Newton Series (6.0.0 - 6.2.x) Release Notes¶
6.3.0¶
Bug Fixes¶
Updating the python-oneviewclient minimum version to 2.5.1 on driver-requirements.txt. The minimum version that was in the requirements was 2.0.2, and is very outdated, causing the driver to not work for this version. With this change, the new minimal version works for the driver, making the CI for stable/newton also work.
6.2.4¶
Bug Fixes¶
Fix handling of whole disk images with 0x00000000 disk identifier. Instances failed to boot as the identifier in boot config was overwritten during config drive creation. See https://bugs.launchpad.net/ironic/+bug/1685093
6.2.3¶
Security Issues¶
private ssh keys are now masked when using the ssh power driver and node details are requested.
Bug Fixes¶
Fixed a bug that was causing an increase in CPU usage over time.
Ironic exceptions that contained arbitrary objects in kwargs and were sent via RPC were causing oslo_messaging serializer to fail. This was leading to 500 errors from ironic API, timing out waiting for response from the conductor. Starting with this release, all non-serializable objects contained in an exception’s kwargs are dropped. If the error is going to be returned by the service will depend on the configuration option
[DEFAULT]fatal_exception_format_errors
.
Fixes an issue with ironic being able to change the power state of nodes currently in use by OneView.
PXEBoot driver interface now correctly supports node take-over for netboot-ed nodes in ACTIVE state. During take-over, the PXE environment is first created anew before attempting to switch it to “service mode”.
6.2.2¶
Bug Fixes¶
adds a missing error check into ipmitool power driver’s reboot so that the reboot can fail properly if power off failed.
Fixes an issue which caused the DRAC driver (
pxe_drac
)get_bios_config()
vendor passthru method to unintentionally raise anAttributeError
exception. That method once again returns the current BIOS configuration. For more information, see https://bugs.launchpad.net/ironic/+bug/1637671.
Fixes a bug in the oneview driver where the periodic task to check if a node is in use by oneview may end prematurely.
Fixes a bug with incorrect base socat command, which prevented the usage of console.
Remove “dhcp” command from the default iPXE script. It is redundant, and may even break booting when the provisioning NIC is not the first one.
Fixes a problem where the deployment of a node would fail to continue if a malformed MAC address was passed to the lookup mechanism in the Ironic API. For example, if a node contains an Infiniband card, the lookup used to fail because the agent ramdisk passes a MAC address (or GID) with 20 octets (instead of the expected 6 octets) as part of the lookup request. Invalid addresses are now ignored.
6.2.0¶
New Features¶
Adds support for inter-service notifications (disabled by default until the
notification_level
configuration option is set). For more information, see the notifications documentation in the developer’s guide (http://docs.openstack.org/developer/ironic/dev/notifications.html). Notifications are not actually emitted yet, but will be added in a future release.
Adds support for InfiniBand networking to allow hardware inspection and PXE boot over InfiniBand.
Add the field standalone_ports_supported to the portgroup object. This field indicates whether ports that are members of this portgroup can be used as stand-alone ports. The default is True.
Added configdrive support for whole disk images for iSCSI based deploy. This will work for UEFI only or BIOS only images. It will not work for hybrid images which are capable of booting from BIOS and UEFI boot mode.
Adds out-of-band inspection interface usable by DRAC drivers.
Adds
list_unfinished_jobs
method to the vendor-passthru interface of the DRAC driver. It provides a way to check the status of the remote config job after a BIOS configuration change was submitted using theset_bios_config
method.
Adds out-of-band RAID management to DRAC driver using the generic RAID interface which makes the functionality available via manual cleaning steps.
New configuration option,
[drac]/query_raid_config_job_status_interval
was added. After Ironic has created the RAID config job on the DRAC card, it continues to check for status update on the config job to determine whether the RAID configuration was successfully finished within this interval. Default is 120 seconds.
Adds a new
[deploy]/erase_devices_metadata_priority
configuration option to allow operators to configure the priority of (or disable) the “erase_devices_metadata” cleaning step.
By default, the ironic-conductor service caches the node’s deploy ramdisk and kernel images locally and serves them via a separate HTTP server. A new
[pxe]/ipxe_use_swift
configuration option (disabled by default) allows images to be accessed directly from object store via Swift temporary URLs. This is only applicable if iPXE is enabled (via[pxe]/ipxe_enabled
configuration option) and image store is in Glance/Swift. For user images that are partition images requiring non-local boot, the default behavior with local caching and an HTTP server will still apply for user image kernel and ramdisk.
