Current Series Release Notes

15.0.0-28

New Features

  • Added support for the Jobboard Etcd backend in Taskflow.

  • The new [task_flow] jobboard_redis_backend_db option has been added. This option allows using non default database in redis as backend.

Upgrade Notes

  • When upgrading, the default RBAC rules will switch from Octavia Advanced RBAC to the keystone default roles. This means the load_balancer_* roles will not longer have access to the load balancer API. To continue to use the Octavia Advanced RBAC rules, please use the octavia-advanced-rbac-policy.yaml override file provided.

Critical Issues

  • When upgrading, the default RBAC rules will switch from Octavia Advanced RBAC to the keystone default roles. This means the load_balancer_* roles will not longer have access to the load balancer API. To continue to use the Octavia Advanced RBAC rules, please use the octavia-advanced-rbac-policy.yaml override file provided.

Security Issues

  • When upgrading, the default RBAC rules will switch from Octavia Advanced RBAC to the keystone default roles. This means the load_balancer_* roles will not longer have access to the load balancer API. To continue to use the Octavia Advanced RBAC rules, please use the octavia-advanced-rbac-policy.yaml override file provided. Note: the keystone default roles are less restrictive than the Octavia Advanced RBAC rules and you will no longer have global observer or quota specific roles.

Bug Fixes

  • Remove record in amphora_health table on revert. It’s necessary, because record in amphora table for corresponding amphora also deleted. It allows to avoid false positive react of failover threshold due to orphan records in amphora_health table.

  • Fixed potential AttributeError during listener update when security group rule had no protocol defined (ie. it was null).

  • Fixed an issue with SINGLE topology load balancer with UDP listeners, the Amphora now sends a Gratuitous ARP packet when a UDP pool is added, it makes the VIP address more quickly reachable after a failover or when reusing a previously allocated IP address.

  • Fix verification of certificates signed by a private CA when using Neutron endpoints.

  • Fix error on revert PlugVIPAmphora task, when db_lb is not defined and get_subnet raises NotFound error. It could happen when Amphora creation failed by timeout and before it VIP network was removed. As result revert failed with exception.