Wallaby Series (10.5.0 - 10.6.x) Release Notes¶
10.6.2¶
Known Issues¶
The response headers for empty body HTTP 204 replies, at present, violate RFC7230. This was not intentional, but underlying libraries also make inappropriate changes to the headers, which can cause clients to experience odd failures. This is anticipated to be corrected once an underlying issue in eventlet is resolved.
Bug Fixes¶
Fixes an issue where a failed inspection due to a transient failure can prevent retry attempts to inspect to be perceived as a failure. If a prior inspection fails and is in
error
state, when a new introspection is requested, the state is now appropriately set tostarting
.
Fixes HTTP responses so the Eventlet library, which is used to support the operation of the WSGI application, does not incorrectly inject a
Transfer-Encoding
header into the HTTP response, even on HTTP 204 replies, which is a violation of RFC7230. This header ultimately can cause varying client reactions which are not expected and can raise exceptions. For now, this has been remedied via an explicit return of aContent-Length
header, which is also an RFC7230 violation, but it appears to be the lesser of known evils at this time.
10.6.1¶
Bug Fixes¶
Fixes issues in Inspector where various tasks would not have retry logic applied to them and may sporadically fail. This is because the OpenStack SDK does not comprehend the NodeLocked error, which previously python-ironicclient silently handled. Basic operations such as “power reboot” and “set boot device” will now be retried automatically if they fail. For more information, please see story 2009107.
10.6.0¶
New Features¶
The default policy will be replaced with one which aligns with the Secure-RBAC scopes and roles. Since ironic-inspector is a tool used only by system-level admins, only the
system
scope is supported, and the only roles in the policy rules areadmin
andreader
.
Upgrade Notes¶
[DEFAULT]/ipmi_address_fields
now hasibmc_address
in the default configuration, allowing introspection to try and match the BMC address if no ports are defined when using the ibmc driver.
The default value of
[oslo_policy] policy_file
config option has been changed frompolicy.json
topolicy.yaml
. Operators who are utilizing customized policy files or previously generated static policy files (which are not needed by default), should generate new policy files and modify them to meet their needs in the event of any new policies or rules have been added. Please consult the oslopolicy-convert-json-to-yaml tool to convert a JSON to YAML formatted policy file in backward compatible way.
The new policy is only enforced when
[oslo_policy]
config is changed toenforce_new_defaults=True
andenforce_scope=True
, otherwise the existing deprecated policy is used. User accounts which rely on having thebaremetal_admin
orbaremetal_observer
roles will need to have system-scopedadmin
orreader
roles to use the API when the new policy is enforced.
Deprecation Notes¶
The use of legacy policy files was deprecated by the
oslo.policy
library during the Victoria development cycle. As a result, this deprecation is being noted in the Wallaby with an anticipated future removal of support byoslo.policy
. As such operators will need to convert to YAML policy files. Please see the upgrade notes for details on the migration of any custom policy files.
The previous policy is still enforced by default, but is now deprecated and will be removed in a future release.