Adds a new policy rule that may be used to mask instance-specific secrets, such as configdrive contents or the temp URL used to store a configdrive or instance image. This is similar to how passwords are already masked.
Upgrade Notes¶
The
inspect
interface of thepxe_drac
driver has switched to use out-of-band inspection. For inband inspection, the node should be updated to use thepxe_drac_inspector
driver instead.
The new “erase_devices_metadata” cleaning step is enabled by default (if available) in the ironic-python-agent project (priority 99). Wiping the devices metadata is usually very fast and shouldn’t add much time (if any) to the overall cleaning process. Operators wanting to disable this cleaning step can do it by setting the
[deploy]/erase_devices_metadata_priority
configuration option to 0.
Minimum required version of python-ironic-inspector-client was bumped to 1.5.0 (released as part of the Mitaka cycle).
Instance secrets will now, by default, be masked in API responses. Operators wishing to expose the configdrive or instance image to specific users will need to update their policy.json file and grant the relevant keystone roles.
The minimum required version of proliantutils (needed for iLO drivers) was bumped to 2.1.11. This version includes fixes for the bugs caused by python request library version 2.11.0, Proliant Gen7 support and iLO based RAID configuration.
The minimum required version of python-scciclient (needed for the iRMC driver) was bumped to 0.4.0.
When registering a OneView node in ironic, operator should make sure field
server_profile_template_uri
is set in properties/capabilities and not in driver_info anymore. Otherwise the node will fail on validation.
The default bootloader for PXE + UEFI has changed from ELILO to Grub2 because ELILO is not being actively developed anymore. Operators relying on ELILO should explicitly set the
[pxe]/uefi_pxe_bootfile_name
and[pxe]/uefi_pxe_config_template
configuration options to the ELILO ROM and configuration template.
Deprecation Notes¶
The ClusteredComputeManager is now deprecated.
The Newton version of Nova adds functionality to the ironic virt driver to support multiple compute hosts without using the hack we call ClusteredComputeManager. As such, we are marking this unsupported component as deprecated, and plan to remove it before the end of the Ocata development cycle.
The following drivers are marked as unsupported and therefore deprecated. Some or all of these drivers may be removed in the Ocata cycle or later.
agent_amt
agent_iboot
agent_pyghmi
agent_ssh
agent_vbox
agent_wol
fake_ipminative
fake_ssh
fake_seamicro
fake_iboot
fake_snmp
fake_vbox
fake_amt
fake_msftocs
fake_wol
pxe_ipminative
pxe_ssh
pxe_vbox
pxe_seamicro
pxe_iboot
pxe_snmp
pxe_amt
pxe_msftocs
pxe_wol
Security Issues¶
Configdrives often contain sensitive information. Users may upload their own images, which could also contain sensitive information. The Agent drivers may store this information in a Swift temp URL to allow access from the Agent ramdisk. These URLs are considered sensitive information because they grant unauthenticated access to sensitive information. Now, we only selectively expose this information to privileged users, whereas previously it was exposed to all authenticated users.
Bug Fixes¶
The
dynamic_allocation
flag in a node’s driver_info previously only accepted a Boolean. It now also accepts the strings ‘t’, ‘true’, ‘on’, ‘y’, ‘yes’, or ‘1’ as True, and the strings ‘f’, ‘false’, ‘off’, ‘n’, ‘no’, or ‘0’ as False. These are matched case-insensitively.
Fixes a bug which prevented the ironic-conductor service from using the interval values from the configuration options, for the periodic tasks. Instead, the default values had been used.
The API now returns an appropriate error message when a chassis description over 255 characters is specified.
Fixes DRAC deploy interface failure when automated cleaning is called without any clean step.
Removed invalid API URL
/v1/nodes/ports
. For more information, see https://bugs.launchpad.net/ironic/+bug/1580997.
When no boot mode is explicitly set on a node using an iLO driver, ironic automatically picks a boot mode based on hardware capabilities. This confuses deployers, as these factors are system specific and not configurable. In order to ensure predictable behavior, a new configuration parameter,
[ilo]/default_boot_mode
, was added to allow deployers to explicitly set a default. The default value of this option keeps behavior consistent for existing deployments.
