[release-announce] . 10.5.0 (stein)
no-reply at openstack.org
no-reply at openstack.org
Thu Apr 18 15:13:17 UTC 2019
We are excited to announce the release of:
. 10.5.0: Heat templates for deploying OpenStack with OpenStack.
This release is part of the stein release series.
The source is available from:
https://opendev.org/openstack/.
Download the package from:
https://tarballs.openstack.org/tripleo-heat-templates/
For more details, please see below.
10.5.0
^^^^^^
New Features
************
* Added the configuration option to disable Exact Match Cache (EMC)
* A new parameter, CinderEtcdLocalConnect, is available for the
CinderVolume service. When deploying the service A/A, the parameter
can be set to true which willconfigure cinder-volume to connect to
Etcd locally through the node's own IP instead of going through a
VIP.
* The Etcd service is added to the DistributedCompute and
DistributedComputeHCI roles for Active/Active management of the
CinderVolume service.
* Added ability to rewrap project KEKs (key encryption keys) when
doing an upgrade. This allows deployers to rewrap KEKs whenever
they rotate the master KEK and HMAC keys when using the PKCS#11
plugin behind Barbican.
* Also added some needed ordering for master key creation, sync and
update when using a Thales HSM behind Barbican.
* Podman is now the default ContainerCli unless you deploy
Pacemaker. then you must run Docker when deploying on CentOS7.
* A new option "host_routes" are now available for subnet
defenitions in "undercloud.conf".
* Host routes specified for the *local_subnet* will be added to
the routing table on the Undercloud.
* Host routes for *all* subnets are passed to tripleo-heat-
templates so that the *host_routes* property of the ctlplane
subnets are set accordingly when installing the Undercloud.
* ContainerHealthcheckDisabled is a new parameter which allows to
disable the container healthcheck management in Paunch.
* Adds the ability to set "external_resource_network_id" for the
network, "external_resource_vip_id" for the network VIP,
"external_resource_subnet_id" for the subnet(s), and
"external_resource_segment_id" for the segment(s) to
network_data.yaml. When setting these properties, the external_id
attribute will be set on the corresponding Heat resources. This
causes Heat to not re-create these resources and instead adopt them
from outside the stack.
* A new service, OS::TripleO::Services::NovaAZConfig, is available
which can be used to create a host aggregate and availabiity zone in
Nova during the deployment. Compute nodes in the deployment will
also be added to the zone. The zone name is set with the parameter
value NovaComputeAvailabilityZone. If let unset, it will default to
the root stack name. By default the service is mapped to None, but
can be enabled by including environments/nova-az-config.yaml.
* The parameter "NovaRbdPoolName" is changed to be role specific.
This requires the usage of host aggregates as otherwise it will
break live migration of instances as we can not do this with
different storage backends.
* New parameter "NovaNfsVersion" allow configuring the NFS version
used for nova storage (when NovaNfsEnabled is true). Since NFSv3
does not support full locking a NFSv4 version need to be used. To
not break current installations the default is the previous hard
coded version 4.
* By adding parameter *OctaviaAmphoraImageFormat*, it adds
flexibility to select amphora image format without forcing to use of
the *NovaEnableRbdBackend* parameter.
* When deploying with internal TLS, the Octavia API now runs as an
Apache WSGI application improving support for IPv6 and performance.
* Using Ansible timezone module to manage the system timezone for
the deployed systems.
* The *get_attr* function is now used to read the "gateway_ip" of a
ports subnet. The gateway_ip value is passed to nic config templates
using the "%network%InterfaceDefaultRoute" parameter. (This
parameter is only used if the network is present in the roles
"default_route_networks".) Using *get_attr* ensures that the correct
gateway ip address is used when networks have multiple subnets.
Upgrade Notes
*************
* Removes UpgradeRemoveUnusedPackages parameter and some service
upgrade_tasks that use this parameter to remove any unused packages.
* When deploying with internal TLS, previous versions configured a
separate TLS proxy to provide a secure access point for the Octavia
API. This is now implemented by running the Octavia API as an Apache
WSGI application and the Octavia TLS Proxy will be removed during
updates and upgrades.
Deprecation Notes
*****************
* The nova-placement service is deprecated in Stein and will be
replaced in Train by an extracted Placement API service.
* As of Rocky [1], the nova-consoleauth service has been deprecated
and cell databases are used for storing token authorizations. All
new consoles will be supported by the database backend and existing
consoles will be reset. Console proxies must be run per cell because
the new console token authorizations are stored in cell databases.
Lets deprecate it also in tripleo so that it can be removed in a
later release.
[1] https://docs.openstack.org/releasenotes/nova/rocky.html
* Managing timezone via puppet is now deprecated.
Bug Fixes
*********
* Fixes an issue that caused a subnet to be wrongly created on the
Undercloud provisioning network based on environment default values.
If the default "ctlplane-subnet" was renamed in "undercloud.conf",
the defaults for "ctlplane-subnet" in "environments/undercloud.yaml"
was merged with the subnets defined in "undercloud.conf". See bug
1820330 (https://bugs.launchpad.net/tripleo/+bug/1820330).
* ServiceNetMap now handles any network name when computing the
default network for each service in ServiceNetMapDefaults.
* Allow to configure Mistral parameters for Heartbeat and set sane
defaults for the Undercloud so we can deploy an Overcloud in Stein.
Fixes bug 1821611.
