Current Series Release Notes

13.0.0-75

New Features

  • Adds instance_info/kernel_append_params property support to redfish hardware type. If given, this property overrides [redfish]/kernel_append_params ironic option. The rationale for adding this property is to allow passing node-specific kernel parameters to instance kernel. One of the use-cases for this is to pass node static network configuration to the kernel.

  • Adds an owner field to allocations. Depending on policy, a non-admin can then create an allocation and have the owner set to their project. Allocation processing will then ensure that only nodes with the same owner are matched.

  • Adds support for specifying vendor_data when building config drives. Starting with API version 1.59, a JSON based configdrive parameter to /v1/nodes/<node>/states/provision can include the key vendor_data. This data will be built into the configdrive contents as vendor_data2.json.

  • Adds idrac hardware type support of a virtual media boot interface implementation that utilizes the Redfish out-of-band (OOB) management protocol and is compatible with the integrated Dell Remote Access Controller (iDRAC) baseboard management controller (BMC). It is named idrac-redfish-virtual-media.

    The idrac hardware type declares support for that new interface implementation, in addition to all boot interface implementations it has been supporting. The highest priority boot interfaces remain the same. It now supports the following boot interface implementations, listed in priority order from highest to lowest: ipxe, pxe, and idrac-redfish-virtual-media.

    To use the new boot interface, install the sushy-oem-idrac Python package.

    For more information, see story 2006570.

  • Hardware type idrac converts physical drives from JBOD to RAID mode before building RAID on them.

  • It’s now possible to force booting for in-band inspection to be managed by ironic by setting the new [inspector]require_managed_boot option to True. In-band inspection will fail if the node’s driver does not support managing boot for it.

  • The pxe and ipxe boot interfaces, as well as all in-tree network interfaces, now support managing in-band inspection boot.

  • Adds a is_node_owner policy rule. This rule can be used with node policy rules in order to expose specific node APIs to a project ID specified by a node’s owner field. Default rules are unaffected, so default behavior is unchanged.

Upgrade Notes

  • Changing minimum version of Ansible for use with the ansible deploy_interface to version 2.5.

  • Python 2.7 support has been dropped. Last release of Ironic to support Python 2.7 is OpenStack Train. The minimum version of Python now supported by Ironic is Python 3.6.

  • For the managed in-band inspection to work, make sure that the Bare Metal Introspection endpoint (either in the service catalog or in the [inspector]endpoint_override configuration option) is not set to localhost. Alternatively, set the [inspector]callback_endpoint_override option to a value with a real IP address.

  • The argument agent_version of the heartbeat interface is now mandatory to all interfaces that inherit from HeartbeatMixin.

  • Using localhost as the Bare Metal Introspection endpoint will not work when managed boot is used for in-band inspection. Either update the endpoint to a real IP address or use the new configuration option [inspector]callback_endpoint_override.

  • The operators using custom PXE/iPXE/Grub templates should update them to remove an explicit mention of ipa-api-url. This field is now a part of pxe_append_params when required.

  • The configuration option [agent]heartbeat_timeout was deprecated before ocata release and now removed, please use [api]ramdisk_heartbeat_timeout instead.

Security Issues

  • Node secrets (such as BMC credentials) are no longer logged when JSON RPC is used and DEBUG logging is enabled.

  • Prevents additional updates of an agent callback_url through the agent heartbeat /v1/heartbeat/<node_uuid> endpoint as the callback_url should remain stable through the cleaning, provisioning, or rescue processes. Should anything such as an unexpected agent reboot cause the callback_url, heartbeat operations will now be ignored. More information can be found at story 2006773.

Bug Fixes

  • Now passing proper flags during clean up of iPXE boot environments, so that no leftovers are left after node tear down.

  • Fixes a bug in the idrac hardware type where configuration job for RAID delete_configuration cleaning step gets created even when there are no virtual disks or hotspares/dedicated hotspares present on any controller. See bug 2006562 https://storyboard.openstack.org/#!/story/2006562 for details.

  • Fixes a bug in the idrac hardware type where a race condition can occur on a host that has a mix of controllers where some support realtime mode and some do not. The approach is to use only realtime mode if all controllers support realtime. This removes the race condition. See bug 2006502 https://storyboard.openstack.org/#!/story/2006502 for details

  • Fixes issue where the resource list API returned results with requested fields only until the API MAX_LIMIT. After the API MAX_LIMIT is reached the API started ignoring user requested fields. This fix will make sure that the next url generated by the pagination code will include the user requested fields as query parameter.

  • Fixes drive sensors information collection in redfish management interface. Prior to this fix, wrong Redfish schema has been used for Drive resource what has been causing exception and ultimately sensor data collection failure.

  • Fixes a possible console lockup issue in case of PID file not being yet created while daemon start has call already returned success return code.

  • Fixes a bug in the idrac hardware type where executing the clear_job_queue clean step, pending non-BIOS config jobs (E.g. create/delete virtual disk) were not being deleted before job execution.

    See bug 2006580 https://storyboard.openstack.org/#!/story/2006580 for details

  • Add timeout when querying agent for commands status. Without it, node can lock up for a quite long time and ironic will not allow to perform any operations with it.

  • Support for some hardware, including some Dell EMC servers, is broken when using the Redfish hardware type with sushy 1.9.0. The minimum version for the sushy library is now 2.0.0. See story 2006702 for more information.

  • Fixes a bug with the grub ramdisk boot template handling, such that the template now properly references the user provided kernal and ramdisk. Previously the deployment ramdisk and kernel was referenced in the template.

Other Notes

  • Boot and network interface implementations can now manage boot for in-band inspection by implementing the new methods:

    • BootInterface.validate_inspection

    • NetworkInterface.validate_inspection

    • NetworkInterface.add_inspection_network

    • NetworkInterface.remove_inspection_network

    Previously only ironic-inspector itself could manage boot for it. This change opens a way for non-PXE implementations of in-band inspection.