Ironic Inspector inspection interface will now fetch the service endpoint for the service catalog, if “service_url” is not provided and keystone support is enabled.
Fixes a problem where the boot mode (UEFI or BIOS) wasn’t being considered when setting the boot device of a node using the “ipminative” management interface. It would incorrectly switch UEFI to legacy BIOS mode as part of the request to change the boot device.
Fixes a problem where the boot mode (UEFI or BIOS) wasn’t being considered when setting the boot device of a node using the “ipmitool” management interface. It would incorrectly switch from UEFI to Legacy BIOS mode on some hardware models.
Update create provisioning ports logic to fail only when no neutron ports were created. If we created at least one neutron port, proceed with the deployment. It was the default behaviour for flat scenario.
Fixed updating a MAC on a port for active instances in maintenance mode (previously returned HTTP 500).
Return HTTP 400 for requests to update a MAC on a port for an active instance without maintenance mode set (previously returned HTTP 500).
6.1.0¶
New Features¶
OneView drivers now support dynamic allocation of nodes in OneView, allowing for better resource sharing with non-OpenStack users since Server Hardware will be allocated only when the node is scheduled to be used. To enable the new allocation feature for a node, set the flag
dynamic_allocation=True
on the node’sdriver_info
. More information is available at http://docs.openstack.org/developer/ironic/drivers/oneview.html.
Adds a
resource_class
field to the node resource, which will be used by Nova to define which nodes may quantitatively match a Nova flavour. Operators should populate this accordingly before deploying the Ocata version of Nova.
Exposes the
local_link_connection
andpxe_enabled
properties of the Port resource to the REST API, raising the API maximum version to 1.19.The
pxe_enabled
field indicates whether this Port should be used when PXE booting this Node.The
local_link_connection
field may be used to supply the port binding profile.
A new dictionary field
internal_info
is added to the port API object. It is readonly from the API side, and can contain any internal information ironic needs to store for the port.cleaning_vif_port_id
is being stored inside this dictionary.
Adds support for socat-based serial console to ipmitool-based drivers. These are available by using the
agent_ipmitool_socat
andpxe_ipmitool_socat
drivers.
The ironic-api service now supports logging audit messages of API calls. The following configuration parameters have been added. By default auditing of ironic-api service is turned off.
[audit]/enabled
[audit]/ignore_req_list
[audit]/audit_map_file
Further documentation for this feature is available at http://docs.openstack.org/developer/ironic/deploy/api-audit-support.html.
Adds support for collecting deployment logs from the IPA ramdisk. Five new configuration options were added:
[agent]/deploy_logs_collect
[agent]/deploy_logs_storage_backend
[agent]/deploy_logs_local_path
[agent]/deploy_logs_swift_container
[agent]/deploy_logs_swift_days_to_expire
.
Ironic now emits timing metrics for all API methods to statsd, if enabled by the
[metrics]
and[metrics_statsd]
configuration sections.
RESTful access to every API resource may now be controlled by adjusting policy settings. Defaults are set in code, and remain backwards compatible with the previously-included policy.json file. Two new roles are checked by default, “baremetal_admin” and “baremetal_observer”, though these may be replaced or overridden by configuration. The “baremetal_observer” role grants read-only access to Ironic’s API.
New API endpoint for deploy ramdisk lookup
/v1/lookup
. This endpoint is not authenticated to allow ramdisks to access it without passing the credentials to them.
New API endpoint for deploy ramdisk heartbeat
/v1/heartbeat/<NODE>
. This endpoint is not authenticated to allow ramdisks to access it without passing the credentials to them.
Adds multitenant networking support.
Ironic now has the concept of “network interfaces” for a node, which represent a networking driver.
There are three network interfaces available:
flat
: this replicates the old flat network behavior and is the default when using neutron for DHCP.noop
: this replicates the old flat behavior when not using neutron for DHCP, and is the default when the configuration option[DHCP]/dhcp_provider
is set to “none”.neutron
: this allows for separating the provisioning and cleaning networks from the tenant networks, and provides isolation from tenant network to tenant network, and tenant network to control plane. The following configuration options must be set if the neutron interface is enabled, or ironic-conductor will fail to start:[neutron]/provisioning_network_uuid
[neutron]/cleaning_network_uuid
A
[DEFAULT]/enabled_network_interfaces
option (which must be set for both Ironic-API and Ironic-conductor services) controls which network interfaces are available for use.A network interface is set for a node by setting the
network_interface
field for the node via the REST API. This field is available in API version 1.20 and above. Changing the network interface may only be done in theenroll
,inspecting
, andmanageable
states.The configuration option
[DEFAULT]/default_network_interface
may be used to specify which network interface is defined when a node is created.WARNING: don’t set the option ``[DEFAULT]/default_network_interface`` before upgrading to this release without reading the upgrade notes about it, due to data migrations depending on the value.
