Current Series Release Notes¶
13.0.0-75¶
New Features¶
Adds
instance_info/kernel_append_params
property support toredfish
hardware type. If given, this property overrides[redfish]/kernel_append_params
ironic option. The rationale for adding this property is to allow passing node-specific kernel parameters to instance kernel. One of the use-cases for this is to pass node static network configuration to the kernel.
Adds an
owner
field to allocations. Depending on policy, a non-admin can then create an allocation and have the owner set to their project. Allocation processing will then ensure that only nodes with the same owner are matched.
Adds support for specifying vendor_data when building config drives. Starting with API version 1.59, a JSON based
configdrive
parameter to/v1/nodes/<node>/states/provision
can include the key vendor_data. This data will be built into the configdrive contents as vendor_data2.json.
Adds
idrac
hardware type support of a virtual media boot interface implementation that utilizes the Redfish out-of-band (OOB) management protocol and is compatible with the integrated Dell Remote Access Controller (iDRAC) baseboard management controller (BMC). It is namedidrac-redfish-virtual-media
.The
idrac
hardware type declares support for that new interface implementation, in addition to all boot interface implementations it has been supporting. The highest priority boot interfaces remain the same. It now supports the following boot interface implementations, listed in priority order from highest to lowest:ipxe
,pxe
, andidrac-redfish-virtual-media
.To use the new boot interface, install the
sushy-oem-idrac
Python package.For more information, see story 2006570.
Hardware type
idrac
converts physical drives fromJBOD
toRAID
mode before building RAID on them.
It’s now possible to force booting for in-band inspection to be managed by ironic by setting the new
[inspector]require_managed_boot
option toTrue
. In-band inspection will fail if the node’s driver does not support managing boot for it.
The
pxe
andipxe
boot interfaces, as well as all in-tree network interfaces, now support managing in-band inspection boot.
Adds a
is_node_owner
policy rule. This rule can be used with node policy rules in order to expose specific node APIs to a project ID specified by a node’sowner
field. Default rules are unaffected, so default behavior is unchanged.
Upgrade Notes¶
Changing minimum version of Ansible for use with the
ansible
deploy_interface
to version 2.5.
Python 2.7 support has been dropped. Last release of Ironic to support Python 2.7 is OpenStack Train. The minimum version of Python now supported by Ironic is Python 3.6.
For the managed in-band inspection to work, make sure that the Bare Metal Introspection endpoint (either in the service catalog or in the
[inspector]endpoint_override
configuration option) is not set to localhost. Alternatively, set the[inspector]callback_endpoint_override
option to a value with a real IP address.
The argument
agent_version
of the heartbeat interface is now mandatory to all interfaces that inherit from HeartbeatMixin.
Using localhost as the Bare Metal Introspection endpoint will not work when managed boot is used for in-band inspection. Either update the endpoint to a real IP address or use the new configuration option
[inspector]callback_endpoint_override
.
The operators using custom PXE/iPXE/Grub templates should update them to remove an explicit mention of
ipa-api-url
. This field is now a part ofpxe_append_params
when required.
The configuration option
[agent]heartbeat_timeout
was deprecated before ocata release and now removed, please use[api]ramdisk_heartbeat_timeout
instead.
Security Issues¶
Node secrets (such as BMC credentials) are no longer logged when JSON RPC is used and DEBUG logging is enabled.
Prevents additional updates of an agent
callback_url
through the agent heartbeat/v1/heartbeat/<node_uuid>
endpoint as thecallback_url
should remain stable through the cleaning, provisioning, or rescue processes. Should anything such as an unexpected agent reboot cause thecallback_url
, heartbeat operations will now be ignored. More information can be found at story 2006773.
Bug Fixes¶
Now passing proper flags during clean up of iPXE boot environments, so that no leftovers are left after node tear down.
Fixes a bug in the
idrac
hardware type where configuration job for RAIDdelete_configuration
cleaning step gets created even when there are no virtual disks or hotspares/dedicated hotspares present on any controller. See bug 2006562 https://storyboard.openstack.org/#!/story/2006562 for details.
Fixes a bug in the
idrac
hardware type where a race condition can occur on a host that has a mix of controllers where some support realtime mode and some do not. The approach is to use only realtime mode if all controllers support realtime. This removes the race condition. See bug 2006502 https://storyboard.openstack.org/#!/story/2006502 for details
Fixes issue where the resource list API returned results with requested fields only until the API MAX_LIMIT. After the API MAX_LIMIT is reached the API started ignoring user requested fields. This fix will make sure that the next url generated by the pagination code will include the user requested fields as query parameter.
Fixes drive sensors information collection in
redfish
management interface. Prior to this fix, wrong Redfish schema has been used for Drive resource what has been causing exception and ultimately sensor data collection failure.
Fixes a possible console lockup issue in case of PID file not being yet created while daemon start has call already returned success return code.
Fixes a bug in the
idrac
hardware type where executing theclear_job_queue
clean step, pending non-BIOS config jobs (E.g. create/delete virtual disk) were not being deleted before job execution.See bug 2006580 https://storyboard.openstack.org/#!/story/2006580 for details
Add timeout when querying agent for commands status. Without it, node can lock up for a quite long time and ironic will not allow to perform any operations with it.
Support for some hardware, including some Dell EMC servers, is broken when using the Redfish hardware type with sushy 1.9.0. The minimum version for the sushy library is now 2.0.0. See story 2006702 for more information.
Fixes a bug with the grub ramdisk boot template handling, such that the template now properly references the user provided kernal and ramdisk. Previously the deployment ramdisk and kernel was referenced in the template.
Other Notes¶
Boot and network interface implementations can now manage boot for in-band inspection by implementing the new methods:
BootInterface.validate_inspection
NetworkInterface.validate_inspection
NetworkInterface.add_inspection_network
NetworkInterface.remove_inspection_network
Previously only ironic-inspector itself could manage boot for it. This change opens a way for non-PXE implementations of in-band inspection.