starlingx
/
docs
Code Issues Proposed changes

Fix release notes linking 

The StX release notes contains a table with links to older versions of the notes, however,
they point to local copies on the same branch, not the original copies on respective branches.

These copies need to be deleted and the links corrected to point to the respective branches.

Partial-Bug: 2056459

Change-Id: I55193c70f028a243364b37f7bb2a53259ffb6fc8
Signed-off-by: Ron Stone <ronald.stone@windriver.com>
This commit is contained in:
Ron Stone 2024-03-07 17:18:02 +00:00
parent 6276abb99e
commit 12831b425f
12 changed files with 1632 additions and 3235 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
doc/source/introduction/index-intro-27197f27ad41.rst
View File

@ -72,7 +72,7 @@ For additional information about project teams, refer to the
New features in this version
----------------------------
.. include:: /releasenotes/r8-0-release-notes-6a6ef57f4d99.rst
.. include:: /releasenotes/index.rst
:start-after: start-new-features-r8
:end-before: end-new-features-r8
@ -80,7 +80,5 @@ New features in this version
New features in StarlingX 7.0
-----------------------------
.. include:: /releasenotes/r7-0-release-notes-85446867da2a.rst
:start-after: start-new-features-r7
:end-before: end-new-features-r7
See: https://docs.starlingx.io/r/stx.7.0/releasenotes/r7-0-release-notes-85446867da2a.html#new-features-and-enhancements

1657
doc/source/releasenotes/index.rst
View File

File diff suppressed because it is too large Load Diff

0
doc/source/releasenotes/r1_release.rst → doc/source/releasenotes/r1_release.unused
View File

0
doc/source/releasenotes/r2_0_1_release.rst → doc/source/releasenotes/r2_0_1_release.unused
View File

0
doc/source/releasenotes/r2_release.rst → doc/source/releasenotes/r2_release.unused
View File

0
doc/source/releasenotes/r3_release.rst → doc/source/releasenotes/r3_release.unused
View File

0
doc/source/releasenotes/r4_release.rst → doc/source/releasenotes/r4_release.unused
View File

70
doc/source/releasenotes/r5_0_1_release.rst
View File

@ -1,70 +0,0 @@
====================
R5.0.1 Release Notes
====================
.. contents::
:local:
:depth: 1
---------
ISO image
---------
The pre-built ISO and Docker images for StarlingX release 5.0.1 are located at
the `StarlingX mirror
<https://mirror.starlingx.windriver.com/mirror/starlingx/release/5.0.1/centos/flock/outputs/>`_.
------
Branch
------
The source code for StarlingX release 5.0.1 is available in the r/stx.5.0.1
branch in the `StarlingX repositories <https://opendev.org/starlingx>`_.
----------
Deployment
----------
A system install is required to deploy StarlingX release 5.0.1. There is no
upgrade path from previous StarlingX releases.
Use the `R5.0 Installation Guides <https://docs.starlingx.io/r/stx.5.0/deploy_install_guides/r5_release/index-install-r5-ca4053cb3ab9.html>`
to install R5.0.1.
-----------------------------
New features and enhancements
-----------------------------
None.
----------
Bug status
----------
**********
Fixed bugs
**********
This release provides fixes for the following bug.
* `1940696 <https://bugs.launchpad.net/starlingx/+bug/1940696>`_ Bootstrap of
controller-0 failing due to missing tag in gcr.io registry
-----------------
Known limitations
-----------------
The following are known limitations in this release. Workarounds
are suggested where applicable. Note that these limitations are considered
temporary and will likely be resolved in a future release.
* `1925668 <https://bugs.launchpad.net/starlingx/+bug/1925668>`_ Bootstrap
replay fails when changing mgmt subnet
This item is fixed in the master branch.
Running the bootstrap playbook will fail if it is re-run after first running
it with one management subnet (default or specified) and then specifying a new
management subnet.

