Special page
Special page
Tools
Printable version
Special pages
Create account
Log in
Log in / create account with OpenID
English
Home
Software
User Stories
Community
Profile
Blog
Wiki
Documentation
Jump to:
navigation
,
search
Export translations
Settings
Group
Category:Programs
I18nTeam
Open
OpenStack Upstream Institute
OpenStack Upstream Training/Info
PRC Kilo Hackaton
ReleaseNotes/Juno
ReleaseNotes/Kilo
ReleaseNotes/Liberty
Sandbox
User:Smaffulli
Language
aa - Afar
ab - Abkhazian
ace - Achinese
ady - Adyghe
ady-cyrl - адыгабзэ
aeb - Tunisian Arabic
aeb-arab - تونسي
aeb-latn - Tûnsî
af - Afrikaans
ak - Akan
aln - Gheg Albanian
am - Amharic
an - Aragonese
ang - Old English
anp - Angika
ar - Arabic
arc - Aramaic
arn - Mapuche
arq - Algerian Arabic
ary - Moroccan Arabic
arz - Egyptian Arabic
as - Assamese
ase - American Sign Language
ast - Asturian
av - Avaric
avk - Kotava
awa - Awadhi
ay - Aymara
az - Azerbaijani
azb - تۆرکجه
ba - Bashkir
ban - Balinese
bar - Bavarian
bbc - Batak Toba
bbc-latn - Batak Toba
bcc - Southern Balochi
bcl - Bikol Central
be - Belarusian
be-tarask - Belarusian (Taraškievica orthography)
bg - Bulgarian
bgn - Western Balochi
bho - Bhojpuri
bi - Bislama
bjn - Banjar
bm - Bambara
bn - Bengali
bo - Tibetan
bpy - Bishnupriya
bqi - Bakhtiari
br - Breton
brh - Brahui
bs - Bosnian
bto - Iriga Bicolano
bug - Buginese
bxr - буряад
ca - Catalan
cbk-zam - Chavacano de Zamboanga
cdo - Min Dong Chinese
ce - Chechen
ceb - Cebuano
ch - Chamorro
cho - Choctaw
chr - Cherokee
chy - Cheyenne
ckb - Central Kurdish
co - Corsican
cps - Capiznon
cr - Cree
crh - Crimean Turkish
crh-cyrl - Crimean Turkish (Cyrillic script)
crh-latn - Crimean Turkish (Latin script)
cs - Czech
csb - Kashubian
cu - Church Slavic
cv - Chuvash
cy - Welsh
da - Danish
de - German
de-at - Austrian German
de-ch - Swiss High German
de-formal - German (formal address)
diq - Zazaki
dsb - Lower Sorbian
dtp - Central Dusun
dty - डोटेली
dv - Divehi
dz - Dzongkha
ee - Ewe
egl - Emilian
el - Greek
eml - Emiliano-Romagnolo
en - English
en-ca - Canadian English
en-gb - British English
eo - Esperanto
es - Spanish
et - Estonian
eu - Basque
ext - Extremaduran
fa - Persian
ff - Fulah
fi - Finnish
fit - Tornedalen Finnish
fj - Fijian
fo - Faroese
fr - French
frc - Cajun French
frp - Arpitan
frr - Northern Frisian
fur - Friulian
fy - Western Frisian
ga - Irish
gag - Gagauz
gan - Gan Chinese
gan-hans - Simplified Gan script
gan-hant - Traditional Gan script
gd - Scottish Gaelic
gl - Galician
glk - Gilaki
gn - Guarani
gom - Goan Konkani
gom-deva - Goan Konkani (Devanagari script)
gom-latn - Goan Konkani (Latin script)
got - Gothic
grc - Ancient Greek
gsw - Swiss German
gu - Gujarati
gv - Manx
ha - Hausa
hak - Hakka Chinese
haw - Hawaiian
he - Hebrew
hi - Hindi
hif - Fiji Hindi
hif-latn - Fiji Hindi (Latin script)
hil - Hiligaynon
ho - Hiri Motu
hr - Croatian
hrx - Hunsrik
hsb - Upper Sorbian
ht - Haitian Creole
hu - Hungarian
hy - Armenian
hz - Herero
ia - Interlingua
id - Indonesian
ie - Interlingue
ig - Igbo
ii - Sichuan Yi
ik - Inupiaq
ike-cans - Eastern Canadian (Aboriginal syllabics)
ike-latn - Eastern Canadian (Latin script)
ilo - Iloko
inh - Ingush
io - Ido
is - Icelandic
it - Italian
iu - Inuktitut
ja - Japanese
jam - Jamaican Creole English
jbo - Lojban
jut - Jutish
jv - Javanese
ka - Georgian
kaa - Kara-Kalpak
kab - Kabyle
kbd - Kabardian
kbd-cyrl - Адыгэбзэ
kg - Kongo
khw - Khowar
ki - Kikuyu
kiu - Kirmanjki
kj - Kuanyama
kk - Kazakh
kk-arab - Kazakh (Arabic script)
kk-cn - Kazakh (China)
kk-cyrl - Kazakh (Cyrillic script)
kk-kz - Kazakh (Kazakhstan)
kk-latn - Kazakh (Latin script)
kk-tr - Kazakh (Turkey)
kl - Kalaallisut
km - Khmer
kn - Kannada
ko - Korean
ko-kp - 한국어 (조선)
koi - Komi-Permyak
kr - Kanuri
krc - Karachay-Balkar
kri - Krio
krj - Kinaray-a
ks - Kashmiri
ks-arab - Kashmiri (Arabic script)
ks-deva - Kashmiri (Devanagari script)
ksh - Colognian
ku - Kurdish
ku-arab - كوردي (عەرەبی)
ku-latn - Kurdish (Latin script)
kv - Komi
kw - Cornish
ky - Kyrgyz
la - Latin
lad - Ladino
lb - Luxembourgish
lbe - лакку
lez - Lezghian
lfn - Lingua Franca Nova
lg - Ganda
li - Limburgish
lij - Ligurian
liv - Livonian
lki - Laki
lmo - Lombard
ln - Lingala
lo - Lao
loz - Lozi
lrc - Northern Luri
lt - Lithuanian
ltg - Latgalian
lus - Mizo
luz - Southern Luri
lv - Latvian
lzh - Literary Chinese
lzz - Laz
mai - Maithili
map-bms - Basa Banyumasan
mdf - Moksha
mg - Malagasy
mh - Marshallese
mhr - Eastern Mari
mi - Maori
min - Minangkabau
mk - Macedonian
ml - Malayalam
mn - Mongolian
mo - молдовеняскэ
mr - Marathi
mrj - Western Mari
ms - Malay
mt - Maltese
mus - Creek
mwl - Mirandese
my - Burmese
myv - Erzya
mzn - Mazanderani
na - Nauru
nah - Nāhuatl
nan - Min Nan Chinese
nap - Neapolitan
nb - Norwegian Bokmål
nds - Low German
nds-nl - Low Saxon
ne - Nepali
new - Newari
ng - Ndonga
niu - Niuean
nl - Dutch
nl-informal - Nederlands (informeel)
nn - Norwegian Nynorsk
nov - Novial
nrm - Nouormand
nso - Northern Sotho
nv - Navajo
ny - Nyanja
oc - Occitan
olo - Livvi-Karelian
om - Oromo
or - Oriya
os - Ossetic
pa - Punjabi
pag - Pangasinan
pam - Pampanga
pap - Papiamento
pcd - Picard
pdc - Pennsylvania German
pdt - Plautdietsch
pfl - Palatine German
pi - Pali
pih - Norfuk / Pitkern
pl - Polish
pms - Piedmontese
pnb - Western Punjabi
pnt - Pontic
prg - Prussian
ps - Pashto
pt - Portuguese
pt-br - Brazilian Portuguese
qu - Quechua
qug - Chimborazo Highland Quichua
rgn - Romagnol
rif - Riffian
rm - Romansh
rmy - Romani
rn - Rundi
ro - Romanian
roa-tara - tarandíne
ru - Russian
rue - Rusyn
rup - Aromanian
ruq - Megleno-Romanian
ruq-cyrl - Megleno-Romanian (Cyrillic script)
ruq-latn - Megleno-Romanian (Latin script)
rw - Kinyarwanda
sa - Sanskrit
sah - Sakha
sat - Santali
sc - Sardinian
scn - Sicilian
sco - Scots
sd - Sindhi
sdc - Sassarese Sardinian
sdh - Southern Kurdish
se - Northern Sami
sei - Seri
ses - Koyraboro Senni
sg - Sango
sgs - Samogitian
sh - Serbo-Croatian
shi - Tachelhit
shi-latn - Tašlḥiyt
shi-tfng - ⵜⴰⵛⵍⵃⵉⵜ
shn - Shan
si - Sinhala
sk - Slovak
sl - Slovenian
sli - Lower Silesian
sm - Samoan
sma - Southern Sami
sn - Shona
so - Somali
sq - Albanian
sr - Serbian
sr-ec - Serbian (Cyrillic script)
sr-el - Serbian (Latin script)
srn - Sranan Tongo
ss - Swati
st - Southern Sotho
stq - Saterland Frisian
su - Sundanese
sv - Swedish
sw - Swahili
szl - Silesian
ta - Tamil
tcy - Tulu
te - Telugu
tet - Tetum
tg - Tajik
tg-cyrl - Tajik (Cyrillic script)
tg-latn - Tajik (Latin script)
th - Thai
ti - Tigrinya
tk - Turkmen
tl - Tagalog
tly - Talysh
tn - Tswana
to - Tongan
tokipona - Toki Pona
tpi - Tok Pisin
tr - Turkish
tru - Turoyo
ts - Tsonga
tt - Tatar
tt-cyrl - Tatar (Cyrillic script)
tt-latn - Tatar (Latin script)
tum - Tumbuka
tw - Twi
ty - Tahitian
tyv - Tuvinian
tzm - Central Atlas Tamazight
udm - Udmurt
ug - Uyghur
ug-arab - Uyghur (Arabic script)
ug-latn - Uyghur (Latin script)
uk - Ukrainian
ur - Urdu
uz - Uzbek
uz-cyrl - ўзбекча
uz-latn - oʻzbekcha
ve - Venda
vec - Venetian
vep - Veps
vi - Vietnamese
vls - West Flemish
vmf - Main-Franconian
vo - Volapük
vot - Votic
vro - Võro
wa - Walloon
war - Waray
