[release-announce] tripleo-heat-templates 8.4.0 (queens)
no-reply at openstack.org
no-reply at openstack.org
Fri Jun 21 15:38:37 UTC 2019
We are satisfied to announce the release of:
tripleo-heat-templates 8.4.0: Heat templates for deploying OpenStack
with OpenStack.
This release is part of the queens stable release series.
The source is available from:
https://opendev.org/openstack/tripleo-heat-templates
Download the package from:
https://tarballs.openstack.org/tripleo-heat-templates/
Please report issues through:
https://bugs.launchpad.net/tripleo/+bugs
For more details, please see below.
8.4.0
^^^^^
New Features
************
* Added the configuration option to disable Exact Match Cache (EMC)
* Support setting values for "cephfs_volume_mode" manila parameter
via the THT parameter ManilaCephFSCephVolumeMode. These control the
POSIX rwx mode of the cephfs volumes, snapshots, and groups of these
that back corresponding manila resources. Default value for
ManilaCephFSCephVolumeMode is '0755', backwards-compatible with the
mode for these objects before it was settable.
* Add new CinderNfsSnapshotSupport parameter, which controls whether
cinder's NFS driver supports snapshots. The default value is True.
* The parameter {{role.name}}RemovalPoliciesMode can be set to
'update' to reset the existing blacklisted nodes in heat. This will
help re-use the node indexes when required.
* Allows a deployer to specify the IdM domain with --domain on the
ipa-client-install invocation by providing the IdMDomain parameter.
* Allows a deployer to direct the ipa-client-install to skip NTP
setup by specifying the IdMNoNtpSetup parameter. This is useful if
the ipa-client-install setup clobbers the NTP setup by puppet.
* New parameters, NovaCronDBArchivedMaxDelay and
CinderCronDbPurgeMaxDelay, are introduced to configure max_delay
parameter to calculate randomized sleep time before db
archive/purge. This avoids db collisions when performing db
archive/purge operations on multiple controller nodes.
* The passphrase for config option 'server_certs_key_passphrase',
that was recently added to Octavia, and will now be auto-generated
by TripleO by adding OctaviaServerCertsKeyPassphrase to the list of
parameters TripleO configures in Octavia.
* To allow PAM to create home directory for user who do not have
one, ipa-client-install need an option. This change allow to enable
it.
* Configure Neutron API for Nova Placement When the Neutron Routed
Provider Networks feature is used in the overcloud, the Networking
service will use those credentials to communicate with the Compute
scheduler's placement API.
* The parameters "NovaNfsEnabled", "NovaNfsShare", "NovaNfsOptions",
"NovaNfsVersion" are changed to be role specific. This requires the
usage of host aggregates as otherwise it will break live migration
of instances as we can not do this with different storage backends.
* The parameter "NovaRbdPoolName" is changed to be role specific.
This requires the usage of host aggregates as otherwise it will
break live migration of instances as we can not do this with
different storage backends.
* New parameter "NovaNfsVersion" allow configuring the NFS version
used for nova storage (when NovaNfsEnabled is true). Since NFSv3
does not support full locking a NFSv4 version need to be used. To
not break current installations the default is the previous hard
coded version 4.
* The Shared File Systems service (manila) API has been switched to
running behind httpd, and it now supports configuring TLS options.
Upgrade Notes
*************
* Cinder's NFS driver does not support snapshots unless the feature
is explicitly enabled (this policy was chosen to ensure
compatibility with very old versions of libvirt). The
CinderNfsSnapshotSupport default value is True, and so the new
default behavior enables NFS snapshots. This change is safe because
it just enables a capability (i.e. snapshots) that other cinder
drivers generally provide.
* Per-service config_settings should now use hiera interpolation to
set the bind IP for services, e.g "%{hiera('internal_api')}" whereas
prior to this release we replaced e.g internal_api for the IP
address internally. The network name can still be derived from the
ServiceNetMap - all the in-tree templates have been converted to the
new format, but any out of tree templates may require similar
adjustment.
* Keystone catalog entries for Cinder's v1 API are no longer
created, but existing entries will not be automatically deleted.
Deprecation Notes
*****************
* The only OVN Tunnel Encap Type that we are supporting in OVN is
Geneve and this is set by default in ovn puppet. So there are no
need to set it in TripleO
Bug Fixes
*********
* Fixes an issue where deployment would fail if a non-default
"name_lower" is used in network data for one of the networks:
"External", "InternalApi" or "StorageMgmt". (See bug: 1830852
(https://bugs.launchpad.net/tripleo/+bug/1830852).)
* Fixed service auth URL in Octavia to use the Keystone v3 internal
endpoint.
