Important Notes
The session timeout in the web console is now 8 hours idle and 24 hours absolute for a better user experience (omicron-PR#5920). These values will be made configurable in a future release (omicron#5477).
The external IP allowlist is now applied to the API only; the allowlist no longer affects DNS server access (omicron#5892).
The Oxide CLI, Go SDK, and Terraform Provider have been updated for API enhancements such as VPC subnet routing described under New Features. Please be sure to upgrade.
System Requirements
Please refer to v1.0.0 release notes.
Installation
Oxide Computer Model 0 must be installed and configured under the guidance of Oxide technicians. The requirement may change in future releases.
Upgrade Compatibility
Upgrade from version 8 is supported. We recommend shutting down all running instances on the rack before the software update commences.
All existing setup and data (e.g., projects, users, instances) will remain intact after the software update.
New Features
VPC Subnet Routing
Project users can now configure custom routes in VPCs to allow instances in different subnets within the same VPC to talk with one another.
Custom routers may be attached/detached to a VPC subnet using the
custom_routerfield in subnetPOSTandPUTrequests. See the latest Networking guide for more information.A common use case enabled by subnet routing is hosting a VPN tunnel on a VM instance, as illustrated by this example in the networking guide.
Web console support for subnet routing will be added in a future release.
Uplink VLAN Tagging
Operators may now include VLAN ID optionally in the switch port settings.
The Oxide rack switches will make use of the VLAN ID to produce and consume 802.1Q Ethernet tags, enabling the Oxide rack to operate with shared physical network interfaces.
Console usability improvements
Increase session timeout to 8 hours idle and 24 hours absolute (omicron-PR#5920)
Configure ephemeral and floating IPs on instance create form (console#1097, console#1098, console#1979)
Attach and detach ephemeral IPs on instance detail page (console#2288)
Show IP pool names on floating IPs list (console-PR#2245)
Add searchable combobox field to a few forms, with more coming soon (console-PR#2267)
Comprehensive help text on firewall rule form (console-PR#2286)
Add logout button to error page (console-PR#2244)
Fix serial console showing "Connected" when instance was not running (console#2169)
Fix super-wide serial console page (console-PR#2272)
Bug fixes and minor enhancements
PEM encoded certificate is now included in external API responses (omicron-PR#5078)
Compute resource usage was decremented incorrectly when stopping a running instance (omicron#5525)
Attempt to add firewall rule with duplicate name now returns a 400 (omicron#5725)
IP pool linked silos pagination did not work (omicron#5837)
Marking a sled non-provisionable caused existing instances to lose their private IP connectivity (omicron#5872)
Fixed 404 on project IP pool view for users without fleet viewer role (omicron#5883)
Enable support for updating RoT bootloader in future releases (omicron-PR#5882)
Inflight orchestration jobs weren’t recovered automatically when the control plane was restarted (omicron#5948)
Added BGP announce set modification API endpoint (omicron#6022)
Database error was thrown when reading BGP peer configs in background sync job (omicron#6023)
BGP filters were not persisted in the bootstore early networking configurations (omicron#6067)
Firmware update
NVMe: Micron 7300 version 95420280 (release notes)
NVMe: Western Digital SN840 version R2210010
Known Behavior and Limitations
End-user features
| Feature Area | Known Issue/Limitation | Issue Number |
|---|---|---|
Image/snapshot management | Disks in | |
Image/snapshot management | Image upload sometimes stalls with HTTP/2 on Firefox. | |
Image/snapshot management | The ability to modify image metadata is not available at this time. | |
Instance orchestration | Possible 500 errors when creating a large number of instances concurrently. Users can retry the requests to work around the failures. | |
Instance orchestration | Instances are stuck in running state when the backend propolis servers are gone or disassociated from the control plane. | |
Instance orchestration | Instance hostname validation has been strengthened. Instances with a now-invalid hostname will fail to start, though they can still be listed and viewed. If the disks attached to them are valuable, they may be detached from the invalid instances, and re-attached to a new instance. The invalid instance may be deleted at that time. | |
Telemetry | VM instance memory utilization and network throughput metrics are unavailable at this time. | - |
Operator features
| Feature Area | Known Issue/Limitation | Issue Number |
|---|---|---|
Access control | Device tokens do not expire. | |
Control plane | Sled and physical storage availability status are not available in the inventory UI and API yet. | |
Control plane | Operator-driven software update is currently unavailable. All updates need to be performed by Oxide technicians. | - |
Control plane | Operator-driven instance migration across sleds is currently unavailable. Instance migrations need to be performed by Oxide technicians. | - |
Telemetry | Hardware metrics such as temperatures, fan speeds, and power consumption are not exposed to the control plane at this time. | - |
User management | User offboarding from the rack is not supported at this time. Apart from updating the identity provider to remove obsolete users from the relevant groups, operators will need to remove any IAM roles granted directly to those users in silos and projects. |