wo - Wolof
wuu - Wu Chinese
xal - Kalmyk
xh - Xhosa
xmf - Mingrelian
yi - Yiddish
yo - Yoruba
yue - Cantonese
za - Zhuang
zea - Zeelandic
zh - Chinese
zh-cn - Chinese (China)
zh-hans - Simplified Chinese
zh-hant - Traditional Chinese
zh-hk - Chinese (Hong Kong)
zh-mo - 中文(澳門)
zh-my - 中文(马来西亚)
zh-sg - Chinese (Singapore)
zh-tw - Chinese (Taiwan)
zu - Zulu
info - Message documentation
Format
Export for off-line translation
Export in native format
<languages /> [[Category:Kilo|Release Note]] [[Category:Release Note|Kilo]] = OpenStack 2015.1.0 (Kilo) Release Notes = {| style="color:#000000; border:solid 3px #A8A8A8; padding:2em; margin:2em 0; background-color:#FFFFFF; vertical-align:middle;" | style="padding:1em" | The Kilo release of OpenStack is dedicated to the loving memory of '''Chris Yeoh''', who left his family and us way too soon. |} <div style="column-count:3;-moz-column-count:3;-webkit-column-count:3"> __TOC__ </div> == OpenStack Object Storage (Swift) == === Key New Features === ==== Erasure Code (beta) ==== Swift now supports an erasure-code (EC) storage policy type. This allows deployers to achieve very high durability with less raw capacity as used in replicated storage. However, EC requires more CPU and network resources, so it is not good for every use case. EC is great for storing large, infrequently accessed data in a single region. Swift's implementation of erasure codes is meant to be transparent to end users. There is no API difference between replicated storage and EC storage. To support erasure codes, Swift now depends on PyECLib and liberasurecode. liberasurecode is a pluggable library that allows for the actual EC algorithm to be implemented in a library of your choosing. Full docs are at http://swift.openstack.org/overview_erasure_code.html ==== Composite tokens ==== Composite tokens allow other OpenStack services to store data in Swift on behalf of a client so that neither the client nor the service can update the data without both party's consent. An example of this is that a user requests that Nova save a snapshot of a VM. Nova passes the request to Glance, Glance writes the image to a Swift container as a set of objects. In this case, the user cannot modify the snapshot without also having a valid token from the service. Nor can the service update the data without a valid token from the user. But the data is still stored in the user's account in Swift, which makes accounting simpler. Full docs are at http://swift.openstack.org/overview_backing_store.html ==== Data placement updates for smaller, unbalanceable clusters ==== Swift's data placement now accounts for device weight. This allows operators to gradually add new zones and regions without immediately causing a large amount of data to be moved. Also, if a cluster is inbalanced (eg a two-zone cluster where one zone has twice the capacity of the other), Swift will more efficiently use the available space and warn when replicas are placed without enough dispersion in the cluster. ==== Global cluster replication improvements ==== Replication between regions will now only move one replica per replication run. This gives the remote region a chance to replicate internally and thus avoid more data moving over the WAN === Known Issues === * As a beta release, EC support is nearly fully feature complete, but it is lacking support for some features (like multi-range reads) and has not had a full performance characterization. This feature relies on ssync for durability. Deployers are urged to do extensive testing and not deploy production data using an erasure code storage policy. === Upgrade Notes === As always, you can upgrade to this version of Swift with no end-user downtime * In order to support erasure codes, Swift has a new dependency on PyECLib (and liberasurecode, transitively). Also, the minimum required version of eventlet has been raised. == OpenStack Compute (Nova) == === Key New Features === ==== API v2.1 ==== * We have the first release of the next generation of the Nova API, v2.1. The v2.1 is designed to be backwards compatible with v2.0 with the addition of strong API validation. All changes to the API are discoverable via the advertised microversion. For more details see: http://specs.openstack.org/openstack/nova-specs/specs/kilo/implemented/api-microversions.html * For kilo, by default we are still using v2.0 API code to server v2.0 API requests. It is hoped that in liberty that v2.1 will be used to serve requests for both v2.0 and v2.1. * For liberty v2.0 is now frozen, and all new features will now be added into the v2.1 API using the microversions mechanism. Microversion increments released with kilo are: ** Extending the keypair API to support for x509 certificates, to be used with Windows WinRM, is one of the first API features added as a microversion in the v2.1 API. ** Exposing additional attributes in os-extended-server-attributes * python-novaclient does not yet have support for the v2.1 API * The policy enforcement of Nova v2.1 API get improvement. ** Policy only enforce at the entry of API. ** Without duplicated rules for single one API anymore. ** All the v2.1 API policy rule use 'os_compute_api' as prefix which distinguish with v2 API. ** Due to hard-code permission checks at db layer, part of Nova API isn't configurable by policy before. It's always required admin user. Part of Nova v2.1 API's hard-code permission checks is removed which make API policy configurable. The rest of hard-code permission checks will be removed at Liberty. ==== Upgrade Support ==== * We have reduced the data migrations that happen in the DB migration scripts, this now happens in a "lazy" way inside the DB objects code. There are nova-manage commands to help force migration of the data. For more details see: http://specs.openstack.org/openstack/nova-specs/specs/kilo/approved/flavor-from-sysmeta-to-blob.html * Change https://review.openstack.org/#/c/97946/ adds database migration 267 which scans for null instances.uuid records and will fail if any are found since the migrate ultimately needs to make instances.uuid non-nullable and adds a UniqueConstraint on that column. A helper script is provided to search for null instances.uuid records before running the database migrations. Before running 'nova-manage db sync', run the helper script 'nova-manage db null_instance_uuid_scan' which, by default, will just search and dump results, it does not change anything. Pass the --delete option to the null_instance_uuid_scan command to automatically remove any null records were instances.uuid is null. ==== Scheduler ==== * A selection of performance optimisations * We are in the process of making structural changes to the scheduler that will help improve our ability to evolve and improve scheduling. This should not be visible from an end user perspective. ==== Cells v2 ==== * There are some initial parts of cell v2 supported added, but this feature is not yet ready to use. * new 'nova-manage api_db sync' and 'nova-manage api_db version' commands for working with the new api database