* With large number of OSDs, where each OSD need a connection, the
default nofile (1024) of nova_compute is too small. This changes the
default DockerNovaComputeUlimit to 131072 what is the same for
cinder.
* With cellsv2 multicell in each cell there needs to be a novnc
proxy as the console token is stored in the cell conductor database.
This change adds the NovaVncProxy service to the CellController role
and configures the endpoint to the local public address of the cell.
* If nova-manage command was triggered on a host for the first time
as root (usually manual runs) the nova-manage.log gets created as
root user. On overcloud deploy runs the nova-manage command is run
as nova user. In such situation the overcloud deploy fails as the
nova user can not write to the nova-manage.log. With this change we
run the chown of the logs files on every overcloud deploy to fix the
nova-manage.log file permissions.
Other Notes
***********
* Congress was removed, as it seems nobody used it. Therefore, we
don't need to keep supporting it.
Changes in . 10.4.0..10.5.0
---------------------------
da5b57c7b Handle any network name in ServiceNetMap
e701077c9 Add CinderEtcdLocalConnect parameter
00f35055d Add Etcd to DistributedCompute roles
0df81abe8 Add OS::TripleO::NovaAZConfig
0da9644b0 Fix the bond-with-vlans NIC config DPDK route indentation
ed51c04bf Fix typo in 2-linux-bonds-vlans NIC config templates
cb9497d76 Correct error catching while in "--check" mode
8043b1c6d Modifying the ovs-hw-offlaod file to adapt new changes
1efe2a018 Fixed wrong cinder store user name
23352806b Fix OVN yaql KeyError: type error
00842cf23 Update/combine docker/services/README.rst
a52498ab4 Move containers-common.yaml into deployment
3514952b8 move logging into deployment
170cd2be9 Allow to disable Container Healthchecks
983d17e02 Increase DockerNovaComputeUlimit default value
b4454024f Move warn clause as a shell task option.
e4901745e Allow NovaRbdPoolName to be role specific
00b56e07b Set Standalone's br-ctlplane MTU
e096a93e6 Do not set the cell endpoints for regular split-controlplane child stacks
551e35591 flatten the neutron-plugin-mlnx-sdn service
34a932c9c Ensure lvm2 is installed prior to lvm commands
80f0176f6 Bind mount undercloud.conf with ,z in mistral_executor
30cfaccb4 flatten the ovn service configurations
b01a57491 Set ulimit 16384 for Neutron SR-IOV container
b3bf680fb Ensure non-pacemaker versions for undercloud
031f5fb61 Do not archive ceph-ansible fetch directory if it is empty
56a51647c Add {{network.name}}NetworkVlanID to THT/net-config-*
5d3fe630d Increase default ulimit values for Neutron agents containers
f4460a580 Run octavia-api under httpd
7bf040e8f Fix minor typos
d8c605775 Make Ceph RGW accept ResellerAdmin role for administration
9a36edb32 Ensure we get rsyslog state, even in "--check" mode
a18a556d7 MetricsQdr: Add InternalTLS support
4bf9687d9 Stop writing /var/lib/container-startup-configs.json
e345b3c23 Run octavia external tasks with elevated permissions
b4e4878b8 Deprecate nova-consoleauth service
d80a956d7 Fix usage of satellite in organization mode
d4ea8e686 Add parameter ContainerImageRegistryCredentials
268aad225 Run nova_api unprivileged
b98519d09 Drop docker/docker-toool
b993163ff deployed-server: start and enable network service
d5ecc1f65 Make krb-service-principal metadata per-Role
e8f3436b6 Update to the ceilometer publisher list
ceb005b07 Fix RabbitMQ locale for CentOS 7 (t-h-t part)
fa37170f8 Add systemd dependency to openvswitch to neutron agents
c61c052fd Use tripleo-admin as octavia groups_vars owner
066fd3a36 Fix CI ipv6 NIC config default route
59c5e23c5 Jinja automation for %network%NetworkVlanId
12637c5ac remove dep job in gate
5e5c5cdd7 Backup /etc/os-net-config/config.json when os-net-config runs
bc9b922dd Force C.UTF-8 when dealing with rabbitmq
ffa6810e4 Add novnc proxy to cellsv2 multicell controller
e645d2e75 Fix comments in environments/net-* network configuration envs
4d4232384 Add ci/common as trigger to scenarios multinode
423ecead8 Disable a directory listing of /icons in httpd.
5f8e1fd33 Add GnocchiStorageS3BucketPrefix into deployment
26e369e0b turn voting/gating on scen009 master
26cd9f943 Fix conditional/if usage for amphora conversion
3c49d1c76 Fix skydive deployment not able to read ssh private key
1a6bd0c34 Use discovered private key file
405366fa3 Deprecate messaging params replaced by global oslo params
4e2056066 Remove osd_objectstore default
9e61e2313 Enable objects versioning for Ceph RadosGW
8523a90e1 Update zuul layout for new deployment directory
793187d62 Move Aide to deployments
876a65cd5 Default to 'podman' in container-puppet.py
0172f4153 Move container-puppet.py to common
1a802f3dd Adding configurability to the amphora image format
a0e262e20 TLS everywhere: switch Octavia to use DNS entries
dbe516df0 Provide option to disable EMC in puppet-vswitch
89def2b55 Fix Nova/Libvirt memory backed file conditions when they are role params
9b88439eb Fixes for freeipa_setup.sh
6ddadc193 Run mistral_executor unprivileged
a64311ee6 Update scenario 10 for flattened ceph
f370b81af Deprecate opendaylight service
cced6333b Add ExternalInterfaceDefaultRoute parameter to ci nic configs
0fb353339 [Configuration] Add missing py37 and corrected default envlist.
