[release-announce] tripleo-heat-templates 10.6.2 (stein)
no-reply at openstack.org
no-reply at openstack.org
Thu Dec 12 10:28:12 UTC 2019
We are chuffed to announce the release of:
tripleo-heat-templates 10.6.2: Heat templates for deploying OpenStack
with OpenStack.
This release is part of the stein stable release series.
The source is available from:
https://opendev.org/openstack/tripleo-heat-templates
Download the package from:
https://tarballs.openstack.org/null/
Please report issues through:
https://bugs.launchpad.net/tripleo/+bugs
For more details, please see below.
10.6.2
^^^^^^
New Features
************
* Added the "connection_logging" parameter for the Octavia service.
* Three new parameter options are now added to Octavia service
(OctaviaConnectionMaxRetries, OctaviaBuildActiveRetries,
OctaviaPortDetachTimeout)
* deep_compare is now enabled by default for stonith resources,
allowing their properties to be updated via stack update. To disable
it set 'tripleo::fencing::deep_compare: false'.
* Added NeutronPermittedEthertypes to allow configuring additional
ethertypes on neutron security groups for L2 agents that support it.
* Added new heat param OVNOpenflowProbeInterval to set
ovn_openflow_probe_interval which is inactivity probe interval of
the OpenFlow connection to the OpenvSwitch integration bridge, in
seconds. If the value is zero, it disables the connection keepalive
feature, by default this value is set on 60s. If the value is
nonzero, then it will be forced to a value of at least 5s.
* On undercloud and standalone, install rsyslog on the host by
default. See https://bugs.launchpad.net/tripleo/+bug/1850562
* Under pressure, the default monitor timeout value of 20 seconds is
not enough to prevent unnecessary failovers of the ovn-dbs pacemaker
resource. While spawning a few VMs in the same time this could lead
to unnecessary movements of master DB, then re-connections of ovn-
controllers (slaves are read-only), further peaks of load on DBs,
and at the end it could lead to snowball effect. Now this value can
be configurable by OVNDBSPacemakerTimeout which will configure
tripleo::profile::pacemaker::ovn_dbs_bundle (default is set to 60s).
Bug Fixes
*********
* Restart certmnonger after registering system with IPA. This
prevents cert requests not completely correctly when doing a
brownfield update.
* If nova-api is delayed starting then the
nova_wait_for_compute_service can timeout. A deployment using a
slow/busy remote container repository is particularly susceptible to
this issue. To resolve this nova_compute and
nova_wait_for_compute_service have been postponed to step_5 and a
task has been added to step_4 to ensure nova_api is active before
proceeding. Resolves Bug 1842948
(https://bugs.launchpad.net/tripleo/+bug/1842948).
Other Notes
***********
* Add "port_forwarding" service plugin and L3 agent extension to be
enabled by default when Neutron ML2 plugin with OVS driver is used.
New config option "NeutronL3AgentExtensions" is also added. This new
option allows to set list of L3 agent's extensions which should be
used by agent.
* Add "radvd_user" configuration parameter to the Neutron L3
container. This parameter defines the user pased to radvd. The
default value is "root".
Changes in tripleo-heat-templates 10.6.1..10.6.2
------------------------------------------------
886c51549 Make sure we apply all deploy step-0 during update.
2ab5aa36a Enable "port_forwarding" feature in neutron ML2 ovs environment
a26b5ce8a Don't fail hard when facter cache doesn't work correctly
07bb11f55 [Stein Only] Fix bad configuration path in nova-placement wait
4d99d7bdd Fix typo in MySQL upgrade tasks.
694ec6d4c Incorrect group name issue on non DPDK compute
436b72550 Add configurable monitor timeouts for ovn dbs
fcabffdc1 Add ../network/scripts/ to search path for run-os-net-config.sh
fc5ca307b Include ceph-ansible filter_plugins
6e843c594 Correct mysql-pacemaker upgrade task
b686e27a4 [Steing Only] Correct ovn_dbs_image heat's parameter.
