Zed Series Release Notes


Corrections de bugs

  • Fixed bug 2015762 which could cause managed records to occasionally fail to delete due to a race condition.


Nouvelles fonctionnalités

  • Adds simple API versioning for Designate. Designate API minor releases are additive to the API major revision and share the same URL path. Subsequent minor versions are a superset of the previous versions of the same major revision.

Notes de mises à jours

  • The SECONDARY zone RPC calls were moved from the mdns service to worker service. When upgrading multi-controller deployments we recommend that you restart the central and worker services first to move the SECONDARY zone calls to the worker, and once both services has been upgraded go ahead and restart the mdns service.

  • Removed the following unused central rpc calls. This should not impact normal installations, but if these are used in any custom written backends or plugins that you are using, you will need to update your code before upgrading.

    • count_records

    • count_recordsets

    • count_zones

    • count_tenants

    • delete_zone_transfer_accept

    • find_blacklist

    • find_record

    • find_zone

    • find_zone_transfer_accept

    • find_zone_transfer_request

    • get_record

    • get_quota

    • update_zone_transfer_accept

  • Removed previously deprecated [service:mdns] option notify. All DNS notifications now happens using the worker service.

  • Removed the monascastatsd based metrics solution as all calls using it has been changed or removed and designate is no longer tracking any metrics using the metrics endpoint.

Notes dépréciées

  • The [service:api] max_header_line parameter has been deprecated. This parameter has hd no effect since the Train release. Use the [DEFAULT] max_header_line parameter of the oslo.service library instead.

Corrections de bugs

  • Fixed an issue where set-quotas will always return the default quotas if it was called with a non-project scoped token and the all-projects flag was not set.

  • Fixes bug where requests to powerDNS fail if the dns is configured for TLS traffic.

    It does so by adding a configuration variable, api_ca_cert, users can use to declare the location of the CA cert needed to verify TLS traffic.


  • Fixed an issue in central where « designate manage pool update » may return an error designate.exceptions.MissingProjectID when attempting to create a new pool.

  • Fixed a bug where deleting a zone transfer request may fail when using a system scoped token.

  • Verify that if a TXT record starts with a double quote, it also ends with a double quote.

Autres notes

  • Designate will now use Alembic migrations for database schema updates. This transition will automatically be handled for upgrades. The sqlalchemy-migrate package has been removed from the Designate requirements and the alembic package has been added.

  • The netaddr python module has been removed as a Designate requirement. It has been replaced with the python standard library “ipaddress” module.


Nouvelles fonctionnalités

  • OSprofiler support was introduced. To allow its usage, the api-paste.ini file needs to be modified to contain osprofiler middleware. Also [profiler] section needs to be added to the designate.conf file with enabled, hmac_keys and trace_sqlalchemy flags defined.

Notes de mises à jours

  • Added new state INACTIVE to the Floating IP status to indicate that it is not currently associated to a DNS record.

  • Removed the following unused central rpc calls. This should not impact normal installations, but if these are used in any custom written backends or plugins that you are using, you will need to update your code before upgrading.

    • create_record

    • update_record

    • delete_record

    • sync_record

    • sync_zone

    • sync_zones

    • touch_zone

  • The Designate Central RPC API version was updated and may not be backwards compatible with an older version of the Designate RPC API. When upgrading a multi-controller deployment make sure that all designate-central services are upgraded before starting the designate-worker service.

Notes dépréciées

  • The Akamai eDNS backend has reached it’s end of life and has been removed. Please upgrade to the Akamai v2 backend.

  • The following parameters have been deprecated. These parameters have had no effect since SSLMiddleware was removed during Ussuri cycle.

    • [service:api] secure_proxy_ssl_header

    • [service:api] override_proto

Security Issues

  • OSprofiler support requires passing of trace information between various OpenStack services. This information is securely signed by one of HMAC keys, defined in designate.conf configuration file. To allow cross-project tracing user should use the key, that is common among all OpenStack services they want to trace.

Corrections de bugs

  • Fixed an issue that caused the recordset_records quota to not be enforced.

  • Fixes bug 1934252 which ignored invalid denylist patterns. The fix entailed checking the pattern string via regular expression compiler and testing for zero length.

    Previously you could create blacklist/denylist using string that cannot be used either as a regex or as a zone name, for example: patterns = [“”, '#(*&^%$%$#@$']

    In addition, the server will return a 400 BadRequest response to an invalid pattern.

  • Fixed an issue where new BIND9 pool instances may fail on zone update.

  • Fixes support for keystone default roles and scoped tokens.

  • Fixed an issue with the API reference using the wrong path for list service statuses. In addition a compatibility workaround was added for the incorrect /v2/service_status path.