Adds the ability for ironic conductor to pass configurations for agent metrics on lookup. When paired with a sufficiently new ironic python agent, this will configure the metrics backends.
Extend the root device hints to identify whether a disk is rotational or not.
Added support to validate iLO SSL certificate in iLO drivers. A new configuration option
[ilo]/ca_file
is added to specify the iLO CA certificate file. If[ilo]/ca_file
is specified, the iLO drivers will validate iLO SSL certificates.
Upgrade Notes¶
Adds a
resource_class
field to the node resource, which will be used by Nova to define which nodes may quantitatively match a Nova flavour. Operators should populate this accordingly before deploying the Ocata version of Nova.
Collecting logs on deploy failure is enabled by default and the logs will be saved to the local disk at the location specified by the configuration option
[agent]/deploy_logs_local_path
(by default,/var/log/ironic/deploy
). Operators upgrading may want to disable this feature, enable some form of rotation for the logs or change the configuration to store the logs in Swift to avoid disk space problems.
During an upgrade, it is recommended that all deployers re-evaluate the settings in their
/etc/ironic/policy.json
file. This file should now be used only to override default configuration, such as by limiting access to the ironic service to specific tenants or restricting access to specific API endpoints. Apolicy.json.sample
file is provided that lists all supported policies.
Changes the way to configure access credentials for OpenStack services clients. For each service, both Keystone session options (timeout, SSL-related ones) and Keystone auth_plugin options (auth_url, auth_type and corresponding auth_plugin options) should be specified in the configuration section for this service. Configuration sections affected are:
[neutron]
for Neutron service user[glance]
for Glance service user[swift]
for Swift service user[inspector]
for Ironic Inspector service user[service_catalog]
new section for Ironic service user, used to discover Ironic endpoint from Keystone Catalog
This enables fine tuning of authentication for each service.
Backward-compatible options handling is provided using values from
[keystone_authtoken]
config section, but operators are advised to switch to the new config options as the old options are deprecated. The old options will be removed during the Ocata cycle. For more information on sessions, auth plugins and their settings, please refer to http://docs.openstack.org/developer/keystoneauth/.
Small change in semantics of default for
[neutron]/url
optiondefault is changed to None.
For the case when
[neutron]/auth_strategy
isnoauth
, default means usehttp://$my_ip:9696
.For the case when
[neutron]/auth_strategy
iskeystone
, default means to resolve the endpoint from Keystone Catalog.
New config section
[service_catalog]
for access credentials used to discover Ironic API URL from Keystone Catalog. Previously credentials from[keystone_authtoken]
section were used, which is now deprecated for such purpose.
A new configuration option
[api]/restrict_lookup
is added, which restricts the lookup API (normally only used by ramdisks) to only work when the node is in specific states used by the ramdisk, and defaults to True. Operators that need this endpoint to work in any state may set this to False, though this is insecure and should not be used in normal operation.
[DEFAULT]/default_network_interface
configuration option is introduced, with empty default value. If set, the specified interface will be used as the network interface for nodes that don’t havenetwork_interface
field set. If it is not set, the network interface is determined by looking at the[dhcp]/dhcp_provider
value. If it isneutron
-flat
network interface is the default,noop
otherwise.The network interface will be set for all nodes without network_interface already set via a database migration. This will be set following the logic above. When running database migrations for an existing deployment, it’s important to check the above configuration options to ensure the existing nodes will have the expected network_interface. If
[DEFAULT]/default_network_interface
is not set, everything should go as expected. If it is set, ensure that it is set to the value that you wish existing nodes to use.
Note that if the configuration option
[DEFAULT]/default_network_interface
is set, it must be set in the configuration file for both the API and conductor hosts.
If
neutron
network interface is specified for the configuration option[DEFAULT]/enabled_network_interfaces
, then[neutron]/provisioning_network_uuid
and[neutron]/cleaning_network_uuid
configuration options are required. If either of them is not specified, the ironic-conductor service will fail to start.
