[release-announce] tripleo-heat-templates 8.0.3 (queens)

no-reply at openstack.org no-reply at openstack.org
Mon Jun 4 03:40:27 UTC 2018


We are excited to announce the release of:

tripleo-heat-templates 8.0.3: Heat templates for deploying OpenStack
with OpenStack.

This release is part of the queens stable release series.

The source is available from:

    http://git.openstack.org/cgit/openstack/tripleo-heat-templates

Download the package from:

    https://tarballs.openstack.org/tripleo-heat-templates/

Please report issues through launchpad:

    https://bugs.launchpad.net/tripleo

For more details, please see below.

8.0.3
^^^^^


New Features
************

* Makes collectd deployment default output metrics data to Gnocchi
  instance running on overcloud nodes.

* Adds possibility to override default polling interval for collectd
  and set default value to 120 seconds, because current default (10s)
  was too aggressive.

* Add support for Neutron LBaaSV2 service plugin in a containerized
  deployment.

* Allow users to specify SSH name and public key to add to Octavia
  amphorae.

* Adds network_plugin_ipv6_enabled, emc_ssl_cert_verify and
  emc_ssl_cert_path options for Manila Unity driver.


Upgrade Notes
*************

* The 'LogrotatePurgeAfterDays' enforces cleaning up of information
  exceeded its life-time (defaults to a 14 days) in the
  /var/log/containers directory of bare metal overcloud hosts,
  including upgrade (from containers) cases, when leftovers may be
  remaining on the host systems.


Security Issues
***************

* New heat parameters for containerized services 'LogrotateMaxsize',
  'LogrotateRotationInterval', 'LogrotateRotate' and
  'LogrotatePurgeAfterDays' allow customizing size/time-based rules
  for the containerized services logs rotation. The time based rules
  prevail over all.


Bug Fixes
*********

* Previously, get-occ-config.sh could configure nodes out of order
  when deploying with more than 10 nodes. The script has been updated
  to properly sort the node resource names by first converting the
  names to a number.

* Default Octavia SSH public key to 'default' keypair from
  undercloud.

* The nova/neutron/ceilometer host parameter is now explicitly set
  to the same value that is written to /etc/hosts. On a correctly
  configured deployment they should be already be identical. However
  if the hostname or domainname is altered (e.g via DHCP) then the
  hostname is unlikely to resolve to the correct IP address for live-
  migraiton. Related bug:
  https://bugs.launchpad.net/tripleo/+bug/1758034

* Set live_migration_inbound_addr for ssh transport

  Previously this was only set when TLS is enabled, which means that
  with the ssh transport we could not control the network used, and
  were relying on DNS or hosts file to be correct, which is not
  guaranteed (especially with DNS).

* By default, libvirtd uses ports from 49152 to 49215 for live-
  migration as specified in qemu.conf, that becomes a subset of
  ephemeral ports (from 32768 to 61000) used by many linux kernels.
  The issue here is that these ephemeral ports are used for outgoing
  TCP sockets. And live-migration might fail, if there are no port
  available from the specified range. Moving the port range out of
  ephemeral port range to be used only for live-migration.


Other Notes
***********

* Add "segments" service plugin to the default list of neutron
  service plugins.

Changes in tripleo-heat-templates 8.0.2..8.0.3
----------------------------------------------

