[release-announce] [openstackansible] openstack-ansible-os_keystone 15.0.0 (ocata)

no-reply at openstack.org no-reply at openstack.org
Wed Mar 8 12:19:38 UTC 2017 

We are jazzed to announce the release of:

openstack-ansible-os_keystone 15.0.0: os_keystone for OpenStack
Ansible

This release is part of the ocata release series.

Download the package from:

    https://tarballs.openstack.org/openstack-ansible-os_keystone/

For more details, please see below.

15.0.0
^^^^^^

New Features

* Capping the default value for the variable
  "keystone_wsgi_processes" to 16 when the user doesn't configure this
  variable. Default value is half the number of vCPUs available on the
  machine with a capping value of 16.

* The os_keystone role now performs a rolling upgrade without
  downtime during installation. The process for rolling upgrades is
  documented here
  (http://docs.openstack.org/developer/keystone/upgrading.html
  #upgrading-without-downtime).

Changes in openstack-ansible-os_keystone 14.0.0.0rc2..15.0.0
------------------------------------------------------------

fddd964 Install python2-pyOpenSSL package on CentOS
4e6caba Split out Keystone upgrade into it's own script
5769dc4 Benchmark requests during upgrade testing
82eb0e6 Cap the number of worker threads
5b5aa1e Only run token_flush on 1 host
594605e Fix erroneous release note
ba542ba Remove 3DES from keystone_ssl_cipher_suite
3ab6d48 Implementing stricter permissions on config files
7fefe7e Work around Trusty CI bindep issue
fb9e7ed Update repo for stable/ocata
6f1403a Resolved Keystone Federation bugs
c2e1ae4 Update UPPER_CONSTRAINTS_FILE for stable/ocata
7db8e4d Update .gitreview for stable/ocata
0414459 Shorten tox job names for keystone.
cbeae22 Split upgrade test into its own play
bbb6f5a Update paste, policy and rootwrap configurations 2017-01-19
0c57099 Change permission for conf folder
dd2f1f9 Fix tox.ini to work with ansible 2.2.1.0
2f63386 Bring consistency to tags
e253b87 Cleanup of developer mode logic
ec6824f Fix 404 for os_keystone
c1ab96b Add which in CentOS package list
464db72 Additional fix for venv build fallback
672b69e Disable WSGIScriptReloading
f80f78b Allow Apache ports to be specified per VHost
88bbcc8 Fix venv build fallback mechanism
83e7c28 Update and clean up run_tests.sh
2635e43 [docs] Updating 404 link for os_keystone
7b8b435 Update paste, policy and rootwrap configurations 2016-12-23
3aef25d Update repository with reference to role git location
b82d81c Include fernet config block only when fernet tokens are used
6a6e377 Remove Trusty support from os_keystone role
6a96998 All handlers should be tagged "config"
d180506 Delete deprecated Hacking in tox.ini
a32f14c Updated from global requirements
e31dc2d Point roles docs bugs to openstack-ansible LP
dbf5a35 Fix virtualenv-tools issue
1b5c70b Use new ansible package module to install distro packages.
6c90338 Do not listen on port 80
faa2fc6 Show team and repo badges on README
1766414 Using updated tempest method for keystone.
9f7c2f0 Update paste, policy and rootwrap configurations 2016-11-18
fc01718 Update URL for LDAP integration guide
04737f5 Implement zero downtime upgrades
68fd798 Reinitialize venv upon install
56b547e CentOS: Only install Federation IDP/SP Packages when necessary
6635f6e Use ansible_service_mgr fact
d8668a5 Remove join filter from pip module tasks
bd33f3d Use updated get_url module checksum functionality
320e0e6 Workaround upstream issue with apache2_module
b11ec3e Updated from global requirements
2ba5dd4 Fix linting issues for ansible-lint 3.4.1
c5a0cce Simplify pip options/constraints mechanism
18700d7 Use upper constraints for all tox targets
cd31c6b [DOCS] Added release-name as a watermark to Docs.
6c902fc Remove 'ignore_errors: true' in favor of 'failed_when: false'
4d720c9 Use centralised Ansible test scripts
403d5b8 Enable release notes translation
60dac15 Enable apache2 service.
bc00f07 Fix bare variable in handler
2b7e68d Updated from global requirements
ff30ce0 Update reno for stable/newton
0c4bb0f Use centralised test scripts