* It is now possible for temporary containers inside THT to test if
they are being run as part of a minor update by checking if the
TRIPLEO_MINOR_UPDATE environment variable is set to 'true' (said
containers need to export it to the container explicitely), see
<service>_restart_bundles for examples.
* When setting up TLS everywhere, some deployers may not have their
FreIPA server in the ctlplane, causing the ipaclient registration to
fail. We move this registration to host-prep tasks and invoke it
using ansible. At this point, all networks should be set up and the
FreeIPA server should be accessible.
* [1] switched to run nova-manage discovery as non root user. In
case of updates there can be already a nove-manage log owned by root
from previous runs. This change make sure we change the owner of
nova- manage log to nova:nova on overcloud deploy runs on the
computes
[1] https://review.opendev.org/#/c/652039/13/deployment/nova/nova-
compute-container-puppet.yaml
* With large number of OSDs, where each OSD need a connection, the
default nofile (1024) of nova_compute is too small. This changes the
default DockerNovaComputeUlimit to 131072 what is the same for
cinder.
* Change-Id: I1a159a7c2ac286373df2b7c566426b37b7734961 moved the
dicovery to run on a single compute host to not race on simultanious
nova-manage commands. This change make sure we run the discover on
every deploy run which is required for scaling up events.
* If nova-manage command was triggered on a host for the first time
as root (usually manual runs) the nova-manage.log gets created as
root user. On overcloud deploy runs the nova-manage command is run
as nova user. In such situation the overcloud deploy fails as the
nova user can not write to the nova-manage.log. With this change we
run the chown of the logs files on every overcloud deploy to fix the
nova-manage.log file permissions.
* The keystone service and endpoint for Cinder's API v1 are no
longer created. Cinder removed support for its v1 API in Queens.
* Historically if a puppet definition for a pacemaker resource did
change puppet would not update it. We now enable the updating of
pacemaker resources by default. The main use case being restarting a
bundle when a bind mount gets added. Puppet will wait for the
resource to completely restart before proceeding with the deploy.
Other Notes
***********
* The common tasks in deploy-steps-tasks.yaml that are common to all
roles are now tagged with one of: host_config, container_config,
container_config_tasks, container_config_scripts, or
container_startup_configs.
* The step plays in deploy-steps.j2 (which generates the
deploy_steps_tasks.yaml playbook) are now tagged with step[1-5] so
that they can run individually if needed.
Changes in tripleo-heat-templates 8.3.1..8.4.0
----------------------------------------------
bc1bfd8f7 Fix NovaNfs role parameters
7e9e0cd60 Remove scenario008 jobs
f6883a0bf Fix log owner on computes during overcloud deploy runs
190689f4e Use auth_uri for Neutron API for Nova Placement
8b73814e7 Re-enable manila dashboard
127508c0f Backport miss to run discovery via bootstrap_host_exec
103431bba Add ComputeHCIOvsDpdk role
a17f79890 Fix correct network for nova-vnc
7b1e923ed Add panko_api_cron container
7e6b6bafa Add {{role.name}}RemovalPoliciesMode parameter
45ab7d963 Fix undefined variable python_interpreter
6cfa2976a Request certificate for using host service principals
e42e72b0f Configure server_certs_key_passphrase for Octavia
b2a9af00f Start/enable OVS on neutron ovs agent nodes
68dfc3006 Only request neutron certificate from neutron dhcp service
8d4f109a6 Clean metrics related environments
13f77b981 Revert "[queens-only] Write docker config scripts only if config exists"
0d77e3d31 Configure Neutron API for Nova Placement...
257315572 Fix ssl.yaml generating GaneshaInternal in the endpoint map
916a5378c OVN: Add env file to deploy SRIOV with OVN.
43b074c10 Do not bind /run on host to nova_migration_target
be2977005 Remove bogus EXPERIMENTAL from services-docker file.
40467b0f3 [Rocky/Queens Only] Remove pre-upgrade validation tasks in cont services.