a0f7a11 fix typo in scenario graph
6a1638d fix the scenario chart
27265f9 Mount /var/run/redis for the redis socket
17b15a8 Add stack name to env() for OS::TripleO::WorkflowSteps
db35bd2 gnocchi: add missing /var/lib/gnocchi
e491cbd Set default application for Ceph Luminous openstack_pools
3c2bdec NeutronSriovHostConfig missing in SRIOV's env files
41f3cad Add support of shared staging location for glance-direct
30c41f0 Disable StrictHostKeyChecking when removing keys too
80e1866 Remove CephAnsiblePlaybook parameter reset from ceph-ansible env files
7e572a6 Enable default polling interval override
946b591 Containers defaults for plan environment
816a434 Add acl to paths that are shared among related neutron processes
e4d68c8 collectd: give access to the libvirt socket in ro
e508323 Convert resource_name to number
482f2eb Use str_replace for known_hosts
ef2f18b Don't use crudini to get rhn server
8c4a9a8 Set normal CephAnsiblePlaybook on update/upgrade/ffwd converge
f24523a Remove ceph-osd from the list of packages updated by CephExternal
c77ab57 Allow custom time constraints to rotate logs
815f99a Fix cinder-backup image wrangling on update
fe7e55e FFU Add cinder-backup missing fast_forward_upgrade_tasks
7a673f6 Add ability to control Glance's enabled_import_methods
aee07b4 Clean up Cinder backends in capabilities map
b94d3b4 Default Octavia SSH pub key to UC default keypair
dbfaa6e FFU Set NetworkDeploymentActions CREATE,UPDATE for ffwd-upgrade prepare
22b39f5 Always run mysql init bundle
1bde252 Set live_migration_inbound_addr for ssh transport
4e9fbb8 Mount ODL log file on host node
58d717f Delay collectd start
ae90e24 Generate and mount wrappers for neutron agent processes
130e65f Do not overescape the Manila keyring caps
69e0c75 [DellEMC]Update Manila Unity driver
21384bf ceph-nfs: disable ganesha caching
f5a52b6 Remove redundant config bond-with-vlans/compute-dpdk.j2.yaml
ec18d8a Fix typo in multiple-nics/role.role.j2.yaml
743c238 Fix case-sensitive OctaviaUserName parameter
24469e3 Ensure config-download mappings are unset on ceph-upgrade
543059b Instance HA: prevent compute to start on a host being evacuated
2b9f05b Expose Horizon "DocumentRoot" on host
a3546ca Add /var/log/opendaylight directory to ODL
ebd797c Add missing check for gnocchi api enabled
081a111 Ensure tasks aren't empty dicts
b420984 Revert Ceph bridge names to previous values
492b667 Remove step_config from CinderVolume backend services
13179fe Remove UndercloudLight
1f26a9d Parameterizing Puppet Tags
7c23046 Define Octavia SSH key name and file path
7154d84 Add DeployIdentifier to Swift set_swift_secret container
885b0cf Fix few issues with deploying with baremetal-services.yaml
a861d54 Restrict tenant network to geneve
ebc2a67 Fixes chowning neutron cert/key perms
064c23d Add defaults into name property for config-download.
052b333 Add OVNCMSOptions in dvr environment files
5b52e61 Removing the deprecated environment files for hw offloading in queens
12a1061 Make pcs resource bundle image name update tolerant of rerun
db6f0d3 Add volumes list of docker-puppet container when merging config volumes
9d746aa Add neutron "segments" plugin to the default list
f868924 Modify libvirt port range for live-migration
a4db817 Added missing pki volume for custom CA.
5f60a0e Do not pass ceph_release to ceph-ansible
39ddcf8 No-op Mistral workflow resources for update/upgrade/ffwd
781a055 Introduce Ceph upgrade environments
5676171 Default collectd to overcloud gnocchi
af30f23 Telemetry services need to access to Storage
f90134d Fix Cinder's default db purge cron settings
3101ee1 Fix openstack-nova-consoleauth service upgrade check
3381d59 Explicitly set nova/neutron/ceilometer host to expected fqdn
2c0029a Enable management network in network_data
beb9fa8 Add the service_config_settings from {{service-name}} base
b42cd09 Add the service_config_settings from nova-compute base
b6adea0 Enable nova-metadata health check
aa336c2 Enable nova placement health check
26196d4 Enable Tacker health check
3f42bf5 Enable gnocchi-metricd health check
4d94531 Enable gnocchi-api health check
51a4683 Enable nova-migration-target health check
152a506 Enable gnocchi-statsd health check
b4192f5 Enable cinder-api health check
289e8f4 Enable collectd health check
b48618f Enable aodh-api health check
cadfdc5 Enable etcd health check
a3294a7 Enable ceilometer-agent-central health check
7135bf1 Enable memcached health check
daf0b1c Enable iscsid health check
98a5f3a Containerize Neutron LBaaS service plugin
18cf981 Improve nova-ironic cellv2 discovery
33fe5c7 Use sensu-client healthcheck parameter
d021981 ovn: Mount /run instead of /run/openvswitch when starting ovn-controller container
49136f9 Adding missing OVN Metadata service to DVR environments
5b82516 Allowing Non-IP Traffic in L2 and L3 domains


