Xena Series Release Notes

Xena Series Release Notes¶

16.0.1-5¶

Bug Fixes¶

Fix guest-agent failed to start postgres container due to execution of the “CREATE DATABASE” statement within the context manager of psycopg library. See the following for details Stroy 2010761

16.0.1¶

Bug Fixes¶

check if the user input is legal, currently, trove may have a RCE vulnerability. more details see: Stroy 2010004

16.0.0¶

New Features¶

Added iptables-persistent package in the guest image element for diskimage-builder. The Trove service administrator is able to perform iptables command (leveraging cloud-init config) and persist the change.

The project user can query the project’s own resource quota.

Show network ID for the instance private address.

Upgrade Notes¶

The default value of the trove guest agent config option [postgresql] backup_docker_image is changed to openstacktrove/db-backup-postgresql:1.1.1. There is nothing to do if the option is not configured explicitly.

Security Issues¶

Changed the network mode of database container to “bridge” and exposed the service ports. Cloud operator could adjust the iptables to restrict network access from the database container to the outside. An example:
```
iptables -t filter -I DOCKER-USER 1 -d [restricted-network-range] -i docker0 ! -o docker0 -j REJECT
```

Bug Fixes¶

Fixed backup creation failed issue when using custom container image registry.

Added a periodic task for postgresql datastore to clean up the archived WAL files. Added a check when creating incremental backups for postgresql. A new container image openstacktrove/db-backup-postgresql:1.1.2 is uploaded to docker hub.

Fixed an issue that the replication configuration is lost after resizing instance.

this page last updated: 2024-11-21 01:33:29

Creative Commons Attribution 3.0 License

Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.