Stein Series (12.0.0 - 12.1.x) Release Notes

12.1.3

Security Issues

  • Node secrets (such as BMC credentials) are no longer logged when JSON RPC is used and DEBUG logging is enabled.

Bug Fixes

  • An issue regarding the ansible deploy interface. The discovery playbook used to gather wwn and serials was broken for python3 due to the dict().keys() object not being a list in python3.

  • Fixes an issue with using serial number as root device hints with the ansible deploy interface.

  • Fixes an issue regarding the ansible deploy interface. Node deployment was broken for any image that was not public because the original request context was not available anymore at the time some image information was fetched.

  • Fixes spurious deployment warnings being logged by the ironic-conductor service indicating that the heartbeats from the deployment ramdisk could not be processed in DEPLOYWAIT state.

  • Fixes issue where the resource list API returned results with requested fields only until the API MAX_LIMIT. After the API MAX_LIMIT is reached the API started ignoring user requested fields. This fix will make sure that the next url generated by the pagination code will include the user requested fields as query parameter.

  • Fixes an issue where baremetal node deployment would fail on clouds with a high number of security groups. Listing the security groups took too long. Instead of listing all security groups, a query filter was added to list only the security groups to be used for the network. (See bug 2006256.)

  • Fixed the issue with node being locked for longer than [console]subprocess_timeout seconds when shellinabox process fails to start before the specifed timeout elapses.

  • Fixes a possible console lockup issue in case of PID file not being yet created while daemon start has call already returned success return code.

  • Fixes an issue wherein asynchronous out-of-band deploy steps in deployment template fails to execute. See story 2006342 for details.

  • Fixes a bug with the grub ramdisk boot template handling, such that the template now properly references the user provided kernal and ramdisk. Previously the deployment ramdisk and kernel was referenced in the template.

  • Fixes an issue where clean steps of redfish BIOS interface do not boot up the IPA ramdisk after cleaning reboot. See story 2006217 for details.

  • Fixes an issue in updating firmware using update_firmware_sum clean step from management interface of ilo hardware type with an error stating that unable to connect to iLO address due to authentication failure. See story 2006223 for details.

  • Fixes an issue in powering-on of server in ilo hardware type. Server was failing to return success for power-on operation if no bootable device was found. See story 2006288 for details.

  • Fixes an issue in creation of RAID for ilo5 RAID interface wherein second time RAID creation fails. See story 2006321 for details.

12.1.2

Upgrade Notes

  • iRMC hardware type deals with iPXE boot interface incompatibility. To iPXE boot with ipxe boot interface, (1) add ipxe to enabled_boot_interfaces in ironic.conf, (2) set up tftp & http server following Ironic document on iPXE boot configuration <https://docs.openstack.org/ironic/latest/install/configure-pxe.html>, then (3) create/set baremetal node with --boot-interface ipxe.

Bug Fixes

  • Fixes a deployment issue encountered during deployment, more precisely during the configdrive partition creation step. On some specific devices like NVMe drives, the created configdrive partition could not be correctly identified (required to dump data onto it afterward). https://storyboard.openstack.org/#!/story/2005764

  • Fixes traceback on cleaning of nodes with the redfish hardware type if their BMC does not support BIOS settings.

  • iRMC hardware type deals with iPXE boot interface incompatibility. From Stein, [pxe]ipxe_enabled option has been deprecated and will be removed in preference to ipxe boot interface in Train cycle. Till then, iRMC hardware type supports iPXE boot through [pxe]ipxe_enabled option. To cope with this incompatibility, iRMC hardware type supports ipxe boot interface.

  • Fixes the duplication of the “ipxe” tag when using IPv6, which leads to the dhcp server possibly returning an incorrect response to the DHCPv6 client.

12.1.1

Bug Fixes

  • Fixes an issue regarding the ansible deployment interface cleaning workflow. Handling the error in the driver and returning nothing caused the manager to consider the step done and go to the next one instead of interrupting the cleaning workflow.