for cells, but nothing is using this database yet so it is not necessary to set it up. ==== Compute Drivers ==== ===== Hyper-V ===== * Support for generation 2 VMs: https://blueprints.launchpad.net/nova/+spec/hyper-v-generation-2-vms * Support for SMB based volumes, to sit along side existing iSCSI volume support: http://specs.openstack.org/openstack/nova-specs/specs/kilo/implemented/hyper-v-smbfs-volume-support.html * Support for x509 certificate based key pairs: http://specs.openstack.org/openstack/nova-specs/specs/kilo/implemented/keypair-x509-certificates.html * Host power actions now work with Hyper-V: https://blueprints.launchpad.net/nova/+spec/hyper-v-host-power-actions ===== Libvirt (KVM) ===== * NFV related features: ** NUMA based scheduling: http://specs.openstack.org/openstack/nova-specs/specs/kilo/implemented/input-output-based-numa-scheduling.html ** Pinning guest vCPUs: http://specs.openstack.org/openstack/nova-specs/specs/kilo/implemented/virt-driver-cpu-pinning.html ** Large page support: http://specs.openstack.org/openstack/nova-specs/specs/kilo/implemented/virt-driver-large-pages.html * vhostuser VIF driver: http://specs.openstack.org/openstack/nova-specs/specs/kilo/implemented/libvirt_vif_vhostuser.html * Support for running KVM on IBM System z: http://specs.openstack.org/openstack/nova-specs/specs/kilo/implemented/libvirt-kvm-systemz.html * Support for parallels: http://specs.openstack.org/openstack/nova-specs/specs/kilo/implemented/pcs-support.html * Support for SMB based volumes: http://specs.openstack.org/openstack/nova-specs/specs/kilo/implemented/libvirt-smbfs-volume-support.html * Quiesce using QEMU guest agent: http://specs.openstack.org/openstack/nova-specs/specs/kilo/implemented/quiesced-image-snapshots-with-qemu-guest-agent.html * Quobyte volume support: http://specs.openstack.org/openstack/nova-specs/specs/kilo/implemented/quobyte-nova-driver.html * Support for QEMU iSCSI initiator: http://specs.openstack.org/openstack/nova-specs/specs/kilo/implemented/qemu-built-in-iscsi-initiator.html ===== VMware ===== * Support for Ephemeral disks: http://specs.openstack.org/openstack/nova-specs/specs/kilo/approved/vmware-ephemeral-disk-support.html * Support fo vSAN: http://specs.openstack.org/openstack/nova-specs/specs/kilo/implemented/vmware-vsan-support.html * Support for based OVA images: http://specs.openstack.org/openstack/nova-specs/specs/kilo/implemented/vmware-driver-ova-support.html * Support for SPBM based storage policies: http://specs.openstack.org/openstack/nova-specs/specs/kilo/implemented/vmware-spbm-support.html ===== Ironic ===== * Support to pass flavor capabilities to ironic: http://specs.openstack.org/openstack/nova-specs/specs/kilo/implemented/pass-flavor-capabilities-to-ironic-virt-driver.html === Known Issues === * Evacuate recovery code has the potential to destroy data. On nova-compute startup, instances reported by the hypervisor are examined to see if they have moved (i.e. been evacuated) from the current host during the outage. If the determination is made that they were, then they are destroyed locally. This has the potential to choose incorrectly and destroy instances unexpectedly. On libvirt-like nodes, this can be triggered by changing the system hostname. On vmware-like nodes, this can be triggered by attempting to manage a single vcenter deployment from two different hosts (with different hostnames). This will be fixed properly in Liberty, but for now deployments that wish to disable this behavior as a preventive measure can set workarounds.destroy_after_evacuate=False. NOTE: This is not a regression and has been a flaw in the design of the evacuate feature since its introduction. There is no easy fix for this, hence this workaround to limit the potential for damage. The proposed fix in liberty is here: https://review.openstack.org/#/c/161444/. * The generate config examples possibly missing some oslo related configuration === Upgrade Notes === Below are changes you should be aware of when upgrading. Where possible, The git commit hash is provided for you to find more information: * Neutron ports are no longer deleted after your server is deleted, if you created them outside of Nova: 1153a46738fc3ffff98a1df9d94b5a55fdd58777 * EC2 API support has been deprecated, and is likely to be removed in kilo, see f098398a836e3671c49bb884b4a1a1988053f4b2 * Websocket proxies need to be upgraded in a lockstep with the API nodes, as older API nodes will not be sending the access_url when authorizing console access, and newer proxy services (this commit and onward) would fail to authorize such requests 9621ccaf05900009d67cdadeb1aac27368114a61 * After fully upgrading to kilo (i.e. all nodes are running kilo code), you should start a background migration of flavor information from its old home to its new home. Kilo conductor nodes will do this on the fly when necessary, but the rest of the idle data needs to be migrated in the the background. This is critical to complete before the Liberty release, where support for the old location will be dropped. Use "nova-manage migrate-flavor-data" to perform this transition. * Due to the improvement on Nova v2.1 API policy enforcement. There are a lot of change happened to v2.1 API policy. Because v2.1 API didn't released before, those change won't keep back-compatible. It is better to use policy sample configuration instead of old one. * VMware rescue VM behaviour no longer creates a new VM and instead happens in place: cd1765459a24e52e1b933c8e05517fed75ac9d41 * force_config_drive = always has been deprecated, and force_config_drive = True should be used instead: c12a78b35dc910fa97df888960ef2b9a64557254 * Running hyper-v, if you deployed code that was past this commit: b4d57ab65836460d0d9cb8889ec2e6c3986c0a9b but before this commit: c8e9f8e71de64273f10498c5ad959634bfe79975 you make have problems to manually resolve see: c8e9f8e71de64273f10498c5ad959634bfe79975 * Changed the default value of: multi_instance_display_name_template see: 609b2df339785bff9e30a9d67d5c853562ae3344 * Please use "nova-manage db null_instance_uuid_scan" to ensure the DB migrations will apply cleanly, see: c0ea53ce353684b48303fc59393930c3fa5ade58 == OpenStack Image Service (Glance) == === Key New Features === * Using graduated oslo.policy. Accounts changes to config options and updates the in-tree etc/config files. http://specs.openstack.org/openstack/glance-specs/specs/kilo/pass-targets-to-policy-enforcer.html * Ability to deactivate an image. Adds 2 new API calls and may require policy changes. http://specs.openstack.org/openstack/glance-specs/specs/kilo/deactivate-image.html * Basic support for Image conversion during the import process of an Image. http://specs.openstack.org/openstack/glance-specs/specs/kilo/conversion-of-images.html * Glance sorting enhancements. Images v2 API supports new sorting syntax including ability to specify the sort dir for each key. http://specs.openstack.org/openstack/glance-specs/specs/kilo/sorting-enhancements.html * Notifications support for