[release-announce] [tripleo] puppet-tripleo 8.2.0 (queens)
no-reply at openstack.org
no-reply at openstack.org
Tue Jan 30 01:27:37 UTC 2018
We are pumped to announce the release of:
puppet-tripleo 8.2.0: Puppet module for OpenStack TripleO
This release is part of the queens release series.
The source is available from:
http://git.openstack.org/cgit/openstack/puppet-tripleo
Download the package from:
https://tarballs.openstack.org/puppet-tripleo/
Please report issues through launchpad:
http://bugs.launchpad.net/tripleo (tag: puppet)
For more details, please see below.
8.2.0
^^^^^
New Features
************
* Added code to select plugin configuration based on tripleo heat
template dynamic variables for each backend, depending on if the
backend is enabled. Multiple backends can now be configured.
* Configuration of Octavia 'service_auth' section is now enabled for
configuring service-to-service communication.
* Adds support for deploying OpenDaylight with TLS. Open vSwitch is
also configured with TLS in this deployment.
* Enable configuration of octavia certificate related properties to
support secure communication with amphorae.
* Adds support for standard puppet separator. The "." separator does
not work in puppet-rpsec, so we can't get proper unit tests on the
firewall service_rules definition.
* Adds Basic Authentication support for HAProxy endpoints.
* Adds support for puppet standard separator notation in order to be
able to have unit tests. The "." separator notation doesn't work in
puppet-rspec, probably because "hiera" isn't called per se. This new
feature allows to get two hashes, they are merged in the definition.
* Allows to configure SR-IOV NIC to switchdev mode. This feature
requires kernel 4.10 and above.
* Precision Time Protocol (PTP) is a protocol used to synchronize
clocks throughout a network. When used in conjunction with hardware
support, PTP is capable of sub-microsecond accuracy which is far
better than is normally obtainable with NTP.
* The security compliance manifest was included in the keystone
profile. This enables us to configure the security compliance
options through t-h-t.
Deprecation Notes
*****************
* The hardcoded parameter names for network vips in hiera have been
deprecated and replaced with the network_virtual_ips dict that
includes composable networks. Likewise the hardcoded network
parameters to class tripleo::keepalived have been deprecated.
Bug Fixes
*********
* The new network_virtual_ips hiera parameter is used to generate
all network VIP resources in haproxy, haproxy_bundle, and keepalived
manifests. Since additional custom networks may be added, the
virtual_router_ids in keepalived have been reordered.
* Partly fixes bug 1737086 in oder to get unit tests on firewall
service_rules definition
* Fixes bug 1736132 by implementing Basic Authentication in HAProxy
endpoint.
* Partly fixes bug 1737086 for unit tests on haproxy
service_endpoints
* Swift added a requirement to ensure that storage directories exist
before using them. However, when local directories are used in
Tripleo (storing data in /srv/node/d1), these are missing by default
and thus Swift won't store any data. This fix creates this directory
if needed.
Changes in puppet-tripleo 8.1.0..8.2.0
--------------------------------------
7687333 Split docker mirror and debug configs
487ba1a Remove RH1 OVB jobs from configuration
10468ae Adds TLS support for OpenDaylight
3720568 Prepare Queens milestone 3
7b39100 Remove pinned versions from test-requirements.txt
19ed96e cinder/pacemaker: resolve puppet resource duplications
181cd83 zuul: run scenarios when patching pacemaker profiles
dbfc8e1 Use on-marked-down shutdown-sessions for redis haproxy conf
37f0c00 Let haproxy_defaults be overridable
ffd524d Create Swift directory d1 if needed
e84da28 Enable automatic restart of memcached, apache and mongodb
a8fbe2f logging: teach fluentd.pp about fluentd_service_user
c1ba5f7 Fluentd: Transform path by service
279e9b7 Configure inline mode transport for Connectx4/LX
d6f5bf9 OVN HA: Set the OVN Resource Agent parameter 'inactive_probe_interval'
4f94f07 Remove contrail from haproxy
1cfecc3 Fix rabbitmq-ready check for single node HA deployments
5824044 Configure VIPs for all networks including composable networks
50f6aa1 Include security_compliance manifest in keystone
3aa4499 Add missing ssl ports for ovn_sbdb and ovn_nbdb
a02206f Replace colon with a dash.
