[release-announce] tripleo-heat-templates 8.3.0 (queens)
no-reply at openstack.org
no-reply at openstack.org
Fri Feb 15 15:25:38 UTC 2019
We are psyched to announce the release of:
tripleo-heat-templates 8.3.0: Heat templates for deploying OpenStack
with OpenStack.
This release is part of the queens stable release series.
The source is available from:
http://git.openstack.org/cgit/openstack/tripleo-heat-templates
Download the package from:
https://tarballs.openstack.org/tripleo-heat-templates/
Please report issues through launchpad:
https://bugs.launchpad.net/tripleo
For more details, please see below.
8.3.0
^^^^^
New Features
************
* Added support for containerized networking-ansible Ml2 plugin.
* Added support for networking-ansible ML2 plugin.
* Add *OctaviaEventStreamDriver* parameter to specify which driver
to use for syncing Octavia and Neutron LBaaS databases.
* Add new TunedCustomProfile parameter which may contain a string in
INI format describing a custom tuned profile. Also provide a new
environment file for users of hypercoverged Ceph deployments using
the Ceph filestore storage backened. The tuned profile is based on
heavy I/O load testing. The provided environment file creates
/etc/tuned/ceph-filestore-osd-hci/tuned.conf and sets this tuned
profile to be active. Not intended for use with Ceph bluestore.
Known Issues
************
* Fix misnaming of service in firewall rule for Octavia Health
Manager service.
Upgrade Notes
*************
* Deployers that used "resource_registry" override in their
environment to add networks to roles without also using a custom
roles data file must create a custom roles data file and add the
additional network(s) and use this when upgrading.
Previously it was possible to add additional networks to a role
without using a custom role by overriding the resource registry, for
example:
OS::TripleO::Compute::Ports::ExternalPort: ../network/ports/external.yaml
Warning: Since resources are no longer added to the plan unless
the network is specified in the role, the "resource_registry"
override alone is no longer sufficient.
* The default Octavia event_streamer_driver has changed from
*queue_event_streamer* to *noop_event_streamer*. See
https://bugs.launchpad.net/tripleo/+bug/1787608
Critical Issues
***************
* Networks not specified for roles in roles data ("roles_data.yaml")
no longer have Heat resources created. It is now mandatory that
custom roles are used when non-default networks is used for a role.
Previously it was possible to add additional networks to a role
without using a custom role by overriding the resource registry, for
example:
OS::TripleO::Compute::Ports::ExternalPort: ../network/ports/external.yaml
Note: The "resource_registry" override was the only requirement
prior to the introduction of *Composable Networks* in the Pike
release.Since Pike a custom role would ideally be used when adding
networks to roles, but documentation and other guides may not have
been properly updated and only mention the "resource_registry"
override.
Bug Fixes
*********
* Fixed an issue where if Octavia API or Glance API were deployed
away from the controller node with internal TLS, the service
principals wouldn't be created.
* In other sections we already use the internal endpoints for
authentication urls. With this change the auth_uri in the neutron
section gets moved from KeystoneV3Admin to KeystoneV3Internal.
* With tls-everywhere enabled connecting to keystone endpoint fails
to retrieve the URL for the placement endpoint as the certificate
can not be verified. While verification is disabled to check the
placement endpoint later, it is not to communicate with keystone.
This disables certificate verification for communication with
keystone.
* CephOSD/Compute nodes crash under memory pressure unless custom
tuned profile is used (bug 1800232).
Changes in tripleo-heat-templates 8.2.0..8.3.0
----------------------------------------------
6323aa3 Adding dependency for NetworkDeployment in 'server_resource_name'Deployment
f32321d [Queens-Only] Remove Glance's nfs hardcoded version
851b1e9 Catch directories we can not change ownership
52be3ef Move UpgradeInitCommand and UpgradeInitCommonCommand to run by Ansible
4b52a67 Run nova_statedir_owner on every run
22f8389 In process-templates script write output files to provided dir when using base path
2e38cba [Queens only] Include new parameter RHELRegistrationUpgrade to rhel-registration.
cb981c7 Set virt queue size as 1024 for all OVS-DPDK roles
f7a00ac Ensure logs folder is created in prep hosts tasks.
faa179f Add HorizonSecureCookies to environments/ssl/enable-tls.yaml
51fc8a6 Bind mount /var/lib/iscsi in containers using iSCSI
bd2da9b Fix typo in octavia upgrade_tasks
c2f9d77 Reno only - Check for available networks for a role
c39b37f Update auth parameters
a9d3373 puppet_config for rabbitmq_bundle needs file_line
b6cfecb Ensure unique containers names in docker-puppet
86074ef Move [neutron] auth_url to KeystoneV3Internal
18084f3 Remove unused nova packages from host during upgrade and update
1baecc6 Revert "[Ocata/Pike/Queens] Make rhel-registration scripts location absolute."
