2025.1 Series Release Notes¶
10.2.2-5¶
Bug Fixes¶
Fixes matching hints with lists of WWN/Serial which was only handled in some cases - due to the issue, it was possible to choose a device listed in the skip_block_devices property as a root device.
Fixes an issue where the agent could not find a valid IP address when the Ironic API was running on a non-standard port. The reachability test now uses the full API URL including the port number, instead of only using the hostname. This prevents
LookupAgentIPErrorwhen connecting to Ironic APIs on custom ports.
Fixes RuntimeError when entering rescue mode by checking if the heartbeater thread is alive before attempting to stop it.
The agent now tests Ironic API URL reachability via HTTP during startup before determining the advertised IP address. Unreachable API URLs are filtered out, preventing the agent from advertising an IP address that cannot actually reach the Ironic API. This improves reliability when multiple API URLs are configured or in complex network topologies. The IP reachability test uses the configured
http_request_timeout(default 30 seconds) timeout for the HTTP request.
10.2.2¶
Bug Fixes¶
Software RAID creation now correctly handles configurations where logical disks use different sets of physical devices. Previously, partition indices were incorrectly shared across all devices, causing failures when creating multiple RAID arrays on different disks.
10.2.1¶
Bug Fixes¶
Fixes IPA collecting the effective MAC address of NICs instead of the pesistent MAC address. In case it fails to fetch the persistent address falls back to effective MAC address. See https://bugs.launchpad.net/ironic-python-agent/+bug/2103450 for details.
10.2.0¶
New Features¶
Adds support to Ironic-Python-Agent to facilitate deployment of bootable containers. This is an experimental feature for standalone users. Operators wishing to disable this feature, can leverage the
[DEFAULT]disable_bootc_deployoption inironic-python-agent.conf.
Bug Fixes¶
Fixes a potential security issue where a third party may be able to retrieve potentially sensitive data in command result output from the agent. If a request comes in with an
agent_tokento the command results endpoint, the agent will now require all future calls to leverage the token to retrieve results and validate that token’s validity. This effectively eliminates the possibility of a malicious entity with access to the agent’s API endpoint from capturing the command results from agent operations.
Prevents IPA from restarting on tenant networks during rescue operations by adding proper lockdown.
