Ocata Series Release Notes

9.0.0.0rc1

The FWaaS team is pleased to release FWaaS v2.0. This release of FWaaS supports either the original FWaaS v1 or the new FWaaS v2.

New Features

  • In FWaaS v2 firewall policies are applied to router ports, as opposed to applying to routers in FWaaS v1.
  • Earlier the FWaaS agent integrated with the L3 agent by having the L3 Agent class inherit from the FWaaS Agent class. This meant that other service agents could not also integrate with the L3 agent. Now, using the L3 agent extensions mechanism, FWaaS (v1 and v2) plugs in to the L3 agent. This means that it can interoperate peacefully with other L3 advanced services that also implement the L3 agent extension mechanism, all without any code changes to Neutron.

Upgrade Notes

  • There is not currently a defined upgrade path from FWaaS v1 to FWaaS v2.
  • FWaaS v1 can not be enabled at the same time as FWaaS v2; one or the other must be chosen.

9.0.0.0b3

The Cisco Firewall Driver is being moved from the FWaaS repo to the Cisco specific repo: https://github.com/openstack/networking-cisco

  • The vArmour Firewall Driver is being removed from the FwaaS repo, as per decision to remove vendor drivers from the community repo.
  • The vyatta Firewall Driver is being removed from the FwaaS repo,
    as per decision to remove vendor drivers from the community repo.

Upgrade Notes

  • The Cisco FWaaS driver will not be available from the neutron-fwaas repo in Newton. For the Cisco FWaaS driver, refer to the openstack/networking-cisco repo.
  • The vArmour Firewall Driver will not be available for use in the Newton release.
  • The vyatta Firewall Driver will not be available for use in the Newton release from the community repo.

9.0.0.0b2

  • The McAfee Firewall Driver is being removed from the FwaaS repo, due to lack of active maintainers.

Upgrade Notes

  • The McAfee Firewall Driver will not be available for use in the Newton release.