metadefs. http://specs.openstack.org/openstack/glance-specs/specs/kilo/metadefs-notifications.html * Multiple datastore support for VMware Storage driver. http://specs.openstack.org/openstack/glance-specs/specs/kilo/vmware-store-multiple-datastores.html * Glance Image Introspection during the import process of an Image. http://specs.openstack.org/openstack/glance-specs/specs/kilo/introspection-of-images.html * Support in Metadefs for multivalue operators. http://specs.openstack.org/openstack/glance-specs/specs/kilo/metadata-multivalue-operators-support.html * Adding new taskflow executor and removing the old eventlet executor. http://specs.openstack.org/openstack/glance-specs/specs/kilo/taskflow-integration.html * Digest algorithm is now configurable. SHA-1 not being suitable for general-purpose digital signature applications that require 112 bits of security as per FIPS, we provide with a configuration to chose between these standards. * Metadef Tag support. http://specs.openstack.org/openstack/glance-specs/specs/kilo/metadefs-tags.html * Allow None values to be returned from the API. Glance's API v2 now also returns fields that have value None. * Catalog Index Service experimental API.http://specs.openstack.org/openstack/glance-specs/specs/kilo/catalog-index-service.html * More granular capabilities optional support to storage drivers. http://specs.openstack.org/openstack/glance-specs/specs/kilo/store-capabilities.html * Semver Utility for DB storage. http://specs.openstack.org/openstack/glance-specs/specs/kilo/semver-support.html * Reload configuration files on SIGHUP signal. Zero downtime config reload. http://specs.openstack.org/openstack/glance-specs/specs/kilo/sighup-conf-reload.html * Software Metadata Definitions. http://specs.openstack.org/openstack/glance-specs/specs/kilo/software-metadefs.html * Glance Swift Store to use Multiple Containers for Storing Images. http://specs.openstack.org/openstack/glance-specs/specs/kilo/swift-store-multiple-containers.html === Known Issues === * Adding image member throws 500 when the member name is longer than 255 characters. https://bugs.launchpad.net/glance/+bug/1424038 * Glance v2 API is incompatible with v1 API for owner change. https://bugs.launchpad.net/glance/+bug/1420008 * Glance scrubber doesn't work when registry operates in trusted-auth mode. https://bugs.launchpad.net/glance/+bug/1439666 === Upgrade Notes === * Removed deprecated option db_enforce_mysql_charset. Corresponding commit: efeb69f9033a57a1c806f71ee3ed9fd3f4d2475e * Notifications for metadef resources are now supported. Corresponding commit: fd547e3717dc4a3a92c1cb2104c18608a4f4872a * VMware multiple datastores can be enabled by a few config changes. Corresponding commit: 96fb31d7459bd4e05e052053177dce4d38cdaf90 * Removed the eventlet executor and added a new taskflow executor for async tasks. Corresponding commits: ae3135e1d67df77697a24fddaee3efeadb34a0dd and a39debfd55f6872e5f4f955b75728c936d1cee4b * Replace snet config with endpoint config. Corresponding commit: 41a9a065531ec946b4a9baf999f97d10fa493826 * Digest algorithm is now configurable. Corresponding commit: 82194e0c422966422f7a4e2157125c7ad8fbc5b5 * Cleanup chunks for deleted image that was in 'saving' state while deleting. Corresponding commit: 0dc8fbb3479a53c5bba8475d14f4c7206904c5ea * Glance now uses graduated oslo.policy. Corresponding commit: cb7d5a4795bbdaf4dc3eaaf0a6fb1add52c09011 * An image can now be deactivated. A new state called deactivated has been added to the Image data asset. Corresponding commit: b000c85b7fabbe944b4df3ab57ff73883328f40d == OpenStack Dashboard (Horizon) == === Key New Features === * Support for Federated authentication via Web Single-Sign-On -- When configured in keystone, the user will be able to choose the authentication mechanism to use from those support by the deployment. This feature must be enabled by changes to local_settings.py to be utilized. The related settings to enable and configure can be found [http://docs.openstack.org/developer/horizon/topics/settings.html#websso-enabled here]. * Support for Theming -- A simpler mechanism to specify a custom theme for Horizon has been included. Allowing for use of CSS values for Bootstrap and Horizon variables, as well as the inclusion of custom CSS. More details available [http://docs.openstack.org/developer/horizon/topics/settings.html#custom-theme-path here]. * Sahara UX Improvements -- Dramatic improvements to the Sahara user experience have been made with the addition of guided cluster creation and guided job creation pages. * Launch Instance Wizard (beta) -- A full replacement for the launch instance workflow has been implemented in AngularJS to address usability issues in the existing launch instance workflow. Due to the late inclusion date and limited testing, this feature is marked as beta for Kilo and not enabled by default. To use the new workflow, the following change to local_settings.py is required: <code>LAUNCH_INSTANCE_NG_ENABLED = True</code>. Additionally, you can disable the default launch instance wizard with the following: <code>LAUNCH_INSTANCE_LEGACY_ENABLED = False</code>. This new work is a view into future development in Horizon. * Nova ** allow service disable/enable on Hypervisor ** Migrate all instances from host ** expose serial console * Cinder ** Cinder v2 by default ** Managed/Unmanaged volume support -- allows admin to manage existing volumes not managed by cinder, as well as unmanage volumes. ** Volume transfer support between projects ** Volume encryption metadata support * Glance ** View added to allow administrators to view/add/update Glance Metadata definitions * Heat ** Stack Template view ** Orchestration Resources Panel ** Suspend/Resume actions for Stacks ** Preview Stack view allows users to preview stacks specified in templates before creating them. * Trove ** Resizing of Trove instances -- changing instance flavor * Ceilometer ** Display IPMI meters values from Ceilometer * New Reusable AngularJS widgets in Horizon: ** AngularJS table implementation *** Table drawers -- expandable table content *** improved client/server search ** Transfer table widget * Configurable web root for Horizon beyond just '/' === Known Issues === * Volumes created from snapshots are empty - https://bugs.launchpad.net/horizon/+bug/1447288 * Django 1.8 is not fully supported yet. === Upgrade Notes === * Django 1.7 is now supported. == OpenStack Identity (Keystone) == === Key New Features === ==== Hierarchical multitenancy ==== [http://specs.openstack.org/openstack/keystone-specs/api/v3/identity-api-v3.html#projects-v3-projects Projects] can be nested under other projects by setting the <code>parent_id</code> attribute to an existing project when [http://specs.openstack.org/openstack/keystone-specs/api/v3/identity-api-v3.html#create-project creating a new project]. You can also [http://specs.openstack.org/openstack/keystone-specs/api/v3/identity-api-v3.html#get-project discovery] the parent-child hierarchy through the existing <code>/v3/projects</code> API. Role assignments can now be assigned to both [https://github.com/openstack/keystone-specs/blob/master/api/v3/identity-api-v3-os-inherit-ext.rst#assign-role-to-user-on-projects-in-a-subtree users] and [https://github.com/openstack/keystone-specs/blob/master/api/v3/identity-api-v3-os-inherit-ext.rst#assign-role-to-group-on-projects-in-a-subtree groups] on subtrees in the project hierarchy. This feature will require corresponding support across other OpenStack services (such as hierarchical quotas) in order to become broadly useful. ==== Fernet tokens ==== Unlike UUID tokens which must be persisted to a database, Fernet tokens are entirely non-persistent. Deployers can enable the Fernet token provider using <code> [token] provider = keystone.token.providers.fernet.Provider</code> in <code>keystone.conf</code>. Fernet tokens require symmetric encryption keys which can be established using <code>keystone-manage fernet_setup</code> and periodically rotated using <code>keystone-manage fernet_rotate</code>. These keys must be shared by all Keystone nodes in a multi-node (or multi-region) deployment, such that tokens generated by one node can be immediately validated against another. ==== Identity federation ==== * Keystone can now act as a [http://docs.openstack.org/developer/keystone/configure_federation.html#keystone-as-an-identity-provider-idp federated identity provider (IdP)] for another instance of Keystone by issuing SAML assertions for local users, which may be ECP-wrapped. * Added support for [http://docs.openstack.org/developer/keystone/extensions/openidc.html OpenID Connect] as a federated identity authentication mechanism. * Added the ability to associate many "Remote IDs" to a single identity provider in Keystone. This will help in a case where many identity providers use a common mapping. * Added the ability for a user to authenticate via a web browser with an existing IdP, through a Single Sign-On page. * Federated tokens now use the <code>token</code> authentication method, although both <code>mapped</code> and <code>saml2</code> remain available. * Federated users may now be mapped to existing local identities. * Groups specified in the mapping rulesets can be identified by name and domain. * Groups appearing in federated identity assertions may now be automatically mapped as locally existing groups with local user membership mappings (filtered by white and blacklists). ==== LDAP ==== * Filter parameters specified by API users are now processed by LDAP itself, instead of by Keystone. * ''Experimental'' support was added to store domain-specific identity backend [http://docs.openstack.org/developer/keystone/configuration.html#domain-specific-drivers configuration in SQL] using the HTTP API. The primary use case for this is to create a new domain with the HTTP API, and then immediately configure a domain-specific LDAP driver for it without restarting Keystone. ==== Authorization ==== * The "assignment" backend has been split into a "resource" backend (containing domains, projects, and roles) and an "assignment" backend, containing the authorization mapping model. * Added support for trust redelegation. If allowed when the trust is initially created, a trustee can redelegate the roles from the trust via another trust. * Added support for explicitly requesting an unscoped token from Keystone, even if the user has a <code>default_project_id</code> attribute set. * Deployers may now opt into disallowing the re-scoping of scoped tokens by setting <code>[token] allow_rescope_scoped_token = false</code> in <code>keystone.conf</code>. === Upgrade Notes === * XML support in Keystone has been removed as of Kilo. When upgrading from Juno to Kilo, it is recommended that references to XML and XmlBodyMiddleware be removed from the [https://github.com/openstack/keystone/blob/master/etc/keystone-paste.ini Keystone Paste configuration]. This includes removing the XML middleware filters and the references from the public_api, admin_api, api_v3, public_version_api, admin_version_api and any other pipelines that may contain the XML filters. * All previous extensions (OS-FEDERATION, OS-OAUTH1, OS-ENDPOINT-POLICY and OS-EP-FILTER) are now enabled by default, and are [http://docs.openstack.org/developer/keystone/extensions.html correspondingly marked] as either "experimental" or "stable". * [http://specs.openstack.org/openstack/openstack-specs/specs/no-downward-sql-migration.html SQL Schema Downgrades are no longer supported]. This change is the result of evaluation that downward SQL migrations are not well tested and become increasingly difficult to support with the volume of data-change that occurs in many of the migrations. * The following python libraries are now required: [https://pypi.python.org/pypi/cryptography cryptography], [https://pypi.python.org/pypi/msgpack-python msgpack-python], [https://pypi.python.org/pypi/pysaml2 pysaml2] and [https://pypi.python.org/pypi/oauthlib oauthlib]. * <code>keystone.middleware.RequestBodySizeLimiter</code> is now deprecated in favor of <code>oslo_middleware.sizelimit.RequestBodySizeLimiter</code> and will be removed in Liberty. * Eventlet-specific configuration options such as <code>public_bind_host</code>, <code>bind_host</code>, <code>admin_bind_host</code>, <code>admin_port</code>, <code>public_port</code>, <code>public_workers</code>, <code>admin_workers</code>, <code>tcp_keepalive</code>, <code>tcp_keepidle</code> have been moved from the <code>[DEFAULT]</code> configuration section to a new configuration section called <code>[eventlet_server]</code>. Similarly, Eventlet-specific SSL configuration options such as <code>enable</code>, <code>certfile</code>, <code>keyfile</code>, <code>ca_certs</code>, <code>cert_required</code> have been moved from the <code>[ssl]</code> configuration section to a new configuration section called <code>[eventlet_server_ssl]</code>. * <code>keystone.token.backends.sql</code> has been removed in favor of <code>keystone.token.persistence.backends.sql</code>. * <code>keystone.token.backends.kvs</code> has been removed in favor of <code>keystone.token.persistence.backends.kvs</code>. * <code>keystone.token.backends.memcache</code> has been removed in favor of <code>keystone.token.persistence.backends.memcache</code>. * <code>keystone.assignment.backends.kvs</code> has been removed in favor of <code>keystone.assignment.backends.sql</code>. * <code>keystone.identity.backends.kvs</code> has been removed in favor of <code>keystone.identity.backends.sql</code>. * <code>keystone.contrib.stats.core.StatsMiddleware</code> has been removed in favor of external tooling. * <code>keystone.catalog.backends.templated.TemplatedCatalog</code> has been removed in favor of <code>keystone.catalog.backends.templated.Catalog</code>. * <code>keystone.contrib.access.core.AccessLogMiddleware</code> has been removed in favor of external access logging. * <code>keystone.trust.backends.kvs</code> has been removed in favor of <code>keystone.trust.backends.sql</code>. * <code>[catalog] endpoint_substitution_whitelist</code> has been removed from <code>keystone.conf</code> as