  • Fixes an issue with the ansible deployment interface where raw images could not be streamed correctly to the host.

  • Fixes deployment with the ansible deploy interface and instance images with GPT partition table.

  • Fixes an issue where the sensor data parsing method for the ipmitool interface lacked the ability to handle the automatically included ipmitool debugging information when the debug option is set to True in the ironic.conf file. As such, extra debugging information supplied by the underlying ipmitool command is disregarded. More information can be found in story 2005331.

  • Fixes an issue where deploy fails during node preparation if the node capabilities are passed as string.

  • The internal JSON RPC server now binds to :: by default, allowing it to work correctly with IPv6.

  • No longer tries to create a temporary URL with zero lifetime if the deploy_callback_timeout option is set to zero. The default of 1800 seconds is used in that case. Use the new configdrive_swift_temp_url_duration option to override.

12.1.0

Prelude

The Bare Metal as a Service team joyfully announces our OpenStack Stein release of ironic 12.1.0. While no steins nor speakers were harmed during the development of this release, we might have suffered some hearing damage after we learned that we could increase the volume well past eleven!

Notable items include:

  • Increased parallelism of power synchronization to improve overall conductor efficiency.

  • API fields to support node description and owner values.

  • HPE iLO ilo5 and Huawei ibmc hardware types.

  • Allocations API interface to enable operators to find and select bare metal nodes for deployment.

  • JSON-RPC can now be used for ironic-api to ironic-conductor communication as opposed to using an AMQP messaging provider.

  • Support for customizable PXE templates and streamlined deployment sequences.

  • Initial support for the definition of “deployment templates” to enable operators to define and match customized deployment sequences.

  • Initial work for supporting SmartNIC configuration is included, however the Networking Service changes required are not anticipated until sometime during the Train development cycle.

  • And numerous bug fixes, including ones for IPv6 and IPMI.

This release includes the changes in ironic’s 12.0.0 release which was also released during the Stein development cycle and includes a number of improvements for Bare Metal infrastructure operators. More about our earlier stein release can be found in our release notes.

New Features

  • Adds option [ansible]default_python_interpreter to choose the python interpreter that ansible uses on managed machines. By default, ansible uses /usr/bin/python as interpreter, making the assumption that that path is always present on remote managed systems. This might not be always the case, for example in custom build images or Python 3 native distributions. With this option the operator has the ability to set the absolute path of the python interpreter on the remote machines, for example /usr/bin/python3. The same interpreter will be used in all operations that use the ansible deploy interface. It is also possible to override the value set in the configuration for a node by passing ansible_python_interpreter in its driver_info.

  • Adds currently used boot mode into node properties/capabilities upon redfish inspect interface run. The idea behind this change is to align with the in-band inspector behavior.

  • Adds a description field to the node object to enable operators to store any information related to the node. The field is up to 4096 UTF-8 characters.

  • Adds capability to control the persistency of boot order changes during instance deployment via (i)PXE on a per-node level. The option ‘force_persistent_boot_device’ in the node’s driver info for the (i)PXE drivers is extended to allow the values ‘Default’ (make all changes but the last one upon deployment non-persistent), ‘Always’ (make all changes persistent), and ‘Never’ (make all boot order changes non-persistent).

  • Adds API version 1.50 which allows for the storage of an owner field on node objects. This is intended for either storage of human parsable information or the storage of a tenant UUID which could be leveraged in a future version of the Bare Metal as a Service API.

  • Parallelizes periodic power sync calls by running up to ironic configuration [conductor]/sync_power_state_workers simultaneously. The default is to run up to 8 workers. This change should let larger-scale setups running power syncs more frequently and make the whole power sync procedure more resilient to slow or dead BMCs.

  • Adds an is_smartnic field to the port object in REST API version 1.53.

    is_smartnic field indicates if this port is a Smart NIC port, False by default. This field may be set by operator to use baremetal nodes with Smart NICs as ironic nodes.

