aboutsummaryrefslogtreecommitdiffstats
path: root/releasenotes/notes
diff options
context:
space:
mode:
Diffstat (limited to 'releasenotes/notes')
-rw-r--r--releasenotes/notes/add-ipv6-diable-options-9aaee219bb87ac6a.yaml7
-rw-r--r--releasenotes/notes/replace-references-to-old-ctlplane-0df7f2ae8910559c.yaml20
2 files changed, 27 insertions, 0 deletions
diff --git a/releasenotes/notes/add-ipv6-diable-options-9aaee219bb87ac6a.yaml b/releasenotes/notes/add-ipv6-diable-options-9aaee219bb87ac6a.yaml
new file mode 100644
index 00000000..8b57f587
--- /dev/null
+++ b/releasenotes/notes/add-ipv6-diable-options-9aaee219bb87ac6a.yaml
@@ -0,0 +1,7 @@
+---
+security:
+ - |
+ Add IPv6 disable option and make it configurable for user to disable IPv6
+ when it's not used, this will descrease the risk of ipv6 attack.
+ Both net.ipv6.conf.default.disable_ipv6 & net.ipv6.conf.all.disable_ipv6
+ will be explicitly set to the default value (0) which is enabled.
diff --git a/releasenotes/notes/replace-references-to-old-ctlplane-0df7f2ae8910559c.yaml b/releasenotes/notes/replace-references-to-old-ctlplane-0df7f2ae8910559c.yaml
new file mode 100644
index 00000000..09d3be03
--- /dev/null
+++ b/releasenotes/notes/replace-references-to-old-ctlplane-0df7f2ae8910559c.yaml
@@ -0,0 +1,20 @@
+---
+upgrade:
+ - |
+ The default network for the ctlplane changed from 192.0.2.0/24 to
+ 192.168.24.0/24. All references to the ctlplane network in the templates
+ have been updated to reflect this change. When upgrading from a previous
+ release, if the default network was used for the ctlplane (192.0.2.0/24),
+ then it is necessary to provide as input, via environment file, the correct
+ setting for all the parameters that previously defaulted to 192.0.2.x and
+ now default to 192.168.24.x; there is an environment file which could be
+ used on upgrade `environments/updates/update-from-192_0_2-subnet.yaml` to
+ cover a simple scenario but it won't be enough for scenarios using an
+ external load balancer, Contrail or Cisto N1KV. Follows a list of params to
+ be provided on upgrade.
+ From contrail-net.yaml: EC2MetadataIp, ControlPlaneDefaultRoute
+ From external-loadbalancer-vip-v6.yaml: ControlFixedIPs
+ From external-loadbalancer-vip.yaml: ControlFixedIPs
+ From network-environment.yaml: EC2MetadataIp, ControlPlaneDefaultRoute
+ From neutron-ml2-cisco-n1kv.yaml: N1000vVSMIP, N1000vMgmtGatewayIP
+ From contrail-vrouter.yaml: ContrailVrouterGateway