part of a related security hardening effort. * <code>[signing] token_format</code> has been removed from <code>keystone.conf</code> in favor of <code>[token] provider</code>. == OpenStack Network Service (Neutron) == === Key New Features === * [http://specs.openstack.org/openstack/neutron-specs/specs/kilo/subnet-allocation.html Subnet allocation] feature allows creating subnets from a pre-defined pool of addresses instead of providing explicit addresses. ** Support in python-neutron-client (subnetpool-create/update/list/show/delete and subnet-create --subnetpool). ** API documentation work is underway. ** Horizon support is tracked with [https://blueprints.launchpad.net/horizon/+spec/neutron-subnet-allocation neutron-subnet-allocation] blueprint. * DVR now supports VLANs in addition to VXLAN/GRE * ML2 Hierarchical Port Binding * New LBaaS Version 2 API * Portsecurity support for the OVS ML2 Driver * Multiple Prefixes for IPv6 (tenant guest interfaces can now get multiple IPv6 addresses) * IPv6 Router (allows guests to get global IPv6 addresses and talk to the world, without NAT) * API extension for MTU Selection and Advertisement * API extension to check for support of VLAN trunking networks for NFV * New Plugins supported in Kilo include the following: ** A10 Networks LBaaS V2 Driver ** Brocade LBaaS V2 Driver ** Brocade ML2 driver for MLX and ICX switches ** Brocade L3 routing plugin for MLX switch ** Brocade Vyatta vRouter L3 Plugin ** Brocade Vyatta vRouter Firewall Driver ** Brocade Vyatta vRouter VPN Driver ** Cisco CSR VPNaaS Driver ** Dragonflow SDN based Distributed Virtual Router L3 Plugin ** Freescale FWaaS Driver ** Intel Mcafee NGFW FWaaS Driver ** IPSEC Strongswan VPNaaS Driver === Known Issues === * The Firewall-as-a-Service project is still marked as experimental for the Kilo release. * Bug [https://bugs.launchpad.net/neutron/+bug/1438819 1438819] ** When a new subnet is created on an external network, all existing routers with gateways on the network will get a new address allocated from it. For IPv4 networks, this could consume the entire subnet for router gateway ports. === Upgrade Notes === From Havana, Neutron no longer supported an explicit lease database (https://bugs.launchpad.net/bugs/1202392). This left dead code including unused environment variable. In order to remove the dead code (https://review.openstack.org/#/c/152398/), a change to the dhcp.filter is required, so that line: '''dnsmasq: EnvFilter, dnsmasq, root, NEUTRON_NETWORK_ID=''' Be replaced by: '''dnsmasq: CommandFilter, dnsmasq, root''' After advanced services were split into separate packages and received their own service configuration files (specifically, etc/neutron/neutron_lbaas.conf, etc/neutron/neutron_fwaas.conf and etc/neutron/neutron_vpnaas.conf), active service provider configuration can be different after upgrade (specifically, default load balancer (haproxy) and vpn (openswan) providers can be enabled for you even though you previously disabled them in neutron.conf). Please make sure you review configuration after upgrade so that it reflects the desired state of service providers. Note: this will have no effect if the related service plugin is not loaded in neutron.conf. * The default value of api_workers is now equal to the number of CPUs in the host. If you currently use the default, ensure you set api_workers to a reasonable number for your installation. (https://review.openstack.org/#/c/140493/) * The neutron.allow_duplicate_networks config option is deprecated in Kilo and will be removed in Liberty where the default behavior will be to just allow multiple ports attached to an instance on the same network in Neutron. (https://review.openstack.org/163581) * The linuxbridge agent now enables VXLAN by default (https://review.openstack.org/160826) * neutron-ns-metadata-proxy can now be run as non-root (https://review.openstack.org/147437) === Other Notes (Deprecation/EOL etc) === * Deprecation ** Brocade Monolithic plugin for Brocade's VDX/VCS series of hardware switches will be deprecated in the L-Release. The functionality provided by this plugin is now addressed by the ML2 Driver available for the VDX series of hardware. The plugin is slated for removal after this release cycle. ** The monolithic Cisco Meta plugin for Nexus1000V will be deprecated in the L-Release. The functionality provided by this plugin is now available with the Cisco Nexus1000V ML2 mechanism driver. The monolithic plugin is slated for removal after this release cycle. == OpenStack Block Storage (Cinder) == === Key New Features === * From this point forward any new database schema upgrades will not require restarting Cinder services right away. The services are now independent of schema upgrades. This is part one to Cinder supporting rolling upgrades! * Ability to add/remove volumes from an existing consistency group. [http://docs.openstack.org/admin-guide-cloud/content/consistency-groups.html Read docs for more info]. * Ability to create a consistency group from an existing consistency group snapshot. [http://docs.openstack.org/admin-guide-cloud/content/consistency-groups.html Read docs for more info]. * Create more fine tuned filters/weighers to set how the scheduler will choose a volume backend. [http://docs.openstack.org/admin-guide-cloud/content/driver_filter_weighing.html Read the docs for more info]. * Encrypted volumes can now be backed up using the Cinder backup service. [http://docs.openstack.org/admin-guide-cloud/content/volume-backup-restore.html Read the docs for more info]. * Ability to create private volume types. This is perfect when you want to make volume types available to only a specific tenant or to test it before making available to your cloud. To do so use the ''cinder type-create <name> --is-public''. * Oversubscription with thin provision is configurable. [http://docs.openstack.org/admin-guide-cloud/content/over_subscription.html Read docs for more info]. * Ability to add descriptions to volume types. To do so use ''cinder type-create <name> <description> * Cinder now can return multiple iSCSI paths information so that the connector can attach volumes even when the primary path is down ([https://review.openstack.org/#/c/134681/ when connector's multipath feature is enabled] or [https://review.openstack.org/#/c/140877/ not enabled]). * Add ability to specify a local lvm.conf file. When using the LVM driver this option allows you to set a Cinder specific lvm.conf file in /etc/cinder/lvm.conf. This enables specific LVM settings and filters that are only picked up and used by Cinder. * The Cinder backup service can now backup to an NFS exported filesystem. [http://docs.openstack.org/admin-guide-cloud/content/volume-backup-restore.html Read the docs for more info]. === Upgrade Notes === * The 'host' config option for multiple-storage backends in cinder.conf is renamed to 'backend_host' in order to avoid a naming conflict with the 'host' to locate redis. If you use this option, please ensure your configuration files are updated. == OpenStack