1de74ccc7 Rename docker-container-startup-configs to container-startup-configs
860333cf3 Rename /var/lib/docker-config-scripts to /var/lib/container-config-scripts
bd318943b Add %network%InterfaceDefaultRoute for compatibility
fc65d197c Move apache service under deployment directory
febab2bf8 ContainerCli param added to ceph-base heat template
4251eb781 ipaclient: do not explicitely install python-simplejson
374fafd66 mistral: configure heartbeat parameters to avoid action timeout
c7a97ce99 Add external_resource_vip_id property to network_data.yaml
c023784d5 Add storage_mgmt network to DistributedComputeHCI role
c4eb9688d Add external_resource_id properties to network_data.yaml
12fe2e1cd Only add VlanID parameters to multiple-nics examples if using vlans
b285c2686 Switch OpenShift nodes to use Podman
012948701 Stop loading nf_conntrack_proto_sctp module
b3ce4f00b Make sure openssl-perl is installed on split stack tls-everywhere deployments
d9df3c0ab Ensure we configure SELinux at the earliest stage.
ad05860f4 Enable paunch logging to its full extent
98c2b78dc Enable flat network for ovn
5c8456c5c move ceph-ansible into deployment
c693ba664 Use container_cli instead of docker to run mysql upgrade command.
5b38d9d96 Octavia: set net configuration to none for mkdir in containers
f316311a3 move undercloud-upgrade.yaml into deployment
8b0b6eeb4 move tempest to deployment
889573970 Replace hard-coded 'docker pull' by '{{container_cli}} pull'
55724c127 Translating scenario010 to standalone
b152659d8 We have to allow httpd to listen on those ports in some cases.
5b6984eb0 Fixup ipaclient.yaml for python3
ce9a83c8c Use get_attr to set %network%InterfaceDefaultRoute
38f3bfd76 correct parameter names in openid federation support
a4a51ed9c Tag external_post_deploy_steps
39930ed2f Only attempt to start previous MariaDB if the image is available
f441b25be Change scheme/port to template instead of getting from hiera
7985f02b8 nova: Deprecate the nova-placement service
a2db936e7 Change OS::TripleO::Services::OVNDBs to non ha file
ea2f759f7 move clustercheck.yaml into deployment
39be82216 flatten the cavium liquidio service
2a8fcc4dd Remove UpgradeRemoveUnusedPackages
393e89bfb Make nfs version for nova ephemeral storage configurable
214e8448a Add missing TLS configuration for ironic
b848cef62 Only bind-mount internal TLS haproxy dirs if enabled
281bea1a8 Move neutron-plugin-ml2.yaml to deployment
4c3438970 Open firewall port 3300 for ceph monitors v2 protocol
8b6ea5e14 Include python-panko client.
ea80847f9 Remove UndercloudCtlplaneSubnets defaults in UC env
c62247fa8 Run chown for nova log files on every run to fix wrong permissions
19fec5d9d Enable authtoken cache
256d763d4 rename rsyslogd service to rsyslog and deal with lack of reload.
1c33183c0 octavia: pass container cli to external deploy tasks
e7d3bd90c fix tox python3 overrides
c55cf61c9 Avoid "-a" cp option in order to avoid SELinux AVC
df403c2cd Add python36 job
9f0d23c78 Drop the old python35 job
b9d382c51 Increase log level for command failures
866a7f79e Manage system timezone with ansible
3bcea8e0c Fix: Unknown Property ML2HostConfigs
5ff6f7416 Switch ContainerCli to podman by default
c180847b8 Make sure ContainerCli is set to the stack
f1ab762ed Move Designate to Experimental
42b0bc930 Support ctlplane subnet host routes from undercloud.conf
95e142d84 Fix idempotency for horizon container logs
24fb8776d Rename docker_puppet_apply to container_puppet_apply
2182e0b0d Reload rsyslog/cron when we change timezones
79da22a89 Deploy steps playbook: add a step0 tag
836705161 Install and configure tmpwatch for log cleanup
2e261993e flatten the gnocchi service configurations
736a6aa16 Suppress output from copy tasks
0f3e0cfec Refactored configuration options for nova/neutron in manila
402ae1a6e Disable cinder's LVM backend when deploying Pure backend
8948eced7 Test the correct placement endpoint with multiple regions
fe1e1d79a Copy tripleo-admin key to mistral home directory
172594573 Disable TripleO UI service
ba9141c63 Set setype on etcd's service directory
cdfa27f07 Give sudo powers in Disable mysql task.