Diffstat (except docs and test files)
-------------------------------------

.gitignore                                         |   5 +-
.gitreview                                         |   1 +
README.rst                                         |   9 +
Vagrantfile                                        |   2 +-
bindep.txt                                         |   2 +-
defaults/main.yml                                  |  20 +-
handlers/main.yml                                  |  96 +++++++-
library/keystone_sp                                |   6 +-
manual-test.rc                                     |   2 +-
meta/main.yml                                      |   3 +-
.../capping_keystone_workers-e284a47fc4dcea38.yaml |   6 +
...one-zero-downtime-upgrade-5f19ab84183490b9.yaml |   5 +
.../remove-requirements-git-bdf5691b8390ed7c.yaml  |   7 +
releasenotes/source/conf.py                        |   3 +
releasenotes/source/index.rst                      |   1 +
releasenotes/source/newton.rst                     |   6 +
tasks/keystone_apache.yml                          | 110 +++++----
tasks/keystone_credential_distribute.yml           |  15 +-
tasks/keystone_db_setup.yml                        |  27 +-
tasks/keystone_federation_sp_setup.yml             |  80 +++---
tasks/keystone_fernet_keys_distribute.yml          |  15 +-
tasks/keystone_idp_metadata.yml                    |   6 +-
tasks/keystone_idp_self_signed_create.yml          |   3 +-
tasks/keystone_idp_self_signed_distribute.yml      |   3 +-
tasks/keystone_init_common.yml                     |   7 +-
tasks/keystone_init_systemd.yml                    |   5 +-
tasks/keystone_init_upstart.yml                    |  31 ---
tasks/keystone_install.yml                         | 273 ++++++++++++++-------
tasks/keystone_install_apt.yml                     | 119 ---------
tasks/keystone_install_yum.yml                     | 154 ------------
tasks/keystone_ldap_setup.yml                      |  16 +-
tasks/keystone_nginx.yml                           |  17 +-
tasks/keystone_post_install.yml                    |  31 ++-
tasks/keystone_pre_install.yml                     |   4 +-
tasks/keystone_service_setup.yml                   |   1 +
tasks/keystone_ssl_key_create.yml                  |   6 +-
tasks/keystone_ssl_user_provided.yml               |   9 +-
tasks/keystone_token_cleanup.yml                   |  14 +-
tasks/keystone_uwsgi.yml                           |  12 +-
tasks/main.yml                                     |  32 +--
templates/keystone-httpd.conf.j2                   |   4 +
templates/keystone-paste.ini.j2                    |  13 +-
templates/keystone-ports.conf.j2                   |   6 +-
templates/keystone-uwsgi_upstart.conf.j2           |  44 ----
templates/keystone.conf.j2                         |   5 +-
templates/policy.json.j2                           |   3 +-
test-requirements.txt                              |  10 +-
tox.ini                                            | 193 ++++-----------
vars/redhat-7.yml                                  |   9 +-
vars/ubuntu-14.04.yml                              |  70 ------
70 files changed, 1181 insertions(+), 918 deletions(-)


Requirements updates
--------------------

diff --git a/test-requirements.txt b/test-requirements.txt
index 8fdd8d8..a5433f9 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -8 +8 @@ pyOpenSSL>=0.14 # Apache-2.0
-requests>=2.10.0 # Apache-2.0
+requests!=2.12.2,>=2.10.0 # Apache-2.0
@@ -12,2 +12,3 @@ ndg-httpsclient>=0.4.2;python_version<'3.0' # BSD
-sphinx!=1.3b1,<1.3,>=1.2.1 # BSD
-oslosphinx!=3.4.0,>=2.5.0 # Apache-2.0
+sphinx!=1.3b1,<1.4,>=1.2.1 # BSD
+oslosphinx>=4.7.0 # Apache-2.0
+openstackdocstheme>=1.5.0 # Apache-2.0
@@ -15 +16,2 @@ doc8 # Apache-2.0
-reno>=1.8.0 # Apache2
+reno>=1.8.0 # Apache-2.0
+sphinxmark>=0.1.14 # Apache-2.0

More information about the Release-announce mailing list