Pike 시리즈에 대한 릴리즈 노트

12.0.4-5

업그레이드 노트

  • publicize_image policy now has the same name both for image create and edit features and corresponds to the same one in Glance. If you changed the policy name manually to get feature working you have to rollback your changes before Horizon update.

보안 이슈

  • An open redirect has been fixed, that could redirect users to arbitrary addresses from certain views by specifying a “next” parameter in the URL. Now the redirect will only work if the target URL is in the same domain, and uses the same protocol.

버그 수정

  • [bug:1859041] image:publicize_image policy is renamed to publicize_image to be the same as Glance has.

12.0.3

알려진 이슈

  • [bug:1746706] When reloading or opening Angular-based detail page directly, the navigation menu and breadcrumb list are not recovered properly and the first panel is focused. [bug:1746709] when we try to open non-existing Angular-based detail page, “Not Found” (404) page is not shown. A blank page only with the navigation menu will be shown.

버그 수정

  • [bug:1681627] A problem that Angular-based detail page (ngdetail page) cannot be reloaded or opened via direct URL has been fixed. Note that there are some known issues described in the Known Issues section.

12.0.0

새로운 기능

  • horizon에 openrc 와 clouds.yaml 을 다운로드 하는 기능을 추가했습니다. clouds.yaml 파일에 대하여 알고 싶으시다면 os-client-config documentation <https://docs.openstack.org/os-client-config/latest/user/> 을 참고하세요.

  • 로긴시 키스톤 도메인 목록에서 지원되도록 새로이 CREATE_IMAGE_DEFAULTS(dictionary) 와 OPENSTACK_KEYSTONE_DOMAIN_CHOICES (tuple of tuples) 설정값이 추가되었습니다. 이 값은 승인받지 않은 사용자에게 프라이빗 정보가 노출되는 일을 피하기 위해서는 퍼블릭 클라우드에서는 지정되지 않아야 합니다. 이 기능은 적은 수의 도메인이 LDAP 디렉토리나 액티브 디렉토리, 지역적이나 사업단위에 매핑되어 있고 기업 방화벽 뒤에 위치한 프라이빗 클라우드에서 사용하는 데에 유용합니다.

  • The virtio-forwarder VNIC type has been added to the list of valid types that may be set on a port. This requests a low-latency virtio port inside the instance, likely backed by hardware acceleration and requires a supporting Neutron mechanism driver.

  • The configuration documentation for supported_vnic_types in OPENSTACK_NEUTRON_NETWORK has been updated to help an operator decide which VNIC types should be available for users to choose from.

  • Cinder가 활성화 되어있는 동안 인스턴스 시작 화면에서 볼륨 수와 전체 볼륨 스토리지 할당량을 보여주는 그래프 2개를 추가하였습니다.

  • [blueprint network-bandwidth-limiting-qos] Add partial support for Network QoS policies. Since the panel is incomplete in Pike, it is disabled by default. It can be enabled in the file openstack_dashboard/enabled/_1510_project_network_qos_panel.py. When enabled, this panel allows users to view a list of created network policies. This panel displays a table view of the name, description and shared status of each policy. The details page for each policy also shows information on the associated rules.

  • Gives end-users the ability to create and delete ports in their networks. The functionality will be implemented into the project network details table. Following the discussions in the bug discussion. This functionality will be enabled/disabled via policy. Blueprint can be found at [blueprint network-ports-tenant] Bug can be found at [bug 1399252]

  • [blueprint neutron-trunk-ui] Add partial support for Neutron Trunks. Since the panel is incomplete in Pike, it is disabled by default. It can be enabled in the file ‘openstack_dashboard/enabled/_1500_project_trunks_panel.py’. After enabling it the Project/Network/Trunks panel turns on if Neutron API extension ‘trunk’ is available. It displays information about trunks. The details page for each trunk also shows information about subports of that trunk. Currently supported actions: delete.

  • [blueprint password-expires-validation] This blueprint provides a configurable setting to allow operators set the threshold days between the current date and the expiration date to show a message to warn users change their password prior the expiration date.

  • 대부분의 문서는 검색 가능성을 높이고 모든 콘텐츠가 관련성 있고 최신 상태인지 확인하기 위해, 재구성되고 업데이트되거나 완전히 다시 작성되었습니다.

  • 관리자/프로젝트 인스턴스 테이블에 잠금 상태 열을 추가하였습니다. 만약 Nova API 2.9 버전 이상을 사용하는 경우 잠금 또는 잠금 해제된 아이콘으로 표기됩니다.

  • LAUNCH_INSTANCE_DEFAULTS dict 설정 아래에 새로이 create_volume 를 추가했습니다 . Cinder가 사용 가능하다면 “인스턴스 생성하기” 양식 안에서 “볼륨 생성”의 기본 값을 지정할 수 있습니다.

  • 이미지 생성 모달에 기본 옵션값을 지정할 수 있는 새로운 설정인 CREATE_IMAGE_DEFAULTS(dictionary) 가 추가되었습니다. 이미지 생성 모달의 기본 시각적 옵션은 public 입니다. 만약 image_visibility``설정값이”private”``, 라면 기본 시각적 옵션은 private 입니다.

  • Added a new DEFAULT_SERVICE_REGIONS setting into local_settings.py. If a value of this is specified, it will be the default region to use when logging into the dashboard, instead of the value stored in cookies.

  • Now it is possible to enable/disable port security in Horizon, when the port-security extension is available. Note: Neutron allows disabling the port security on a port only when no security groups are associated to it

  • Panel group is introduced in the Admin dashboard to organize admin panels better. Panels in “System” group of Admin dashboard are now categorized into four groups: “Compute”, “Volume”, “Network” and “System”.

