From 8458c3f65feedb11d82d5f4890103f2cd0265d41 Mon Sep 17 00:00:00 2001 From: MCamp859 Date: Wed, 24 Feb 2021 11:49:30 -0500 Subject: [PATCH] R5 Release Notes Updated Bugs/Known Limitation sections. Updated links to feature docs. Confirmed path to download ISO image. Change-Id: I06442638291dbd0e03cdbc621a26b857b7f527dd Signed-off-by: MCamp859 --- doc/source/releasenotes/index.rst | 3 + doc/source/releasenotes/r5_release.rst | 165 +++++++++++++++++++++++++ 2 files changed, 168 insertions(+) create mode 100644 doc/source/releasenotes/r5_release.rst diff --git a/doc/source/releasenotes/index.rst b/doc/source/releasenotes/index.rst index 7c7a39716..85958a3ee 100644 --- a/doc/source/releasenotes/index.rst +++ b/doc/source/releasenotes/index.rst @@ -9,6 +9,8 @@ You can find details about a release on the specific release page. +------------------------+---------------------+------------------------+---------------------------+ | Version | Release Date | Notes | Status | +========================+=====================+========================+===========================+ +| StarlingX R5.0 | 2021-05 | :doc:`r5_release` | Maintained | ++------------------------+---------------------+------------------------+---------------------------+ | StarlingX R4.0 | 2020-08 | :doc:`r4_release` | Maintained | +------------------------+---------------------+------------------------+---------------------------+ | StarlingX R3.0 | 2019-12 | :doc:`r3_release` | :abbr:`EOL (End of Life)` | @@ -35,4 +37,5 @@ project-team-guide/stable-branches.html#maintenance-phases>`_ definitions. r2_0_1_release r3_release r4_release + r5_release diff --git a/doc/source/releasenotes/r5_release.rst b/doc/source/releasenotes/r5_release.rst new file mode 100644 index 000000000..01cccddda --- /dev/null +++ b/doc/source/releasenotes/r5_release.rst @@ -0,0 +1,165 @@ +================== +R5.0 Release Notes +================== + +.. contents:: + :local: + :depth: 1 + +--------- +ISO image +--------- + +The pre-built ISO and Docker images for StarlingX release 5.0 are located at +the `CENGN StarlingX mirror +`_. + +------ +Branch +------ + +The source code for StarlingX release 5.0 is available in the r/stx.5.0 +branch in the `StarlingX repositories `_. + +---------- +Deployment +---------- + +A system install is required to deploy StarlingX release 5.0. There is no +upgrade path from previous StarlingX releases. For detailed instructions, see +the :doc:`R5.0 Installation Guides `. + +----------------------------- +New features and enhancements +----------------------------- + +The list below provides a detailed list of new features and links to the +associated user guides (if applicable). + +* Rook / Ceph + + A new storage backend rook-ceph to provide storage service to StarlingX. + + Guide: :doc:`Install StarlingX Kubernetes on Bare Metal Standard with Rook + Storage ` + +* FPGA image update orchestration for distributed cloud + + Added support for orchestrating updates to the Intel N3000 FPGA Programmable + Acceleration Card across the subclouds in a distributed cloud configuration. + + Guide: :doc:`Device Image Update + Orchestration ` + +* Automatic certificate renewal for DC admin endpoints + + In Distributed Cloud configurations, ``admin`` endpoints for the platform + keystone services (e.g. Configuration API, DC Manager API, etc.) on + systemController and subclouds are HTTPS with internally generated + certificates. This feature adds support for automatically renewing the + certificates associated with these ``admin`` endpoints. + + Guide: :doc:`Certificate Management for Admin REST API Endpoints + ` + +* Vault integration for secret management support + + StarlingX now integrates the open source Vault secret management into the + StarlingX solution. The StarlingX integration of Vault uses open source Raft + (PVC-based) as its storage backend. For more information, refer to: + https://www.vaultproject.io/ + + The following services are supported: + + * Encryption-as-a-service / Secret Management: Vault provides data encryption + for applications and is used to store and access secrets. + * Vault-manager: The Vault-manager pod handles the initialization of Vault, + configuring Transport Layer Security (TLS) for all Vault communication that + provides the ability to automatically unseal Vault pods in deployments + where an external autounseal provider is not available. + + Guide: :doc:`Vault Overview ` + +* Support for container image signature validation + + StarlingX supports image security policies using the Portieris admission + controller. Portieris uses a Kubernetes Mutating Admission Webhook to modify + Kubernetes resources such as pods, deployments, and others, at the point of + creation, to ensure that Kubernetes runs only policy compliant images; for + example, only signed images. The StarlingX integration of Portieris is + integrated with cert-manager and works with external registries, with an + associated Notary server for holding images’ trust data. + + Guide: :doc:`Portieris Overview ` + +* Edgeworker for industrial deployments + + ``EdgeWorker`` is a new personality of nodes. Edgeworker nodes are typically + small systems running dedicated workloads with Ubuntu as its operating system. + They usually do not meet worker nodes' minimum requirements but now they can + be managed by StarlingX. + +.. TODO: This guide is not merged as of 25May21. + Guide: :doc:`Deploy Edgeworker Nodes ` + +* SNMP v3 support + + StarlingX has updated its SNMP solution to be a containerized SNMP solution, + delivered as an optional system application. Net-SNMP is still used as the + underlying SNMP Agent. SNMP is configured through helm-overrides of the SNMP + system application. The SNMP system application now supports both SNMPv2c + and SNMPv3. + + Guide: :doc:`SNMP Overview ` + +* Distributed cloud scaling + + The distributed cloud deployment now supports up to 200 |AIO-SX| subclouds. + + Guide: :doc:`Distributed Cloud Architecture ` + +* Secure Device Onboard (SDO) + + |SDO| is open source software that automates the “onboard” process, which + occurs when an SDO device establishes the first trusted connection with a + device management service. This release adds support for the SDO Rendezvous + (RV) service. + + Guide: :doc:`Enable SDO Rendezvous Service ` + +* Hardware enablement + + Added support for Intel Ice Lake CPU, Intel Mt. Bryce eASIC (Pomona Lake), + and Intel Columbiaville NIC. + + Guides: :doc:`Configuring VF Interfaces Rate Limiting Using the CLI + ` and :doc:`Verified Commercial Hardware ` + + +---------- +Bug status +---------- + +********** +Fixed bugs +********** + +This release provides fixes for a number of defects. Refer to the StarlingX bug +database to review the `R5.0 fixed defects +`_. + + +----------------- +Known limitations +----------------- + +The following are known limitations in this release. Workarounds +are suggested where applicable. Note that these limitations are considered +temporary and will likely be resolved in a future release. + +* `1925668 `_ This item is + fixed in the master branch. + + Running the bootstrap playbook will fail if it is re-run after first running + it with one management subnet (default or specified) and then specifying a new + management subnet.