Difference between revisions of "ReleaseNotes/Havana"
(→Key New Features) |
(→Key New Features) |
||
| Line 51: | Line 51: | ||
=== Key New Features === | === Key New Features === | ||
| + | * Authentication data (users, groups; e.g. LDAP) can now be stored in a separate backend from authorization data (tenants/projects, roles, role assignments; e.g. SQL) | ||
| + | * Ability to specify more granular RBAC policy rules (e.g. based on attributes in the API request / response body) | ||
| + | * Delegated authorization via standard tokens to arbitrary consumers using OAuth 1.0a | ||
| + | * keystone-manage token_flush command to help purge expired tokens | ||
| + | * Pluggable handling of external authentication using REMOTE_USER | ||
* Domain role assignments can now be inherited by that domain's projects | * Domain role assignments can now be inherited by that domain's projects | ||
| − | |||
| − | |||
* Unicode support to API error messages | * Unicode support to API error messages | ||
* https://blueprints.launchpad.net/keystone/+spec/get-role-assignments | * https://blueprints.launchpad.net/keystone/+spec/get-role-assignments | ||
* API clients can now opt out of the service catalog being included in a token response | * API clients can now opt out of the service catalog being included in a token response | ||
| + | * Event notifications emitted for user and project/tenant create, update, and delete operations | ||
* First-class support for deployment behind Apache httpd | * First-class support for deployment behind Apache httpd | ||
* General performance improvements | * General performance improvements | ||
| Line 62: | Line 66: | ||
* https://blueprints.launchpad.net/keystone/+spec/authenticate-role-rationalization | * https://blueprints.launchpad.net/keystone/+spec/authenticate-role-rationalization | ||
* https://blueprints.launchpad.net/keystone/+spec/authentication-tied-to-token | * https://blueprints.launchpad.net/keystone/+spec/authentication-tied-to-token | ||
| − | |||
* https://bugs.launchpad.net/keystone/+bug/1153789 | * https://bugs.launchpad.net/keystone/+bug/1153789 | ||
* https://bugs.launchpad.net/ceilometer/+bug/1179008 | * https://bugs.launchpad.net/ceilometer/+bug/1179008 | ||
| Line 68: | Line 71: | ||
* https://bugs.launchpad.net/keystone/+bug/1194938 | * https://bugs.launchpad.net/keystone/+bug/1194938 | ||
* https://bugs.launchpad.net/keystone/+bug/1196855 | * https://bugs.launchpad.net/keystone/+bug/1196855 | ||
| − | |||
* https://blueprints.launchpad.net/keystone/+spec/user-locale-api | * https://blueprints.launchpad.net/keystone/+spec/user-locale-api | ||
* https://blueprints.launchpad.net/keystone/+spec/unified-logging-in-keystone | * https://blueprints.launchpad.net/keystone/+spec/unified-logging-in-keystone | ||
| − | |||
| − | |||
* https://blueprints.launchpad.net/keystone/+spec/caching-layer-for-driver-calls | * https://blueprints.launchpad.net/keystone/+spec/caching-layer-for-driver-calls | ||
| − | |||
* https://blueprints.launchpad.net/keystone/+spec/db-sync-models-with-migrations | * https://blueprints.launchpad.net/keystone/+spec/db-sync-models-with-migrations | ||
* https://blueprints.launchpad.net/keystone/+spec/endpoint-filtering | * https://blueprints.launchpad.net/keystone/+spec/endpoint-filtering | ||
Revision as of 04:36, 19 September 2013
Contents
- 1 OpenStack 2013.2 (Havana) Release Notes
OpenStack 2013.2 (Havana) Release Notes
General Upgrade Notes
OpenStack Object Storage (Swift)
Key New Features
Known Issues
None
Upgrade Notes
OpenStack Compute (Nova)
Key New Features
Known Issues
Upgrade Notes
- Note that periodic tasks will now run more often than before. The frequency of periodic task runs has always been configurable. However, the timer for when to run the task again was previously started after the last run of the task completed. The tasks now run at a constant frequency, regardless of how long a given run takes. This makes it much more clear for when tasks are supposed to run. However, the side effect is that tasks will now run a bit more often by default. (https://review.openstack.org/#/c/26448/)
- The security_groups_handler option has been removed from nova.conf. It was added for Quantum and is no longer needed. (https://review.openstack.org/#/c/28384/)
- This change should not affect upgrades, but it is a change in behavior for all new deployments. Previous versions created the default m1.tiny flavor with a disk size of 0. The default value is now 1. 0 means not to do any disk resizing and just use whatever disk size is set up in the image. 1 means to impose a 1 GB limit. The special value of 0 is still supported if you would like to create or modify flavors to use it. (https://review.openstack.org/#/c/27991/).