9934640fc Fix service auth URL in Octavia
82875a493 Fix haproxy stats network binding
073851d32 [queens-only] Write docker config scripts only if config exists
5e5f2d0f3 Fix custom network.name_lower in krb-service-principals
7edda0e2b Convert ServiceNetMap evals to hiera interpolation
525def101 Remove the iptables rules set via service_config_settings
a3662c067 Run collectd socket cleanup on container start
560f88532 Make krb-service-principal metadata per-Role
2c4004d7a [stable queens/pike] Use server_not_blacklisted condition
67b2ec841 Add domain and no-ntp options to ipaclient
e59c324e4 [FFWD] Fix cell0 database uri
2d9b95971 Fix run-os-net-config.sh to use ping6 for IPv6 hostnames
fd92a337b Add ability to specify dns search domains
eee4d27a4 Fix IPA client when doing brownfield deployment of internal TLS
5c37edc49 Add mkhomedir option to ipa-client-install
4a377819d Only add internal_api_virtual_ip if InternalApi in network_data
35fc35bc1 Try a timesync as part of first boot
4bce0f151 Enable serial execution for ansible host
4bde3dc4d Add cinder credentials to nova conf
c47de732a Set arp_notify to match ndisc_notify
306412539 Remove deprecated Ram/Disk filters in NovaSchedulerDefaultFilters
518741618 Fix NovaNfs role parameter precedence in conditions
10a6610f4 Remove OVNTunnelEncapType
181ecb583 Deployment: Properly pick bootstrap node per role
3ff4bdcd3 Enable ndisc_notify sysctl setting to notify of MAC changes
f14b4dcd8 Add parameter to configure maxdelay in db purge/archive job
3c9f7577c Allow ssh from all for undercloud
b81c74437 implement default ssh-from-ctlplane rule via hiera
72b0b93d2 Ensure there is no redis on host
cce6c7e34 Run nova-manage as root to prevent wrong nova-manage.log permissions
92d860e73 Run nova_cell_v2_discover_hosts.py on every deploy run
74ba670bb Allow NovaNfs parameters to be role specific
d8e4ee655 Avoid concurrent nova cell_v2 discovery instances
fa69837f9 Switch Manila API to httpd and support TLS
d158bc7fc Modifying the ovs-hw-offlaod file to adapt new changes
169ceb9a9 OpenDev Migration Patch
0fb8970bb fix storage.yaml to write environments/storage/nova-nfs.yaml
450d50f54 Run octavia-api under httpd
5f147a0b2 Add release check for ffwd upgrade tasks
7577c22f1 Allow NovaRbdPoolName to be role specific
babe303f2 Fixed wrong cinder store user name
847ec663c ceilometer_agent_notification: disable-panko.yaml
33784c053 Remove deprecated value used to set nova_metadata_ip
9ddef7106 Provide option to disable EMC in puppet-vswitch
3c0a2190f Increase DockerNovaComputeUlimit default value
35b4bf6e0 Set ulimit 16384 for Neutron SR-IOV container
bf87c099c Fix usage of satellite in organization mode
bc30fb036 Increase default ulimit values for Neutron agents containers
dc9a67ced Do not restart bundles during a minor update
79eddd155 Be able to know when we are running inside a minor update workflow
2a734381f Enable deep_compare of pcmk resources by default
9a1ebb368 Add GnocchiStorageS3BucketPrefix into deployment
bb9592fd3 Add support to ping IPv6 metadata IP
3bc041b47 Fix tempest volume tests on queens
96de607ed Add support for cinder NFS snapshots
f6c4f652c [queens-only] Remove primary role constraint to deploy NodeTLSData
e51967ff2 Disable a directory listing of /icons in httpd.
9b78d4eff TLS everywhere: switch Octavia to use DNS entries
ff5a5bf5a Simplify ssh known_hosts entries for non-default port
65b285ffa Include ssh known_hosts entries for non-default port
95b235403 Enable flat network for ovn
48b277cdc [Queens-only] Install and configure tmpwatch for log cleanup
221a9eb5d Pass all vars to deploy-steps-tasks.yaml with config-download
849d5ce55 Fix reload notification file
4826a2de3 Stop iscsid when running FFU tasks.
23271148f Make nfs version for nova ephemeral storage configurable
bd5246616 Remove unused parameter NovaPassword
fb4ef9101 Disable cinder's LVM backend when deploying Pure backend
f7bae9b7f Fix python binary lookup regression
86c8de92b Don't create service or endpoint for cinder API v1
f036df558 Run chown for nova log files on every run to fix wrong permissions
1cb29d0c8 Add missing TLS configuration for ironic
68e57adde Remove ENV parameters for nova_cell_v2_discover_host.py
ace57871f Convert with_dict tasks to use loop and be less chatty
f56b8b547 Optional ICMP validation of controllers and gateways
4f4bd1c28 Tag tasks in in common tasks
ec02985da Reload rsyslog/cron when we change timezones
2c7f55cf1 Support cephfs_volume_mode parameter
7fad087a8 Refactored configuration options for nova/neutron in manila
f29a2fdeb Switch scenario004-multinode-containers to Ceph filestore
7761ae38d Fix idempotency for horizon container logs
9e26c529a Rework nova_cell_v2_discover_host.py to use nova.conf and python novaclient
0371fb3c3 Add missing entries for Pure Storage Cinder Backend and fix typos
8d77ea169 Move cellv2 discovery from control plane services to compute services
6d44ae7b6 (Queens only) Remove privileged capabilities from nova-metadata
c05aa892e [stable/queens] Add a check for kernels args update to avoid unnecessary reboot
967542fcb [stable/queens] Disable default config-download method for PreNetworkConfig
8aa46b6c8 NFV: Support for config-download to deploy node with kernel args
75f604ed7 Remove the rokcy services from queens ComputeOvsDpdkSriov role
fce40e60a Move ipa enrollment to host_prep_tasks
a89cd6b19 Switch scenario00{1,4}-multinode-containers to Ceph bluestore
6297c1b2d [FFU] Ensure compatibility with ansible 2.6.
