Jump to: navigation, search

Difference between revisions of "ReleaseNotes/2014.1.4"

(Created page with "= Release Notes, 2014.1.4 = The 2014.1.4 release is a Icehouse bugfix update for OpenStack Compute (Nova), OpenStack Identity (Keystone), OpenStack Image Registry and Deliver...")
 
(Bugs Fixed)
 
(7 intermediate revisions by 2 users not shown)
Line 8: Line 8:
  
 
== Resolved Security Issues ==
 
== Resolved Security Issues ==
 +
* http://security.openstack.org/ossa/OSSA-2015-005.html
 +
* http://security.openstack.org/ossa/OSSA-2015-003.html
 +
* http://security.openstack.org/ossa/OSSA-2015-002.html
 +
* http://security.openstack.org/ossa/OSSA-2014-041.html
 +
* http://security.openstack.org/ossa/OSSA-2014-040.html
 +
* http://security.openstack.org/ossa/OSSA-2014-039.html
 +
* http://security.openstack.org/ossa/OSSA-2014-038.html
 +
* http://security.openstack.org/ossa/OSSA-2014-037.html
 +
* http://security.openstack.org/ossa/OSSA-2014-036.html
 +
* http://security.openstack.org/ossa/OSSA-2014-035.html
  
 
== Bugs Fixed ==
 
== Bugs Fixed ==
In total, NN bugs are fixed by this update.  
+
In total, 89 bugs are fixed by this update.  
  
* [https://launchpad.net/nova/+milestone/2014.1.4 List of OpenStack Compute (Nova) bugs fixed in the 2014.1.4 release]
+
* [https://launchpad.net/nova/icehouse/2014.1.4 List of OpenStack Compute (Nova) bugs fixed in the 2014.1.4 release]
* [https://launchpad.net/keystone/+milestone/2014.1.4 List of OpenStack Identity (Keystone) bugs fixed in the 2014.1.4 release]
+
* [https://launchpad.net/keystone/icehouse/2014.1.4 List of OpenStack Identity (Keystone) bugs fixed in the 2014.1.4 release]
* [https://launchpad.net/glance/+milestone/2014.1.4 List of OpenStack Image Registry and Delivery Service (Glance) bugs fixed in the 2014.1.4 release]
+
* [https://launchpad.net/glance/icehouse/2014.1.4 List of OpenStack Image Registry and Delivery Service (Glance) bugs fixed in the 2014.1.4 release]
* [https://launchpad.net/neutron/+milestone/2014.1.4 List of OpenStack Networking (Neutron) bugs fixed in the 2014.1.4 release]
+
* [https://launchpad.net/neutron/icehouse/2014.1.4 List of OpenStack Networking (Neutron) bugs fixed in the 2014.1.4 release]
* [https://launchpad.net/cinder/+milestone/2014.1.4 List of OpenStack Block Storage (Cinder) bugs fixed in the 2014.1.4 release]
+
* [https://launchpad.net/cinder/icehouse/2014.1.4 List of OpenStack Block Storage (Cinder) bugs fixed in the 2014.1.4 release]
* [https://launchpad.net/horizon/+milestone/2014.1.4 List of OpenStack Dashboard (Horizon) bugs fixed in the 2014.1.4 release]
+
* [https://launchpad.net/horizon/icehouse/2014.1.4 List of OpenStack Dashboard (Horizon) bugs fixed in the 2014.1.4 release]
* [https://launchpad.net/heat/+milestone/2014.1.4 List of OpenStack Orchestration (Heat) bugs fixed in the 2014.1.4 release]   
+
* [https://launchpad.net/heat/icehouse/2014.1.4 List of OpenStack Orchestration (Heat) bugs fixed in the 2014.1.4 release]   
* [https://launchpad.net/ceilometer/+milestone/2014.1.4 List of OpenStack Telemetry (Ceilometer) bugs fixed in the 2014.1.4 release]
+
* [https://launchpad.net/ceilometer/icehouse/2014.1.4 List of OpenStack Telemetry (Ceilometer) bugs fixed in the 2014.1.4 release]
* [https://launchpad.net/trove/+milestone/2014.1.4 List of OpenStack Database (Trove) bugs fixed in the 2014.1.4 release]
+
* [https://launchpad.net/trove/icehouse/2014.1.4 List of OpenStack Database (Trove) bugs fixed in the 2014.1.4 release]
  
