Portal

• Add boot mode to order forms when provisioning a public vsi.
• Adds order form validation for the VLAN and SSH Key selection for just HSM.
• Remove the “Save As Quote” option from the order forms when the order has products that are not currently quotable.
• Foreign language usability updates to WWW order forms

API

• Fixed the bug where the following services are returning tickets to which the current user doesn’t have access. This change only affect child users without the “Ticket View All” permission.
  • SoftLayer_Account::getTicketsClosedToday
  • SoftLayer_Account::getTicketsClosedInTheLastThreeDays
  • SoftLayer_Account::getLastFiveClosedTickets
  • SoftLayer_Account::getLastFiveClosedAbuseTickets
  • SoftLayer_Account::getOpenAbuseTickets
  • SoftLayer_Account::getClosedAbuseTicketCount
  • SoftLayer_Account::getRecentAbuseTicketsOpen
  • SoftLayer_Account::getRecentAbuseTicketsClosed
  • SoftLayer_Account::getLastFiveClosedAccountingTickets
  • SoftLayer_Account::getOpenAccountingTickets
  • SoftLayer_Account::getOpenBillingTickets
  • SoftLayer_Account::getLastFiveClosedSalesTickets
  • SoftLayer_Account::getOpenSalesTickets
  • SoftLayer_Account::getLastFiveClosedSupportTickets
  • SoftLayer_Account::getOpenSupportTickets
  • SoftLayer_Account::getLastFiveClosedOtherTickets
  • SoftLayer_Account::getOpenOtherTickets
• Adding in missing and fixing incorrect validation for Mass Data Migration orders. Fixing bug where billing item was showing $0 for MDMS orders.
• Several improvements to LUN ID logic:
  1. Improved error message when trying to change a LUN ID; e.g. “SoftLayerAPIError(SoftLayer_Exception_Network_Storage_Iscsi_UnableToChangeLunId): Unable to change LUN Id: active authorizations must be removed first: SoftLayer_Virtual_Guest/50202410”
  2. When there is a LUN ID conflict and the LUN being authorized has no prior authorizations, then we try to change the LUN ID automatically and retry the authorization.
  3. Improved error message when a LUN ID conflict cannot be automatically resolved; e.g. “SoftLayerAPIError(SoftLayer_Exception_Network_Storage_Group_AccessControlError_LunMappingConflict): Failed to authorize initiator SoftLayer_Virtual_Guest/50202410 to SoftLayer_Network_Storage/39624490 (lunId=0) because initiator is authorized to another LUN with same ID: SoftLayer_Network_Storage/39624486 (lunId=0)”
• Modified the SoftLayer_Network_Storage::getTargetIpAddresses endpoint function, which is utilized by the ORM key callback for the iscsiTargetIpAddresses ORM key, so that it returns an empty array. This change should affect all non-iSCSI (non-block) storage volumes. When this function is called for non-iSCSI volumes, it will now return an empty array instead of throwing an error. No changes are expected for iSCSI (block) volumes, since the function overrides for getTargetIpAddresses as defined in the iSCSI-related sub-classes were not modified. (Note: A bug relating to calling getTargetIpAddresses on File Replicant volumes was also resolved. The override of getTargetIpAddresses was moved out of SoftLayer_Network_Storage_NetApp_Volume_Replicant and into SoftLayer_Network_Storage_NetApp_Volume_Replicant_Iscsi to accomplish this fix.)
• Added SoftLayer_Virtual_Guest::setTransientWebhook
• Added SoftLayer_Virtual_Guest::deleteTransientWebhook
• Add Customer Permission for viewing software passwords
• Increase the size of the key_name column of software account license to be able to handle license file content as well.
• Fixed toggle method reference in SoftLayer_Account_Network_Vlan_Span documentation
• Update description for SoftLayer_Hardware userData

