Current Series Release Notes


New Features

  • Makes redfish driver firmware update feature a service step, enabling operators to perform firmware updates on active nodes.

Upgrade Notes

  • The deprecated ibmc hardware type has been removed from Ironic.

  • The deprecated idrac-wsman and related idrac interface aliases have been removed from the idrac hardware type.

  • The deprecated xclarity hardware type has been removed from Ironic.

Security Issues

  • Agent communication now requires an HTTPS url by default. This can be changed using the [agent]require_tls setting.

Bug Fixes

  • [bug 2069413] Fixes an issue with node servicing that caused node to be put into ‘service failed’ state when Ironic configuration option [pxe]enable_netboot_fallback was enabled.

  • [bug 2069430] Fixes an issue that prevented Ironic from being able to execute node servicing steps exposed by IPA’s HardwareManager

  • Fixes an issue in Redfish generic attach and detach virtual media where the virtual media devices were not recognized causing a failure when attaching or detaching a single virtual media device.

  • Replaces deprecated Storage.StorageControllers in Redfish RAID with Storage.Controllers, which provides an array of links to controller objects instead of embedding the full controller objects. The old field is now used as a fallback.

  • During node deployment, unless explicitly configured otherwise, Ironic now only creates PXE link files for ports with pxe_enabled=True, preventing unintended booting from disabled ports.

Other Notes

  • The Redfish interoperability profile 1.0.0 has been replaced with version 1.1.0 that adds a lot of missing resources and fields, and clarifies their purpose.


New Features

  • Adds additional validation to the agent callback_url.

  • Delegate parsing of version headers in API requests to the microversion-parse library which also adds support for the new standard singular header: ‘OpenStack-API-Version: baremetal <version>’.

Upgrade Notes

  • python-cinderclient is no longer a dependency, all OpenStack Cinder operations are now done using openstacksdk.

  • python-glanceclient is no longer a dependency, all OpenStack Glance operations are now done using openstacksdk.

  • The default value for [redfish]use_swift has been changed to false. This is to limit URL validation challenges presented by some baseboard management controllers where characters in the Swift temporary URL form are rejected by Baseboard Management Controllers.

  • API version 1.91 removes special treatment given to URLs ending in “.json”. Operators desiring the previous behavior can request API version 1.90 or earlier.

Security Issues

  • Additional validation of the callback_url which is supplied to Ironic by the agent has been added. In addition to any standardized formatting checks included in Python urllib, we will also reject requests which have an invalid URL schema formatting.

Bug Fixes

  • Fixes an issue with units tests that show this DeprecationWarning: The metaschema specified by $schema was not found. Using the latest draft to validate, but this will raise an error in the future. cls = validator_for(schema) Removed the warning for deprecated schema by using a new template.

  • Previously the conductors online database column is not considered when displaying the “baremetal conductor list” Alive status. This means that when a conductor is stopped gracefully it will be shown as (inaccurately) alive for the duration of [conductor]heartbeat_timeout.

    A conductor is now considered alive if online is true and there is a recent enough heartbeat.

  • Fixes the issue of service steps not starting due to servicing states (states.SERVICING and states.SERVICEWAIT) missing from _FASTTRACK_HEARTBEAT_ALLOWED constant.

  • Fixes issue with configuring virtual media boot for executing service steps by adding missing entries for states.SERVICING and states.SERVICEWAIT in the whitelist of the states allowed by this method.

  • [bug 2011053] Fix issue with boot from volume feature. Convert lun field from decimal to hexadecimal when generating iscsi url so that ipxe firmware could be able to identify the iSCSI SAN URI correctly, according to SAN URIs description at

  • Fixes usage of redfish detach virtual media feature to be conform to the general implementation. Before the detach virtual media API call using redfish driver was not working as intended and caused the operation to fail.

  • Fixes an issue in redfish attach/detach generic virtual media where the attached devices are not correctly recognized causing the attach operation to fail.

  • No longer falls back to unmanaged inspection for virtual media and UEFI HTTP boot interfaces. Previously, if the validation of the boot interface failed before in-band inspection, Ironic would switch to unmanaged inspection, which involved PXE-booting. It is not expected that nodes explicitly configured to use virtual media start booting over PXE, so the fallback has been removed.

  • Service step validation no longer requires a priority field, which is not supported for servicing.

  • Fixes service steps that rely on a reboot. Previously, the reboot was not properly recognized in the conductor logic.

  • Ironic now stops any active IPMI Serial-Over-LAN console sessions when initializing a console session. This resolves and issue where console support would fail if a previous console session was not properly disconnected.

  • Special treatment of .json is now disabled for nodes with .json extension in URL field.

    See bug 1748224 for more details.

  • Adds an ISO publisher value to ISO images which are mastered as part of cleaning/deployment/service operations in support of a fix for bug 2032377.

  • Fixes generated URL when using the virtual media attachment API. Previously, it missed the node UUID, causing conflicts between different nodes.

Other Notes

  • Moving forward, Ironic will discourage the use of “partition” images, in favor of “whole disk images”, largely due to the underlying complexity in the code to maintain partition image support. This is not the deprecation of the functionality as the community has agreed to keep the functionality and fix any issues we become aware of. UEFI Partition images, where EFI assets are copied from a partition image, are the only partition images Ironic intends to test on a regular basis moving forward.