e3c606d4ef
Adding a release note explaining the issue with Ironic CI and conntrack on ubuntu bionic. Change-Id: Ie25c8d9117072020bb84a5c6e6f63191ff632870
14 lines
569 B
YAML
14 lines
569 B
YAML
---
|
|
issues:
|
|
- |
|
|
As good security practice[0], in Ubuntu Bionic the ``nf_conntrack_helper``
|
|
is disabled.
|
|
This causes an issue when using the ``pxe`` boot interface with the PXE
|
|
environment that breaks some of the Ironic CI tests, since Ironic needs
|
|
conntrack for TFTP traffic.
|
|
It's still possible to use Ironic with PXE on Ubuntu Xenial, and it's also
|
|
possible to use Ironic with PXE on Ubuntu Bionic using a workaround based
|
|
on custom firewall rules as shown in [0].
|
|
|
|
[0] https://home.regit.org/netfilter-en/secure-use-of-helpers/
|