    The REST API endpoints related to ports provide support for the is_smartnic field. The ironic admin documentation provides information on how to configure and use Smart NIC ports.

  • Add a new field pxe_template that can be set at driver-info level. This will specify a path for a custom pxe boot template. If present, this template will be read and will have priority in front of the per-arch and general pxe templates.

  • Adds support to enable deployment workflow changes necessary to support the use of Smart NICs in the ansible, direct, iscsi and ramdisk deployment interfaces. Networking service integration for this functionality is not anticipated until the Train release of the Networking service.

  • Introduces allocation API. This API allows finding and reserving a node by its resource class, traits and optional list of candidate nodes. Introduces new API endpoints:

    • GET/POST /v1/allocations

    • GET/DELETE /v1/allocations/<ID or name>

    • GET/DELETE /v1/nodes/<ID or name>/allocation

  • Adds support for building config drives. Starting with API version 1.56, the configdrive parameter of /v1/nodes/<node>/states/provision can be a JSON object with optional keys meta_data (JSON object), network_data (JSON object) and user_data (JSON object, array or string). See story 2005083 for more details.

  • Allows the user to supply EFI system partition image to ironic, for building UEFI-bootable ISO images, in form of a local file or UUID or URI reference. The new [conductor]esp_image option can be used to configure ironic to use local file.

  • Adds the deploy templates API. Deploy templates can be used to customise the node deployment process, each specifying a list of deploy steps to execute with configurable priority and arguments.

    Introduces the following new API endpoints, available from Bare Metal API version 1.55:

    • GET /v1/deploy_templates

    • GET /v1/deploy_templates/<deploy template identifier>

    • POST /v1/deploy_templates

    • PATCH /v1/deploy_templates/<deploy template identifier>

    • DELETE /v1/deploy_templates/<deploy template identifier>

  • Adds a new feature called fast-track which allows an operator to optionally configure the Bare Metal API Service and the Bare Metal conductor service to permit lookup and heartbeat for nodes that are in the process of being enrolled and created.

    These nodes can be left online, from a process such as discovery. If ironic-python-agent has communicated with the Bare Metal Service API endpoint with-in the last 300 seconds, then setup steps that are normally involved with preparing to launch a ramdisk on the node, are skipped along with power operations to enable a baremetal node to undergo discovery through to deployment with a single power cycle. Fast track functionality may be enabled through the [deploy]fast_track option.

  • Adds a new hardware type ibmc for HUAWEI 2288H V5, CH121 V5 series servers. This hardware type supports PXE based boot using HUAWEI iBMC RESTful APIs. The following driver interfaces are supported:

    • management: ibmc

    • power: ibmc

    • vendor: ibmc

  • Adds new hardware type ilo5. Including all other hardware interfaces ilo hardware type supports, this has one new RAID interface ilo5.

  • Adds functionality to perform out-of-band RAID operation for iLO5 based HPE Proliant servers.

  • New property ipmi_hex_kg_key for the ipmi based interfaces. The property enables user to set the Kg key for IPMIv2 authentication in hexadecimal format. This value is provided to ipmitool as the -y argument.

  • Adds the ability to use JSON RPC for communication between API and conductor services. To use it set the new rpc_transport configuration options to json-rpc and configure the credentials and the host_ip in the json_rpc section. Hostnames of all conductors must be resolvable for this implementation to work.

  • Adds a [DEFAULT]/versioned_notifications_topics configuration option. This enables operators to configure the topics used for versioned notifications.

  • Notification events for metrics data now contains a node_name field to assist operators with relating metrics data being transmitted by the conductor service.

  • Set boot_mode in node properties during OOB Introspection for idrac hardware type.

Known Issues

  • As good security practice[0], in Ubuntu Bionic the nf_conntrack_helper is disabled. This causes an issue when using the pxe boot interface with the PXE environment that breaks some of the Ironic CI tests, since Ironic needs conntrack for TFTP traffic. It’s still possible to use Ironic with PXE on Ubuntu Xenial, and it’s also possible to use Ironic with PXE on Ubuntu Bionic using a workaround based on custom firewall rules as shown in [0].

