Current Series Release Notes¶

New Features¶

• Adds the healthcheck middleware from oslo, configurable via the [healthcheck]/enabled option. This middleware adds a status check at /healthcheck. This is useful for load balancers to determine if a service is up (and add or remove it from rotation), or for monitoring tools to see the health of the server. This endpoint is unauthenticated, as not all load balancers or monitoring tools support authenticating with a health check endpoint.

• Adds new parameter fields to driver_info, which will become mandatory in Stein release:
  • xclarity_manager_ip: IP address of the XClarity Controller.
  • xclarity_username: Username for the XClarity Controller.
  • xclarity_password: Password for XClarity Controller username.
  • xclarity_port: Port to be used for XClarity Controller connection.

• Adds support for rescue interface agent for ilo hardware type when corresponding boot interface being used is ilo-virtual-media. The supported values of rescue interface for ilo hardware type are agent and no-rescue. The default value is no-rescue.

• Adds support for rescue interface agent for irmc hardware type when corresponding boot interface is irmc-virtual-media. The supported values of rescue interface for irmc hardware type are agent and no-rescue. The default value is no-rescue.

• Issuing a SIGHUP (e.g. pkill -HUP ironic) to an ironic-api or ironic-conductor service will cause the service to reload and use any changed values for mutable configuration options. The mutable configuration options are:

  • [DEFAULT]/debug
  • [DEFAULT]/log_config_append
  • [DEFAULT]/pin_release_version

  Mutable configuration options are indicated as such in the sample configuration file by Note: This option can be changed without restarting.

  A warning is logged for any changes to immutable configuration options.

Upgrade Notes¶

• Adds an inspect wait state to handle asynchronous hardware introspection. Caution should be taken due to the timeout monitoring is shifted from inspecting to inspect wait, please stop all running asynchronous hardware inspection or wait until it is finished before upgrading to the Rocky release. Otherwise nodes in asynchronous inspection will be left at inspecting state forever unless the database is manually updated.

• Extends the instance_info column in the nodes table for MySQL/MariaDB from up to 64KiB to up to 4GiB (type is changed from TEXT to LONGTEXT). This upgrade will not be executed on PostgreSQL as its TEXT is unlimited.

• With the deploy ramdisk based on Ironic Python Agent version 3.1.0 and beyond, the drivers using direct deploy interface performs netboot or local boot for whole disk image based on value of boot option setting. When you upgrade Ironic Python Agent in your deploy ramdisk, ensure that boot option is set appropriately for the node. The boot option can be set using configuration [deploy]/default_boot_option or as a boot_option capability in node’s properties['capabilities']. Also please note that this functionality requires hexdump command in the ramdisk.

• ironic-dbsync online_data_migrations will migrate any port’s and port group’s extra[‘vif_port_id’] value to their internal_info[‘tenant_vif_port_id’]. For API versions >= 1.28, the ability to attach/detach the VIF via the port’s or port group’s extra[‘vif_port_id’] will not be supported starting with the Stein release.

  Any out-of-tree network interface implementation that had a different behavior in support of attach/detach VIFs via the port or port group’s extra[‘vif_port_id’] must be updated appropriately.

• Adds a new configuration option [disk_utils]partprobe_attempts which defaults to 10. This is the maximum number of times to try to read a partition (if creating a config drive) via a partprobe command. Set it to 1 if you want the previous behavior, where no retries were done.

• The behavior for retention of VIF interface attachments has changed.

  If your use of the BareMetal service is reliant upon the behavior of the VIFs being retained, which was introduced as a behavior change during the Ocata cycle, then you must update your tooling to explicitly re-add the VIF attachments prior to deployment.

Deprecation Notes¶

• Adds an inspect wait state to handle asynchronous hardware introspection. The [conductor]inspect_timeout configuration option is deprecated for removal, please use [conductor]inspect_wait_timeout instead to specify the timeout of inspection process.

• The oneview hardware type, as well as the supporting driver interfaces have been deprecated and are scheduled to be removed from ironic in the Stein development cycle. This is due to the lack of operational Third Party testing to help ensure that the support for Oneview is functional. Oneview Third Party CI was shutdown just prior to the start of the Rocky development cycle, and at the time of this deprecation the Ironic community has no indication that testing will be restablished. Should testing be restablished, this deprecation shall be rescinded.

• Configuration options [xclarity]/manager_ip, [xclarity]/username, and [xclarity]/password are deprecated and will be removed in the Stein release.

Security Issues¶

• Fixes an issue where an enabled console could be left running after a node was unprovisioned. This allowed a user to view the console even after the instance was gone. Ironic now stops the console during unprovisioning to block this.

• Xclarity password specified in configuration file is now properly masked during logging.

