Current Series Release Notes¶

In Development - Unreleased¶

Adds NVIDIA A10/A40/L40S/L20 to known accelerators that can be reported when present in bare metals.

If allow_image_access_via_auth_token is set to True, Ironic allows access to Glance images if an auth_token is present in the request context.

Add a new configuration group [agent_containers] that allows users to dynamically configure container-based cleaning via Ironic conductor.

A new “description” field has been added to the Port object. This field allows operators to provide human-readable descriptions to easily identify physical ports on bare metal hosts.

The ipmitool-socat console interface is now available for users of the redfish hardware type. This was done as an enablement action for operators to be able to leverage IPMI based Serial-over-Lan connections. This option requires the IPMI parameters to be configured on the baremetal node in addition to the redfish hardware type.

Adds a new option [json_rpc]client_use_ssl. It can be set to True in situations where server-side TLS is handled by a reverse proxy, and thus [json_rpc]use_ssl is set to False.

The Ironic conductor can now access images that are shared with its project, in addition to those it owns.

To use the feature, ensure the images are shared with the project associated with the conductor’s credentials.

CONF.allow_image_access_via_auth_token is set to True in this Ironic release. OpenStack integrated operators should ensure images for Ironic use are using image visibility “public” or “community” for the most reliable results.

Fixes OSSA-2025-001, where Ironic did not properly filter file:// paths when used as image sources. This would permit any file accessible by the conductor to be used as an image to attempt deployment. Ironic now unconditionally forbids paths that provide access to system configuration (/dev, /sys, /proc, /boot, /run, and /etc).

Adds CONF.conductor.file_url_allowed_paths, an allowlist configuration defaulting to /var/lib/ironic, /shared/html, /opt/cache/files, /vagrant, and /templates, permits operators to further restrict where the conductor will fetch images for when provided a file:// URL. This default value was chosen based on known usage by projects downstream of Ironic, including Metal3, Bifrost, and OpenShift. These defaults may change to be more restrictive at a later date. Operators using file:// URLs are encouraged to explicitly set this value even if the current default is sufficient. Operators wishing to fully disable the ability to deploy with a file:// URL should set this configuration to “” (empty).

This issue only poses a significant security risk when Ironic’s automated cleaning process is disabled and the service is configured in such a way that permits direct deployment by an untrusted API user, such as standalone Ironic installations or environments granting ownership of nodes to projects.

Fixes loop functionality to align more closely with the spec where, with loop present, args reference loop items using ‘{item}’ placeholder to support direct array iteration; plus, separately handle list and dict loop item types.

Fixes interface binding logic as it relates to Neutron VIF attachments, such that an initial neutron port update occurs to ensure Neutron performs any necessary address assignments, which will now result in the port entering an ACTIVE state. The state may change later on as the port is updated as part of any workflow actions with supplied port configuration information to allow ML2 plugins to finalize any port binding actions, when appropriate. The base bug which identified this issue is bug 2106073, which will require additional work to completely fix.

Related, this logic also detaches any previously bound VIF which might have been supplied to Ironic. To have done so in advance of attachment is erroneous, yet understandable behavior.

Fixes an issue with agent startup where the workflow from the first agent heartbeat interaction could fail due to a transient networking issue leaving the Agent and Ironic in a state where the node cannot be deployed and continues to record errors upon each additional heartbeat operation. Logic to check the state of the agent has been adjusted to ignore retry operations which were recorded by the agent. More information on this issue can be found in bug 2110698.

Updates the patch validation logic to support special characters (~ and /) in field keys, provided they align with the escaping rules defined in RFC 6901 (JSON Pointer) as required for the path field specified in RFC 6902 (JSON Patch).

Fixes an error that node does not move to failed state when removing vif failed due to unexpected errors during tear down.