3ec4d25cb Adds ceph-systemd tag in external_upgrade_tasks for systemd units
ad729328d Define ovn_dbs_image fact for upgrades.
d54d0d92c Fix typo in OVN upgrade tasks.
c2e2706c5 Fix debug hiera keys
fec5139e5 Simplify and correct how we provide the undercloud.conf to mistral
de92a638f Mode 0750 for /var/log/containers
1919a6961 Fix duplicate mount point in neutron_dhcp
f29003fa1 Move bootstrap password to an environment var
0313b9e3c Fix container-puppet tool standalone for podman
03c614653 Disable haproxy when using external LB
98032a162 Add "radvd_user" config parameter to Neutron L3 container
42ba2c65e Install and start Rsyslog on the Undercloud & Standalone
fb494f110 Honor Debug for container image prepare
4a8a8ec1d Configure amphora for upload and run tempest
61c40a780 Adapt ContainerImagePrepareDebug to the string pattern
4d32c22fe Added the connection_logging parameter for Octavia
5eb01c517 Restart certmnonger after registering system with IPA
165036cee Normalise all pacemaker resource upgrade tasks for staged upgrades
3d1afbaf9 Derives NovaPCIPassthrough per SR-IOV node
94ea0b622 Add second fact to ensure type safty
9770ed268 HA: ensure TRIPLEO_MINOR_UPDATE is defined for <svc>_restart_bundle
4e0ebeaa3 Less agressive cleanup of docker containers in post_upgrade_tasks
ca5f18da1 Add posibilities to set ovn_openflow_probe_interval for controller
6f5c3f944 Set bridge-nf-call-* values to 1
ef325acaf Use update_serial as an ansible variable
1e625554d Add missing step tag in updates/upgrades/ffu tasks
20b485fe8 Ensure nova-api is running before starting nova-compute containers
d9c60ab05 Workaround ovn cluster failure during update when schema change.
810fe0676 Podman 1.4.1 drops json-file in favor of k8s-file
8067adc6d Scenario 010 multinode fixups
7ecd756b7 Permit access to Ceph RGW for 'member' role
4eed33755 Add posibilities to configure OVNNorthboundServerPort in split stacks
7e303fdbb Fix double cert mount in haproxy bundle when using tls everywhere
38c695396 Set scenario009 job voting to false
053a5f4fb Remove containers before removing associated storage
aaa045ba3 Allow using registry authentication to pull ceph related containers
68a4e125b Fix Manila when run without pacemaker
7f250dae1 Add NeutronPermittedEthertypes on OVS agent
1e26c7875 Fix placement of Octavia services in roles
17c9074b7 nova-libvirt: set 'cpuset_cpus' to 'all'
e05f78838 Remove ContainerCLI from ovb-ha default file
e90b0d898 Add new parameter options to Octavia service
603ae5d3e Prevent running mysql data transfer twice by accident
8443b339b Resolve missing parenthesis causing variable exception
fb431cceb Fix selinux context for glance-api
6a0d99265 Enable deep_compare by default for stonith resources
7db107aa8 Run facts gathering always for upgrades.
7e7d310e1 Fix nova-conductor healthcheck RPC port
e95a183da Resolve broken zaqar container caused by logging issues
b3432d740 Rename pre/post deployments host vars
a077b176b Fix path path in TLS everywhere template
c530ba4f5 SELinux: correct type for /var/log/containers
Diffstat (except docs and test files)
-------------------------------------
ci/environments/ovb-ha.yaml | 2 -
.../scenario010-multinode-containers.yaml | 29 +--
ci/environments/scenario010-standalone.yaml | 6 +
common/container-puppet.py | 52 +++---
common/deploy-steps-tasks-step-0.j2.yaml | 10 ++
common/deploy-steps-tasks.yaml | 12 +-
common/deploy-steps.j2 | 27 ++-
.../nova_wait_for_api_service.py | 109 ++++++++++++
.../pacemaker_restart_bundle.sh | 1 +
...nt_service.py => placement_wait_for_service.py} | 0
deployment/ceph-ansible/ceph-base.yaml | 62 ++++++-
deployment/ceph-ansible/ceph-rgw.yaml | 2 +-
.../cinder/cinder-backup-pacemaker-puppet.yaml | 109 +++++++-----
.../cinder/cinder-volume-pacemaker-puppet.yaml | 33 ++--
...ntainer-image-prepare-baremetal-ansible.j2.yaml | 32 +++-
