Important Notes
This patch release does not require a system reset. All existing setup and data (e.g., projects, users, instances) remain intact after the software update.
System Requirements
Please refer to v1.0.0 release notes.
Installation
Oxide Computer Model 0 must be installed and configured under the guidance of Oxide technicians. The requirement may change in future releases.
Upgrade Compatibility
Upgrade from version 1.0.1 is supported. We recommend shutting down all running instances on the rack before the software update commences.
New Features
This release includes a number of performance improvements and a new capability for multi-tenant IP pool management.
Reduced virtual disk read/write latencies
Improved instance provisioning performance
Maximum VM instance size limit raised to 64 vcpus and 256 GiB memory
Ability for operator to define silo-specific external IP pools (see ip_pool_create)
Instance external IP address automatically allocated from silo IP pool if one is configured
Bug fixes:
Booting up an instance after rack power-cycle required an extra stop-start cycle to regain network connectivity (omicron#3813)
Spurious errors returned after successful snapshot or disk deletions (omicron#3866)
VM start operation was prohibited when metrics subsystem was unable to serve requests (propolis#497)
System clock sync with NTP was declared prematurely in some cases (omicron#3831)
Firmware update:
None in this release
Known Behavior and Limitations
End-user features
| Feature Area | Known Issue/Limitation | Issue Number |
|---|---|---|
Firewall rules | Firewall rules using VPC as target should allow/deny traffic based on an instance’s private IP only and not apply the rules against the instance’s public IP. As a workaround, use subnet as target to permit only intra-subnet traffic without allowing inbound traffic from other IP addresses on the same public network as the instance. | |
Image/snapshot management | Image upload sometimes stalls with HTTP/2. | |
Image/snapshot management | Unable to create snapshots for disks attached to stopped instances. | |
Image/snapshot management | The ability to delete images is not available at this time. | |
Image/snapshot management | The ability to modify image metadata is not available at this time. | |
Instance orchestration | The ability to select which SSH keys to be passed to a new instance is not available at this time. | |
Instance orchestration | Concurrent instance provisioning requests (e.g., as typically happens with programmatic orchestration such as Terraform) may return 500 errors. Users can reduce the concurrency level to avoid the error or retry the failed requests. | |
Instance orchestration | Instance or disk provisioning requests may fail due to unhandled sled or storage failure on rare occasions. Users can retry the requests to work around the failures. | |
Telemetry | Guest VM cpu and memory metrics are unavailable at this time. | - |
VPC and routing | Inter-subnet traffic routing is not available by default. Router and routing rules will be supported in future releases. |
Operator features
| Feature Area | Known Issue/Limitation | Issue Number |
|---|---|---|
Access control | Device tokens do not expire. | |
Control plane | Sled and physical storage availability status are not available in the inventory UI and API yet. | |
Control plane | When switch zones are bounced outside of rack cold-start, a full rack power cycle is required to re-propagate sled NAT configurations. | |
Control plane | Operator-driven software update is currently unavailable. All updates need to be performed by Oxide technicians. | - |
Control plane | Operator-driven instance migration across sleds is currently unavailable. Instance migrations need to be performed by Oxide technicians. | - |
Network management | Public IP addresses used for VM instances are currently assigned from a single pool named “default”. End-users do not have the ability to see the names of other IP pools. The ability to set up and query per-project IP pools will be available soon in future releases. | |
Network management | Routing between the rack and on-premise L2 networks is currently restricted to static routes only. The use of Border Gateway Protocol (BGP) for dynamic route configuration will be supported in upcoming releases. | |
Telemetry | Hardware metrics such as temperatures, fan speeds, and power consumption are not exposed to the control plane at this time. | - |
User management | User offboarding from the rack is not supported at this time. Apart from updating the identity provider to remove obsolete users from the relevant groups, operators will need to remove any IAM roles granted directly to those users in silos and projects. |