Backend

• Changed Netscaler VSI naming convention to avoid naming conflicts
• Prevents disabled VSI network components from being attached to security groups
• Improves ensuing that at order placement, hardware security modules are available in the location specified.
• Defaults Ubuntu 16+ to HVM boot mode
• Enabling security groups in FRA04
• Add IBM Cloud Monitoring Service support for bare metal servers.
• Only Transient guest that have both a URI and a Secret will attempt to send a webhook and give the customer 2 minutes before reclaiming.
• Transient guests now have a 2 minute delay before reclaiming
• Optimized HSM provisions.
• Fixed software component maximum size for manufacturer license and activation code.
• Enables provisioning of an HA Gateway Appliance with No OS
• Enables provisioning of an HA Gateway Appliance with Ubuntu OS
• Fixed an issue where apllying security groups in the following case would fail
  • Security Group A has a IPv6 rule that remotes Security Group B
  • Security Group B has member network components that do not have a IPv6 address

Portal

• Add GPU column to flavors table for GPU Flavors
• Display link to privacy policy on order forms

API

• Fix issue where dedicated host orders would fail order verification.
• Bandwidth Usage Detail contains the data used to billing bandwidth at the end of the billing cycle. The timestamps used to pull metrics is using GMT instead of Central.
• This issue validates that BYOL and CloudInit attributes are set to 1 when creating a template via the api.
• Ticket updates have a length limit of 39000 characters
• Added logic preventing ordering quotes that have expired.
• Update nomenclature for isByol and isCloudInit functions in SoftwareDescription

Backend

• Dynamic Nic Switch For HSM

Portal

• adds the sshKeys selector back into the confirmation page when ordering a hardware security module.
• Remove forums.softlayer.com links.

API

• Make createObject orders for hourly SAN virtual servers use correct package when presets are account restricted.
• Fixed getPortalLoginToken function registering a failed login before it registers a successful login
• Fix bug preventing scheduler from being used when request comes from SLDN
• Terminating Status is added when guest vsi are being reclaimed.
• Updated event log to show when login failure caused by 2FA failure
• Fixes an issue where the userData is not being returned correctly according to the API and is not be set or retrieved correctly in certain cases.

Backend

• Improves the automation for the Hardware Security Module service offering.
• Fixed an issue where customers trying to order cleversafe object storage are getting errors that they are reaching the limit.

Documentation Changes

https://github.com/softlayer/softlayer.github.io/commit/1e273fb599ec32e3ec5948c4671b42befd10784f

Portal

• Added feature to notify customers about host outages to the Virtual/viewMemberDetails/ page
• Removes Provision Scripts and User Data sections from the CHECKOUT page when ordering HSM devices.

API

• Fixed SoftLayer_Scale_Group’s editObject method to automatically scale the group up or down appropriately when the desiredMemberCount parameter is specified
• Fixes an issue that prevented the ‘IOPS’ ORM value from being updated for performance replicas.
• Added SoftLayer_Virtual_Disk_Image::getAvailableBootModes() Method
• Expose Account::securityLevel
• Round up the Load Balancer as a Service telemetry monitoring metrics value to 3 decimal points.
• Update SLDN reference documentation to clarify setting ICMP type and code on a Security Group Rule.
• Disable Security Group Rule setting of ICMP type 255
• Updates SoftLayer_Hardware_User data to support 16kb of data.

Backend

• Fixed a issue in which VLAN ordering would occasionally not honor the requested primary subnet size
• Fixed bandwidth overage notification empty ticket updates
• Refactored guest migration pre-checks and added a check to ensure the destination host is different from the source.
• Fixes an intermittent issue preventing iSCSI authorizations when credentials already exist.
• Refactored the script that checks for mixed-public/private VSIs on dedicated hosts and changed the behavior to not send emails when none are found.
• Fix an issue ordering IPv6 subnets on public VLANs under certain circumstances.
• EOL: Disable Flex Image Service for all Customers