165
doc/source/releasenotes/r5_release.rst
View File

@ -1,165 +0,0 @@
==================
R5.0 Release Notes
==================
.. contents::
:local:
:depth: 1
---------
ISO image
---------
The pre-built ISO and Docker images for StarlingX release 5.0 are located at
the `StarlingX mirror
<https://mirror.starlingx.windriver.com/mirror/starlingx/release/5.0.0/centos/flock/outputs/>`_.
------
Branch
------
The source code for StarlingX release 5.0 is available in the r/stx.5.0
branch in the `StarlingX repositories <https://opendev.org/starlingx>`_.
----------
Deployment
----------
A system install is required to deploy StarlingX release 5.0. There is no
upgrade path from previous StarlingX releases. For detailed instructions, see
the `R5.0 Installation Guides <https://docs.starlingx.io/r/stx.5.0/deploy_install_guides/r5_release/index-install-r5-ca4053cb3ab9.html>`.
-----------------------------
New features and enhancements
-----------------------------
The list below provides a detailed list of new features and links to the
associated user guides (if applicable).
* Rook / Ceph
A new storage backend rook-ceph to provide storage service to StarlingX.
Guide: `Install StarlingX Kubernetes on Bare Metal Standard with Rook
Storage <https://docs.starlingx.io/r/stx.5.0/deploy_install_guides/r5_release/bare_metal/rook_storage.html>`
* FPGA image update orchestration for distributed cloud
Added support for orchestrating updates to the Intel N3000 FPGA Programmable
Acceleration Card across the subclouds in a distributed cloud configuration.
Guide: :ref:`Device Image Update
Orchestration <device-image-update-orchestration>`
* Automatic certificate renewal for DC admin endpoints
In Distributed Cloud configurations, ``admin`` endpoints for the platform
keystone services (e.g. Configuration API, DC Manager API, etc.) on
systemController and subclouds are HTTPS with internally generated
certificates. This feature adds support for automatically renewing the
certificates associated with these ``admin`` endpoints.
Guide: :ref:`Certificate Management for Admin REST API Endpoints
<certificate-management-for-admin-rest-api-endpoints>`
* Vault integration for secret management support
StarlingX now integrates the open source Vault secret management into the
StarlingX solution. The StarlingX integration of Vault uses open source Raft
(PVC-based) as its storage backend. For more information, refer to:
https://www.vaultproject.io/
The following services are supported:
* Encryption-as-a-service / Secret Management: Vault provides data encryption
for applications and is used to store and access secrets.
* Vault-manager: The Vault-manager pod handles the initialization of Vault,
configuring Transport Layer Security (TLS) for all Vault communication that
provides the ability to automatically unseal Vault pods in deployments
where an external autounseal provider is not available.
Guide: :ref:`Vault Overview <security-vault-overview>`
* Support for container image signature validation
StarlingX supports image security policies using the Portieris admission
controller. Portieris uses a Kubernetes Mutating Admission Webhook to modify
Kubernetes resources such as pods, deployments, and others, at the point of
creation, to ensure that Kubernetes runs only policy compliant images; for
example, only signed images. The StarlingX integration of Portieris is
integrated with cert-manager and works with external registries, with an
associated Notary server for holding images trust data.
Guide: :ref:`Portieris Overview <portieris-overview>`
* Edgeworker for industrial deployments
``EdgeWorker`` is a new personality of nodes. Edgeworker nodes are typically
small systems running dedicated workloads with Ubuntu as its operating system.
They usually do not meet worker nodes' minimum requirements but now they can
be managed by StarlingX.
Guide: :ref:`Deploy Edgeworker Nodes <deploy-edgeworker-nodes>`
* SNMP v3 support
StarlingX has updated its SNMP solution to be a containerized SNMP solution,
delivered as an optional system application. Net-SNMP is still used as the
underlying SNMP Agent. SNMP is configured through helm-overrides of the SNMP
system application. The SNMP system application now supports both SNMPv2c
and SNMPv3.
Guide: :ref:`SNMP Overview <snmp-overview>`
* Distributed cloud scaling
The distributed cloud deployment now supports up to 200 |AIO-SX| subclouds.
Guide: :ref:`Distributed Cloud Architecture <distributed-cloud-architecture>`
* Secure Device Onboard (SDO)
|SDO| is open source software that automates the “onboard” process, which
occurs when an SDO device establishes the first trusted connection with a
device management service. This release adds support for the SDO Rendezvous
(RV) service.
Guide: :doc:`Enable SDO Rendezvous Service </developer_resources/stx_sdo_rv>`
* Hardware enablement
Added support for Intel Ice Lake CPU, Intel Mt. Bryce eASIC (Pomona Lake),
and Intel Columbiaville NIC.
Guides: :ref:`Configuring VF Interfaces Rate Limiting Using the CLI
<configuring-vf-interfaces-rate-limiting-using-cli>` and :ref:`Verified
Commercial Hardware <verified-commercial-hardware>`
----------
Bug status
----------
**********
Fixed bugs
**********
This release provides fixes for a number of defects. Refer to the StarlingX bug
database to review the `R5.0 fixed defects
<https://bugs.launchpad.net/starlingx/+bugs?field.searchtext=&orderby=-importance&search=Search&field.status%3Alist=FIXRELEASED&field.tag=stx.5.0>`_.
-----------------
Known limitations
-----------------
The following are known limitations in this release. Workarounds
are suggested where applicable. Note that these limitations are considered
temporary and will likely be resolved in a future release.
* `1925668 <https://bugs.launchpad.net/starlingx/+bug/1925668>`_ This item is
fixed in the master branch.
Running the bootstrap playbook will fail if it is re-run after first running
it with one management subnet (default or specified) and then specifying a new
management subnet.