    [0] https://home.regit.org/netfilter-en/secure-use-of-helpers/

Upgrade Notes

  • Adds an is_smartnic field to the port object in REST API version 1.53.

    Upgrading to this release will set is_smartnic to False for all ports.

  • Adds a check to the ironic-status upgrade check command, to check for compatibility of the object versions with the release of ironic.

  • The create_raid_configuration, delete_raid_configuration and read_raid_configuration interfaces of ‘proliantutils’ library has been enhanced to support out-of-band RAID operation for ilo5 hardware type. To leverage this feature, the ‘proliantutils’ library needs to be upgraded to version ‘2.7.0’.

  • Removes deprecated driver_info["drac_host"] property for idrac hardware type that was marked for removal in Pike. Please use driver_info["drac_address"] instead.

Deprecation Notes

  • The values ‘True’/’False’ for the option ‘force_persistent_boot_device’ in the node’s driver info for the (i)PXE drivers are deprecated and support for them may be removed in a future release. The former default value ‘False’ is replaced by the new value ‘Default’, the value ‘True’ is replaced by ‘Always’.

  • The Cisco cisco-ucs-managed and cisco-ucs-standalone drivers have been deprecated due to a lack of reporting third-party CI and vendor maintenance of the driver code. In the present state of these drivers, they would have been removed as part of the eventual removal of support for Python2. These drivers should be anticipated to be removed prior to the final Train release of the Bare Metal service. More information can be found here.

  • The “hash_distribution_replicas” configuration option is now deprecated. If specified in the config file, a warning is logged.

Bug Fixes

  • A bug has been fixed in the node update code that could cause the nodes to become not updatable if their driver is no longer available.

  • Fixes an issue where setting the conductor_group for a node was not entirely case-sensitive, in that this could fail if case-sensitivity did not match between the conductor configuration and the API request.

  • Makes ironic building UEFI-only bootable ISO image (when being asked to build a UEFI-bootable image) rather than building a hybrid BIOS/UEFI-bootable ISO.

  • Fixes an issue that node list with conductor fails if any of the nodes has an invalid hardware type, which may happen when some conductor is out of service.

  • Fixes an issue in the idrac RAID interface seen when creating RAID configurations using python-dracclient version 2.0.0 or higher.

  • Fixes an issue where the master TFTP image cache could not be disabled. The configuration option [pxe]/tftp_master_path may now be set to the empty string to disable the cache. For more information, see story 2004608.

  • Fixes an issue where xclarity management interface fails to get boot order. Now the driver correctly gets boot device and this has been verified in the 3rd party CI. See story 2004576 for details.

  • Advances required python-dracclient version to 1.5.0 and later. That version is required by the fix to the idrac hardware type’s bug 2004340.

  • Makes all ilo driver BIOS interface clean steps as asynchronous. This is required to ensure the settings on the baremetal node are consistent with the settings stored in the database irrespective of the node clean step status. Refer bug 2004066 for details.

  • Fixes the IPMI console implementation to respect all supported IPMI driver_info and configuration options, particularly ipmi_port.

  • Fixes an issue has been corrected where hosts executing iPXE to boot would error indicating that no configuration was found for networks where IPv6 is in use. This has been remedied through a minor addition to the Networking service in the Stein development cycle. For more information please see story 2004502.

  • Notification event types now include the hardware type name string as opposed to a static string of “ipmi”. This allows event processors and operators to understand what the actual notification event data source is as opposed to having to rely upon fingerprints of the data to make such determinations.

  • Fixes a bug where cinder block storage service volumes volume fail to attach expecting a mountpoint to be a valid string. See story 2004864 for additional information.

  • Fixes an issue where the socat process would exit on client disconnect, which would (a) leave a zombie socat process in the process table and (b) disable any subsequent serial console connections. This issue was addressed by updating ironic to call socat with the fork,max-children=1 options, which makes socat persist and accept multiple connections (but only one at a time). Please see story 2005024 for additional information.