1ab4bca zuul: cleanup old unused jobs
2753f06 zuul: move tacker / congress from scenario001 to 007
c3f73aa Remove _member_ role from the keystone accepted roles
9fbfc68 Only create veritas rabbitmq users on the bootstrap node
97d5012 Give horizon's stanza in haproxy a per-server cookie
a9f059f Do not force provider in rabbitmq base profile
2f33d74 Fix up the rabbitmq-ready check
0aef5a7 Let collectd manage repo and added unit test
f2933eb Allow wsrep_max_ws_rows and wsrep_max_ws_size to use defaults
96d608a Fix up spec class for haproxy
5b1a139 gnocchi/ceilometer upgrade workflow fix
65d226a Correct typo in manila/share.pp resource chaining
9d438cd Add Basic Authentication support for HAProxy
2f7d622 correct unit tests
b660c83 Update the doc link
ecefcff Remove old central and compute agent profiles
58355c9 logging: support service_config_settings configuration mechanism
4430253 Add unit test for tripleo::haproxy::service_endpoints
4b0bdc2 Implements AIDE Intrusion Detection System
1c49fbe gnocchi: ensure upgrade run after swift setup
a97cc29 Add neutron base profile to OVN metadata agent
41f9b0d Add unit tests for tripleo::firewall::service_rules
f7030a2 Implements: Heat template for integrating Cavium SmartNIC LiquidIO
e5c5632 Add support for switchdev mode in SR-IOV
5fb0826 Bind-mount iscsid IQN by its real host path
8247745 In compute IHA make no_shared_storage a class parameter
b252174 Remove INSECURE_REGISTRY from docker_registry.pp
896554c HAProxy logging
b6f76fa Enable collectd to send metrics to Gnocchi
bddbced Enable octavia certificate configuration
43fd153 Enable Octavia service_auth configuration
bf00992 Instance HA support
48c4175 Update cephx keys with ACLs for openstack services.
37d6435 Add multiple backends for barbican
361785f Allow vhost socket directory user/group as configurable from template
07eabfd Add PTP service
f2abe0c Add support for OVN Metadata Agent
Diffstat (except docs and test files)
-------------------------------------
Puppetfile_extras | 12 ++
README.md | 2 +-
lib/puppet/provider/sriov_vf_config/numvfs.rb | 54 ++++-
lib/puppet/type/sriov_vf_config.rb | 4 +-
manifests/certmonger/opendaylight.pp | 77 +++++++
manifests/certmonger/openvswitch.pp | 74 +++++++
manifests/fencing.pp | 37 +++-
manifests/firewall/service_rules.pp | 12 +-
manifests/haproxy.pp | 154 ++++----------
manifests/haproxy/endpoint.pp | 22 +-
manifests/haproxy/horizon_endpoint.pp | 17 +-
manifests/haproxy/service_endpoints.pp | 20 +-
manifests/haproxy/userlist.pp | 54 +++++
manifests/host/sriov.pp | 9 +-
manifests/host/sriov/numvfs_persistence.pp | 15 +-
manifests/keepalived.pp | 98 ++++-----
manifests/network/cavium/liquidio.pp | 99 +++++++++
manifests/profile/base/aide.pp | 79 +++++++
manifests/profile/base/aide/cron.pp | 78 +++++++
manifests/profile/base/aide/installdb.pp | 56 +++++
manifests/profile/base/aide/rules.pp | 61 ++++++
manifests/profile/base/apache.pp | 6 +
manifests/profile/base/barbican/api.pp | 10 +-
manifests/profile/base/barbican/backends.pp | 54 ++++-
manifests/profile/base/ceilometer/agent/central.pp | 38 ----
manifests/profile/base/ceilometer/agent/compute.pp | 36 ----
manifests/profile/base/ceilometer/upgrade.pp | 9 +-
manifests/profile/base/ceph/rgw.pp | 4 +-
manifests/profile/base/certmonger_user.pp | 18 ++
manifests/profile/base/cinder/volume.pp | 12 ++
manifests/profile/base/database/mongodb.pp | 6 +
manifests/profile/base/docker.pp | 23 ++-
manifests/profile/base/docker_registry.pp | 26 +--
manifests/profile/base/glance/api.pp | 14 +-
manifests/profile/base/gnocchi/api.pp | 37 +++-
manifests/profile/base/keystone.pp | 1 +
manifests/profile/base/logging/fluentd.pp | 98 +++++++--
.../base/logging/fluentd/fluentd_service.pp | 63 ++++++
manifests/profile/base/manila/share.pp | 7 +
manifests/profile/base/memcached.pp | 6 +
manifests/profile/base/metrics/collectd.pp | 146 ++++++++++++-
manifests/profile/base/metrics/collectd/gnocchi.pp | 152 ++++++++++++++
manifests/profile/base/neutron/opendaylight.pp | 47 ++++-
manifests/profile/base/neutron/ovn_metadata.pp | 46 +++++