Bug Fixes¶

• Fixes bug 1749755 causing timeouts to not work properly because an unsupported sqalchemy filter was being used.

• The config drive passed to the node can now contain more than 64KiB in case of MySQL/MariaDB. For more details see bug 1596421.

• Fixes a bug to get a node stuck in deploying state when the size of the configdrive exceeds the limitation of the database. In MySQL, the limitation is about 64KiB. With this fix, the provision state gets deploy failed in this case. See bug 1745630 for details.

• Fixes a bug preventing a node from booting into the user instance after unrescuing if instance netboot is used. See bug 1749433 for details.

• Fixes rescue timeout due to incorrect kernel parameter in the iPXE script. See bug 1749860 for details.

• Fixes a bug where a node’s hardware type cannot be changed to another hardware type which doesn’t support any hardware interface currently used. See bug 2001832 for details.

• When a conductor managing a node dies mid-cleaning the node would get stuck in the CLEANING state. Now upon conductor startup nodes in the CLEANING state will be moved to the CLEANFAIL state.

• Fixes an issue where parameters required in driver_info and descriptions in documentation are different.

• Fixes an issue with validation of Infiniband ports. Infiniband ports do not require the local_link_connection field to be populated as the network topology is discoverable by the Infiniband Subnet Manager. See bug 1753222 for details.

• Adds missed noop implementations (e.g. no-inspect) to the fake-hardware hardware type. This fixes enabling this hardware type without enabling all (even optional) fake interfaces.

• Fixes an issue seen during cleaning when the node being cleaned has one or more traits assigned. This issue caused cleaning to fail, and the node to enter the clean failed state. See bug 1750027 for details.

• Fixes direct deploy interface to invoke boot.prepare_instance irrespective of image type being provisioned. It was calling boot.prepare_instance only if the image being provisioned is a partition image. See bugs 1713916 and 1750958 for details.

• Fixes the HTTP response code for a validation failure when attempting to move an ironic node to the active state. Validation failure in this scenario now responses with a 400 status code correctly indicating a user input error.

• Fixes collection of periodic tasks from hardware interfaces that are not used in any enabled classic drivers. See bug 2001884 for details.

• The iPXE template kernel command line argument ip has been removed as it is incompatible with the BOOTIF and missing autoconf parameters with dracut. Further details can be found in storyboard.

• Fixes empty last_error field on cleaning failures.

• No longer tries to collect or report sensors data for nodes in maintenance mode. See bug 1652741.

• On node take over, any locks that are left from the old conductor are cleared by the new one. Previously it only happened for nodes in DEPLOYING state.

• On taking over nodes in CLEANING state, the new conductor moves them to CLEAN FAIL and set maintenance.

• Adds a new configuration option [disk_utils]partprobe_attempts which defaults to 10. This is the maximum number of times to try to read a partition (if creating a config drive) via a partprobe command. Previously, no retries were done which caused failures. This addresses bug 1756760.

• Fixes rare race condition which resulted in the port list API returning HTTP 400 (bad request) if some nodes were being removed in parallel. See bug 1748893 for details.

• When creating a neutron port for booting a ramdisk, an error is raised if there are no PXE-enabled ports available for the node. See bug 2001811 for more details.

• Removes all records of VIF attachments upon the teardown of a deployed node. This is in order to resolve issues related to where it is operationally impossible in some circumstances to remove a VIF attachment while a node is being undeployed as the Compute service will only attempt to remove the VIF for five minutes.

  See bug 1743652 for more details.

• Updates the boot mode on the baremetal for cleaning scenario as per given boot_mode in node’s properties/capabilities. This change is for ilo hardware type. See bug 1559835 for more details.

• Fixes an issue where a node’s instance_info.traits field could be incorrectly formatted, or contain traits that are not traits of the node. When validating drivers and prior to deployment, the Bare Metal service now validates that a node’s traits include all the traits in its instance_info.traits field. See bug 1755146 for details.

• Reverts the fix for orphaned VIF records from the previous release, as it causes a regression. See bug 1750785 for details.

Other Notes¶

• Adds an inspect wait state to handle asynchronous hardware introspection. Returning INSPECTING from the inspect_hardware method of inspect interface is deprecated, INSPECTWAIT should be returned instead.

• Adds new method validate_rescue() to boot interface to validate node’s properties related to rescue operation. This method is called by the validate() method of rescue interface.

• For out-of-tree drivers that have vendor passthru methods. The async parameter of the passthru and driver_passthru decorators is deprecated and will be removed in the Stein cycle. Please use its replacement instead, the async_call parameter. For more information, see bug 1751306.

• Removes the software metric named validate_boot_option_for_trusted_boot. This was the timing for a short-lived, internal function that is already included in the PXEBoot.validate metric.