Ocata Series Release Notes

7.1.0

Prelude

OSprofiler support was added to the client. That makes possible to trigger Nova operation trace generation from the CLI.

New Features

  • A new --profile option was added to allow Nova profiling from the CLI. If the user wishes to trace a nova boot request he or she needs to type the following command – nova --profile <secret_key> boot --image <image> --flavor <flavor> <vm_name>, where secret_key should match one of the keys defined in nova.conf. As a result of this operation additional information regarding trace_id will be printed, that can be used to generate human-friendly html report – osprofiler trace show --html <trace_id> --out trace.html. To enable profiling, user needs to have osprofiler installed in the local environment via pip install osprofiler.

  • Provides a public unified interface ‘get_console_url’ for classes ‘novaclient.v2.servers.Server’ and ‘novaclient.v2.servers.ServerManager’. Users (Heat, OpenStack-client and etc.) can call this public interface instead of calling the individual methods to retrieve a console url of a particular protocol.

  • Added support for microversion 2.41 which shows the aggregate UUID in CLI output when listing, creating, showing, updating, setting metadata, and adding or removing hosts from an aggregate.

Security Issues

  • OSprofiler support, that was added during the Ocata release cycle, requires passing of trace information between various OpenStack services. This information is signed by one of the HMAC keys defined in nova.conf file. That means that only someone who knows this key is able to send the proper header to trigger profiling.

Bug Fixes

  • Fix an ability to authenticate using Keystone Token which was broken with novaclient 7.0.0 release.

  • The contents of the list_extensions.py file was moved from contrib to v2 directory in release 7.0.0, and a stub importing the objects from the new location was left in its place for backward compatibility, together with a warning informing about the new location. However, the stub incorrectly assigned the ListExtResource class to the ListExtManager name. This has now been fixed, and ListExtManager is used instead.

7.0.0

Prelude

All extensions of API V2.0 were merged to 2.1, but NovaClient continued to store them as a separate entities.

The ability to use non-Keystone authentication systems has been removed.

Several deprecated commands have been removed. See the upgrade section for details.

New Features

  • Added microversion v2.40 which introduces pagination support for usage with the help of new optional parameters ‘limit’ and ‘marker’.

  • You can use bypass-url / endpoint-override with Keystone V3.

Upgrade Notes

  • Starting from microversion 2.39 ‘image-metadata’ proxy API in Nova is deprecated and python API bindings will not work, although ‘image-meta’ CLI commands will still work, because of the fallback on the CLI to version 2.35.

  • All managers and resources from novaclient.v2.contrib submodules are moved to appropriate submodules of novaclient.v2 (except barametal and tenant_networks, which were deprecated previously)

  • All shell commands from novaclient.v2.contrib submodules are moved to novaclient.v2.shell module.

  • novaclient.v2.client.Client imports all modules (which were located in submodules of novaclient.v2.contrib) by-default for api version v2

  • Method novaclient.client.discover_extensions returns only barametal and tenant_networks extensions, since they are not included by default.

  • There are no modules and extensions for “deferred_delete”, “host_evacuate”, “host_evacuate_live” and “metadata_extensions” anymore. Previously, they contained only shell commands and shell module auto loads them (there is no ability to not do it).

  • Support for microversion 2.38 added. As of microversion 2.38, invalid statuses passed to nova list --status invalid_status will result in a HTTP 400 Bad Request error response.

  • The --os-auth-system CLI option and OS_AUTH_SYSTEM environment variable usage was deprecated in the 3.1.0 release during the Mitaka development series. This release drops the support for using those options to load non-Keystone authentication systems via the openstack.client.auth_plugin extension point.

  • novaclient.client.Client entry-point accepts only 5 positional arguments:

    version, username, api_key, project_id, auth_url

    Using positional arguments for all other options is now an error.

  • The following deprecated commands have been removed:

    • absolute-limits

    • add-floating-ip

    • aggregate-details

    • credentials

    • endpoints

    • rate-limits

    • remove-floating-ip

    • rename

    • root-password

  • When using novaclient as a library (via novaclient.client.Client entry-point), an internal implementation of HTTPClient was used if a session object is not specified. For better user experience we switched to using SessionClient which uses keystoneauth (Keystone folks maintain this library) for all auth stuff. The SessionClient interface is similar to HTTPClient, but there is a small possibility that you will notice a difference.

Deprecation Notes

  • Keyword argument tenant_id of novaclient.client.Client entry-point was deprecated in favor of project_id.

  • Keyword argument tenant_name of novaclient.client.Client entry-point was deprecated in favor of project_name.

  • The connection_pool variable is deprecated now and will be ignored.

  • novaclient.client.Client entry-point accepted two arguments with same meaning (no_cache and os_cache). Since os_cache is more widely used in our code, no_cache was deprecated.

  • The proxy_tenant_id and proxy_token arguments to the novaclient.client.Client entry-point were never documented nor tested and are now deprecated for removal in a future release.

  • CLI argument for volume_service_name was deprecated long time ago. All novaclient’s methods for communication with Volume API were deprecated and removed. There is no need to leave volume_service_name argument of novaclient.client.Client entry-point since it is not used anywhere, so it is removed now.

  • All modules of novaclient.v2.contrib are deprecated now and will be removed after OpenStack Pike.

  • The api_key variable of novaclient.client.Client entry-point was deprecated in favor of password. Nothing has changed in the case of positional argument usage.

  • The –bypass-url CLI argument was deprecated in favor of –endpoint-override

  • The bypass_url argument of novaclient.client.Client entry-point was deprecated in favor of endpoint_override.

  • keyword argument interface of novaclient.client.Client entry-point was deprecated in favor of endpoint_type;

Bug Fixes

  • Inability to use bypass-url with keystone session is fixed.

Other Notes

  • The meaning of ‘project_id’ variable of novaclient.client.Client entry-point was not clear. In different cases it was used as ID or Name of project (in terms of Keystone). The time to identify meaning is come, so now project_id/tenant_id variables specifically mean Project ID (in terms of Keystone) and project_name/tenant_name variables mean Project Name (in terms of Keystone).