  • Fixes an issue with the ipmi hardware type where node['driver_info']['ipmi_force_boot_device'] could be interpreted as True when set to values such as “False”.

  • Returns the correct error message on providing an invalid reference to image_source. Previously an internal error was raised.

  • The instance_info[root_gb] property is no longer required for whole-disk images. It has always been ignored for them, but the validation code still expected it to be present.

Other Notes

  • The Bare Metal service now builds UEFI-only bootable ISO image (when being asked to build a UEFI-bootable image) rather than building a hybrid BIOS/UEFI-bootable ISO.

12.0.0

Prelude

The OpenStack Bare Metal as a Service team announces the release of ironic version 12.0 which introduces a number of new features as part of the Stein development cycle.

  • Per-node automated cleaning control

  • Redfish out-of-band introspection

  • Redfish BIOS configuration management

  • Support for direct image downloads from the conductor host.

  • Support for validating the enhanced image checksums introduced in the Image service in Rocky.

  • Dedicated ipxe boot interface enabling better co-existence of different hardware types.

  • Configurable disk_erasure_concurrency to speed disk cleaning.

  • Configurable “protected” nodes to help prevent accidential actions upon critical nodes.

And many many bug fixes, Enjoy!

New Features

  • Adds the [redfish]auth_type ironic configuration option for the redfish hardware type that is used to choose one of the following authentication methods:: basic, session and auto. The auto setting first tries session method and falls back to basic if session authentication is not supported by the Redfish BMC. The default is auto. This configuration option can be overridden on a per-node basis by the driver_info/redfish_auth_type option.

  • Adds out-of-band inspection support to redfish hardware type’. Successful inspection populates mandatory properties: “cpus”, “local_gb”, “cpu_arch”, “memory_mb” and creates ironic ports for inspected nodes.

  • Allows enabling automated cleaning per node if it is disabled globally. A new automated_clean field has been created on the node object, allowing to control the individual automated cleaning of nodes. When automated cleaning is disabled at global level, but enabled at node level, the automated cleaning will be performed only on those nodes.

    The new field is accessible starting with the API version 1.47.

  • Adds a new configuration option [iscsi]conv_flags, that specifies the conversion options to pass to the dd utility when copying an image. For example, passing sparse may result in less network traffic for large whole disk images.

  • Adds support for booting a ramdisk using virtual media to ilo-virtual-media boot interface when an ironic node is configured with ramdisk deploy interface.

  • Adds the ability to provision with direct deploy interface and custom HTTP service running at ironic conductor node. A new configuration option [agent]image_download_source is introduced. When set to swift, the direct deploy interface uses tempurl generated via the Object service as the source of instance image during provisioning, this is the default configuration. When set to http, the direct deploy interface downloads instance image from the Image service, and caches the image in the ironic conductor node. The cached instance images are referenced by symbolic links located at subdirectory [deploy]http_image_subdir under path [deploy]http_root. The custom HTTP server running at ironic conductor node is supposed to be configured properly to make IPA has unauthenticated access to image URL described above.

  • Setting these configuration options to 0 will disable the periodic tasks:

    • [conductor]sync_power_state_interval: sync power states for the nodes

    • [conductor]check_provision_state_interval:

      • check deployments and time out if the deployment takes too long

      • check the status of cleaning a node and time out if it takes too long

      • check the status of inspecting a node and time out if it takes too long

      • check for and handle nodes that are taken over by new conductors (if an old conductor disappeared)

    • [conductor]send_sensor_data_interval: send sensor data to ceilometer

    • [conductor]sync_local_state_interval: refresh a conductor’s copy of the consistent hash ring. If any mappings have changed, determines which, if any, nodes need to be “taken over”. The ensuing actions could include preparing a PXE environment, updating the DHCP server, and so on.