78ad47978 Drop unused parameters
80e2dad36 Add kek_rewrap functionality to Barbican
fc612b86b Delay check CI jobs until the pep8 passes..
b53f6bacd Request certificate for using host service principals
9799dd549 Fix metadata_settings for redis
3997198c2 flatten opendaylight-api service
f3b85e4ba Remove Congress
a1969b4f4 OVN: Add VLAN to NeutronNetworkType
7a6c99476 Clean up after tripleo_persist and tripleo_transfer
a85b00bb8 Always include step tasks in external update/upgrade
ca944436d Set the NTP server on Sahara too
abff4fd29 Remove tasks that stop and disable Horizon services.
b697b0184 Allow embedded Skydive etcd port
1827ba884 Set neutron tenant network types for ODL configurations
b2f76a9a7 Default ControlPlaneMtu to 1500
1e3fd7e84 Update the min tox version to 2.0
bb4f86fc0 Deploy Sahara with unversioned endpoints
b1b67ac63 Introduce OpenShiftAnsiblePath parameter
32d993bbf Trim whitespace in multi-line env descriptions
1bfa62c09 Update min tox version to 2.0
6bf6c5ac1 Fix a spelling mistake
Diffstat (except docs and test files)
-------------------------------------
README.rst | 2 -
capabilities-map.yaml | 5 -
ci/common/net-config-multinode-os-net-config.yaml | 26 ++
ci/common/net-config-multinode.yaml | 26 ++
ci/common/net-config-simple-bridge.yaml | 26 ++
ci/environments/multinode-3nodes-registry.yaml | 2 +-
ci/environments/multinode-containers.yaml | 2 +-
.../nic-configs/compute-dvr.yaml | 2 +-
.../multiple-nics-ipv6/nic-configs/controller.yaml | 2 +-
.../scenario000-multinode-containers.yaml | 2 +-
.../scenario001-multinode-containers.yaml | 10 +-
ci/environments/scenario001-standalone.yaml | 14 +-
.../scenario002-multinode-containers.yaml | 2 +-
ci/environments/scenario002-standalone.yaml | 6 +-
.../scenario003-multinode-containers.yaml | 12 +-
ci/environments/scenario003-standalone.yaml | 10 +-
.../scenario004-multinode-containers.yaml | 14 +-
ci/environments/scenario004-standalone.yaml | 14 +-
.../scenario007-multinode-containers.yaml | 4 +-
.../scenario008-multinode-containers.yaml | 2 +-
.../scenario010-multinode-containers.yaml | 10 +-
ci/environments/scenario010-standalone.yaml | 98 ++++++
.../scenario012-multinode-containers.yaml | 2 +-
ci/environments/scenario012-standalone.yaml | 2 +-
ci/scripts/freeipa_setup.sh | 25 +-
{docker => common}/container-puppet.py | 14 +-
common/deploy-steps-tasks.yaml | 68 ++--
common/deploy-steps.j2 | 55 ++-
.../{services.yaml => services/role.role.j2.yaml} | 4 +-
.../nova_wait_for_placement_service.py | 1 +
.../deployed-server-bootstrap-centos.sh | 4 +
deployed-server/deployed-server-bootstrap-rhel.sh | 4 +
deployed-server/deployed-server-roles-data.yaml | 1 -
deployment/README.rst | 159 +++++++++
.../aide/aide-baremetal-puppet.yaml | 0
deployment/aodh/aodh-api-container-puppet.yaml | 18 +-
deployment/aodh/aodh-base.yaml | 18 +-
.../aodh/aodh-evaluator-container-puppet.yaml | 16 +-
.../aodh/aodh-listener-container-puppet.yaml | 16 +-
.../aodh/aodh-notifier-container-puppet.yaml | 16 +-
.../apache/apache-baremetal-puppet.j2.yaml | 1 +
.../barbican/barbican-api-container-puppet.yaml | 108 ++++--
.../liquidio-compute-config-container-puppet.yaml | 55 ++-
.../ceilometer-agent-central-container-puppet.yaml | 16 +-
.../ceilometer-agent-compute-container-puppet.yaml | 20 +-
.../ceilometer-agent-ipmi-container-puppet.yaml | 16 +-
...ometer-agent-notification-container-puppet.yaml | 16 +-
.../ceilometer-base-container-puppet.yaml | 100 ++++--
.../ceph-ansible/ceph-base.yaml | 51 ++-
.../ceph-ansible/ceph-client.yaml | 0
.../ceph-ansible/ceph-external.yaml | 0
.../ceph-ansible/ceph-mds.yaml | 0
.../ceph-ansible/ceph-mgr.yaml | 0
.../ceph-ansible/ceph-mon.yaml | 1 +
.../ceph-ansible/ceph-nfs.yaml | 0
.../ceph-ansible/ceph-osd.yaml | 5 +-
.../ceph-ansible/ceph-rbdmirror.yaml | 0
.../ceph-ansible/ceph-rgw.yaml | 0
deployment/cinder/cinder-api-container-puppet.yaml | 17 +-
.../cinder/cinder-backup-container-puppet.yaml | 16 +-
.../cinder/cinder-backup-pacemaker-puppet.yaml | 12 +-
deployment/cinder/cinder-base.yaml | 17 +-
.../cinder/cinder-common-container-puppet.yaml | 6 +-