deployment/database/mysql-pacemaker-puppet.yaml | 41 +++--
deployment/database/redis-pacemaker-puppet.yaml | 32 ++--
.../docker/docker-baremetal-ansible.yaml | 15 +-
.../nova/nova-placement-container-puppet.yaml | 31 +++-
deployment/glance/glance-api-container-puppet.yaml | 6 +-
deployment/haproxy/haproxy-container-puppet.yaml | 48 ++---
deployment/haproxy/haproxy-pacemaker-puppet.yaml | 110 +++++++-----
deployment/heat/heat-base-puppet.yaml | 2 +-
deployment/kernel/kernel-baremetal-puppet.yaml | 19 ++
deployment/keystone/keystone-container-puppet.yaml | 8 +-
deployment/logging/rsyslog-baremetal-ansible.yaml | 57 ++++++
deployment/manila/manila-base.yaml | 2 +-
.../manila/manila-share-container-puppet.yaml | 5 +
.../manila/manila-share-pacemaker-puppet.yaml | 111 ++++++------
deployment/mistral/mistral-base.yaml | 2 +-
.../mistral/mistral-executor-container-puppet.yaml | 24 +--
.../neutron/derive_pci_passthrough_whitelist.py | 125 +++++++++++++
.../neutron/neutron-dhcp-container-puppet.yaml | 5 -
.../neutron/neutron-l3-container-puppet.yaml | 21 +++
.../neutron-ovs-agent-container-puppet.yaml | 12 ++
.../neutron-ovs-dpdk-agent-container-puppet.yaml | 7 +-
.../neutron-sriov-agent-container-puppet.yaml | 14 ++
deployment/nova/nova-api-container-puppet.yaml | 124 ++++++++-----
.../nova/nova-compute-common-container-puppet.yaml | 25 +--
deployment/nova/nova-compute-container-puppet.yaml | 23 +--
.../nova/nova-conductor-container-puppet.yaml | 3 +-
deployment/nova/nova-ironic-container-puppet.yaml | 4 +-
deployment/nova/nova-libvirt-container-puppet.yaml | 1 +
deployment/octavia/octavia-base.yaml | 20 +++
.../ovn/ovn-controller-container-puppet.yaml | 7 +
deployment/ovn/ovn-dbs-pacemaker-puppet.yaml | 195 +++++++++++++--------
deployment/podman/podman-baremetal-ansible.yaml | 11 +-
deployment/sahara/sahara-base.yaml | 2 +-
deployment/swift/swift-proxy-container-puppet.yaml | 42 +++--
.../swift/swift-storage-container-puppet.yaml | 44 ++---
.../tripleo-packages-baremetal-puppet.yaml | 49 +++---
deployment/zaqar/zaqar-container-puppet.yaml | 2 +-
environments/external-loadbalancer-vip-v6-all.yaml | 2 +
environments/external-loadbalancer-vip-v6.yaml | 2 +
environments/external-loadbalancer-vip.yaml | 2 +
.../services/haproxy-internal-tls-certmonger.yaml | 2 +-
environments/services/neutron-ovs.yaml | 4 +-
environments/standalone/standalone-tripleo.yaml | 1 +
environments/storage-environment.yaml | 2 +-
environments/storage/glance-nfs.yaml | 4 +-
environments/undercloud.yaml | 3 +
extraconfig/services/ipaclient.yaml | 19 +-
puppet/role.role.j2.yaml | 1 +
puppet/services/neutron-plugin-ml2-ovn.yaml | 5 +
puppet/services/pacemaker.yaml | 1 +
puppet/services/pacemaker_remote.yaml | 1 +
...nection-logging-parameter-e51f59175c8da204.yaml | 3 +
...three-more-octavia-params-1e4a32f910e5f1fc.yaml | 6 +
...able-deep_compare-fencing-698cec642ecd54a4.yaml | 6 +
...ort-forwarding-in-neutron-956cb21a3310e881.yaml | 8 +
releasenotes/notes/fix-bridge-nf-call-defaults.rst | 6 +
.../l3_agent_radvd_user-1814df18745101d6.yaml | 6 +
...tron-permitted-ethertypes-80dc7f2154786881.yaml | 5 +
...n_openflow_probe_interval-fd99301d95aac62e.yaml | 8 +
.../notes/restart-certmonger-244416f537859bac.yaml | 5 +
releasenotes/notes/rsyslog-5dc93db5eb8fc953.yaml | 5 +
.../setup_timeouts_ovn_dbs-141be475dd2cd7ae.yaml | 11 ++
.../notes/wait_for_nova_api-7af0c6db1b607216.yaml | 9 +
roles/ControllerAllNovaStandalone.yaml | 4 +-
roles/ControllerNovaStandalone.yaml | 1 +
roles/ControllerOpenstack.yaml | 3 -
roles/Networker.yaml | 4 +
roles/Undercloud.yaml | 1 +
roles_data_undercloud.yaml | 1 +
sample-env-generator/standalone.yaml | 2 +
tools/yaml-nic-config-2-script.py | 1 +
zuul.d/layout.yaml | 15 --
87 files changed, 1339 insertions(+), 555 deletions(-)
More information about the Release-announce
mailing list