# June 2025 Release

The latest release of Platform9 <code class="expression">space.vars.PRODUCT\_NAME</code> includes new features, usability improvements, and resolved issues to enhance product stability and performance.

### New Features

**Kubernetes Cluster Support for Self-Hosted Deployments**

Private Cloud Director now supports Kubernetes clusters on self-hosted deployments. You can launch and manage Kubernetes clusters directly from the <code class="expression">space.vars.PRODUCT\_NAME</code> UI.

**QoS Configuration Support Added for Networking Service**

QoS (Quality of Service) is now enabled in the networking service configuration. Users can define and apply QoS policies using the OVN driver for improved bandwidth management.

**VM High Availability (VMHA) Support for Two-Node Clusters**

<code class="expression">space.vars.PRODUCT\_NAME</code> now supports VM High Availability (VMHA) on clusters with at least two hosts. This enhancement enables more flexible HA configurations, especially for environments with limited hardware, and simplifies adoption for customers with smaller clusters/edge clusters.

**Beta Predictive Dynamic Resource Rebalancing (DRR)**

<code class="expression">space.vars.PRODUCT\_NAME</code> now introduces a predictive mode for Dynamic Resource Rebalancing (DRR), expanding on the default proactive and reactive models already in use. This enhancement uses historical CPU and RAM data to forecast utilization trends and proactively identify hosts within a cluster that may run out of capacity.

The predictive mode is currently in `beta` and not available by default. It requires support from the Platform9 support team to activate it on a per-cluster basis and is not accessible through the UI.

If you would like to explore predictive DRR for your virtualized clusters, please contact the Platform9 Support team.

**Support for Physical Nodes in Kubernetes**

<code class="expression">space.vars.PRODUCT\_NAME</code> now supports creating, scaling, and deleting Kubernetes clusters using physical servers, in addition to virtual machines. You can now create a Kubernetes cluster using one or more physical nodes.

**Beta Application Catalog & Orchestration**

You can now use the application catalog to simplify the deployment and management of multi-VM applications. The <code class="expression">space.vars.PRODUCT\_NAME</code> application catalog uses open source Terraform under the hood, to enable you to orchestrate complex applications that may involve multiple virtual machines, networks, storage volumes, and other <code class="expression">space.vars.PRODUCT\_NAME</code> objects.

Through this feature, you can:

* Store application templates as Terraform files in GitHub with secure API token access.
* Provision one or more applications using the <code class="expression">space.vars.PRODUCT\_NAME</code> UI.

**Beta GPU Acceleration for High-Performance VM and Kubernetes Workloads**

You can now run AI/ML, rendering, and simulation workloads directly on the <code class="expression">space.vars.PRODUCT\_NAME</code>console using GPU-enabled VMs and Kubernetes clusters. Administrators can configure passthrough or fractional vGPU modes (beta) for VMs, and enable GPU support for Kubernetes clusters using passthrough, Time Slice, or Multi-Instance GPU (MIG) modes. This feature helps run compute-heavy workloads efficiently without relying on external environments, improving performance for modern high-demand applications.

### Enhancements

**Core Component Upgrade to 2024.1 (Caracal)**

Upgraded the core components of Compute, Storage, Images, and Identity services to the 2024.1 (Caracal) release. This update delivers improved stability, security, and compatibility with the latest console features.

**Enhanced Observability Metrics**

This release introduces improved observability in <code class="expression">space.vars.PRODUCT\_NAME</code> with additional metrics now available at the Cluster, Host, and VM levels. These metrics include:

* CPU, memory, and storage utilization
* CPU throttling
* Network data (received and transmitted)
* Disk IOPS
* Breakdown of allocated vs. used resources

In addition, credential management for Grafana access has been updated. For new installations, Grafana login uses the management plane admin credentials by default. However, after an upgrade from previous releases, Grafana continues to use the default credentials (`admin/admin`) or manually updated credentials as configured previously by the admin.

**Metrics Collection With Prometheus**

With this release, <code class="expression">space.vars.PRODUCT\_NAME</code> now uses open-source Prometheus to collect and store resource metrics.

**VM Migration Priority with DRR**

This release adds support for VM migration priority configuration, which determines when a virtual machine gets selected for migration when the DRR service identifies a candidate host for rebalancing. You can read more on [DRR and VM Migration Priority](https://platform9.com/docs/private-cloud-director/2025.10/private-cloud-director/dynamic-resource-rebalancing--drr-#drr-and-vm-migration-priority-).

**Dell Unity Storage Driver Support**

Added support for Dell Unity storage systems by including the required `storops` Python package in Storage service deployments. This enhancement simplifies integration and enables out-of-the-box block storage management for Dell Unity within the PCD console.

**Support for Limiting Volume Types to Specific Tenants**

You can now limit **Volume Types** to specific tenants on the Private Cloud Director console. To apply this setting, navigate to **Storage > Volume Types**, select a volume type, and choose **Edit Tenants** to assign access.

This enhancement improves tenant-level control and ensures better resource segmentation.