- https://review.openstack.org/#/c/33595
- https://review.openstack.org/#/c/33143
- https://review.openstack.org/#/c/35264/
- https://review.openstack.org/#/c/28750/
- https://review.openstack.org/#/c/27160
- https://review.openstack.org/#/c/35425/
- https://review.openstack.org/#/c/33996/
- https://review.openstack.org/#/c/43268/ - the vmware configuration variable 'nvc_password' is now deprecated. A user will no longer be required to enter as password to have VNC access. This now works like all other virt drivers.
OpenStack Image Service (Glance)
Key New Features
Known Issues
Upgrade Notes
OpenStack Dashboard (Horizon)
Key New Features
Known Issues
Upgrade Notes
OpenStack Identity (Keystone)
Key New Features
- Authentication data (users, groups; e.g. LDAP) can now be stored in a separate backend from authorization data (tenants/projects, roles, role assignments; e.g. SQL)
- Ability to specify more granular RBAC policy rules (e.g. based on attributes in the API request / response body)
- Delegated authorization via standard tokens to arbitrary consumers using OAuth 1.0a
- keystone-manage token_flush command to help purge expired tokens
- Pluggable handling of external authentication using REMOTE_USER
- Domain role assignments can now be inherited by that domain's projects
- Unicode support to API error messages
- https://blueprints.launchpad.net/keystone/+spec/get-role-assignments
- API clients can now opt out of the service catalog being included in a token response
- Event notifications emitted for user and project/tenant create, update, and delete operations
- First-class support for deployment behind Apache httpd
- General performance improvements
- https://blueprints.launchpad.net/keystone/+spec/pluggable-token-format
- https://blueprints.launchpad.net/keystone/+spec/authenticate-role-rationalization
- https://blueprints.launchpad.net/keystone/+spec/authentication-tied-to-token
- https://bugs.launchpad.net/keystone/+bug/1153789
- https://bugs.launchpad.net/ceilometer/+bug/1179008
- https://bugs.launchpad.net/keystone/+bug/1193420
- https://bugs.launchpad.net/keystone/+bug/1194938
- https://bugs.launchpad.net/keystone/+bug/1196855
- https://blueprints.launchpad.net/keystone/+spec/user-locale-api
- https://blueprints.launchpad.net/keystone/+spec/unified-logging-in-keystone
- https://blueprints.launchpad.net/keystone/+spec/caching-layer-for-driver-calls
- https://blueprints.launchpad.net/keystone/+spec/db-sync-models-with-migrations
- https://blueprints.launchpad.net/keystone/+spec/endpoint-filtering
- https://blueprints.launchpad.net/keystone/+spec/multiple-sql-migrate-repos
- https://bugs.launchpad.net/keystone/+bug/1179425
- https://blueprints.launchpad.net/keystone/+spec/extract-credentials-id
Known Issues
Upgrade Notes
OpenStack Network Service (Neutron)
Key New Features
Known Issues
None yet.
Upgrade Notes
- Changes to neutron-dhcp-agent require you to first upgrade your dhcp-agents. Then wait untill the dhcp_lease time has expired. After waiting atleast dhcp_lease time, update neutron-server. Failure to do this may lead to cases where an instance is deleted and the dnsmasq process has not released the lease and neturon allocates that ip to a new port. (https://review.openstack.org/#/c/37580/)
OpenStack Block Storage (Cinder)
Key New Features
Known Issues
None yet
Upgrade Notes
None yet