  • Security group association per port is now shown in the port detail page. In Neutron different security groups can be associated on different ports of a same server instance, but previously it cannot be referred in Horizon.

  • Securtiy group “Add rule” form now allows to specify ‘any’ IP protocol and ‘any’ port number (for TCP and UDP protocols). This feature is available when neutron is used as a networking back-end. You can specify ‘any’ IP protocol for ‘Other Protocol’ and -1 means ‘any’ IP protocol. You can also see All ports choice in ‘Open Port’ field in case of TCP or UDP protocol is selected.

  • Horizon workflow Step now support allowed() method to determine the step should be displayed conditionally. The workflow Step class already support policy check and permission mechanism to decide the step should be displayed, but allowed() is used to support more complex or dynamic condition.

업그레이드 노트

  • Horizon이 Nova에서 동일한 API 정책 대상 규칙을 사용하도록 업데이트되었습니다. Horizon의 이전 Nova 정책 파일을 변경 한 경우 Horizon에서 사용하는 새로운 Nova 정책 파일에 특정 정책 변경 사항을 적용해야합니다.

  • The profile_support setting has been removed from the OPENSTACK_NEUTRON_NETWORK dict, and any usages have been removed from the Horizon code base. If you were relying on this being set by default, you will now need to manually set the value in your plugin/customisation.

  • The ability to edit flavors is disabled by default. See ENABLE_FLAVOR_EDIT in the settings documentation for more information.

  • String attributes action_present and action_past were dropped from horizon.tables.BatchAction. action_present and action_past methods are the recommended way to define action labels for BatchAction. The offical way allows us to define more complete strings for action labels and this also allows translators to translate more flexibily.

  • [blueprint:drop-nova-network] Horizon nova-network floating IP and security groups supports have been dropped in Pike release. nova-network has been marked as deprecated in Nova in Newton release and horizon support was dropped in favor of it. Neutron now becomes a requirement for floating IP and security groups. Other operations on instances which created with nova-network should work same as before.

  • The settings enable_firewall and enable_vpn which have been deprecated since Juno release are now actually dropped. If you are using these settings to disable FWaaS v1 and VPNaaS dashboards, use REMOVE_PANEL of the Pluggable Panel mechanism to disable these panels. Note that Horizon checks the availability of FWaaS v1 and/or VPNaaS in your Neutron deploymennt and disables corresponding panels if not available, so in most cases you do not need to take care of the change.

  • FWaaS dashboard is now split out into a separate project neutron-fwaas-dashboard. All new features and maintenances are provided from the new project from now on. The new project provides all features available in Horizon in the past release. To continue to use FWaaS dashboard, install neutron-fwaas-dashboard and set up the horizon plugin configuration file in enabled directory. For more information, see neutron-fwaas-dashboard documentation.

  • [bug:1700325] Horizon now allows to override an embeded default plugin enabled file by specifying an enabled plguin file with a same filename. If there are plugin enabled files with a same name both in enabled and local/enabled directories, the file in local/enabled will be used and the file in enabled will be ignored now. Previously, both files are processed in the order of enabled and then local/enabled in this case, but this made operators difficult to change the order of panels from the default order.

    This is useful when you would like to disable some default panel. You can do it by specifying DISABLED = True in a plugin enabled file in local/enabled directory with a same name.

    This works in most cases, but there is a case where you need to be careful when upgrading horizon. If you use REMOVE_PANEL to remove some default panel by putting a plugin enabled file with a same name in local/enabled directory, you now need to use DISABLED = True or change the filename.

  • As a result of Admin dashboard reorganization, panel groups of many Admin panels have been changed. Operators who customize Admin panels (for example, disable some Admin panels) through enabled directory need to update panel groups in enabled files. Horizon plugin developers and deployers may also need to update panel configurations under enabled directory to adapt the new Admin menus.

  • OPENSTACK_ENDPOINT_TYPE setting now has a consistent default value and it defaults to publicURL. If you use the default value, previously (at least Ocata release) Horizon used internalURL for keystone and publicURL for other services. The default value is now publicURL, so if you want horizon to use internalURL to talk with back-end services, ensure to set OPENSTACK_ENDPOINT_TYPE to internalURL.

  • VPNaaS dashboard is now split out into a separate project neutron-vpnaas-dashboard. All new features and maintenances are provided from the new project from now on. The new project provides all features available in Horizon in the past release. To continue to use VPNaaS dashboard, install neutron-vpnaas-dashboard and set up the horizon plugin configuration file in enabled directory. For more information, see neutron-vpnaas-dashboard documentation http://git.openstack.org/cgit/openstack/neutron-vpnaas-dashboard/tree/doc/source

사용하지 않는 기능

  • Editing flavors는 ‘R’ cycle onwards 이후부터 제거 될 수 있습니다.

버그 수정

  • [bug:1564543] AVAILABLE_THEMES was used to determine whether a theme was selectable via the user facing widget, however it was noted that sometimes a parent theme is desired for inheritance, and needs to be hidden from the widget entirely. SELECTABLE_THEMES was added as a setting that can be used to collect a theme for inheritance, but hide it from the user’s view. See the settings documentation for usage specifics.

  • Unnecessary API calls to back-end services are eliminated when checking the quota and usage in individual panels. Each panel checks a resource can be created by retrieving the current quota and usage for the resource. However, the previous implementation retrieves quota and usage of unrelated resources (For example, Nova usage is retrieved when checking a network usage). It can be a performance problem in large deployments. This behavior is now fixed to load quota and usage only for resources which are really required.