**Hostname Based Management Cluster Creation for Self-hosted Private Cloud Director**

In addition to the existing IP based deployment of self-hosted Private Cloud Director management clusters, you can now use hostnames to create these clusters. This enables better interoperability with some external storage providers.

**System Requirements Validation for Community Edition Installs**

Community Edition installs now include system requirement checks before installation begins. The installer validates available CPU, memory, and disk resources to ensure the system meets minimum requirements. If the system does not meet the expected thresholds, the installation fails early or issues a warning. This enhancement helps avoid failed or degraded installations by identifying insufficient system resources upfront.

Additionally, the requirements to run Community Edition have now been lowered to 8 vCPUs and 28GB (usable) memory, from the previous requirements of 16 vCPUs and 32 GB of memory.

**Enhanced Deployment Progress Visibility for Community Edition**

Community Edition installation now displays real-time deployment progress on the CLI. This enhancement improves user experience by replacing the earlier static message with dynamic updates pulled from per-service deployment tracking. Users can now monitor the status of each service during installation, making the process more intuitive and transparent.

### Upgrade Notes

The June 2025 release includes improvements to how cluster hosts are managed. Make sure the following configuration is applied to any hosts that may be missing it.

1. **Enforced Cluster Assignment for Hypervisors** In this release, assigning hypervisors to clusters is now mandatory. The change aims to simplify host configuration and aligns with the multi-cluster feature introduced in the previous release, where cluster selection was optional. Before upgrading, ensure that every hypervisor host is assigned to a cluster. Navigate to **Infrastructure > Cluster Hosts**, select a specific host, and then select **Edit Roles** to add the hypervisor.
2. **VM High Availability (VMHA) Support for Existing Clusters** To enable VMHA on two-node clusters, in case of older deployments being upgraded to this release, please follow the steps below:
   * Disable VMHA before upgrading.
   * Re-enable it once the upgrade is complete.
3. **Manual AZ Name Update Required After Upgrade** Starting from the February release, the hypervisor availability zone (AZ) name defaults to the initial cluster name configured in the blueprint. If you're upgrading from this release, first disable VM High Availability (VMHA) in the blueprint. After upgrading to the April/June release, please ensure to create your first cluster with the same name as the existing AZ name to align with the new default behavior.
4. **Proxy Configuration for Image Management** Image management services now recognize proxy settings defined in `/etc/environment`. After upgrading, if the file appears incorrectly populated, restart the `pf9-hostagent` service to ensure proxy settings are applied correctly.

### Bug Fixes

#### Identity, Storage, and Networking Services

* The enabled volume encryption configuration now allows users to create encrypted volumes after setting up the host-side requirements.
* Volumes can be uploaded to images without modifying the metadata.
* Resolved parallel onboarding issues when installing multiple nodes; reliability improved.
* VMs can utilize volumes backed by Fiber Channel-based storage drivers.
* Admins linked to a domain can now view and manage resources only within their assigned domains.
* Automatically updates image service endpoints if the host with an assigned image library role gets deauthorized, selecting an active `imagelibrary` host.
* Volume `BlockDeviceMapping` configurations now support LUN passthrough devices.
* Corrected the issue where storage passwords were not decrypted before being sent to storage drivers.
* Enhanced the authentication service for higher availability.
* Resolved volume creation issues due to unreachable image-cluster endpoints from different regions.

#### Self-Hosted Deployments

* The self-hosted backup/restore commands did not account for `rabbitMQ` broker data correctly. The commands have been updated to handle `rabbitMQ` broker data as expected.
* After the admin password was reset using the CLI, old credentials remained valid for continued use. Credential invalidation now takes effect immediately upon a CLI-initiated password reset.
* On self-hosted deployments, running `airctl delete-cluster` incorrectly unmounted `/var/lib/containerd`. The command has been updated to preserve the `/var/lib/containerd` mount during cluster deletion.
* When a node was unreachable, `airctl check` timed out after 5 minutes instead of continuing validation. The command now marks the unreachable node as `Not Ready` and proceeds with validation on the remaining nodes.
* The SSH port in `airctl` was hardcoded to `22`, blocking access in environments with custom SSH ports. `airctl` now supports custom SSH ports for management clusters.
* After `airctl stop` was executed and services were stopped, `airctl status` incorrectly reporting the node as `ready`. The status command now reflects the correct node state after services are stopped.
* The lack of HA support for `node-taint` and `airctl-backup` services caused backup and taint operations to fail if the `airctl` host went down, leaving pods in a terminating state. Both services have been updated to support HA to prevent inconsistent behavior.
* Community Edition could not be completely removed from a node without additional steps. A cleanup script has been added to support complete removal using `airctl unconfigure-du --force` followed by `airctl delete-cluster`.<br>