SLCLI

https://github.com/softlayer/softlayer-python/releases/tag/v5.4.3

Portal

• Adds the Hardware Security Module(HSM) to the manage order form. Adds a Learn More link to the sub-section header for HSM.
• Improve order forms rendering speed

API

• Added SoftLayer_Network_Interconnect_Tenant::getAllPortLabelsWithCurrentUseage
• Adds SERIAL_NUMBER property to SoftLayer_Network_Storage_Iscsi volumes which can be used as an objectFilter
• Provide API to retrieve load balancer monitoring metrics and ssl ciphers
  • Network_LBaaS_LoadBalancerMonitoringMetricDataPoint
  • Network_LBaaS_LoadBalancer::getListenerTimeSeriesData
  • Network_LBaaS_LoadBalancer::getSslCiphers
  • Network_LBaaS_LoadBalancer::updateSslCiphers

Backend

• Added HSM 750 compatibility to provisioning workflow
• Blocks monthly suspend-able virtual server orders. If the useHourlyPricing flag is not set or is false an error should be thrown
• Blocked image templates from being pushed to cache more then once in a set period of time.
• Logging Two Factor authentication failures
• Added eventLog calls for the creation and deletion of external bindings.
• Enable the Security Group feature in DAL09, WDC04
• Fix issues when ordering from an image template for a virtual server.
• Prevent the release of IP address reservation when in use by a gateway device.
• Prevent users from attaching security groups to network components on VSIs that have active transactions running against them.

Added SLDN Documentation

We have finally retired the old SLDN site, and migrated its content over to softlayer.github.io.

The following content types have been added, in addition to the existing release notes, and code examples.

• Articles
• Blogs
• Services and their associated Methods
• Datatypes

If you notice any issues with the content here, please create an issue on our github page

Portal

• None

API

• Add new account attribute type ‘NEW_ASSIGN_NETWORK_ENABLED’
• Updates the simple ordering methods, createObject and getCreateObjectOptions, to properly handle ordering suspend-able virtual servers.

Backend

• Addresses a problem where SoftLayer_Network_Storage::enableSnapshots() wasn’t working properly for Weekly snapshot schedules.
• Block public image creation when incorrect location data is sent in.
• Removed trailing and ending spaces from ipAddressRestriction value before creating a user.
• Added try/catch block to Virtual Guest workflow in reclaim guest to catch exception where a Scale Group tries to provision a VSI to meet the member requirement when a VSI is reclaimed (causing the Scale Group to drop below the minimum). After catching the exception, the Scale Group is suspended, a ticket is created, and the VSI reclaim is continued.
• Now disabling IBMid authentication when SAML authentication is added to an account.
• Create transaction path for Brocade rename to At&t.
• Updates the post install script transaction

API SERVICE DISRUPTION: March 1st, 2018

IBM Cloud will stop supporting TLS 1.0 and 1.1 on api.softlayer.com and api.service.softlayer.com

What Is Happening?

On March 1, 2018 at 0900 UTC (0300 CDT) IBM Cloud Infrastructure will stop supporting TLS 1.0 and 1.1 encryption on api.softlayer.com and api.service.softlayer.com; these API endpoints will only support callers using TLS 1.2 encryption levels or higher.

When Will It Happen?

On March 1, 2018 at 0900 UTC (0300 CDT) TLS 1.0 and TLS 1.1 will no longer be supported and TLS 1.2+ is required.

Who Will This Affect?

Any users with code or services that reference the softlayer.com API endpoints for IBM Cloud Infrastructure services with encryption levels older than TLS 1.2.

Confirming and Testing Upgrades to TLS 1.2 or Higher The enhanced security configuration is currently enforced on alternate endpoints. You can test your services against them now to ensure there will be no disruption once the primary endpoints receive the updated configuration:

• api-dev.softlayer.com (instead of api.softlayer.com)
• api-dev.service.softlayer.com (instead of api.service.softlayer.com)

These alternative endpoints only use encryption levels TLS 1.2 or higher. Successfully testing your code and services against these alternative endpoints means your code and services will work properly on the transition date. These alternative endpoints will only be available until the transition date.

