ReleaseNotes/Juno
OpenStack 2014.2 (Juno) Release Notes
Contents
- 1 OpenStack 2014.2 (Juno) Release Notes
- 1.1 General Upgrade Notes
- 1.2 OpenStack Object Storage (Swift)
- 1.3 OpenStack Compute (Nova)
- 1.4 OpenStack Image Service (Glance)
- 1.5 OpenStack Dashboard (Horizon)
- 1.6 OpenStack Identity (Keystone)
- 1.7 OpenStack Network Service (Neutron)
- 1.8 OpenStack Block Storage (Cinder)
- 1.9 OpenStack Telemetry (Ceilometer)
- 1.10 OpenStack Orchestration (Heat)
- 1.11 OpenStack Database service (Trove)
- 1.12 OpenStack Documentation
General Upgrade Notes
- The simplejson package is an optional requirement in most projects, therefore it's not listed in all project's requirements.txt file. However, if you're using it, e.g. better performance with python 2.6 on RHEL 6, then you will need simplejson >= 2.2.0. See https://bugs.launchpad.net/oslo-incubator/+bug/1361230 for details.
OpenStack Object Storage (Swift)
Key New Features
Known Issues
None
Upgrade Notes
- A list of all updated, deprecated or removed options in swift can be found at: http://docs.openstack.org/trunk/config-reference/content/swift-conf-changes-master.html
- As part of an effort to eventually update the default port to swift to an non-IANA-assigned range, bind_port is now a required setting. Anyone currently explicitly setting the ports will not be affected. However, if you do not currently set the ports, please ensure that your *_server.conf has bind_port set to match your ring as part of your upgrade.
OpenStack Compute (Nova)
There is a summary of specifications for the Juno release of Nova at Nova/Juno-Specs.
Key New Features
Upgrade Support
- TBD
Compute Drivers
Hyper-V
- TBD
Libvirt (KVM)
- TBD
VMware
- TBD
XenServer
- TBD
API
- TBD
Scheduler
- TBD
Other Features
- TBD
Known Issues
- TBD
Upgrade Notes
- A list of all updated, deprecated or removed options in Nova can be found at: http://docs.openstack.org/trunk/config-reference/content/nova-conf-changes-master.html
- The nova-manage flavor subcommand is deprecated in Juno and will be removed in the 2015.1 (K) release: https://review.openstack.org/#/c/86122/
- https://review.openstack.org/#/c/102212/
- Minimum required libvirt version is now 0.9.11: https://review.openstack.org/#/c/58494/
- Nova is now supporting the Cinder V2 API. The Cinder V1 API is deprecated in Juno and Nova will switch over to Cinder V2 by default in the "L" release.
- Debug log output in python-novaclient has changed slightly to improve readability. The sha1 hash of the keystone token is now printed instead of the token itself - greatly shortening the amount of content being printed while still retaining the ability to determine token mismatch scenarios. In addition, some extra '\n' characters that were being added are removed. Double-check any log parsers!
- libvirt.volume_drivers config param for nova.conf is deprecated, to be removed in the Lxxxx release. In general, this should affect only a small number of developers working on drivers. If this is you, the recommended approach is to continue your work inside a nova tree.
OpenStack Image Service (Glance)
Key New Features
- Asynchronous Processing
- Pull of glance.store into its own library
- Metadata Definitions Catalog
Known Issues
Upgrade Notes
- A list of all updated, deprecated or removed options in Glance can be found at: http://docs.openstack.org/trunk/config-reference/content/glance-conf-changes-master.html
- The ability to upload a public image is now admin-only by default. To continue to use the previous behaviour, edit the publicize_image flag in etc/policy.json to remove the role restriction.
OpenStack Dashboard (Horizon)
Key New Features
- TBD
Known Issues
Upgrade Notes
- FLAVOR_EXTRA_KEYS setting deprecated. The use of this key has been replaced with direct calls to the nova and glance api as appropriate.
OpenStack Identity (Keystone)
Key New Features
- Keystone now has experimental support for Keystone-to-Keystone federation, where one instance acts as an Identity Provider, and the other a Service Provider.
- PKIZ is a new token provider available for users of PKI tokens, which simply adds zlib-based compression to traditional PKI tokens.
- The hashing algorithm used for PKI tokens has been made configurable (the default is still MD5, but the Keystone team recommends that deployments migrate to SHA256).
- Identity-driver-configuration-per-domain now supports Internet domain names of arbitrary hierarchical complexity (for example,
customer.cloud.example.com
). - The LDAP identity backend now supports
description
as an attribute of users. - Identity API v3 requests are now validated via JSON Schema.
- In the case of multiple identity backends, Keystone can now map arbitrary resource IDs to arbitrary backends.
-
keystoneclient.middleware.auth_token
has been moved into it's own repository,keystonemiddleware.auth_token
. - Identity API v3 now supports a discrete call to retrieve a service catalog,
GET /v3/auth/catalog
. - Federated authentication events and local role assignment operations now result in CADF (audit) notifications.
- Keystone can now associate a given policy blob with one or more endpoints.