 
== Known Issues and Limitations ==
 
== Known Issues and Limitations ==
 +
=== Nova ===
 +
* [https://bugs.launchpad.net/nova/+bug/1373993 Fix unsafe SSL connection on TrustedFilter]  adds an option attestation_insecure_ssl in TrustedFilter which can be used to verify CAs. The default value is set to True, disabling SSL certificate verification. While this is the insecure option, it was selected for backward compatibility reasons.
 +
* There is a known issue with the new websocket origin access control (OSSA 2015-005): ValidationError will prevent VNC and SPICE connection if base_urls are not properly configured. The novncproxy_base_url and html5proxy_base_url now need to match the TLS settings of the connection origin and needs to be set explicitly where the nova proxy service is running.
 +
 +
=== Cinder ===
 +
* [https://launchpad.net/bugs/1361360 Fix for the Eventlet threads not released back to the pool] added wsgi_keep_alive option. In order to maintain the backward compatibility default value is True and recommended is to set it to False.
 +
 
=== Neutron ===
 
=== Neutron ===
 
* There is a known issue in all Icehouse releases that results in Neutron DHCP agent constantly resyncing its state once a network and a subnet is created with a gateway outside of it. To avoid this, users are encouraged to set force_gateway_on_subnet to True in neutron.conf. See [https://bugs.launchpad.net/neutron/+bug/1304181 Bug 1304181]
 
* There is a known issue in all Icehouse releases that results in Neutron DHCP agent constantly resyncing its state once a network and a subnet is created with a gateway outside of it. To avoid this, users are encouraged to set force_gateway_on_subnet to True in neutron.conf. See [https://bugs.launchpad.net/neutron/+bug/1304181 Bug 1304181]

Latest revision as of 16:53, 17 June 2015

Release Notes, 2014.1.4

The 2014.1.4 release is a Icehouse bugfix update for OpenStack Compute (Nova), OpenStack Identity (Keystone), OpenStack Image Registry and Delivery Service (Glance), OpenStack Networking (Neutron), OpenStack Block Storage (Cinder), OpenStack Dashboard (Horizon), OpenStack Orchestration (Heat), OpenStack Telemetry (Ceilometer) and Openstack Database (Trove).

The bugfixes contained in this release were backported from the development branches into a stable branch. The release is intended to be a low risk update with no intentional regressions or API changes.

Resolved Security Issues

Bugs Fixed

In total, 89 bugs are fixed by this update.

Known Issues and Limitations

Nova

  • Fix unsafe SSL connection on TrustedFilter adds an option attestation_insecure_ssl in TrustedFilter which can be used to verify CAs. The default value is set to True, disabling SSL certificate verification. While this is the insecure option, it was selected for backward compatibility reasons.
  • There is a known issue with the new websocket origin access control (OSSA 2015-005): ValidationError will prevent VNC and SPICE connection if base_urls are not properly configured. The novncproxy_base_url and html5proxy_base_url now need to match the TLS settings of the connection origin and needs to be set explicitly where the nova proxy service is running.

Cinder

Neutron

  • There is a known issue in all Icehouse releases that results in Neutron DHCP agent constantly resyncing its state once a network and a subnet is created with a gateway outside of it. To avoid this, users are encouraged to set force_gateway_on_subnet to True in neutron.conf. See Bug 1304181
  • Fix for the Eventlet threads not released back to the pool added wsgi_keep_alive option. In order to maintain the backward compatibility default value is True and recommended is to set it to False.