Telemetry (Ceilometer) == === Key New Features === * Support to add jitter to polling cycles to ensure pollsters are not querying service's api at the same time * Ceilometer API RBAC support * Improved Event support: ** Multi-pipeline support to enable unique processing and publishing of events ** Enabled ability to capture raw notification messages for auditing and postmortem analysis ** Support for persisting events into ElasticSearch ** Publishing support to database, http, file, kafka and oslo.messaging supported message queues ** Option to split off the events persistence into a separate database ** Telemetry now supports to collect and store all the event type meters as events. A new option, ''disable_non_metric_meters'', was added to the configuration in order to provide the possibility to turn off storing these events as samples. For further information please see the [http://docs.openstack.org/trunk/config-reference/content/ch_configuring-openstack-telemetry.html Telemetry Configuration Reference] ** The Administrator Guide in OpenStack Manuals was updated with a new [http://docs.openstack.org/admin-guide-cloud/content/section_telemetry-events.html Events section], where you can find further information about this functionality. * Improved pipeline publishing support: ** Support to publish events and samples to Kafka or HTTP targets ** Publish data to multiple queues * Additional meters ** memory and disk meters for Hyper-V ** disk meters for LibVirt ** power and thermal related IPMI meters, more meters from NodeManager ** ability to meter Ceph * IPv6 support enabled in Ceilometer udp publisher and collector * [http://launchpad.net/gnocchi Gnocchi] dispatch support for ceilometer-collector * Self-disabled pollster mechanism === Upgrade Notes === * Deprecated meters: ** The instance:<flavor> meter is deprecated in the Kilo release. In order to retrieve samples or statistics based on flavor you can use the following queries: statistics: ceilometer statistics -m instance -g resource_metadata.instance_type samples: ceilometer sample-list -m instance -q metadata.instance_type=<value> * Middleware used to meter Swift was previously packaged in Ceilometer and is now deprecated. It is now separated into it's own library: ceilometermiddleware. ** Juno configuration: http://docs.openstack.org/juno/install-guide/install/apt/content/ceilometer-swift.html ** Kilo configuration: http://docs.openstack.org/kilo/install-guide/install/apt/content/ceilometer-swift.html == OpenStack Orchestration (Heat) == === Key New Features === * Improved scaling using nested stacks ** Heat will RPC actions on any resource that is based on a template. This should help to spread the load when dealing with large complex stacks. * oslo versioned objects ** The database layer now uses oslo versioned objects to aid in future upgrades. This will allow a newly upgraded heat-engine to use a database with an older schema. Note that this will not help with upgrading to kilo. * New template functions ** There is a new HOT template version "20150430" which includes two new functions "digest" and "repeat". * Multiregion stacks ** http://docs.openstack.org/hot-reference/content/OS__Heat__Stack.html * Access to Heat services ** The admin now has similar access to services as other projects. This is in the form of "heat-manage service-list" and via horizon. This feature reports the active heat-engines. * Improved validation for nova and neutron properties. * Pause stack creation/update on a given resource (stack hooks) ** http://specs.openstack.org/openstack/heat-specs/specs/juno/stack-breakpoint.html ** http://docs.openstack.org/developer/heat/template_guide/environment.html?highlight=hooks#pause-stack-creation-update-on-a-given-resource * New contributed resources ** Mistral resources ** gnocchi alarms https://blueprints.launchpad.net/heat/+spec/ceilometer-gnocchi-alarm ** keystone resources supported with Keystone v3 server for Project, Role, User and Group * Stack lifecycle scheduler hints * Software-config improvements ** Option to use Swift TempURLs for deployment signals http://specs.openstack.org/openstack/heat-specs/specs/kilo/software-config-swift-signal.html ** The ability to create and monitor a deployment from the heat command line, outside of the stack http://specs.openstack.org/openstack/heat-specs/specs/kilo/software-config-trigger.html === Upgrade Notes === * The default of the configuration option "num_engine_workers" has changed from 1 to a number based on the the number of CPUs. This is now the same as the way other projects set the number of workers. * The default for the configuration option "max_nested_stack_depth" has been increased to 5. * There is a new configuration option "convergence" it is by default off. This feature is not yet complete and this option should remain off. * In preparation of an upcoming major feature (convergence) there have been some significant DB schema changes. It is suggested that the heat-engine is shutdown during schema upgrades. === Other Notes (Deprecation/EOL etc) === ==== Deprecation ==== * The follow resources are deprecated OS::Heat::HARestarter and OS::Heat::CWLiteAlarm * The CloudWatch API (heat-api-cw) == OpenStack Database service (Trove) == === Key New Features === * Support for a new replication strategy based on async GTID replication (new in MySQL 5.6) ** We now support for creating n-replicas from a single master in one API call ** We also support for failover from an unresponsive master to the most up-to-date slave can now be achieved using the new 'eject-master' API * Support for Trove guest managers to support the following new datastores: **Vertica, and Vertica Cluster **DB2 **CouchDB * Extended current management API layer : ** We now have a new management API to support listing and viewing deleted trove instances ** We also added a new management API to ping a datastore guestagent via the RPC mechanism * Horizon updates to support resize of Trove instances. * Users now have the ability to edit/update the names of Trove instances * Integration with the cross-project OpenStack profiling library (OSProfiler) === Upgrade Notes === * We migrated from deprecated oslo-incubator messaging code to the official oslo.messaging python module. Please look at git.openstack.org/cgit/openstack/trove/tree/etc/trove/trove.conf.sample#n18 for more details on the changed config values that were added to support this, ([https://review.openstack.org/#/c/94484/ Change]) * Datastores and strategies that are not currently being tested by any CI have been moved into an 'experimental' section in their respective modules. Once these datastores and strategies have appropriate tests exercising and gating against them in CI, they will be graduated to 'stable'. * Added new documentation to help with the process of building trove guest images for different datastores at http://docs.openstack.org/developer/trove/dev/building_guest_images.html == OpenStack Data Processing service (Sahara) == === Key New Features === * New plugins, their features and versions: ** MAPR ** Apache Storm ** Apache Hadoop 2.6.0 was added, Apache Hadoop 2.4.1 deprecated ** New services for CDH plugin added up to HDFS, YARN, Spark, Oozie, HBase, ZooKeeper and other services * Added indirect VM access for better utilization of floating IPs * Added event log support to have detailed info about provisioning progress * Optional default node group and cluster templates per plugin * Horizon updates: ** Guided cluster creation and job execution ** Filtering on search for objects * Editing of Node Group templates and Cluster templates implemented * Added Shell Job Type for clusters running Oozie * New Job Types endpoint to query list of the supported Job Types === Upgrade Notes === Details: http://docs.openstack.org/developer/sahara/userdoc/upgrade.guide.html#juno-kilo * Sahara now requires policy.json configuration file. == OpenStack Bare Metal service (Ironic) == === Key New Features === ==== State Machine ==== Ironic now uses a formal model for the logical state of each node it manages ([http://specs.openstack.org/openstack/ironic-specs/specs/kilo/new-ironic-state-machine.html#proposed-change New Ironic State Machine]). This has enabled the addition of two new processes: '''cleaning''' and '''inspection'''. * Automatic disk erasure between tenants is now enabled by default. This may be extended to perform additional '''cleaning''' steps, such as re-applying firmware, resetting BIOS settings, etc ([http://docs.openstack.org/developer/ironic/deploy/cleaning.html Node Cleaning]). * Both in-band and out-of-band methods are available to '''inspect''' hardware. These methods may be used to update Node properties automatically ([http://docs.openstack.org/developer/ironic/deploy/install-guide.html#hardware-inspection Hardware Inspection]). ==== Version Headers ==== The Ironic REST API expects a new ''X-OpenStack-Ironic-API-Version'' header be passed with each HTTP[S] request. This header allows client and server to negotiate a mutually supported interface ([http://specs.openstack.org/openstack/ironic-specs/specs/kilo/api-microversions.html REST API "micro" versions]). In the absence of this header, the REST service will default to a compatibility mode and yield responses compatible with Juno clients. This mode, however, prevents access to most features introduced in Kilo. ==== Hardware Driver Changes ==== The following new drivers were added: * [http://docs.openstack.org/developer/ironic/drivers/amt.html AMT] * [http://docs.openstack.org/developer/ironic/deploy/drivers.html#irmc iRMC] * [http://docs.openstack.org/developer/ironic/drivers/vbox.html VirtualBox (testing driver only)] The following enhancements were made to existing drivers: * [http://docs.openstack.org/developer/ironic/deploy/install-guide.html#enabling-the-configuration-drive-configdrive Configdrives] may be used with the "agent" drivers in lieu of a metadata service, if desired. * SeaMicro driver supports serial console * [http://docs.openstack.org/developer/ironic/drivers/ilo.html#uefi-secure-boot-support iLO driver supports UEFI secure boot] * [http://docs.openstack.org/developer/ironic/drivers/ilo.html#hardware-inspection iLO driver supports out-of-band node inspection] * [http://docs.openstack.org/developer/ironic/drivers/ilo.html#ilo-node-cleaning iLO driver supports resetting ilo and bios during cleaning] Support for third-party and out-of-tree drivers is enhanced by the following two changes: * Drivers may store their own "internal" information about Nodes. * Drivers may register their own periodic tasks to be run by the Conductor. * ''vendor_passthru'' methods now support additional HTTP methods (eg, PUT and POST). * ''vendor_passthru'' methods are now discoverable in the REST API. See [http://docs.openstack.org/developer/ironic/dev/drivers.html#node-vendor-passthru node vendor passthru] and [http://docs.openstack.org/developer/ironic/dev/drivers.html#driver-vendor-passthru driver vendor passthru] ==== Other Changes ==== * [http://docs.openstack.org/developer/ironic/deploy/install-guide.html#logical-names Logical names] may be used to address Nodes, in addition to their canonical UUID. * For servers with varied local disks, [http://docs.openstack.org/developer/ironic/deploy/install-guide.html#specifying-the-disk-for-deployment ''hints''] may be supplied that affect which disk device the OS is provisioned to. * Support for fetching kernel, ramdisk, and instance images from HTTP[S] sources directly has been added to remove the dependency on Glance. [http://docs.openstack.org/developer/ironic/deploy/install-guide.html#using-ironic-as-a-standalone-service Using ironic as a standalone service] * Nodes may be placed into ''[http://docs.openstack.org/developer/ironic/deploy/install-guide.html#maintenance-mode maintenance mode]'' via REST API calls. An optional ''maintenance reason'' may be specified when doing so. === Known Issues === * '''Running more than one nova-compute process is not officially supported.''' ** While Ironic does include a ClusteredComputeManager, which allows running more than one nova-compute process with Ironic, it should be considered experimental and has many known problems. * Drivers using the "agent" deploy mechanism do not support "rebuild --preserve-ephemeral" === Upgrade Notes === * IPMI Passwords are now obfuscated in REST API responses. This may be disabled by changing API policy settings. * The "agent" class of drivers now support both whole-disk and partition based images. * The driver_info parameters of "pxe_deploy_kernel" and "pxe_deploy_ramdisk" are deprecated in favour of "deploy_kernel" and "deploy_ramdisk". * Drivers implementing their own version of the vendor_passthru() method has been deprecated in favour of the new @passthru decorator. ==== Juno to Kilo ==== The recommended upgrade process is documented here: * http://docs.openstack.org/developer/ironic/deploy/upgrade-guide.html#upgrading-from-juno-to-kilo ==== Upgrading from Icehouse "nova-baremetal" ==== An upgrade from an Icehouse Nova installation using the "baremetal" driver directly to Kilo Ironic is untested and unsupported. Instead, please follow the following upgrade path: # Icehouse Nova "baremetal" -> Juno Nova "baremetal" # Juno Nova "baremetal" -> Juno Ironic # Juno Ironic -> Kilo Ironic Documentation for steps 1 and 2 is available at: https://wiki.openstack.org/wiki/Ironic/NovaBaremetalIronicMigration == OpenStack Documentation == * New [http://docs.openstack.org docs.openstack.org] landing page and new web design for [http://docs.openstack.org/user-guide/ End User Guide] and [http://docs.openstack.org/user-guide-admin/ Admin User Guide] * First release of the [http://docs.openstack.org/networking-guide/ Networking Guide] * Migration to RST for [http://docs.openstack.org/user-guide/ End User Guide] and [http://docs.openstack.org/user-guide-admin/ Admin User Guide] * New specialty teams: ** Install Guides ** High Availability Guide ** Networking Guide ** User Guides (Admin and End User) * First App Tutorial sprint * Driver documentation clarification and connections