[release-announce] [tripleo] puppet-tripleo 6.5.0 (ocata)

no-reply at openstack.org no-reply at openstack.org
Wed Jun 28 13:46:33 UTC 2017


We are jazzed to announce the release of:

puppet-tripleo 6.5.0: Puppet module for OpenStack TripleO

This release is part of the ocata stable release series.

Download the package from:

    https://tarballs.openstack.org/puppet-tripleo/

For more details, please see below.

6.5.0
^^^^^

New Features

* Restrict nova migration ssh tunnel * The ssh authorized_keys file
  is only writeable by root. * Creates a new user for migration
  instead of using root/nova. * Disables SSH forwarding for this user.
  * Restricts the networks that this user can connect from. * Uses an
  ssh wrapper command to whitelist the commands that this user can run
  over ssh. Adds new parameter
  "tripleo::profile::base::nova::migration_ssh_localaddrs" to specify
  which incoming IPs are allow for SSH tunnel connections.

Changes in puppet-tripleo 6.4.0..6.5.0
--------------------------------------

c6de6cf Release 6.5.0 (ocata)
bcdea36 Move gnocchi upgrade and api to step 4
8779d1a Cover gnocchi api step 4 and 5
ff58a86 Dell SC: Add secondary DSM support
265cb21 Add support for autofencing to Pacemaker Remote.
7ea37ea Add conditional for setting authlogin_nsswitch_use_ldap selboolean
fd20b30 Restrict nova migration ssh tunnel
e4a2936 make release note a list of strings
be62099 Dell SC: Add exclude_domain_ip option
d46db3b Add support for Cinder "NAS secure" driver params
220fa8d Update gitignore not to exclude fixture hieradata
72392a3 Use verify_on_create when creating pacemaker remote resources
7e1e609 IPv6 VIP addresses need to be /128


Diffstat (except docs and test files)
-------------------------------------

.gitignore                                         |   3 +-
manifests/pacemaker/haproxy_with_vip.pp            |  20 ++-
manifests/profile/base/cinder/volume/dellsc.pp     |  23 +--
manifests/profile/base/cinder/volume/netapp.pp     |   2 +
manifests/profile/base/cinder/volume/nfs.pp        |  33 +++-
manifests/profile/base/gnocchi/api.pp              |  36 +++--
manifests/profile/base/keystone.pp                 |   6 +
manifests/profile/base/nova.pp                     | 134 ++++++++++------
manifests/profile/base/pacemaker.pp                |   1 +
manifests/profile/base/pacemaker_remote.pp         |  27 ++++
metadata.json                                      |   2 +-
...e-dhcp-agents-per-network-3089c5e7b15f8b7b.yaml |   5 +-
.../cold_migration_security-1543136408c76459.yaml  |  10 ++
releasenotes/source/conf.py                        |   4 +-
.../tripleo_profile_base_gnocchi_api_spec.rb       | 101 +++++++-----
spec/classes/tripleo_profile_base_nova_spec.rb     | 169 +++++++++++++++++++--
spec/fixtures/hieradata/default.yaml               |   3 +
17 files changed, 449 insertions(+), 130 deletions(-)






More information about the Release-announce mailing list