Yoga Series Release Notes

14.0.1

Bug Fixes

  • Fixed an issue where set-quotas will always return the default quotas if it was called with a non-project scoped token and the all-projects flag was not set.

  • Fixed a bug where deleting a zone transfer request may fail when using a system scoped token.

14.0.0

New Features

  • OSprofiler support was introduced. To allow its usage, the api-paste.ini file needs to be modified to contain osprofiler middleware. Also [profiler] section needs to be added to the designate.conf file with enabled, hmac_keys and trace_sqlalchemy flags defined.

Upgrade Notes

  • Added new state INACTIVE to the Floating IP status to indicate that it is not currently associated to a DNS record.

  • Removed the following unused central rpc calls. This should not impact normal installations, but if these are used in any custom written backends or plugins that you are using, you will need to update your code before upgrading.

    • create_record

    • update_record

    • delete_record

    • sync_record

    • sync_zone

    • sync_zones

    • touch_zone

  • The Designate Central RPC API version was updated and may not be backwards compatible with an older version of the Designate RPC API. When upgrading a multi-controller deployment make sure that all designate-central services are upgraded before starting the designate-worker service.

Deprecation Notes

  • The Akamai eDNS backend has reached it’s end of life and has been removed. Please upgrade to the Akamai v2 backend.

  • The following parameters have been deprecated. These parameters have had no effect since SSLMiddleware was removed during Ussuri cycle.

    • [service:api] secure_proxy_ssl_header

    • [service:api] override_proto

Security Issues

  • OSprofiler support requires passing of trace information between various OpenStack services. This information is securely signed by one of HMAC keys, defined in designate.conf configuration file. To allow cross-project tracing user should use the key, that is common among all OpenStack services they want to trace.

Bug Fixes

  • Fixed an issue that caused the recordset_records quota to not be enforced.

  • Fixes bug 1934252 which ignored invalid denylist patterns. The fix entailed checking the pattern string via regular expression compiler and testing for zero length.

    Previously you could create blacklist/denylist using string that cannot be used either as a regex or as a zone name, for example: patterns = [‘’, '#(*&^%$%$#@$']

    In addition, the server will return a 400 BadRequest response to an invalid pattern.

  • Fixed an issue where new BIND9 pool instances may fail on zone update.

  • Fixes support for keystone default roles and scoped tokens.

  • Fixed an issue with the API reference using the wrong path for list service statuses. In addition a compatibility workaround was added for the incorrect /v2/service_status path.