Osie 24.5.0 release
We are pleased to announce Osie v24.5.0 release which introduces support for the Ironic bare-metal services and a few more exciting new features.
New features
Ironic bare metal integration
Users can now spawn bare-metal instances by using the dedicated UI for that.
This implies a few requirements from the Administrator, so please follow the documentation for Ironic bare metal.
Flavor categories
This new function allows you to control which flavors to be displayed to the users, as well as grouping flavors into meaningful categories (such as General Purpose, GPU, etc). See the flavor categories documentation.
Scoped (or manual) tax configurations
Administrators can configure “Scoped” tax rates, which can be manually assigned to Billing Profiles and skip the country-based tax rules. This tax rule type was designed to allow implementing more complicated tax rules where the country-specific rule is not enough (i.e: if your country have different tax for different regions, cities, or type of business, etc). You can use such a tax rule to manually assign a tax rate to a customer.
SSH Password authentication
Osie automatically recognises images having the qemu-guest-agent installed, by looking at the hw_quemu_guest_agent=yes
property of the image. It then displays an option to set a password when creating the instance. The password can also be reset via the UI after the machine was created, thanks to the qemu-guest-agent.
Improvements
- manila: support driver_handles_share_servers=False
- This is a new feature flag on the “Cloud provider” section, allowing you to hide the “Share networks” option for cases where the share network is provided by the Administrator (i.e. CephFS).
- disable volume-backed reinstallation
- This is a feature flag on the “Cloud provider” section, allowing you to disable the rebuild/reinstall action for volume-backed instances. If you decide to enable this, make sure you run at least OpenStack Zed, as Nova API 2.93 is required for volume-backed instances to be rebuilt.
- OAuth2 PKCE enabled by default
- Proof of Key Code Exchange is an extension of the OAuth 2.0 protocol that helps prevent code interception attacks. This ensures a higher security across the OpenID / JWT authentication model that Osie is using. It’s now enabled by default, and you can disable it by setting the
ui.oauth2.pkce.enabled: false
property.
- Proof of Key Code Exchange is an extension of the OAuth 2.0 protocol that helps prevent code interception attacks. This ensures a higher security across the OpenID / JWT authentication model that Osie is using. It’s now enabled by default, and you can disable it by setting the
Bug fixes
- fix pricing estimation on the server creation page when additional volumes where added to the instances. The pricing now correctly reflects the price addition of the volumes.
- fixed volume creation from the server creation page. The created volumes will have the correct size and type.