Current Series Release Notes

17.1.0-31

New Features

  • Debian Bookworm is now a supported distribution.

  • When enable_inspector is set to false (the default), the new built-in inspection implementation is now configured. Note that

    • The new implementation has not at the moment of writing achieved a complete feature parity with ironic-inspector: see https://docs.openstack.org/ironic/latest/admin/inspection/index.html for the available features.

    • Whether inspection actually runs is not defined by this parameter but rather by inspect_nodes (or the --inspect argument to ./bifrost-cli enroll).

Upgrade Notes

  • The default supported version of Ansible is now 8.x

  • Switches to Debian Bookworm for building IPA by default.

  • If ironic-inspector support is disabled via enable_inspector set to false, the service will be stopped and removed on upgrade. Nodes that use the inspector inspect interface will be changed to agent when running online data migrations.

  • Ubuntu 20.04 “Focal” is no longer a supported operating system, please use 22.04 “Jammy” instead.

  • SHA256 is now used instead of MD5 for any checksums calculated by Bifrost.

  • The variable include_dhcp_server has been completely removed, please use enable_dhcp instead.

  • Switches to using the snponly binary for iPXE on UEFI instead of the default ipxe.efi. This has been recommended by the Ironic project for some time since snponly.efi generally has more stable networking support. Change the ipxe_efi_binary variable to revert if needed.

  • No longer installs the full iPXE binary (ipxe.pxe) that is not used by Ironic.

Bug Fixes

  • Makes sure the static DHCP configuration runs before automated cleaning.

  • Fixes Bifrost’s creation of accounts and Keystone account usage to align with the newer role based access control within Ironic. Ironic deprecated the legacy access policy, which utilized custom roles baremetal_admin and baremetal_observer in the Wallaby release of OpenStack, and Bifrost now utilizes a mix of a project scoped and system scoped admin accounts with Keystone to facilitate authentication and authorization to resources.

  • Removes the rootwrap privilege escalation framework. Ironic no longer uses it, and Bifrost does not use the Inspector PXE filters that require root.

  • Fixes an issue where online data migrations were not performed in the default Bifrost configuration where localhost is used as the database address. See LP#2036772 for details.