    • [oneview]periodic_check_interval:

      • check for nodes taken over by OneView users

      • check for nodes freed by OneView users

  • In accordance with the multihash support provided by glance, ironic now supports using the new os_hash_algo and os_hash_value fields to computes and validates image checksum when deploying instance images by the direct deploy interface.

  • Adds support to retrieve the information of conductors known by ironic:

    • a new endpoint GET /v1/conductors for listing conductor resources.

    • a new endpoint GET /v1/conductors/{hostname} for showing a conductor resource.

    Adds a read-only conductor field to the Node, which represents the conductor currently servicing a node, and can be retrieved from following node endpoints:

    • GET /v1/nodes?detail=true or GET /v1/nodes/detail

    • GET /v1/nodes/<node_ident>

    • POST /v1/nodes

    • PATCH /v1/nodes/<node_ident>

  • Adds support for the injection of Non-Masking Interrupts (NMI) to ilo management interface. This is supported on HPE ProLiant Gen9 and Gen10 servers.

  • Adds support for soft power off and soft reboot operations to ilo power interface.

  • Adds a configuration option [ipmi]disable_boot_timeout which is used to set the default behavior whether ironic should send a raw IPMI command to disable timeout. This configuration option can be overidden by the per-node option ipmi_disable_boot_timeout in node’s driver_info field. See story 2004266 and Story 2002977 for additional information.

  • Adds an ipxe boot interface which allows for instance level iPXE enablement as opposed to conductor-wide enablement of iPXE.

  • New framework for ironic-status upgrade check command is added. This framework allows adding various checks which can be run before a Ironic upgrade to ensure if the upgrade can be performed safely.

  • Adds a configuration option [deploy]disk_erasure_concurrency to define the target pool size used by Ironic Python Agent ramdisk to erase disk devices. The number of threads created by IPA to erase disk devices is the minimum value of target pool size and the number of disks to be erased. This feature can greatly reduce the operation time for baremetals with multiple disks. For the backwards compatibility, the default value is 1.

  • It is now possible to protect a provisioned node from being undeployed, rebuilt or deleted by setting the new protected field to True. The new protected_reason field can be used to document the reason the node was made protected.

  • Adds bios interface to the redfish hardware type.

  • Allows streaming raw partition images to the ramdisk when using the direct deploy interface. Requires ironic-python-agent from the Stein release series.

Known Issues

  • Building RAID1 is known to not work with Dell BOSS cards using python-dracclient 1.4.0 or earlier. Upgrade to python-dracclient 1.5.0 to use this feature.

  • Support for IPv6 and iPXE is restricted and is unlikely to work in default scenarios and configurations without external intervention. This is due to the way DHCPv6 and dnsmasq operate. At present this issue is being tracked in story 2005402.

Upgrade Notes

  • The hash_ring_reset_interval configuration option was changed from 180 to 15 seconds. Previously, this option was essentially ignored on the API side, becase the hash ring was reset on each API access. The lower value minimizes the probability of a request routed to a wrong conductor when the ring needs rebalancing.

  • Deployments utilizing iPXE should consider use of the ipxe boot interface as opposed to the pxe boot interface. iPXE functionality in the pxe boot interface is deprecated and will be removed during the U* development cycle.

  • Operator can now use new CLI tool ironic-status upgrade check to check if Ironic deployment can be safely upgraded from N-1 to N release.

  • Support for using the Image API v1 was removed. It was removed from Glance in the Rocky release.

  • The deprecated option [glance]glance_api_version was removed. Only v2 is now used.

  • If you are doing a minor version upgrade, please re-run the ironic-dbsync online_data_migrations command to properly update the versions of the Objects in the database. Otherwise, the next major upgrade may fail.

  • The deprecated configuration option [conductor]inspect_timeout was removed, please use [conductor]inspect_wait_timeout instead.

  • A future release will change the default value of [deploy]/default_boot_mode from “bios” to “uefi”. It is recommended to set an explicit value for this option. For hardware types which don’t support setting boot mode, a future release will assume boot mode is set to UEFI if no boot mode is set to node’s capabilities. It is also recommended to set boot_mode into properties/capabilities of a node.