manifests/profile/base/neutron/ovs.pp | 18 +-
.../base/neutron/plugins/ml2/opendaylight.pp | 35 +++-
.../base/neutron/plugins/ovs/opendaylight.pp | 57 ++++-
.../profile/base/nova/compute_libvirt_shared.pp | 13 +-
manifests/profile/base/octavia.pp | 1 +
manifests/profile/base/octavia/health_manager.pp | 1 +
manifests/profile/base/octavia/worker.pp | 1 +
manifests/profile/base/pacemaker.pp | 44 ++--
manifests/profile/base/pacemaker/instance_ha.pp | 126 +++++++++++
manifests/profile/base/rabbitmq.pp | 13 +-
manifests/profile/base/swift/storage.pp | 18 ++
manifests/profile/base/time/ptp.pp | 52 +++++
.../profile/pacemaker/cinder/backup_bundle.pp | 4 +-
.../profile/pacemaker/cinder/volume_bundle.pp | 4 +-
manifests/profile/pacemaker/compute_instanceha.pp | 33 +++
manifests/profile/pacemaker/database/mysql.pp | 2 -
.../profile/pacemaker/database/mysql_bundle.pp | 2 -
manifests/profile/pacemaker/haproxy.pp | 40 ++--
manifests/profile/pacemaker/haproxy_bundle.pp | 36 +---
manifests/profile/pacemaker/ovn_dbs_bundle.pp | 3 +-
manifests/profile/pacemaker/ovn_northd.pp | 3 +-
manifests/profile/pacemaker/rabbitmq_bundle.pp | 28 ++-
metadata.json | 5 +-
.../add-barbican-backends-2412df7eef07038e.yaml | 5 +
...tavia-service-auth-config-acc4adb3e6c4542d.yaml | 5 +
.../add-tls-opendaylight-a3f943a0f6012424.yaml | 5 +
.../composable-network-vips-a1b9b738561a8214.yaml | 11 +
...certificate-configuration-d8924916efc3054b.yaml | 5 +
.../firewall-service-rules-6586a2c138dfe338.yaml | 10 +
.../notes/haproxy-basic-auth-e2839941c806c615.yaml | 8 +
...haproxy-service-endpoints-4351bd4666dfe9a7.yaml | 11 +
.../notes/ovs-hw-offload-89a49899af3b9892.yaml | 4 +
releasenotes/notes/ptp-062b1d1f2d9f2275.yaml | 6 +
.../security-compliance-1f5cb3b3be9f7657.yaml | 5 +
.../swift-create-local-dir-b00292e623d03044.yaml | 7 +
.../tripleo_certmonger_opendaylight_spec.rb | 71 +++++++
.../classes/tripleo_certmonger_openvswitch_spec.rb | 68 ++++++
spec/classes/tripleo_haproxy_spec.rb | 21 +-
spec/classes/tripleo_profile_base_aide_spec.rb | 102 +++++++++
.../tripleo_profile_base_barbican_backends_spec.rb | 95 +++++++++
spec/classes/tripleo_profile_base_ceph_rgw_spec.rb | 4 +-
.../tripleo_profile_base_cinder_volume_spec.rb | 6 +-
spec/classes/tripleo_profile_base_docker_spec.rb | 11 +-
.../tripleo_profile_base_gnocchi_api_spec.rb | 8 +-
.../tripleo_profile_base_logging_fluentd_spec.rb | 127 ++++++++++++
.../tripleo_profile_base_metrics_collectd_spec.rb | 67 ++++++
...o_profile_base_neutron_ml2_opendaylight_spec.rb | 97 +++++++++
...ipleo_profile_base_neutron_opendaylight_spec.rb | 40 ++++
...o_profile_base_neutron_ovs_opendaylight_spec.rb | 118 +++++++++++
.../tripleo_profile_base_neutron_ovs_spec.rb | 20 ++
.../classes/tripleo_profile_base_pacemaker_spec.rb | 71 +++++++
.../defines/tripleo_firewall_service_rules_spec.rb | 37 ++++
spec/defines/tripleo_haproxy_endpoint_spec.rb | 44 ++--
.../tripleo_haproxy_service_endpoints_spec.rb | 49 +++++
spec/defines/tripleo_haproxy_userlist_spec.rb | 56 +++++
.../tripleo_host_sriov_numvfs_persistence_spec.rb | 73 +++++++
spec/fixtures/hieradata/default.yaml | 54 +++++
spec/fixtures/hieradata/step1.yaml | 3 +
spec/fixtures/hieradata/step4.yaml | 19 ++
spec/unit/provider/sriov_vf_config/numvfs_spec.rb | 77 +++++++
spec/unit/type/sriov_vf_config_spec.rb | 25 +++
templates/aide/aide.conf.erb | 3 +
templates/collectd/collectd-gnocchi.conf.erb | 62 ++++++
templates/fluentd/fluentd_user.conf.erb | 3 +
templates/switchdev/switchdev.epp | 27 +++
test-requirements.txt | 6 +-
zuul.d/layout.yaml | 230 ++++++---------------
111 files changed, 3537 insertions(+), 671 deletions(-)
Requirements updates
--------------------
diff --git a/test-requirements.txt b/test-requirements.txt
index 8db5c0d..aa9dd6b 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -2,2 +2,2 @@
-sphinx>=1.6.2 # BSD
-openstackdocstheme>=1.17.0 # Apache-2.0
+sphinx # BSD
+openstackdocstheme # Apache-2.0
@@ -6 +6 @@ openstackdocstheme>=1.17.0 # Apache-2.0
-reno>=2.5.0 # Apache-2.0
+reno # Apache-2.0
More information about the Release-announce
mailing list