Diffstat (except docs and test files)
-------------------------------------

README.rst                                         |   4 +-
capabilities-map.yaml                              |  18 +-
common/deploy-steps.j2                             |   4 +-
config-download-software.yaml                      |   1 +
config-download-structured.yaml                    |   1 +
deployed-server/deployed-server-roles-data.yaml    |   1 +
deployed-server/scripts/enable-ssh-admin.sh        |   5 +-
deployed-server/scripts/get-occ-config.sh          |   2 +-
.../octavia/octavia-deployment-config.yaml         |  35 ++++
environments/baremetal-services.yaml               |   6 +-
.../ceph-ansible/ceph-ansible-external.yaml        |   1 -
environments/ceph-ansible/ceph-ansible.yaml        |   1 -
environments/disable-telemetry.yaml                |   1 +
environments/lifecycle/ceph-upgrade-prepare.yaml   |  10 ++
environments/lifecycle/ffwd-upgrade-converge.yaml  |   3 +
environments/lifecycle/ffwd-upgrade-prepare.yaml   |  10 +-
environments/lifecycle/update-converge.yaml        |   3 +
environments/lifecycle/update-prepare.yaml         |   1 +
environments/lifecycle/upgrade-converge.yaml       |   2 +
environments/lifecycle/upgrade-prepare.yaml        |   1 +
environments/manila-unity-config.yaml              |   2 +
environments/neutron-ml2-ovn-hw-offload.yaml       |  40 -----
environments/neutron-nuage-config.yaml             |   3 +-
environments/neutron-opendaylight-hw-offload.yaml  |  31 ----
environments/neutron-ovs-hw-offload.yaml           |  24 ---
environments/ovs-hw-offload.yaml                   |  24 +++
environments/services-docker/ironic.yaml           |   2 -
environments/services-docker/neutron-lbaasv2.yaml  |   7 +
.../neutron-opendaylight-hw-offload.yaml           |  31 ----
.../neutron-opendaylight-sriov.yaml                |   3 +-
.../services-docker/neutron-ovn-dvr-ha.yaml        |   3 +
environments/services-docker/neutron-ovn-dvr.yaml  |   3 +
.../services-docker/neutron-ovn-hw-offload.yaml    |  44 -----
.../services-docker/neutron-ovs-hw-offload.yaml    |  24 ---
environments/services/neutron-lbaasv2.yaml         |   3 +-
environments/storage-environment.yaml              |   2 -
environments/storage/glance-nfs.yaml               |  16 ++
.../rhel-registration/scripts/rhel-registration    |   3 +-
.../tasks/instanceha/check-run-nova-compute        | 182 +++++++++++++++++++++
extraconfig/tasks/ssh/known_hosts_config.yaml      |  40 +++--
network/config/bond-with-vlans/README.md           |  11 +-
.../config/bond-with-vlans/compute-dpdk.j2.yaml    | 162 ------------------
network/config/bond-with-vlans/role.role.j2.yaml   |   6 +-
network/config/multiple-nics/README.md             |  11 +-
network/config/multiple-nics/role.role.j2.yaml     |   2 +-
.../role.role.j2.yaml                              |   8 +
network/config/single-nic-vlans/README.md          |  11 +-
network/config/single-nic-vlans/role.role.j2.yaml  |   4 +
network_data.yaml                                  |   8 +-
network_data_ganesha.yaml                          |   8 +-
overcloud-resource-registry-puppet.j2.yaml         |   2 +
overcloud.j2.yaml                                  |   1 +
plan-environment.yaml                              |   1 +
puppet/services/ceilometer-base.yaml               |   2 +-