.../cinder/cinder-scheduler-container-puppet.yaml | 16 +-
.../cinder/cinder-volume-container-puppet.yaml | 33 +-
.../cinder/cinder-volume-pacemaker-puppet.yaml | 12 +-
.../openstack-clients-baremetal-puppet.yaml | 1 +
deployment/congress/congress-container-puppet.yaml | 264 --------------
...ntainer-image-prepare-baremetal-ansible.j2.yaml | 12 +
.../services => deployment}/containers-common.yaml | 14 +-
deployment/database/mysql-base.yaml | 12 +-
deployment/database/mysql-container-puppet.yaml | 4 +-
deployment/database/mysql-pacemaker-puppet.yaml | 16 +-
deployment/database/redis-container-puppet.yaml | 22 +-
deployment/database/redis-pacemaker-puppet.yaml | 12 +-
.../logging/fluentd-container-puppet.yaml | 2 +-
.../monitoring/sensu-client-container-puppet.yaml | 4 +-
.../nova/nova-consoleauth-container-puppet.yaml | 20 +-
.../nova/nova-placement-container-puppet.yaml | 26 +-
.../opendaylight-api-container-puppet.yaml | 137 ++++++--
.../opendaylight-ovs-baremetal-puppet.yaml | 2 +
.../panko/panko-api-container-puppet.yaml | 4 +-
.../deprecated/time/timezone-baremetal-puppet.yaml | 60 ++++
.../tripleo-ui/tripleo-ui-container-puppet.yaml | 146 +-------
deployment/ec2/ec2-api-container-puppet.yaml | 2 +-
deployment/etcd/etcd-container-puppet.yaml | 1 +
deployment/experimental/README.rst | 6 +
.../designate/designate-api-container-puppet.yaml | 2 +-
.../designate/designate-base.yaml | 18 +-
.../designate-central-container-puppet.yaml | 4 +-
.../designate/designate-mdns-container-puppet.yaml | 4 +-
.../designate-producer-container-puppet.yaml | 2 +-
.../designate/designate-sink-container-puppet.yaml | 2 +-
.../designate-worker-container-puppet.yaml | 2 +-
deployment/glance/glance-api-container-puppet.yaml | 36 +-
.../gnocchi/gnocchi-api-container-puppet.yaml | 151 +++++++-
.../gnocchi}/gnocchi-base.yaml | 5 +
.../gnocchi/gnocchi-metricd-container-puppet.yaml | 32 +-
.../gnocchi/gnocchi-statsd-container-puppet.yaml | 26 +-
deployment/haproxy/haproxy-container-puppet.yaml | 19 +-
.../haproxy-internal-tls-certmonger.j2.yaml | 10 +-
deployment/haproxy/haproxy-pacemaker-puppet.yaml | 16 +-
deployment/heat/heat-api-cfn-container-puppet.yaml | 4 +-
deployment/heat/heat-api-container-puppet.yaml | 4 +-
deployment/heat/heat-base-puppet.yaml | 20 +-
deployment/heat/heat-engine-container-puppet.yaml | 2 +-
deployment/horizon/horizon-container-puppet.yaml | 35 +-
.../image-serve/image-serve-baremetal-ansible.yaml | 8 +
deployment/ironic/ironic-api-container-puppet.yaml | 29 +-
deployment/ironic/ironic-base-puppet.yaml | 18 +-
.../ironic/ironic-conductor-container-puppet.yaml | 18 +-
.../ironic/ironic-inspector-container-puppet.yaml | 16 +-
.../ironic-neutron-agent-container-puppet.yaml | 2 +-
deployment/ironic/ironic-pxe-container-puppet.yaml | 17 +-
deployment/iscsid/iscsid-container-puppet.yaml | 2 +-
.../keepalived/keepalived-container-puppet.yaml | 16 +-
deployment/kernel/kernel-baremetal-puppet.yaml | 1 -
deployment/keystone/keystone-container-puppet.yaml | 40 +--
.../logging/files/barbican-api.yaml | 0
.../logging/files/haproxy.yaml | 0
.../logging/files/heat-api-cfn.yaml | 0
.../logging/files/heat-api.yaml | 0
.../logging/files/heat-engine.yaml | 0
.../logging/files/keystone.yaml | 0
.../logging/files/neutron-api.yaml | 0
.../logging/files/neutron-common.yaml | 0
.../logging/files/nova-api.yaml | 13 +
.../logging/files/nova-common.yaml | 13 +
.../logging/files/nova-metadata.yaml | 0
.../logging/files/nova-placement.yaml | 0
.../logging/files/opendaylight-api.yaml | 0
.../logging/files/panko-api.yaml | 0
.../logging/rsyslog-sidecar-container-puppet.yaml | 2 +-
.../logging/stdout/barbican-api.yaml | 0
.../logging/stdout/haproxy.yaml | 0
.../logging/stdout/heat-api-cfn.yaml | 0
.../logging/stdout/heat-api.yaml | 0
.../logging/stdout/heat-engine.yaml | 0
.../logging/stdout/keystone.yaml | 0
.../logging/stdout/neutron-common.yaml | 0
.../logging/stdout/nova-api.yaml | 0
.../logging/stdout/nova-common.yaml | 0
.../logging/stdout/nova-libvirt.yaml | 0
.../logging/stdout/nova-metadata.yaml | 0
.../logging/stdout/nova-placement.yaml | 0
.../logging/stdout/panko-api.yaml | 0