Deprecation Notes¶
Deprecates pre-allocation feature for the OneView drivers since it requires resource allocation to Ironic prior to boot time, which makes Server Hardware unavailable to non-OpenStack OneView users. Pre-allocation will be removed in the OpenStack Pike release. All nodes with
dynamic_allocation=False
set, or that don’t have thedynamic_allocation
flag set, will be assumed to be in pre-allocation. Users may use the REST API or theironic-oneview-cli
to migrate nodes from pre-allocation to dynamic allocation. More information is available at http://docs.openstack.org/developer/ironic/drivers/oneview.html.
Agent vendor passthru is deprecated and will be removed in Ocata release. Operators should update their IPA image to the Newton version to use the new replacement API. Driver developers should stop using the agent vendor passthru.
The
[ilo]/clean_priority_erase_devices
configuration option is deprecated and will be removed in the Ocata cycle. Please use the[deploy]/erase_devices_priority
option instead.
The
[keystone_authtoken]
configuration section is deprecated for configuring clients for other services (but is still used for configuring API token authentication), in favor of the[service_catalog]
section. The ability to configure clients for other services via the[keystone_authtoken]
section will be removed during the Ocata cycle.
The configuration option
[agent]/heartbeat_timeout
was renamed to[api]/ramdisk_heartbeat_timeout
. The old variant is deprecated.
create_cleaning_ports
anddelete_cleaning_ports
methods in DHCP providers are deprecated and will be removed completely in the Ocata release. The logic they are implementing should be moved to a custom network interface’sadd_cleaning_network
andremove_cleaning_network
methods respectively. After that, the methods themselves should be removed from DHCP provider so that the custom network interface is used instead.flat
network interface does not require[neutron]/cleaning_network_uuid
for now so as not to break standalone deployments upon upgrade, but it will be required in the Ocata release if theflat
network interface is enabled.
Putting periodic tasks on a driver object (rather than interface) is deprecated. Driver developers should move periodic tasks from driver objects to interface objects.
Security Issues¶
Previously, access to Ironic’s REST API was “all or nothing”. With this release, it is now possible to restrict read and write access to API resources to specific cloud roles.
Bug Fixes¶
Adoption feature logic was updated to prevent ramdisk creation and default to instance creation where appropriate based on the driver.
Adoption documentation has been updated to note that the boot_option should likely be defined for nodes by a user leveraging the feature.
Adoption documentation has been updated to note that a user may wish to utilize the
noop
network interface that arrived with API version 1.20.
Fixes the issue of not attaching virtual media during cleaning operation for vmedia based drivers.
A node using the
agent_ilo
oriscsi_ilo
driver now has itsdriver_info/ilo_deploy_iso
field validated during node validation.
Clear target_power_state of the nodes locked by the conductor on its startup.
Fixed a bug where the ironic python agent ramdisk was not creating an ephemeral partition because the ephemeral partition size was not being passed correctly to the agent.
Do not rely on keystonemiddleware config options for instantiating clients for other OpenStack services. This allows changing keystonemiddleware options from legacy ones and thus support Keystone V3 for token validation.
Other Notes¶
The
continue_deploy
andreboot_to_instance
methods in theBaseAgentVendor
class stopped accepting ** arguments. They were never used anyway; drivers should stop passing anything there.
6.0.0¶
Prelude¶
Starting with this release IPA is the only deployment and inspection ramdisk supported by Ironic.
New Features¶
Addition of the provision state target verb of
adopt
which allows an operator to move a node into anactive
state frommanageable
state, without performing a deployment operation on the node. This can be used to represent nodes that have been previously deployed by other means that will now be managed by ironic and be later released to the available hardware pool.
A new configuration option
[deploy]continue_if_disk_secure_erase_fails
, which has a default value of False, has been added. If set to True, the Ironic Python Agent will revert to a disk shred operation if an ATA secure erase operation fails. Under normal circumstances, the failure of an ATA secure erase operation results in the node being put inclean failed
state.
IPA supported iSCSI portal port customization already. With this patch, we added new portal_port argument into agent_client.start_iscsi_target() method to pass iSCSI portal port to IPA side. And add new configuration into iscsi module as CONF.iscsi.portal_port
Operators can now set deploy.power_off_after_deploy_failure to leave nodes powered on when a deployment fails. This is useful for troubleshooting deployment issues. As a note, Nova will still attempt to delete a node after a failed deployment, so deploy.power_off_after_deploy_failure may not be very effective in non-standalone deployments until a similar patch to ironic’s driver in nova is proposed.