237
doc/source/releasenotes/r6-0-release-notes-bc72d0b961e7.rst
View File

@ -1,237 +0,0 @@
.. _r6-0-release-notes-bc72d0b961e7:
==================
R6.0 Release Notes
==================
.. contents::
:local:
:depth: 1
---------
ISO image
---------
The pre-built ISO and Docker images for StarlingX release 6.0 are located at
the `StarlingX mirror
<https://mirror.starlingx.windriver.com/mirror/starlingx/release/6.0.0/centos/flock/outputs/>`_.
------
Branch
------
The source code for StarlingX release 6.0 is available in the r/stx.6.0
branch in the `StarlingX repositories <https://opendev.org/starlingx>`_.
----------
Deployment
----------
A system install is required to deploy StarlingX release 6.0. There is no
upgrade path from previous StarlingX releases. For detailed instructions, see
the Installation guide:
https://docs.starlingx.io/r/stx.6.0/deploy_install_guides/index-install-e083ca818006.html
-----------------------------
New features and enhancements
-----------------------------
The list below provides a detailed list of new features and links to the
associated user guides (if applicable).
* Kernel Upversion to 5.10
|prod-long| now supports kernel version 5.10 to include |VRF| and the user
space tooling to configure the routing and forwarding interfaces.
Guide: https://www.kernel.org/doc/Documentation/networking/vrf.txt
* Platform Certificates Managed by Cert-Manager
Platform services can now use cert-manager to simplify the management
(e.g. auto-renewals) of the following Platform certificates:
* RESTAPI /GUI certificate
* registry.local certificate
* OIDC/DEX certificate
Guides:
* :ref:`Create a local CA Issuer <starlingx-rest-api-applications-and-the-web-admin-server-cert-9196c5794834>`
* :ref:`Configure REST API Applications and Web Administration Server Certificate <configure-rest-api-applications-and-web-administration-server-certificates-after-installation-6816457ab95f>`
* :ref:`Configure Docker Registry Certificate <configure-docker-registry-certificate-after-installation-c519edbfe90a>`
* :ref:`Set up OIDC Auth Applications <configure-oidc-auth-applications>`
* :ref:`OIDC Client Dex Server Certificates <oidc-client-dex-server-certificates-dc174462d51a>`
* Management of Kubernetes Root CA Certificate
You can update Kubernetes Root |CA| certificate on a running system, with
either an uploaded certificate or an auto-generated certificate.
Orchestration is also provided for both Cloud and Distributed Cloud.
Guides:
* :ref:`Manual Kubernetes Root CA Certificate Update <manual-kubernetes-root-ca-certificate-update-8e9df2cd7fb9>`
* :ref:`Kubernetes Root CA Certificate Update Cloud Orchestration <kubernetes-root-ca-certificate-update-cloud-orchestration-a627f9d02d6d>`
• Auditd support
The Linux Auditing System helps system administrators track security
violation events based on preconfigured audit rules. The events are
recorded in a log file and the information in the log entries helps to
detect misuse or unauthorized activities.
The Linux Audit daemon, **auditd**, is the main component of the Linux
Auditing System, and is responsible for writing the audit logs.
Guide: :ref:`Linux Auditing System <auditd-support-339a51d8ce16>`
* Alarm Support for Expiring and Expired Certificates
Expired certificates may prevent the proper operation of platform and
applications running on the platform. In order to avoid expired
certificates, |prod-long| generates alarms for certificates that are within
30 days (default) of expiry or have already expired.
Guide: :ref:`Expiring-Soon and Expired Certificate Alarms <alarm-expiring-soon-and-expired-certificates-baf5b8f73009>`
* Make a separate CA for Kubernetes and etcd
This is the etcd Root |CA| certificate. It signs etcd server and client
certificates, and ``kube-apiserver`` etcd client certificate. This is also
the |CA| certificate used to verify various server and client certificates
signed by etcd Root |CA| certificate. You can now provide a separate Root
|CA| for Kubernetes and etcd.
Guide: :ref:`Etcd Certificates <etcd-certificates-c1fc943e4a9c>`
* Support for stx-ceph-manager
* Ceph upversion from Mimic to Nautilus
Upgraded the supported Ceph version to Nautilus (14.2.22).
Guide: N/A
* Firmware Update for BMC and Retimer
The firmware for Intel MAX 10 |BMC| and C827 retimer can now be updated
using the :command:`device-image-upload` command. A new option
``--retimer-included <true/false>`` has been added where a boolean
indicates whether the |BMC| firmware includes a retimer firmware. A new
parameter ``--bmc <true/false>`` is added to specify the functional |BMC|
image (optional).
Guide: :ref:`Update an N3000 FPGA Image <updating-an-intel-n3000-fpga-image>`
* AIO-SX to AIO-DX Migration