.../logrotate-crond-container-puppet.yaml | 20 +-
.../tmpwatch-install.yaml} | 30 +-
deployment/manila/manila-api-container-puppet.yaml | 4 +-
deployment/manila/manila-base.yaml | 20 +-
.../manila/manila-scheduler-container-puppet.yaml | 19 +-
deployment/manila/manila-share-common.yaml | 2 +-
.../manila/manila-share-container-puppet.yaml | 19 +-
.../manila/manila-share-pacemaker-puppet.yaml | 12 +-
.../memcached/memcached-container-puppet.yaml | 2 +-
.../messaging/rpc-qdrouterd-container-puppet.yaml | 2 +-
deployment/metrics/collectd-container-puppet.yaml | 16 +-
deployment/metrics/qdr-container-puppet.yaml | 142 ++++++--
.../mistral/mistral-api-container-puppet.yaml | 16 +-
deployment/mistral/mistral-base.yaml | 55 ++-
.../mistral/mistral-engine-container-puppet.yaml | 16 +-
.../mistral-event-engine-container-puppet.yaml | 16 +-
.../mistral/mistral-executor-container-puppet.yaml | 36 +-
deployment/multipathd/multipathd-container.yaml | 2 +-
.../neutron/neutron-api-container-puppet.yaml | 16 +-
.../neutron-bgpvpn-api-container-puppet.yaml | 2 +-
.../neutron/neutron-dhcp-container-puppet.yaml | 14 +-
.../neutron/neutron-l2gw-api-container-puppet.yaml | 2 +-
.../neutron/neutron-l3-container-puppet.yaml | 14 +-
.../neutron-lbaas-api-container-puppet.yaml | 2 +-
.../neutron/neutron-metadata-container-puppet.yaml | 2 +-
.../neutron-ovs-agent-container-puppet.yaml | 31 +-
...eutron-plugin-ml2-ansible-container-puppet.yaml | 1 -
.../neutron-plugin-ml2-container-puppet.yaml | 0
...lugin-ml2-mlnx-sdn-assist-container-puppet.yaml | 45 ++-
.../neutron-sriov-agent-container-puppet.yaml | 7 +-
deployment/nova/nova-api-container-puppet.yaml | 32 +-
deployment/nova/nova-az-config.yaml | 91 +++++
deployment/nova/nova-base-puppet.yaml | 20 +-
deployment/nova/nova-compute-container-puppet.yaml | 43 ++-
.../nova/nova-conductor-container-puppet.yaml | 16 +-
deployment/nova/nova-ironic-container-puppet.yaml | 24 +-
deployment/nova/nova-libvirt-container-puppet.yaml | 14 +-
.../nova/nova-metadata-container-puppet.yaml | 4 +-
.../nova-migration-target-container-puppet.yaml | 2 +-
.../nova/nova-scheduler-container-puppet.yaml | 16 +-
.../nova/nova-vnc-proxy-container-puppet.yaml | 22 +-
deployment/nova/novajoin-container-puppet.yaml | 12 +-
.../octavia/octavia-api-container-puppet.yaml | 110 +++---
deployment/octavia/octavia-base.yaml | 18 +-
.../octavia/octavia-deployment-config.j2.yaml | 41 ++-
.../octavia-health-manager-container-puppet.yaml | 17 +-
.../octavia-housekeeping-container-puppet.yaml | 3 +-
.../octavia/octavia-worker-container-puppet.yaml | 31 +-
.../ovn/ovn-controller-container-puppet.yaml | 101 +++++-
.../ovn/ovn-dbs-container-puppet.yaml | 43 ++-
.../ovn/ovn-dbs-pacemaker-puppet.yaml | 19 +-
.../ovn/ovn-metadata-container-puppet.yaml | 106 +++++-
.../pacemaker/clustercheck-container-puppet.yaml | 2 +-
deployment/qdr/qdrouterd-container-puppet.yaml | 2 +-
deployment/rabbitmq/rabbitmq-container-puppet.yaml | 5 +-
...rabbitmq-messaging-notify-container-puppet.yaml | 2 +-
...rabbitmq-messaging-notify-pacemaker-puppet.yaml | 15 +-
.../rabbitmq-messaging-notify-shared-puppet.yaml | 2 +-
.../rabbitmq-messaging-pacemaker-puppet.yaml | 15 +-
.../rabbitmq-messaging-rpc-container-puppet.yaml | 2 +-
.../rabbitmq-messaging-rpc-pacemaker-puppet.yaml | 15 +-
deployment/sahara/sahara-api-container-puppet.yaml | 16 +-
deployment/sahara/sahara-base.yaml | 27 +-
.../sahara/sahara-engine-container-puppet.yaml | 16 +-
deployment/swift/swift-proxy-container-puppet.yaml | 37 +-
.../swift/swift-ringbuilder-container-puppet.yaml | 2 +-
.../swift/swift-storage-container-puppet.yaml | 21 +-
deployment/tacker/tacker-container-puppet.yaml | 20 +-
deployment/time/timezone-baremetal-ansible.yaml | 58 +++
.../tripleo-packages-baremetal-puppet.yaml | 18 +-
.../undercloud/tempest-container-puppet.yaml | 4 -
.../undercloud}/undercloud-upgrade.yaml | 0
deployment/zaqar/zaqar-container-puppet.yaml | 18 +-
.../neutron-plugin-ml2-mlnx-sdn-assist.yaml | 65 ----
environments/cavium-liquidio.yaml | 2 +-
.../ceph-ansible/ceph-ansible-external.yaml | 2 +-
environments/ceph-ansible/ceph-ansible.yaml | 8 +-