This adds the reboot_requested option for in-band cleaning. If set to true, Ironic will reboot the node after that step has completed and before continuing with the next step. This option is useful for when some action, such as a BIOS upgrade or setting change, requires a reboot to take effect.
It is now possible to configure the notifications to use a different transport URL than the RPCs. These could potentially be completely different message broker hosts (though they don’t need to be). If the notification-specific configuration is not provided, the notifier will use the same transport as the RPCs.
ipxe will now retry to download the kernel or the initrd in case of failure. The previous behavior was to give up and continue the boot on the next boot device. See https://bugs.launchpad.net/ironic/+bug/1326656
Added support for JBOD volumes in RAID configuration.
A new configuration option, shred_final_overwrite_with_zeros is now available. This option controls the final overwrite with zeros done on all block devices for a node under cleaning. This feature was previously always enabled and not configurable. This option is only used when a block device could not be ATA Secure Erased.
Adds the ability for node vendor passthru methods to use shared locks. Default behavior of always acquiring an exclusive lock for node vendor passthru methods is unchanged.
Upgrade Notes¶
A new configuration option
[deploy]continue_if_disk_secure_erase_fails
, which has a default value of False, has been added. The default setting represents the standard behaviour of the Ironic Python Agent during a cleaning failure.
Fixed Mitaka ironic python agent ramdisk iSCSI deploy compatibility with newer versions of ironic by logging the warning and retrying the deploy if wiping root disk metadata before exposing it over iSCSI fails. If custom iSCSI port is requested, an error clarifying the issue is logged and the operator is requested either to use the default iSCSI portal port, or to upgrade ironic python agent ramdisk to version >= 1.3 (Newton).
Removes support for “hexraw” type in the iPXE script (boot.ipxe) since “hexraw” is not supported in older versions of iPXE. “hexhyp” replaced “hexraw” and has been used since kilo.
Support for the old ramdisk (“deploy-ironic” diskimage-builder element) was removed. Please switch to IPA before upgrading.
Removed the workaround in API allowing removing “instance_uuid” during cleaning. It was only required for Nova during introduction of cleaning.
In the configuration group
[agent]
, the following options were deprecated in the Liberty cycle and they have been removed:[agent]/agent_pxe_append_params
[agent]/agent_pxe_config_template
Remove the deprecated “[conductor]/clean_nodes” option. Configuration files should instead use the “[conductor]/automated_clean” option.
In the config section
[agent]
two config options were deprecated in the Liberty cycle and they have been removed. The options were named:[agent]/agent_erase_devices_priority
[agent]/agent_erase_devices_iterations
Removes support for the deprecated “discoverd” group for inspection options. Configuration files should use the “inspector” group instead.
Removes the deprecated decorator “driver_periodic_task”, Drivers should use the “periodics.periodic” decorator from the futurist library instead.
Removes support for the “message” attribute from the “IronicException” class. Subclasses of “IronicException” should instead use the “_msg_fmt” attribute. This change is only relevant to developers.
Removes deprecated option “[agent]/manage_tftp”. Configuration files should instead use the “[agent]/manage_agent_boot” option.
Removes the deprecated config option “periodic_interval”.
Removes deprecated options “[pxe]/http_url” and “[pxe]/http_root”. Configuration files should instead use “[deploy]/http_url” and “[deploy]/http_root”.
The ‘verbose’ configuration option was removed, consequently the “–verbose, -v” parameter from all command lines was also removed. This affects the ironic-api, ironic-conductor, ironic-dbsync, and ironic-rootwrap commands. The verbose config/parameter was originally a shortcut to set the log level to INFO, however the log level has defaulted to INFO since this option was deprecated, so this option was a noop.
Deprecation Notes¶
The [deploy]/erase_devices_iterations config is deprecated and will be removed in the Ocata cycle. It has been replaced by the [deploy]/shred_random_overwrite_iterations config. This configuration option controls the number of times block devices are overwritten with random data. This option is only used when a block device could not be ATA Secure Erased.
