Pike Series Release Notes¶
9.0.7-17¶
Bug Fixes¶
Previously, when deleting a convergence stack, the API call would return immediately, so that it was possible for a client immediately querying the status of the stack to see the state of the previous operation in progress or having failed, and confuse that with a current status. (This included Heat itself when acting as a client for a nested stack.) Convergence stacks are now guaranteed to have moved to the
DELETE_IN_PROGRESS
state before the delete API call returns, so any subsequent polling will reflect up-to-date information.
9.0.5¶
Security Issues¶
Passwords generated by the OS::Heat::RandomString resource may have had less entropy than expected, depending on what is specified in the
character_class
andcharacter_sequence
properties. This has been corrected so that each character present in any of the specified classes or sequences now has an equal probability of appearing at each point in the generated random string.
9.0.4¶
Security Issues¶
Heat no longer uses standard Python RNG when generating values for OS::Heat::RandomString resource, and instead relies on system’s RNG for that.
9.0.3¶
Other Notes¶
Intrinsic function plugins will now be passed a StackDefinition object instead of a Stack object. When accessing resources, the StackDefinition will return ResourceProxy objects instead of Resource objects. These classes replicate the parts of the Stack and Resource APIs that are used by the built-in Function plugins, but authors of custom third-party Template/Function plugins should audit them to ensure they do not depend on unstable parts of the API that are no longer accessible. The StackDefinition and ResourceProxy APIs are considered stable and any future changes to them will go through the standard deprecation process.
9.0.0¶
Prelude¶
Magnum recently changed terminology to more intuitively convey key concepts in order to align with industry standards. “Bay” is now “Cluster” and “BayModel” is now “ClusterTemplate”. This release deprecates the old names in favour of the new.
New Features¶
The ‘contains’ function was added, which checks whether the specified value is in a sequence. In addition, the new function can be used as a condition function.
The list_concat_unique function was added, which behaves identically to the function
list_concat
to concat several lists using python’s extend function and make sure without repeating items.
The list_concat function was added, which concats several lists using python’s extend function.
Allow to set or update the tags for OS::Neutron::Router resource.
A new OS::Zun::Container resource is added that allows users to manage Docker containers powered by Zun. This resource will have an ‘addresses’ attribute that contains various networking information including the Neutron port id. This allows users to orchestrate containers with other networking resources (i.e. floating ip).
A new OS::Mistral::ExternalResource is added that allows users to manage resources that are not known to Heat by specifying in the template Mistral workflows to handle actions such as create, update and delete.
New resource
OS::Neutron::Trunk
is added to manage Neutron Trunks.
Add converge parameter for stack update (and update preview) API. This parameter will force resources to observe the reality of resources before actually update it. The value of this parameter can be any boolean value. This will replace config flag observe_on_update in near future.
A new property, deployment_swift_data is added to the OS::Nova::Server and OS::Heat::DeployedServer resources. The property is used to define the Swift container and object name that is used for deployment data for the server. If unset, the fallback is the previous behaviour where these values will be automatically generated.
All developer, contributor, and user content from various guides in openstack-manuals has been moved in-tree and are published at https://docs.openstack.org/heat/pike/.
Supports to get the WebMKS console URL for OS::Nova::Server resource. And this requires Nova api version equal or greater than 2.8.
New item key ‘allocate_network’ of ‘networks’ with allowed values ‘auto’ and ‘none’ for OS::Nova::Server, to support ‘Give Me a Network’ nova feature. Specifying ‘auto’ would auto allocate a network topology for the project if there is no existing network available; Specifying ‘none’ means no networking will be allocated for the created server. This feature requires nova API micro version 2.37 or later and the
auto-allocated-topology
API is available in the Neutron networking service.
OS::Magnum::Cluster resource plugin added to support magnum cluster feature, which is provided by Magnum
cluster
API.
OS::Magnum::ClusterTemplate resource plugin added to support magnum cluster template feature, which is provided by Magnum
clustertemplates
API.
The Pike version of HOT (2017-09-01) adds a make_url function to simplify combining data from different sources into a URL with correct handling for escaping and IPv6 addresses.
A new
openstack
client plugin to use python-openstacksdk library and aneutron.segment
custom constraint.
A new
OS::Neutron:Segment
resource to create routed networks. Availability of this resource depends on availability of Neutronsegment
API extension.
Resource
OS::Neutron::Subnet
now supportssegment
optional property to specify a segment.
Resource
OS::Neutron::Net
now supportsl2_adjacency
attribute on whether L2 connectivity is available across the network or not.
ParameterGroups section is added to the nested stacks, for the output of the stack validate templates.
Added new section
permutations
forrepeat
function, to decide whether to iterate nested the over all the permutations of the elements in the given lists. If ‘permutations’ is not specified, we set the default value to true to compatible with before behaviour. The args have to be lists instead of dicts if ‘permutations’ is False because keys in a dict are unordered, and the list args all have to be of the same length.
Two new policies soft-affinity and soft-anti-affinity have been supported for the OS::Nova::ServerGroup resource.
Allow to set or update the tags for OS::Neutron::Net resource.
Allow to set or update the tags for OS::Neutron::Port resource.
Allow to set or update the tags for OS::Neutron::Subnet resource.
Allow to set or update the tags for OS::Neutron::SubnetPool resource.
Resource attributes are now stored at the time a resource is created or updated, allowing for fast resolution of outputs without having to retrieve live data from the underlying physical resource. To minimise compatibility problems, the behaviour of the show attribute, the with_attr option to the resource show API, and stacks that do not yet use the convergence architecture (due to the convergence_engine being disabled at the time they were created) is unchanged - in each of these cases live data will still be returned.
Support to managing RBAC policy for ‘qos_policy’ resource, which allows to share Neutron QoS policy to subsets of tenants.
Known Issues¶
Heat does not work with Keystone identity federation. This is a known limitation as Heat uses keystone trusts for deferred authentication and trusts don’t work with federated Keystone. For more details check https://etherpad.openstack.org/p/pike-ptg-cross-project-federation.
Deprecation Notes¶
nova-network is no longer supported in OpenStack. Please use OS::Neutron::FloatingIPAssociation and OS::Neutron::FloatingIP in place of OS::Nova::FloatingIPAssociation and OS::Nova::FloatingIP
The AWS::EC2::EIP domain is always assumed to be ‘vpc’, since nova-network is not supported in OpenStack any longer.
The ‘attachments’ attribute of OS::Cinder::Volume has been deprecated in favour of ‘attachments_list’, which has the correct type of LIST. This makes this data easier for end users to process.
Magnum terminology deprecations * OS::Magnum::Bay is now deprecated, should use OS::Magnum::Cluster instead * OS::Magnum::BayModel is now deprecated, should use OS::Magnum::ClusterTemplate instead Deprecation warnings are printed for old usages.
Critical Issues¶
Since Aodh drop support for combination alarm, therefore OS::Aodh::CombinationAlarm is now mark as hidden resource with directly inheriting from None resource which will make the resource do nothing when handling any actions (other than delete). And please don’t use it. Old resource which created with that resource type still able to delete. It’s recommand to switch that resource type ASAP, since we will remove that resource soon.
Bug Fixes¶
‘CEPHFS’ can be used as a share protocol when using OS::Manila::Share resource.
Other Notes¶
Introduce a Zun client plugin module that will be used by the Zun’s resources that are under development.
Now Heat Keystone user name characters limit increased from 64 to 255. Any extra characters will lost when truncate the name to the last 255 characters.