puppet/services/ceph-external.yaml                 |   1 -
puppet/services/cinder-backend-dellemc-unity.yaml  |   2 -
.../cinder-backend-dellemc-vmax-iscsi.yaml         |   2 -
puppet/services/cinder-backend-dellemc-vnx.yaml    |   2 -
.../cinder-backend-dellemc-xtremio-iscsi.yaml      |   2 -
puppet/services/cinder-backend-dellps.yaml         |   2 -
puppet/services/cinder-backend-dellsc.yaml         |   2 -
puppet/services/cinder-backend-netapp.yaml         |   2 -
puppet/services/cinder-backend-pure.yaml           |   2 -
puppet/services/cinder-backend-scaleio.yaml        |   2 -
.../cinder-backend-veritas-hyperscale.yaml         |   2 -
puppet/services/cinder-base.yaml                   |   2 +-
puppet/services/cinder-hpelefthand-iscsi.yaml      |   2 -
puppet/services/docker.yaml                        |  11 ++
puppet/services/glance-api.yaml                    |  33 +++-
puppet/services/manila-backend-unity.yaml          |  13 ++
puppet/services/metrics/collectd.yaml              | 118 ++++++++-----
puppet/services/neutron-base.yaml                  |   4 +-
puppet/services/neutron-lbaas-agent.yaml           |  70 ++++++++
puppet/services/neutron-lbaas-api.yaml             |  56 +++++++
puppet/services/neutron-lbaas.yaml                 |  85 ----------
puppet/services/neutron-plugin-ml2-nuage.yaml      |   6 +
puppet/services/neutron-plugin-ml2-ovn.yaml        |  12 ++
puppet/services/nova-base.yaml                     |   2 +-
puppet/services/nova-libvirt.yaml                  |  12 +-
puppet/services/octavia-api.yaml                   |  18 +-
puppet/services/octavia-base.yaml                  |  14 +-
puppet/services/octavia-health-manager.yaml        |   3 -
puppet/services/octavia-housekeeping.yaml          |   2 -
puppet/services/octavia-worker.yaml                |  15 +-
...egments_plugin_to_default-8acb69b112d4b31c.yaml |   5 +
...ollectd-overcloud-gnocchi-049a63bbd196a9bb.yaml |   5 +
.../notes/collectd-polling-4aac123faaebd1bc.yaml   |   6 +
...tron-lbaas-service-plugin-20562487d6631c88.yaml |   5 +
...t-resource-name-to-number-80ada6c825554f56.yaml |   5 +
...ia-ssh-pub-key-to-keypair-70377d43bf76a407.yaml |   3 +
.../notes/fix_nova_host-0b82c88597703353.yaml      |   9 +
...bound_addr_all_transports-2fc9cd74d435a367.yaml |   9 +
...live_migration_port_range-54c28faf0a67a3fc.yaml |  11 ++
...ogrotate-containers-purge-a5587253fe6cbb28.yaml |  15 ++
.../octavia-amphora-ssh-245a21a35598440a.yaml      |   3 +
...pdate_manila_unity_driver-43aeb041029c4e7f.yaml |   5 +
roles/Controller.yaml                              |   1 +
roles/ControllerAllNovaStandalone.yaml             |   1 +
roles/ControllerNoCeph.yaml                        |   1 +
roles/ControllerNovaStandalone.yaml                |   1 +
roles/ControllerOpenstack.yaml                     |   1 +
roles/ControllerStorageNfs.yaml                    |   1 +
roles/Telemetry.yaml                               |   1 +
roles/UndercloudLight.yaml                         |  37 -----
roles_data.yaml                                    |   1 +
sample-env-generator/storage.yaml                  |   4 +
tools/yaml-validate.py                             |  26 +++
150 files changed, 1550 insertions(+), 919 deletions(-)







More information about the Release-announce mailing list