317c3ecea Don't look for primary_role ips in AllNodesValidationConfig
a9d10fdf7 minor update: move VIP before stopping pacemaker on a node
c49911a5b Upgrades: Ensure idempotency of pacemaker services
f10d3c3d5 certmonger: Don't restart haproxy on cert renewal
57e4ac345 Remove "when failed" from debug task names
0bb498182 Tag step plays
b87f6a257 Handle upper and lower case system uuids
be9e50c4e Add CertmongerUser role to OVB defaults
7794cc60c Adding support of glance cinder store settings
b6ebb07c7 Add missing RoleParameters and ServiceNames
a247fa3a7 Remove ties between ceilometer and panko
4c51665b3 Fix generation of configs that contain password files
49a87e0be mysql: sync credentials in running container on password change
b5f792f8f FFWD: Introduce workaround for neutron cisco plugin
c9b06deaa mysql: do not overwrite password file during docker-puppet
1cbc51af3 Remove console as opendaylight log mechanism
Diffstat (except docs and test files)
-------------------------------------
.gitreview | 2 +-
all-nodes-validation.yaml | 12 ++
.../multiple-nics-ipv6/nic-configs/compute.yaml | 5 +
.../multiple-nics-ipv6/nic-configs/controller.yaml | 5 +
.../network/multiple-nics/nic-configs/compute.yaml | 5 +
.../multiple-nics/nic-configs/controller.yaml | 5 +
.../network/public-bond/nic-configs/compute.yaml | 5 +
.../public-bond/nic-configs/controller.yaml | 5 +
ci/environments/ovb-ha.yaml | 2 +
.../scenario001-multinode-containers.yaml | 13 +-
.../scenario004-multinode-containers.yaml | 1 -
ci/environments/scenario010-standalone.yaml | 99 +++++++++++
common/deploy-steps-tasks.yaml | 150 ++++++++++++++---
common/deploy-steps.j2 | 23 ++-
.../{services.yaml => services/role.role.j2.yaml} | 17 +-
deployed-server/deployed-server-roles-data.yaml | 1 +
.../octavia/octavia-deployment-config.yaml | 10 +-
.../nova_cell_v2_discover_hosts.py | 55 ++++++
.../nova_wait_for_compute_service.py | 96 +++++++++++
environments/cavium-liquidio.yaml | 2 +-
environments/cinder-pure-config.yaml | 2 +
environments/config-download-environment.yaml | 4 +
environments/disable-panko.yaml | 11 ++
environments/hyperconverged-ceph.yaml | 1 +
environments/manila-cephfsganesha-config.yaml | 1 +
environments/manila-cephfsnative-config.yaml | 1 +
environments/metrics/collect-read-rabbitmq.yaml | 15 ++
.../collectd-standalone.yaml} | 0
environments/metrics/collectd-write-qdr.yaml | 28 ++++
environments/neutron-ml2-ovn-ha.yaml | 2 +-
environments/neutron-ovs-dpdk.yaml | 2 +-
environments/neutron-sriov.yaml | 2 +-
environments/ovs-hw-offload.yaml | 16 +-
.../neutron-opendaylight-dpdk.yaml | 4 +-
.../neutron-opendaylight-hw-offload.yaml | 2 +-
.../neutron-opendaylight-sriov.yaml | 2 +-
.../services-baremetal/neutron-opendaylight.yaml | 1 -
.../services-baremetal/neutron-ovs-dpdk.yaml | 2 +-
.../services-baremetal/neutron-ovs-hw-offload.yaml | 2 +-
environments/services-baremetal/neutron-sriov.yaml | 2 +-
environments/services-baremetal/octavia.yaml | 5 +-
.../services-docker/neutron-opendaylight.yaml | 1 -
environments/services-docker/neutron-ovn-ha.yaml | 2 +-
environments/services-docker/neutron-sriov.yaml | 5 +-
.../services/neutron-opendaylight-dpdk.yaml | 4 +-
.../services/neutron-opendaylight-hw-offload.yaml | 2 +-