Deprecation Notes

  • The [ilo]/power_retry config is deprecated and will be removed in the future release. Please use [conductor]/soft_power_off_timeout instead.

  • The [pxe]ipxe_enabled configuration option has been deprecated in preference for the ipxe boot interface. The configuration option will be removed during the U* development cycle.

  • Support for iPXE in the pxe boot interface has been deprecated, and will be removed during the U* development cycle. The ipxe boot interface should be used instead.

  • Using the fake management interface with the manual-management hardware type is deprecated, please use noop instead. Existing nodes will have to be updated after the upgrade.

  • The xclarity hardware type, which was previously deprecated, is no longer deprecated. Lenovo has instituted third-party CI which is a requirement for a driver to remain in-tree.

Critical Issues

  • The ironic-dbsync online_data_migrations command was not updating the objects to their latest versions, which could prevent upgrades from working (i.e. when running the next release’s ironic-dbsync upgrade). Objects are updated to their latest versions now when running that command. See story 2004174 for more information.

Bug Fixes

  • Fixes the bug in executing asynchronous BIOS interface clean step by honoring the state returned by the BIOS interface clean step which was ignored earlier.

  • Fixes a misunderstanding in how DHCPv6 booting of machines operates in that only a URL to the boot loader is expected in that case, as opposed to traditional TFTP parameters. Now a URL is sent to the client in the form of tftp://<tftp_address>/<tftp_path>/<boot_file>. See story 1744620 for more information.

  • Fixes a bug that a node’s console_enabled is reset to False at undeploying the node, which requires an operator to set it to True before deploying again. By this fix, while the console is stopped at tearing down, console_enabled remains True. When the node is deployed again, the console is started automatically.

  • Fixes an issue with a baremetal node that times out during cleaning. The ironic-conductor was attempting to change the node’s provision state to ‘clean failed’ twice, resulting in the node’s last_error being set incorrectly. This no longer happens. For more information, see story 2004299.

  • Fixes an issue where setting these configuration options to 0 caused a ValueError exception to be raised. You can now set them to 0 to disable the associated periodic tasks. (For more information, see story 2002059.):

    • [conductor]sync_power_state_interval: sync power states for the nodes

    • [conductor]check_provision_state_interval:

      • check deployments and time out if the deployment takes too long

      • check the status of cleaning a node and time out if it takes too long

      • check the status of inspecting a node and time out if it takes too long

      • check for and handle nodes that are taken over by new conductors (if an old conductor disappeared)

    • [conductor]send_sensor_data_interval: send sensor data to ceilometer

    • [conductor]sync_local_state_interval: refresh a conductor’s copy of the consistent hash ring. If any mappings have changed, determines which, if any, nodes need to be “taken over”. The ensuing actions could include preparing a PXE environment, updating the DHCP server, and so on.

    • [oneview]periodic_check_interval:

      • check for nodes taken over by OneView users

      • check for nodes freed by OneView users

  • Fixes an issue where Neutron ports would be left with a baremetal MAC address associated after an instance is deleted from a baremetal host. This caused problems with MAC address conflicts in follow up deployments to the same baremetal host. bug 2004428.

  • Fixes an issue where a flat Neutron port would be left with a host ID associated with it after an instance is deleted from a baremetal host. This caused problems with reusing the same port for a new instance as it is already bound to the old instance.

  • Fixes the URL generation with TFTP URLs does not account for IPv6 addresses needing to be wrapped in ‘[]’ in order to be parsed.

  • Fixes DHCP option parameter generation to correctly return the proper values for IPv6 based booting when iPXE is in use.

  • Fixes a bug where the number of CPU sockets was being returned by the idrac hardware type during introspection, instead of the number of virtual CPUs. See bug 2004155 for details.

  • Fixes an issue where the master instance image cache could not be disabled. The configuration option [pxe]/instance_master_path may now be set to the empty string to disable the cache.

