Wallaby Series Release Notes¶
The cyborg Nvidia GPU driver now supports defining different virtual GPU types for each physical GPU. See the
[gpu_devices]/enabled_vgpu_typesconfiguration option for knowing how to do it. Please refer to https://specs.openstack.org/openstack/cyborg-specs/specs/wallaby/approved/vgpu-driver-proposal.html for further documentation.
The Inspur NVMe SSD driver provides the discover and report proposal of Inspur NVMe SSD disks, then we can use these disks binding and unbinding with VM like PGPU to accelerator the io rate for the VM. The Inspur NVMe SSD doesnot support virtualization, one disk can be only bind to one VM.
The Intel nic driver defines the Intel x710 NIC’s data model in Cyborg. It also proposes a standard configuration format to manage networking related devices. The Intel X710 NIC supports DDP(Dynamic Device Personalization) which provides the ability to reconfigure the packet processing pipeline to support a broader range of traffic types. It also supports SR-IOV technology, each physical card can be virtualized into mulitiple VFs.
In the Victoria release, cyborg introduced the new scoped RBAC policy authorization for API access, and partially implemented the blueprints. What implemented are new default rules in base policy and device_profile policy.
During the development period(victoria and wallaby releases), the new and old policy will both work because a deployment sets
cyborg.conf [oslo_policy] enforce_scope = Falseas the default set. Although users can set
cyborg.conf [oslo_policy] enforce_scope = Trueby default in their deployment, if they want to ignore old rules and support new rules only. After we implement all the features, we’ll give two cycles transition period for operators. For specification of new policy, please refer to policy default refresh.
scope_typeto protect each policy. Cyborg support two types of
sope_typewith their combination.
To know each policy
scope_type, please refer the Policy Reference
This feature is disabled by default can be enabled via config option
New Defaults Configuration
Policies are default to Admin, Member and Reader roles. Old roles are also supproted. You can switch to new defaults via config option
New Base policy roles
Cyborg introduced seven basic roles based on the new defaults combined with different scope_types.
New Defaults for device_profile APIs
Rewrite check string(authorization rules) using new personas for device profile APIs.
Added policy configuration guide on cyborg doc page
Please refer to policy configuration guide
The default value of
[oslo_policy] policy_fileconfig option has been changed from
policy.yaml. Cyborg policy new defaults since 5.0.0 and current default value of
[oslo_policy] policy_fileconfig option (
policy.json) does not work when
policy.jsonis generated by oslopolicy-sample-generator tool. Refer to bug 1875418 for more details. Also check oslopolicy-convert-json-to-yaml tool to convert the JSON to YAML formatted policy file in backward compatible way.
The old basic personas below are marked as deprecated rules in base policy.