- Keystone now provides JSON Home documents on the root API endpoints in response to
Accept: application/json-home
headers. - Hiding endpoints from client's service catalogs is now more easily manageable via
OS-EP-FILTER
. - The credentials collection API is now filterable per associated user (
GET /v3/credentials?user_id={user_id}
). - New, generic API endpoints are available for retrieving authentication-related data, such as a service catalog, available project scopes, and available domain scopes.
- Keystone now supports mapping the user
enabled
attribute to thelock
attribute in LDAP (and inverting the corresponding boolean value accordingly). - A CA certificate file is now configurable for LDAPS connections.
- The templated catalog backend now supports generating service catalogs for Identity API v3.
- Service names were added to the v3 service catalog.
- Services can now be filtered by name (
GET /v3/services?name={service_name}
).
Known Issues
- TBD
Upgrade Notes
- Due to the simpler out-of-the-box experience, the default token provider is now UUID instead of PKI.
- Database migrations for releases prior to Havana have been dropped, meaning that you must upgrade to the Juno release from either a Havana or Icehouse deployment.
- A comprehensive list of all updated, deprecated or removed options in Keystone can be found at: http://docs.openstack.org/trunk/config-reference/content/keystone-conf-changes-master.html
- All
token_api
methods are now deprecated. - LDAP configuration options that previously contained the deprecated
tenant
terminology have been superseded by options using the termproject
. - Proxy methods from the identity backend to the assignment backend (created to provide backwards compatibility as a result of the split of the Assignment backend from the Identity backend), have been removed. This should only affect custom, out-of-tree API extensions.
- Loading authentication plugins solely by class name in
keystone.conf
is now deprecated in favor of loading them bycustom-method-name = custom_package.CustomClass
pairs, and then defining the sequence of authentication methods as a list (methods = custom-method-name, password
).
- All
- All KVS backends besides the
token
driver have been formally deprecated. - LDAP/AD configuration: All configuration options containing the term "tenant" have been deprecated in favor of similarly named configuration options using the term "project" (for example,
tenant_id_attribute
has been replaced byproject_id_attribute
).
OpenStack Network Service (Neutron)
Key New Features
- DB migration refactor and new timeline
- Distributed Virtual Router Support (DVR)
- Full IPV6 support for tenant networks
- High Availability for the L3 Agent
- ipset support for security groups in place of iptables (this option is configurable)
- L3 agent performance improvements
- Migration to oslo.messaging library for RPC communication.
- Security group rules for devices RPC call refactoring (a huge performance improvement)
- New Plugins supported in Juno include the following:
- A10 Networks LBaaS driver for the LBaaS V1 API
- Arista L3 routing plugin
- Big Switch L3 routing plugin
- Brocade L3 routing plugin
- Cisco APIC ML2 Driver (including a L3 routing plugin).
- Cisco CSR L3 routing plugin
- Freescale SDN ML2 Driver
- Nuage Networks ML2 MechanismDriver
- SR-IOV capable NIC ML2 MechanismDriver
Known Issues
None yet.
Upgrade Notes
- A list of all updated, deprecated or removed options in neutron can be found at: http://docs.openstack.org/trunk/config-reference/content/neutron-conf-changes-master.html
- Attribute level policies dependent on resources are not enforced anymore. Meaning that some older policies from Icehouse are not needed. (e.g. "get_port:binding:vnic_type": "rule:admin_or_owner").
- The following plugins are deprecated in Juno:
- Cisco Nexus Sub-Plugin (The Nexus 1000V Sub-Plugin is still retained and supported in Juno).
- Mellanox Plugin
- Ryu Plugin
OpenStack Block Storage (Cinder)
Key New Features
Known Issues
None yet
Upgrade Notes
- Nova is now supporting the Cinder V2 API. The Cinder V1 API is deprecated in Juno and Nova will switch over to Cinder V2 by default in the "L" release.
OpenStack Telemetry (Ceilometer)
Key New Features
- TBD
Known Issues
- TBD
Upgrade Notes
- A list of all updated, deprecated or removed options in swift can be found at: http://docs.openstack.org/trunk/config-reference/content/ceilometer-conf-changes-master.html
OpenStack Orchestration (Heat)
Key New Features
- Update Failure Recovery
- implementation of new resources
- OS::Glance::Image
- OS::Heat::SwiftSignal
- OS::Sahara::NodeGroupTemplate
- OS::Sahara::ClusterTemplate
- OS::Heat::StructuredDeployments
- OS::Heat::SoftwareDeployments
- OS::Heat::SoftwareComponent
Known Issues
None yet
Upgrade Notes
- A list of all updated, deprecated or removed options in heat can be found at: http://docs.openstack.org/trunk/config-reference/content/heat-conf-changes-master.html
OpenStack Database service (Trove)
Key New Features
- support for PostgreSQL databases
- per datastore volume support
- support for MongDB clusters
Known Issues
None yet
Upgrade Notes
None yet
OpenStack Documentation
Key New Features
- Architecture Design Guide
- move of the High Availability Guide into a separate repository
- move of the Security Guide into a separate repository
Known Issues
Upgrade Notes
None yet