56b1509 Add Storage network to IronicConductor role
c61281b Update kolla_config to deal with keystone fernet key rotation
cbbf43b Spliting compact services in multiples lines
0d696a2 Add config files/templates to integrate nsx plugin with container
cd0b38e Upload amphora image in RAW format if RBD backend
6b65f0f Mount config-data/puppet-generated/nova for nova_api_ensure_default_cell
3f8ce6f Fix horizon's iptables rules for haproxy when split off a separate role
605d58b nova_compute fails to start in tls-everywhere configuration
a68197b Fix misnaming of service in firewall rule
c6f8bb1 Update tuned profile variable configuration file if it exists
8b2912d Add TunedCustomProfile parameter and HCI Ceph filestore environment
113fa47 Remove invalid comment in ips-from-pool-ctlplane
d54a6f7 ceilometer: --skip-metering-database is gone
719d009 Check for available networks for a role
3498a24 Remove nic for storage_mgt network
fde169a Move set of database_connection to OctaviaBase
f88dfe5 Change step to start nova placement and make compute wait for it
621b9d9 Allow to run docker-puppet.py with SELinux enabled
73d6f99 Add networking-ansible ML2 plugin support
23ecac6 neutron-cleanup skips ports marked skip_cleanup=true
e60a19a Fix Octavia hieradata keys
81144a7 Fix ServiceData in docker/services/aodh-api.yaml
dd41a9f Add more NSX config parameters
f9c02c6 Rename tripleo scenario00{6,9}-multinode-oooq (queens branch)
8f658fd Exposing NeutronDhcpOvsIntegrationBridge
d56ac4e Sharing hypervisor /var/lib/ironic with ironic-conductor container
4669ae0 Add metadata_settings to Octavia and Glance APIs
a81971e Add role definition for ComputeOvsDpdkSriov role
416ab20 Pass parameters for TLS proxy in front of Octavia-API
4acc955 Add reflection of RpcPort to health checks
aa8e6c0 Add NeutronSriovHostConfig mapping to neutron-sriov.yaml file
023dc2e Add OctaviaEventStreamerDriver and change default
Diffstat (except docs and test files)
-------------------------------------
capabilities-map.yaml | 5 +
.../network/multiple-nics/nic-configs/compute.yaml | 6 --
deployed-server/deployed-server.yaml | 21 ----
.../octavia/octavia-deployment-config.yaml | 5 +
.../nova_wait_for_placement_service.py | 111 +++++++++++++++++++++
environments/ips-from-pool-ctlplane.yaml | 4 +-
environments/lifecycle/upgrade-converge.yaml | 2 +-
environments/lifecycle/upgrade-prepare.yaml | 2 +-
environments/neutron-ml2-ansible.yaml | 8 ++
environments/neutron-nsx.yaml | 2 +
environments/neutron-sriov.yaml | 1 +
environments/nsx-config.yaml | 22 ++++
environments/services/neutron-ml2-ansible.yaml | 7 ++
environments/services/neutron-nsx-lbaasv2.yaml | 6 ++
environments/ssl/enable-tls.yaml | 4 +
environments/tuned-ceph-filestore-hci.yaml | 13 +++
.../nova_metadata/krb-service-principals.j2.yaml | 4 +-
.../rhel-registration/rhel-registration.yaml | 14 ++-
extraconfig/pre_network/ansible_host_config.yaml | 6 +-
overcloud-resource-registry-puppet.j2.yaml | 3 +-
overcloud.j2.yaml | 12 ++-
puppet/role.role.j2.yaml | 51 +++++-----
puppet/services/glance-api.yaml | 2 +
puppet/services/horizon.yaml | 2 +-
puppet/services/manila-scheduler.yaml | 11 +-
puppet/services/neutron-dhcp.yaml | 9 ++
puppet/services/neutron-plugin-ml2-ansible.yaml | 62 ++++++++++++
puppet/services/neutron-plugin-nsx.yaml | 36 +++++--
puppet/services/nova-base.yaml | 2 +-
puppet/services/octavia-api.yaml | 68 +++++++++++--
puppet/services/octavia-base.yaml | 10 ++
puppet/services/octavia-controller.yaml | 88 ++++++++++++++++
puppet/services/octavia-health-manager.yaml | 22 +++-
puppet/services/octavia-housekeeping.yaml | 13 ++-
puppet/services/octavia-worker.yaml | 47 +++------
puppet/services/tripleo-packages.yaml | 44 ++++++--
puppet/services/tuned.yaml | 15 ++-
...a-and-glance-tls-internal-5d8e46650b174626.yaml | 6 ++
...ing-ansible-containerized-de68f6c2fd6e05fc.yaml | 3 +
...-availble-network-in-role-7860d8d5cd1df4b0.yaml | 34 +++++++
...lth-manager-firewall-rule-cdffe31d580ecf4b.yaml | 4 +
.../ml2-networking-ansible-0330b1203f0fc75c.yaml | 3 +
..._url_to_internal_endpoint-aaf0e550750335eb.yaml | 7 ++
...rvice_disable_cert_verify-45f532d7a924df86.yaml | 9 ++
...t_streamer_driver-default-e5152c28713e7707.yaml | 8 ++
.../tuned_custom_profile-25d1f4a2bc217216.yaml | 15 +++
requirements.txt | 1 +
roles/ComputeOvsDpdk.yaml | 2 +
roles/ComputeOvsDpdkRT.yaml | 2 +
roles/ComputeOvsDpdkSriov.yaml | 61 +++++++++++
roles/ComputeOvsDpdkSriovRT.yaml | 62 ++++++++++++
roles/IronicConductor.yaml | 1 +
roles/Undercloud.yaml | 6 ++
roles_data_undercloud.yaml | 6 ++
sample-env-generator/ssl.yaml | 4 +
tools/process-templates.py | 6 +-
zuul.d/layout.yaml | 4 +-
150 files changed, 1689 insertions(+), 409 deletions(-)
Requirements updates
--------------------
diff --git a/requirements.txt b/requirements.txt
index ff25bfe..aaa5d7f 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -7,0 +8 @@ tripleo-common>=7.1.0 # Apache-2.0
+paunch>=1.0.0 # Apache-2.0
More information about the Release-announce
mailing list