environments/ceph-ansible/ceph-mds.yaml | 2 +-
environments/ceph-ansible/ceph-rbdmirror.yaml | 2 +-
environments/ceph-ansible/ceph-rgw.yaml | 2 +-
environments/cinder-pure-config.yaml | 1 +
environments/docker-ha.yaml | 6 +-
environments/docker-uc-light.yaml | 2 +-
environments/enable-designate.yaml | 12 +-
environments/enable_congress.yaml | 2 -
environments/enable_tempest.yaml | 2 +-
environments/horizon_password_validation.yaml | 2 +-
.../lifecycle/undercloud-upgrade-prepare.yaml | 2 +-
environments/lifecycle/upgrade-converge.yaml | 1 -
environments/lifecycle/upgrade-prepare.yaml | 1 -
environments/manila-cephfsganesha-config.yaml | 2 +-
environments/metrics-collectd-qdr.yaml | 3 +-
environments/net-2-linux-bonds-with-vlans.j2.yaml | 2 +-
.../net-bond-with-vlans-no-external.j2.yaml | 2 +-
environments/net-bond-with-vlans-v6.j2.yaml | 2 +-
environments/net-bond-with-vlans.j2.yaml | 2 +-
environments/net-dpdkbond-with-vlans.j2.yaml | 2 +-
environments/net-multiple-nics-v6.j2.yaml | 2 +-
environments/net-multiple-nics.j2.yaml | 2 +-
.../net-single-nic-linux-bridge-with-vlans.j2.yaml | 2 +-
.../net-single-nic-with-vlans-no-external.j2.yaml | 2 +-
environments/net-single-nic-with-vlans-v6.j2.yaml | 2 +-
environments/net-single-nic-with-vlans.j2.yaml | 2 +-
environments/network-isolation-v6-all.j2.yaml | 6 +-
environments/network-isolation-v6.j2.yaml | 4 +
environments/network-isolation.j2.yaml | 4 +
environments/neutron-ml2-ovn-ha.yaml | 8 +-
environments/neutron-ovs-dvr.yaml | 2 +-
environments/nova-az-config.yaml | 2 +
environments/openshift.yaml | 2 +-
environments/ovs-hw-offload.yaml | 16 +-
environments/services-baremetal/congress.yaml | 2 -
.../services-baremetal/neutron-opendaylight.yaml | 2 +-
.../services-baremetal/neutron-ovn-ha.yaml | 6 +-
.../services-baremetal/undercloud-gnocchi.yaml | 6 +-
environments/services/congress.yaml | 2 -
.../services/neutron-opendaylight-sriov.yaml | 2 +-
environments/services/neutron-opendaylight.yaml | 4 +-
environments/services/neutron-ovn-dvr-ha.yaml | 8 +-
environments/services/neutron-ovn-ha.yaml | 8 +-
environments/services/neutron-ovn-standalone.yaml | 8 +-
environments/services/neutron-ovs-dvr.yaml | 2 +-
environments/services/neutron-ovs.yaml | 2 +-
environments/services/tempest.yaml | 2 +-
environments/services/undercloud-gnocchi.yaml | 6 +-
...ternal-tls.yaml => enable-internal-tls.j2.yaml} | 6 +-
environments/ssl/no-tls-endpoints-public-ip.yaml | 3 -
environments/ssl/tls-endpoints-public-dns.yaml | 3 -
environments/ssl/tls-endpoints-public-ip.yaml | 3 -
environments/ssl/tls-everywhere-endpoints-dns.yaml | 7 +-
environments/standalone.yaml | 3 +-
environments/standalone/standalone-overcloud.yaml | 5 +-
environments/standalone/standalone-tripleo.yaml | 8 +-
environments/stdout-logging.yaml | 30 +-
environments/storage-environment-external.yaml | 2 +-
environments/storage-environment.yaml | 10 +-
environments/undercloud.yaml | 76 +++-
.../role.role.j2.yaml} | 7 +-
.../post_deploy/undercloud_ctlplane_network.py | 2 +
extraconfig/post_deploy/undercloud_post.py | 6 +-
.../rhel-registration/rhel-registration.yaml | 6 +
.../rhel-registration/scripts/rhel-registration | 13 +-
extraconfig/services/ipaclient.yaml | 15 +-
extraconfig/services/openshift-master.yaml | 42 +--
extraconfig/services/skydive-analyzer.yaml | 10 +-
lower-constraints.txt | 2 +-
net-config-bond.j2.yaml | 8 +
net-config-bridge.j2.yaml | 8 +
net-config-linux-bridge.j2.yaml | 8 +
net-config-noop.j2.yaml | 8 +
net-config-standalone.j2.yaml | 5 +
...config-static-bridge-with-external-dhcp.j2.yaml | 8 +
net-config-static-bridge.j2.yaml | 8 +
net-config-static.j2.yaml | 8 +
net-config-undercloud.j2.yaml | 4 +
.../config/2-linux-bonds-vlans/role.role.j2.yaml | 13 +-
.../bond-with-vlans/controller-no-external.j2.yaml | 17 +-
.../config/bond-with-vlans/controller-v6.j2.yaml | 17 +-
network/config/bond-with-vlans/role.role.j2.yaml | 19 +-
network/config/multiple-nics/compute-dvr.j2.yaml | 21 +-
network/config/multiple-nics/controller-v6.j2.yaml | 17 +-
network/config/multiple-nics/role.role.j2.yaml | 15 +-
.../controller-v6.j2.yaml | 17 +-