#### PCD User Interface

* In the previous release, hosts appeared offline on the <code class="expression">space.vars.PRODUCT\_NAME</code> UI in some cases despite being operational. Host health status is now reported accurately.
* Deauthorizing a host from a cluster did not remove all assigned roles. Role cleanup is now performed completely upon host deauthorization.
* Cluster names from previously deleted clusters could not be reused when creating new clusters. New clusters can now be created using a name previously associated with a deleted cluster.
* Trusting the local <code class="expression">space.vars.PRODUCT\_NAME</code> certificate authority requires manual steps. A `pcdctl` command has been added to automate this process.
* VM duplication required manual re-entry of configuration settings. A Clone VM option has been added that copies VM settings into the creation wizard, with options to modify network, flavor, or security groups.
* The **Host Aggregate** column on **Infrastructure > Cluster Hosts** displayed only one aggregate per host, even when multiple were assigned. The column now displays all aggregates a host is assigned to.
* Linking a **Host Aggregate** during flavor creation or cloning failed silently, resulting in incomplete configurations. The operation now completes as expected without silent failures.
* DHCP ports could be assigned to a VM's private IP, causing network conflicts. DHCP ports are no longer assignable to a VM's private IP.
* The lease policy management always defaulted to Power Off as the end-of-lease action regardless of the configured policy. The correct end-of-lease action is now applied based on the configured lease policy.
* Cluster names containing the underscore character were rejected during creation. Cluster names can now include the underscore character.
* Host allocation ratios could not be customized during host aggregate creation. Allocation ratios can now be configured when creating a host aggregate.
* Creating images from volumes marked as "in use" was not supported. Image creation from in-use volumes is now available via `--force` through the CLI and Force Upload on the <code class="expression">space.vars.PRODUCT\_NAME</code> console.
* Image deletion timed out when the image host was unreachable. A pre-check now verifies host availability and displays an appropriate message before the deletion proceeds.
* Removing all roles from a host also deleted the image library role, despite the <code class="expression">space.vars.PRODUCT\_NAME</code> console warning that it would be preserved. The image library role is now retained as indicated.
* Creating a flavor required manually entering all configuration values without a reference option. An option to clone an existing flavor has been added to simplify flavor creation.
* Marking a physical network as external was only possible at creation time. Physical networks can now be marked as external from the <code class="expression">space.vars.PRODUCT\_NAME</code> console after creation.
* The VMHA status in **Infrastructure > Clusters** displayed only the desired state, not the actual HA status. The display has been updated to show the actual HA status alongside the desired state.
* Managing VM migration priority was not supported from the <code class="expression">space.vars.PRODUCT\_NAME</code> UI. Support for configuring VM migration priority has been added to the console.
* VM lease management was not available at the tenant level. Lease management can now be configured and managed at the tenant level.
* Booting virtual machines directly from volume snapshots was not supported on the <code class="expression">space.vars.PRODUCT\_ACRONYM</code> UI. VMs can now be booted directly from volume snapshots through the console.

#### Kubernetes on Private Cloud Director

* During onboarding of physical hosts on Ubuntu 22, `byohctl` ran `apt update` to fetch the `ebtables` utility dependency. The onboarding process has been updated to handle this dependency without running `apt update`.
* API server security relied on self-signed certificates, which triggered the **Action Required: Trust Cluster Endpoint Certificate** message on the <code class="expression">space.vars.PRODUCT\_NAME</code> UI. Certificates are now signed by a known **Certificate Authority (CA)**, and the message no longer appears.

### Known Limitations

* GPU Passthrough Limitation for VM Creation: When using GPU passthrough mode, only one GPU host configuration is allowed per region.
* GPU VM Creation Fails with `No Valid Host Was Found` Error: You may see the message "No valid host was found." **There are not enough hosts available** when creating a VM using GPU passthrough flavors. This can occur if **SR-IOV** is not enabled for the GPU device. It is recommended to verify if the GPU supports **SR-IOV** and enable it before configuring GPU passthrough.
* Cluster Names Must Be Unique Across Regions: Two clusters cannot share the same name across regions within the same tenant.
* Tenant Name Restriction: Spaces are not supported in tenant names. Use only alphanumeric characters, dashes, or underscores.
* Kubernetes Cluster Support Not Available on Upgraded On-Premise Deployments: Kubernetes cluster support is only available on fresh on-premise deployments of the <code class="expression">space.vars.PRODUCT\_NAME</code>console. Deployments upgraded from an older version to the 2025.6 release will not support this feature.

### Known Issues

* VM HA does not honor the host liveness traffic network interface configured in the cluster blueprint in this release.
* VM HA and DRR do not support vTPM-enabled VMs. Live migration and evacuation are not possible, so these VMs will not be migrated automatically.
* If you are using NFS as the backend for block storage, set the `image_volume_cache_enabled` flag to `false`. If the flag is set to `true`, creating a VM from a cached image volume may lead to incorrect root disk sizing.
* SSO users are unable to create Heat orchestration stacks at this time.
* `pcdctl config set` command is not supported for a user with MFA enabled.
* Image upload to encrypted volumes is currently unsupported. Volume encryption only works with empty volumes at this time.
* Currently, rescue mode is only supported for VMs with ephemeral storage. The rescue operation does not work for instances backed by volumes. Users attempting to rescue a volume-backed instance will encounter failures.