You can migrate an |AIO-SX| subcloud to an |AIO-DX| subcloud without
reinstallation. This operation involves updating the system mode, adding
the OAM unit IP addresses of each controller, and installing the second
controller.
Guide: :ref:`Migrate an AIO-SX to an AIO-DX Subcloud <migrate-an-aiosx-subcloud-to-an-aiodx-subcloud>`
* Distributed Cloud Subcloud Rehoming
You can move subclouds from one Distributed Cloud system to another while
the current System Controller is reinstalled in a disaster recovery
scenario. Another use case for the subcloud rehoming process is to add
already deployed subclouds when the subclouds from multiple System
Controllers are being consolidated into a single System Controller, because
the rehoming playbook does not work with freshly installed/bootstrapped
subclouds.
Guide: :ref:`Rehome a Subcloud <rehoming-a-subcloud>`
* Container Component Upversion
The default version of a fresh install for Kubernetes is 1.21.8, while for
an upgrade from 5.0, it will be 1.18.1. You will need to upgrade
Kubernetes to each version up to 1.21.8 in order to be ready to upgrade to
the next version of |prod|.
Guide: :ref:`Manual Kubernetes Version Upgrade <manual-kubernetes-components-upgrade>`
* Use pf-bb-config to configure Intel FPGA N3000
The **pf-bb-config** package is used to statically configure the baseband
device within N3000 devices.
Guide: :ref:`N3000 FPGA Overview <n3000-overview>`
* AIO-SX: Support for pci device/NIC replacement without host reinstall
For replacement of N3000 or ACC100 device on a host, without requiring a
host or system (in case of |AIO-SX|) re-install and re-configuration, in
the case of the replaced device having **different vendor** or **device
ID** information, see :ref:`N3000 and ACC100 replacement with different vendor or device-id <fec-replacement-with-different-vendor-or-device-id-b1ab1440e15f>`.
For the replacement of a N3000 or ACC100 device on a host, without requiring
a host or system (in case of |AIO-SX|) re-install and re-configuration, in
the case of the replaced device having the **same vendor** and **device
ID** information, see :ref:`N3000 and ACC100 replacement with the same vendor and device-id <n3000-and-acc100-replacement-with-the-same-vendor-and-device-id-cccabcdc5d43>`.
For the replacement of a NIC on a host, without requiring a host or system
(in case of |AIO-SX|) re-install and re-configuration, in the case of the
replaced NIC having the same vendor or device ID information, see
:ref:`NIC replacement with the same vendor and device-id <nic-replacement-with-the-same-vendor-and-device-id-32942b7b05e5>`.
For the replacement of a NIC on a host, without requiring a host or system
(in case of |AIO-SX|) re-install and re-configuration, in the case of the
replaced NIC having different vendor or device ID information, see
:ref:`NIC replacement with a different vendor or device-id <replace-a-nic-with-a-different-vendor-or-device-id-b406c1c190a9>`.
• Allow admin password change without controller host lock
In a subcloud, if the |CLI| command returns an authentication after you
source the script ``/etc/platform/openrc``, you can verify the password on
the subcloud by using the :command:`env | grep OS_PASSWORD` command. If it
returns the old password, you will need to run the :command:`keyring set CGCS admin`
command and provide the new admin password.
* Subcloud Deployment with Local Installation
Subcloud Install is enhanced to support a local install option for Redfish
supported servers that are “Prestaged” with a valid install bundle.
Prestaging can be done manually or automated by building a
self-installing “Prestaging ISO” image using the ``gen-prestaged-is.sh`` tool.
This tool accepts parameters that include install bundle components and
produces a “Prestaging ISO”.
Guide: :ref:`Subcloud Deployment with Local Installation <subcloud-deployment-with-local-installation-4982449058d5>`
----------
Bug status
----------
**********
Fixed bugs
**********
This release provides fixes for a number of defects. Refer to the StarlingX bug
database to review the `R6.0 fixed defects
<https://bugs.launchpad.net/starlingx/+bugs?field.searchtext=&orderby=-importance&search=Search&field.status%3Alist=FIXRELEASED&field.tag=stx.6.0>`_.
-----------------
Known limitations
-----------------
The following are known limitations in this release. Workarounds
are suggested where applicable. Note that these limitations are considered
temporary and will likely be resolved in a future release.
* N/A

1116
doc/source/releasenotes/r7-0-release-notes-85446867da2a.rst
View File

File diff suppressed because it is too large Load Diff

1616
doc/source/releasenotes/r8-0-release-notes-6a6ef57f4d99.rst
View File

File diff suppressed because it is too large Load Diff