Important Notes
These recent versions of API clients - CLI v0.4.0, Go SDK v0.1.0-beta4, and Terraform v0.3.0 - remain compatible with v8 besides rack networking configurations.
If you want to leverage the new rack networking configurations (see New Features), please review the Networking section of the API documentation for the new configurable options and get the newer CLI binaries (v0.5.0).
System Requirements
Please refer to v1.0.0 release notes.
Installation
Oxide Computer Model 0 must be installed and configured under the guidance of Oxide technicians. The requirement may change in future releases.
Upgrade Compatibility
Upgrade from version 7 is supported. We recommend shutting down all running instances on the rack before the software update commences.
All existing setup and data (e.g., projects, users, instances) will remain intact after the software update.
New Features
Rack networking configurations
Improved BGP support (maghemite#199)
Use of the
enforce-first-asoption. (maghemite#208)Specifying ASN of BGP peer to prevent unauthorized/unintended remote peering. (maghemite#151)
Additional BGP configurations such as keepalive time, multi-exit discriminator, import/export policies, local preferences, and operator-defined communities.
Operator can now use the new networking_allow_list_update API to restrict the Oxide API/UI endpoint access by source IP address. (omicron-PR#5686)
Rack reconfigurator
The new feature provides the foundation for rack component replacement and configuration changes. In v8, the reconfigurator module supports the programmatic configuration of new sleds for instance and disk mirror placement.
Additional capabilities are being developed to support other rack reconfiguration use cases. More details are forthcoming in release v9.
The reconfigurator module is currently only accessible by Oxide technicians. It will be made available to rack operators in a future release.
Console usability improvements
In this release we focused on making the web experience friendlier for new users.
Links to relevant docs on every page (console#2194)
Denser tables present more information at a glance (console#2153, console#2158)
Refresh button on instance detail page (console#2159, console#2161)
Firewall rules easier to find and work with (console#2108, console#2163, console#2190, console#2218)
Notification and confirmation improvements (console#2132, console#2157, console#2185, console#2188, console#2207)
Manage attached IPs from instance page (console#2130)
Bug fixes and minor enhancements
Web Console
Create instance with existing boot disk (console#1060)
External IP addresses can be copied when there is more than one (console-PR#2170)
Fix empty screen flash before nav on clicking project in top bar (console#2156)
Add state and policy columns to physical disks table (console#2151)
Rename Access & IAM to Access (console#2197, console#2209)
Convert quota amounts to GiB on silo create form (console#2141)
Users can now create snapshots from disks attached to stopped instances. (omicron#3289)
Floating IP create returned a 404 error when users without fleet admin privileges specified the IP pool to use. (omicron#5508)
An initial set of SMBIOS tables are now exposed to the guest via
fw_cfgand the OVMF ROM. (propolis#628)Instance delete was stuck in stopping state due to deadlock during VM halt and destroy. (propolis#675)
Storage job queue management has been improved to avoid kicking out a disk mirror during heavy writes. (crucible-PR#1252, crucible-PR#1256, crucible-PR#1260)
Metrics producer registration logic was refactored to use a lease-based renewal process to support sled replacement. (omicron#5284)
Firmware update
None
Known Behavior and Limitations
End-user features
| Feature Area | Known Issue/Limitation | Issue Number |
|---|---|---|
Image/snapshot management | Disks in | |
Image/snapshot management | Image upload sometimes stalls with HTTP/2 on FireFox. | |
Image/snapshot management | The ability to modify image metadata is not available at this time. | |
Instance orchestration | Instance or disk provisioning requests may fail due to unhandled sled or storage failure on rare occasions. Users can retry the requests to work around the failures. | |
Instance orchestration | Disk volume backend repair may fail to complete under heavy large write workload, preventing instances from starting or stopping. | |
Instance orchestration | Instance hostname validation has been strengthened. Instances with a now-invalid hostname will fail to start, though they can still be listed and viewed. If the disks attached to them are valuable, they may be detached from the invalid instances, and re-attached to a new instance. The invalid instance may be deleted at that time. | |
Telemetry | VM instance memory utilization and network throughput metrics are unavailable at this time. | - |
VPC and routing | Inter-subnet traffic routing is not available by default. Router and routing rules will be supported in future releases. |
Operator features
| Feature Area | Known Issue/Limitation | Issue Number |
|---|---|---|
Access control | Device tokens do not expire. | |
Control plane | Sled and physical storage availability status are not available in the inventory UI and API yet. | |
Control plane | When a sled is rebooted outside of the maintenance settings, new instances on the sled may be unable to reach existing instances on other sleds until those instances have been restarted. | |
Control plane | Operator-driven software update is currently unavailable. All updates need to be performed by Oxide technicians. | - |
Control plane | Operator-driven instance migration across sleds is currently unavailable. Instance migrations need to be performed by Oxide technicians. | - |
Telemetry | Hardware metrics such as temperatures, fan speeds, and power consumption are not exposed to the control plane at this time. | - |
User management | User offboarding from the rack is not supported at this time. Apart from updating the identity provider to remove obsolete users from the relevant groups, operators will need to remove any IAM roles granted directly to those users in silos and projects. |