What Do I Do Next?

1. Test your service against the alternative endpoints listed above.
2. If your code and service work as expected then update your production code to utilize TLS 1.2 in the current production environment and current production endpoints. Once that is complete no further action is required on your part.
3. If your code or service fails change your code to utilize TLS 1.2 and test against the alternative endpoints and upon working properly update production.

• The current production environment supports TLS 1.0, TLS 1.1 and TLS 1.2.
• Once you have completed your TLS 1.2 testing against the temporary end points you can make your production code changes to utilize the production TLS 1.2 at any time prior to March 1, 2018.
• Once your production environment is utilizing TLS 1.2 you have no further action.
• If you make your production changes before March 1, 2018 you should see no impact on March 1, 2018 when TLS 1.0 and TLS 1.1 are no longer available.

What Will Happen If I Make No Change?

If you make no change and your code or services do not support encryption levels TLS 1.2 or higher, you will start to experience connection errors on the transition date. These errors may appear as “transport errors” and contain messages like SSLV3_ALERT_HANDSHAKE_FAILURE. Your code and services will no longer function until you upgrade it to support TLS 1.2 or higher.

If My Code Starts Failing Do I Have Any Temporary Recourse? If you start to experience connection errors on the transition date, the best course of action is to upgrade your code or services to support TLS 1.2 or higher. If you cannot do that immediately, there will be alternative endpoints provided temporarily to allow you to upgrade your code or services:

• api-deprecated.softlayer.com (instead of api.softlayer.com)
• api-deprecated.service.softlayer.com (instead of api.service.softlayer.com)

These endpoints will become available on the transition date, and will continue to support TLS 1.0 and 1.1. You can change failing code or services to use these endpoints temporarily while you upgrade your systems to support TLS 1.2 or higher. These endpoints will only be available until March 30, 2018 to allow you to make this transition. You must upgrade all your systems and start using the standard API endpoints by March 1, 2018.

Why Are We Making This Change?

This is part of IBM’s commitment to offering a cloud that is secure to the core and in alignment with industry best practices for security and data privacy.

Portal

• User should be get locked for 30 minutes when they enter invalid TOTP code more than 10 times.
• Remove forum link from Notification Messages
• Modifies translation text for the order checkout page to use ‘user data’ instead of ‘metadata.’

API

• Check if active user is parent of user being edited dutring addPortalPermission and removePortalPermission
• Support forced delete of scale groups regardless of status
• Added http://sldn.softlayer.com/reference/services/SoftLayer_Virtual_Guest/getBootMode
• updated validationRules for partitionName to allow for slashes.
• Improve performance of API calls to get order items.
• Add APIs to allow customer to specify preferred SSL ciphers for the load balancer

Backend

• Fixed a bug where VLANs were not being properly reclained.
• Fixed a bug where some overage items would not be added to a bill.
• Keep company name synced with PaaS for linked accounts.
• Add storage chassis ordering capabilities for bare metal servers.\Improve validation of billing information on new customer orders.
• Validation for Object Storage orders with invalid datacenter names
• Fix bug with post provision script execution
• Fixed a bug where some snapshot creations would fail.
• Fixed an issue where Replicant volumes missed being updated on very rare occasion.

Portal

• Improvement to verbiage shown for servers with active billing for an inactive package.
• GPU Flavor prices were not factoring the price of the GPU.
• Fixed an issue where the master user could set themselves as “VPN_ONLY” user.

API

Backend

• Fix Reloads being blocked when a user suppresses the email for RELOAD_COMPLETE
• Fix Micron Hard Drive Storage Group Member’s Grow Flag
• Update automated messaging update on Data Transfer Request tickets
• Add dal10 to the list of data centers supporting security groups.