.../role.role.j2.yaml | 13 +-
.../controller-no-external.j2.yaml | 17 +-
.../config/single-nic-vlans/controller-v6.j2.yaml | 17 +-
network/config/single-nic-vlans/role.role.j2.yaml | 13 +-
network/endpoints/endpoint_data.yaml | 15 -
network/endpoints/endpoint_map.yaml | 390 ++++-----------------
network/network.j2 | 21 +-
.../ports/external_resource_port.network.j2.yaml | 2 +
.../external_resource_port_v6.network.j2.yaml | 3 +
network/ports/noop.yaml | 3 +
network/ports/port.j2 | 7 +
network/ports/port_from_pool.j2 | 7 +
network/scripts/run-os-net-config.sh | 10 +-
network/service_net_map.j2.yaml | 27 +-
network_data.yaml | 16 +-
overcloud-resource-registry-puppet.j2.yaml | 65 ++--
overcloud.j2.yaml | 45 ++-
puppet/all-nodes-config.j2.yaml | 2 +-
puppet/role.role.j2.yaml | 45 ++-
puppet/services/congress.yaml | 152 --------
puppet/services/gnocchi-api.yaml | 198 -----------
puppet/services/gnocchi-metricd.yaml | 69 ----
puppet/services/gnocchi-statsd.yaml | 63 ----
puppet/services/liquidio-compute-config.yaml | 77 ----
puppet/services/neutron-base.yaml | 18 +-
puppet/services/neutron-plugin-ml2-ovn.yaml | 4 +-
puppet/services/opendaylight-api.yaml | 168 ---------
puppet/services/openvswitch.yaml | 9 +
puppet/services/ovn-controller.yaml | 127 -------
puppet/services/ovn-dbs.yaml | 65 ----
puppet/services/ovn-metadata.yaml | 134 -------
...cate-opendaylight-service-64b960923324edc4.yaml | 5 +
.../notes/OvsDisableEMC-ab29e5c08856d439.yaml | 3 +
...tcdLocalConnect-parameter-8831aad928235458.yaml | 6 +
...etcd-to-distributed-roles-9fe55e4d05f46874.yaml | 5 +
...dd-kek-rewrap-to-barbican-ef930dda85fe1e1d.yaml | 7 +
.../notes/congress_removal-95dd16335fbb8bce.yaml | 5 +
.../notes/container_cli-64a217e8abb508c4.yaml | 5 +
...dercloud-conf-host-routes-00e981d1f00405d8.yaml | 12 +
...ne-subnet-defaults-merged-5a6061b29618f5cf.yaml | 9 +
...ork-name-in-ServiceNetMap-efffd0583bab827f.yaml | 4 +
.../healthcheck_disabled-7e67b45cda9afb17.yaml | 5 +
.../notes/mistral_timeout-c00344d5b3d8c4b0.yaml | 6 +
...ta-external-id-properties-20d4aec2e557e980.yaml | 9 +
...va-az-config-service.yaml-ed7f3846398b2291.yaml | 9 +
.../notes/nova-placement-43fd353e6870461c.yaml | 5 +
...va-rbd-pool-role-specific-010f6072d641d84f.yaml | 6 +
...va_add_nfs_vers_parameter-62b9e9d6150358d1.yaml | 8 +
.../nova_compute_nofile-0427e49cc8ae70a6.yaml | 6 +
...ova_deprecate_consoleauth-ffb93ffa5393b630.yaml | 13 +
...nova_novnc_proxy_per_cell-f2d0c50d3c21c46c.yaml | 7 +
...run_chown_on_every_deploy-c366af9898ecaeed.yaml | 9 +
...avia-amphora-image-format-f2f3f494e6fbe82c.yaml | 6 +
...ssaging-separate-backends-2d2221066f88f479.yaml | 9 +
...nused-packages-on-upgrade-99bfd428dd52b4c9.yaml | 4 +
.../run-octavia-under-apache-94afa32e4f1ae3e1.yaml | 11 +
.../notes/timezone-ansible-c7ffcd118f881b82.yaml | 8 +
...r-interface-default-route-2578a4d292901024.yaml | 9 +
requirements.txt | 2 +-
roles/CellController.yaml | 1 +
roles/Controller.yaml | 1 -
roles/ControllerAllNovaStandalone.yaml | 1 -
roles/ControllerNoCeph.yaml | 1 -
roles/ControllerNovaStandalone.yaml | 1 -
roles/ControllerOpenstack.yaml | 1 -
roles/ControllerStorageNfs.yaml | 1 -
roles/DistributedCompute.yaml | 1 +
roles/DistributedComputeHCI.yaml | 3 +
roles/Standalone.yaml | 2 +-
roles/Undercloud.yaml | 1 +
roles_data.yaml | 1 -
roles_data_undercloud.yaml | 1 +
sample-env-generator/enable-services.yaml | 12 +-
sample-env-generator/ssl.yaml | 24 +-
sample-env-generator/standalone.yaml | 9 +-
sample-env-generator/storage.yaml | 2 +
tools/check-up-to-date.sh | 2 +-
tools/process-templates.py | 11 +
tools/yaml-diff.py | 32 ++
tools/yaml-validate.py | 28 +-
tox.ini | 5 +-
tripleo_heat_templates/environment_generator.py | 5 +-
zuul.d/layout.yaml | 141 +++++---
395 files changed, 3463 insertions(+), 4140 deletions(-)
Requirements updates
--------------------
diff --git a/requirements.txt b/requirements.txt
index 7f3177f7f..2527f95bc 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -9 +9 @@ tripleo-common>=7.1.0 # Apache-2.0
-paunch>=4.0.0 # Apache-2.0
+paunch>=4.2.0 # Apache-2.0
More information about the Release-announce
mailing list