Security Issues¶
A critical security vulnerability (CVE-2016-4985) was fixed in this release. Previously, a client with network access to the ironic-api service was able to bypass Keystone authentication and retrieve all information about any Node registered with Ironic, if they knew (or were able to guess) the MAC address of a network card belonging to that Node, by sending a crafted POST request to the /v1/drivers/$DRIVER_NAME/vendor_passthru resource. Ironic’s policy.json configuration is now respected when responding to this request such that, if passwords should be masked for other requests, they are also masked for this request.
Bug Fixes¶
Fixes a bug where Ironic won’t log the request-id during hardware inspection.
Fix a problem that caused the bmc_reset() vendor passthru method from the IPMI drivers to be always executed as “warm”.
This fixes the issue of RAID interface not being supported in iscsi_ilo driver.
A bug has been corrected where a node’s current clean_step was not purged upon that node timing out from a CLEANWAIT state. Previously, this bug would prevent a user from retrying cleaning operations. For more information, see https://bugs.launchpad.net/ironic/+bug/1590146.
Correct api version check conditional for node.name to address an issue that we could set node name to ‘’ using API version lower than 1.5, where node names were introduced.
Fixes a problem which causes the conductor to error out on startup in case there’s a duplicated entry in the enabled_drivers configuration option.
Remove the possibility to set incorrect node name by specifying multiple add/replace operations in patch request. Since this version, all the values specified in the patch for name are checked, in order to conform to JSON PATCH RFC https://tools.ietf.org/html/rfc6902.
Fixed the default value of ‘port’ in iscsi_deploy.get_deploy_info to be set to [iscsi]/portal_port option value, instead of hardcoding it to ‘3260’.
Fixes an issue where iLO drivers fail to download the firmware file from swift when the swift file path includes swift pseudo folder.
This fixes InvalidMAC exception of iRMC out-of-band inspection.
Fixed a VirtualBox issue that Ironic fails to set VirtualBox VM’s boot device when it is powered on. This bug causes two problems 1. VirtualBox cannot deploy VMs in local boot mode. 2. Ironic fails to set boot device when VirtualBox VMs is powered on and also fails to get the correct boot device from Ironic API call when VMs is powered on.
A bug was identified in the behaviour of the iLO drivers where nodes that are not active but taking part of a conductor takeover could be powered off. In preparation for new features and functionality, that risk encountering this bug, we are limiting the deployment preparation steps to the
deploying
state to prevent nodes from being erroneously powered off.
Fixed performance issue for ‘ironic.nova.compute.ClusteredComputeManager’ when during Nova instance termination resources were updated for all Nova hypervisors.
Fixes a problem which allowed nodes to be named with some reserved words that are implicitly not allowed due the way the Ironic API works. The reserved words are “maintenance”, “management”, “ports”, “states”, “vendor_passthru”, “validate” and “detail”.
Some nodes’ console may be enabled but the corresponding console services stopped while starting conductors, this tries to start consoles on conductor startup to make the status consistent.
This forces iRMC vmedia boot from remotely connected (redirected) CD/DVD instead of default CD/DVD. See https://bugs.launchpad.net/ironic/+bug/1561852 for details.
Fixed a bug that was causing grub installation failure. If the disk was already coming with a partition table, the conductor was not able to wipe it properly and the new partition table would conflict with the old one. The issue was only impacting new nodes and installations with automated_clean disabled in the configuration. A disk instance without preserve_ephemeral is now purged before new deployment. See https://bugs.launchpad.net/ironic-lib/+bug/1550604
Other Notes¶
When a node is enrolled into ironic, upon transition to the
manageable
state, the current power state of the node is recorded. Once the node is adopted and in anactive
state, that recorded power state will be enforced by ironic unless an operator changes the power state in ironic. This was the default behavior of ironic prior to the adoption feature.
Adopt oslo-config-generator to generate sample config files. New config options from Ironic code should register with ironic/conf/opts.py. New external libraries should register with tools/config/ironic-config-generator.conf. A deprecated option should add a deprecated group even if it didn’t alter its group, otherwise the deprecated group will use ‘DEFAULT’ by default.
Do not show DEBUG logging from keystoneauth and keystonemiddleware by default.
Log eventlet.wsgi.server events with a proper logger name and ignore DEBUG logging by default.
Add Neutron
port_setup_delay
configuration option. This delay allows Ironic to wait for Neutron port operations until we have a mechanism for synchronising events with Neutron. Set to 0 by default.