at-rest.

Development & Technical Decisions

Monasca's retirement is now a formal proposal. Goutham Pacha Ravi posted the full list of 17 repositories slated for retirement ahead of the Flamingo release, with the support and consent of the current core team and PTL. The project has been inactive since 2024.1 (Caracal) with no releases or maintained stable branches. Some maintainers may fork it independently; retirement doesn't preclude that or a future revival. Objections go to the thread.

Jeremy Stanley confirmed the RefStack service is decommissioned effective immediately, with the interop, refstack, and refstack-client repos to be retired soon — it had been unused for trademark qualification since a 2023 board resolution.

A cluster of CI and packaging pain showed up. Stephen Finucane's PSA on pkg_resources breaking with newer Oslo wheels on Python 3.8 points to a setuptools name-normalization bug; Designate and Octavia are affected indirectly because they used the legacy "scripts" keyword, and fixes are up for review. The Tacker/Neutron regression investigation found a workaround (removing the logger mechanism driver from the Tacker ML2 base job config resolves the "Neutron did not start" failures), though the root cause is still being chased.

Operators surfaced several driver and networking questions worth flagging: persistent NetApp NVMe/TCP multipath issues (Vincent Godin's analysis suggests the driver only returns the first target portal), the perennial "is NVIDIA ASAP2 hardware offload real?" thread on switchdev/OVS offload not working for VLAN or VXLAN, and a question on whether operators can safely extend Neutron's binding:profile with custom keys across upgrades (Chang Xue, Bloomberg). On performance, a severe OVN VM-to-VM throughput degradation report (12 Gbit/s host-to-host vs ~4 Gbit/s VM-to-VM with high retransmits) prompted MTU/jumbo-frame discussion, with Karl Kloppenborg following up on tenancy vs physnet MTU tradeoffs.

Heads Up / Action Needed

• Flamingo feature freeze: August 28. Roughly four weeks out as of this window.
• Renew OpenInfra Foundation membership and opt into CIVS before August 20 to run or vote in PTL/TC elections.
• Object to the Monasca retirement on-thread if your organization depends on it and is willing to commit to active maintenance.
• Devstack core additions (Sean Mooney, Tosky) land August 8 unless there are objections.

Community & Events

Kendall Nelson invited contributors to the OpenInfra AI working group to help shape an "OpenStack for AI" whitepaper, with show-and-tell sessions from organizations running AI workloads on OpenStack (next one September 29). Ian Choi shared strong i18n progress from four Carnegie Mellon students advancing the Zanata-to-Weblate migration, including a ~34-test suite for the Weblate tooling and migration of the Zuul automation scripts. A research-minded thread from the Scientific SIG sought operators willing to discuss utilization, scheduling, and eBPF ideas for private clouds. Rounding out the week were the usual operator help threads — unhealthy Ceilometer containers in Kolla all-in-one, CloudKitty hashmap crashing Horizon, OVS-DPDK deployment failures on Kolla Zed, and Keycloak/OpenID integration questions.