  • Fixes an issue introduced during the Stein development cycle in an attempt to fix IPv6 support where the networking service was also prepending the DHCP option indicator to the number. A fix has been been submitted to the Networking service to address this issue, and the prepending code has been removed from ironic. See story 2004501 for more information.

  • Fixes an issue with the irmc hardware type failing to create a boot image via the irmc-virtual-media boot interface. See story 2003338 for more information.

  • Fixes an issue where the pagination marker was not being set if uuid was not in the list of requested fields when executing a list query. The affected API endpoints were: port, portgroup, volume_target, volume_connector, node and chassis. See story 2003192 for more details.

  • Kill ipmitool process invoked by ironic to read node’s power state if ipmitool process does not exit after configured timeout expires. It appears pretty common for ipmitool to run for five minutes (with current ironic defauls) once it hits a non-responsive bare metal node. This could slow down the management of other nodes due periodic tasks slots exhaustion. The new behaviour could is enabled by default, but could be disabled via the [ipmi]kill_on_timeout ironic configuration option.

  • Fixes a race condition in the hash ring implementation that could cause an internal server error on any request. See story 2003966 for details.

  • The bare metal API no longer returns HTML as part of the error_message field in error responses when no Accept header is provided.

  • Properly reports an error when the image cache and the image HTTP or TFTP location are on different file system, causing hard link to fail.

  • Adds command_timeout and max_command_attempts configuration options to IPA, so when connection errors occur the command will be executed again. The options are located in the [agent] section.

  • The ironic-python-agent version 3.5.0 contains a fix that allows multi-device objects to be selected as a root disk. These devices MAY be created automatically in the case of some ATARAID controllers with pre-existing configuration, or via the actions of a custom hardware manager. Operators who require this functionality are encouraged to ensure that their deployment ramdisks are up to date. See story 2003445 for more information.

  • Fixes an issue where iSCSI based deployments fail if the cpu_arch property is not specified on a node.

  • The manual-management hardware type now defaults to the noop management interface. Unlike the fake management interface, it does not fail on attempt to set the boot device to the local disk.

  • Fixes redfish hardware type to reuse HTTP session tokens when talking to BMC using session authentication. Prior to this fix redfish hardware type never tried to reuse session token given out by BMC during previous connection what may sometimes lead to session pool exhaustion with some BMC implementations.

  • Prevents deletion of ports for active nodes. It is still possible to delete them after putting the node in the maintenance mode.

  • Fixes an issue wherein provisioning fails if ironic node is configured with ramdisk deploy interface. See bug 2003532 for more details.

  • Fixes a locking issue where ipmitool-shellinabox console interface users may encounter a situation where the bare metal node is locked until the conductor is restarted. See story 1587313 for additional information.

  • The IPMI hardware type unconditionally instructed the BMC to not automatically clear boot flag valid bit if Chassis Control command not received within 60-second timeout (countdown restarts when a Chassis Control command is received). Some BMCs do not support setting this; if sent it causes the boot to be aborted instead. For IPMI hardware type a new driver option node['driver_info']['ipmi_disable_boot_timeout'] can be specified. It is True by default; set it to False to bypass sending this command. See story 2004266 for additional information.

  • Fixes a bug where ironic port is not updated in node introspection as per PXE enabled setting for idrac hardware type. See bug 2004340 for details.

  • Adds the version discovery information to the versioned API endpoint (/v1). This allows keystoneauth version discovery to work on this endpoint.

Other Notes

  • The support for returning INSPECTING state from InspectInterface.inspect_hardware was removed. For asynchronous inspection, please return INSPECTWAIT instead of INSPECTING, otherwise the node will be moved to inspect failed state.

  • The oneview hardware type and related interfaces have been removed due to a lack of maintainer and 3rd-party CI. Please see story 2001924 for additional information.

  • Removes Vagrant files and the information in documentation since the files were too outdated. This would lead to errors if developers tried to set up an environment with Vagrant.

  • The xclarity hardware type is no longer deprecated as Lenovo has implemented third-party CI to enable testing.