Current Series Release Notes

16.0.0.0rc1-24

New Features

• Restores the configurability of the resource driver, so it is now possible to create a custom resource driver if the built-in sql driver does not meet business requirements.

Upgrade Notes

• [bug 1806762] [bug 1630434] The entire policy.v3cloudsample.json file has been removed. If you were using this policy file to supply overrides in your deployment, you should consider using the defaults in code and setting keystone.conf [oslo_policy] enforce_scope=True. The new policy defaults are more flexible, they’re tested extensively, and they solve all the problems the policy.v3cloudsample.json file was trying to solve.

• The foreign key constraint between the user.domain_id column and the project.id column and between the identity_provider.domain_id column and the project.id column will be dropped upon running the keystone db_sync contraction step. These constraints are enforced in code and do not need to be enforced by the database. This should have no impact on users.

• Dropping the Python2 support in OpenStack Ussuri according to the TC deprecation timeline

Bug Fixes

• [bug 1806762] [bug 1630434] The entire policy.v3cloudsample.json file has been removed. If you were using this policy file to supply overrides in your deployment, you should consider using the defaults in code and setting keystone.conf [oslo_policy] enforce_scope=True. The new policy defaults are more flexible, they’re tested extensively, and they solve all the problems the policy.v3cloudsample.json file was trying to solve.

• [bug 1848238 <https://bugs.launchpad.net/keystone/+bug/1848238>] Allow deleting a domain when using the ldap driver for a domain. There was an attempt to delete the group on the ldap whereas this one is read-only.