Nephio R5 Release Notes

Overview

Building on the strong foundations of previous releases, Nephio R5 introduces further advancements in functionality, usability, security, and scalability in readiness for wider adoption and new use cases. Key highlights of Nephio R5 include:

• O-RAN OCloud Cluster provisioning
• Baremetal cluster provisioning
• ArgoCD GitOps workload reconciliation support
• Platform improvements
• Security enhancements
• Other improvements include a number of dependency upgrades and security fixes

Prerequisites

Refer to the Installation Guide for the prerequisites on supported environments.

Support matrix

The Nephio sandbox demo environment requires hardware with the following specifications:

OS support

• Ubuntu 22.04
• Fedora 38

System Requirements

Kubernetes version support

These installations have been verified on virtual machines (VMs) running on Google Cloud.

Features

Packages

The following packages have been introduced:

• Baremetal cluster provisioning packages:
  • Metal3
  • Metal3 Ironic
  • Baremetal Operator
  • Baremetal Host template
  • Kubeadm cluster template
• Centralized ArgoCD packages:
  • ArgoCD Full
  • Nephio ArgoCD App
  • Nephio ArgoCD workload cluster

Functionalities

• Platform

  • Porch fixes, security patches, and enhancements. See Porch fixes and enhancements for more details.
  • Nephio fixes, security patches, and enhancements.

• Documentation

  • Improvements in aesthetics and bug fixes.

• CI/CD Testing

  • New e2e test suites added:
    • O-RAN OCloud workload cluster
    • ArgoCD workload cluster
  • K8s v1.32.0 support
  • Fedora 38 OS support

• Security

  • Nephio OSSF score has been improved to 7.9

Limitations

• Intercluster networking is not dynamic. Therefore, as more clusters are deployed, some manual tweaking will be needed for intercluster communications.
• Provisioning of the VLAN interfaces on the nodes is currently performed manually.
• Observability between workload clusters to the management cluster is limited. You may need to connect directly to the workload cluster via kubectl to resolve any deployment issues.
• The web UI features are limited to the viewing and editing of packages, resources in those packages, and their deployment. Additional features will be added in subsequent releases.
• When the capacities of the UPF, SMF, and AMF NFs are changed, the free5GC operator on the workload cluster will instantiate a new POD with correspondingly modified resources (CPU, memory, and so on). During this process, the pod will restart. This is a limitation of free5GC.
• Only Gitea works with automated cluster provisioning to create new repositories and join them to Nephio. To use a different Git provider, you must manually provision the cluster repositories, register them to the Nephio management server, and set up Config Sync on the workload cluster.
• The web UI does not require authentication in the current demo configuration. Testing of the web UI with authentication configured has not yet been done.
• The web UI only shows the resources in the default namespace.
• While many types of Git authentication are supported, testing has only been done with token-based Git authentication in Gitea.

Known issues and workarounds

• Packages may take time to be approved by the auto-approval controller. If they appear to have frozen, it may help to restart the Porch and the Nephio controllers using the following commands:

kubectl -n porch-system rollout restart deploy porch-server
kubectl -n nephio-system rollout restart deploy nephio-controller

• Occasional calls to porchctl rpkg copy may fail with the following message:

  Error: Internal error occurred: error applying patch: conflict: fragment line does not match src line.

  If such a message appears, then retry in a little while, as this error may resolve itself. Restarting Porch may also help.

Appendix

Porch fixes and enhancements

• Porch full changelog