.../services/neutron-opendaylight-sriov.yaml | 2 +-
environments/services/neutron-ovn-dvr-ha.yaml | 2 +-
environments/services/neutron-ovn-ha.yaml | 2 +-
environments/services/neutron-ovn-sriov.yaml | 17 ++
environments/services/neutron-ovs-dpdk.yaml | 2 +-
environments/services/neutron-ovs-hw-offload.yaml | 2 +-
environments/services/neutron-sriov.yaml | 2 +-
environments/services/octavia.yaml | 5 +-
...ternal-tls.yaml => enable-internal-tls.j2.yaml} | 5 +-
environments/ssl/tls-everywhere-endpoints-dns.yaml | 6 +-
environments/storage-environment.yaml | 2 +
environments/storage/external-ceph.yaml | 2 +-
environments/storage/nova-nfs.yaml | 4 +
environments/undercloud.yaml | 2 +
.../role.role.j2.yaml} | 29 +++-
.../rhel-registration/rhel-registration.yaml | 6 +
.../rhel-registration/scripts/rhel-registration | 13 +-
extraconfig/pre_network/boot-params-service.yaml | 102 ++++++++++++
...ible_host_config.yaml => boot_param_tasks.yaml} | 42 ++++-
extraconfig/pre_network/config_then_reboot.yaml | 7 +
.../pre_network/host_config_and_reboot.yaml | 30 +++-
extraconfig/services/ipaclient.yaml | 184 +++++++++++++++++++++
extraconfig/services/tmpwatch-install.yaml | 43 +++++
firstboot/os-net-config-mappings.yaml | 5 +-
firstboot/userdata_timesync.yaml | 97 +++++++++++
net-config-bond.j2.yaml | 8 +
net-config-static-bridge.j2.yaml | 6 +
net-config-static.j2.yaml | 6 +
net-config-undercloud.j2.yaml | 6 +
.../bond-with-vlans/controller-no-external.j2.yaml | 8 +
.../config/bond-with-vlans/controller-v6.j2.yaml | 6 +
network/config/bond-with-vlans/role.role.j2.yaml | 6 +
network/config/multiple-nics/compute-dvr.j2.yaml | 6 +
network/config/multiple-nics/controller-v6.j2.yaml | 6 +
network/config/multiple-nics/role.role.j2.yaml | 6 +
.../controller-v6.j2.yaml | 6 +
.../role.role.j2.yaml | 6 +
.../controller-no-external.j2.yaml | 6 +
.../config/single-nic-vlans/controller-v6.j2.yaml | 6 +
network/config/single-nic-vlans/role.role.j2.yaml | 6 +
network/scripts/run-os-net-config.sh | 10 +-
network/service_net_map.j2.yaml | 2 +
overcloud-resource-registry-puppet.j2.yaml | 20 ++-
overcloud.j2.yaml | 29 ++--
puppet/all-nodes-config.j2.yaml | 12 +-
puppet/extraconfig/pre_deploy/per_node.yaml | 16 +-
puppet/role.role.j2.yaml | 33 ++--
puppet/services/aodh-api.yaml | 9 +-
puppet/services/apache.j2.yaml | 13 +-
puppet/services/barbican-api.yaml | 7 +-
puppet/services/ceph-base.yaml | 21 ++-
puppet/services/ceph-external.yaml | 9 +-
puppet/services/ceph-mon.yaml | 8 +-
puppet/services/ceph-rgw.yaml | 7 +-
puppet/services/cinder-api.yaml | 23 ++-
puppet/services/cinder-backend-pure.yaml | 19 ++-
puppet/services/cinder-base.yaml | 8 +-
puppet/services/cinder-volume.yaml | 16 +-
puppet/services/congress.yaml | 7 +-
puppet/services/database/mongodb.yaml | 9 +-
puppet/services/database/mysql-client.yaml | 7 +-
puppet/services/database/mysql.yaml | 25 ++-
puppet/services/database/redis-base.yaml | 14 +-
puppet/services/docker-registry.yaml | 6 +-
puppet/services/ec2-api.yaml | 12 +-
puppet/services/etcd.yaml | 9 +-
puppet/services/glance-api.yaml | 21 ++-
puppet/services/gnocchi-api.yaml | 9 +-
puppet/services/gnocchi-base.yaml | 5 +
.../haproxy-internal-tls-certmonger.j2.yaml | 10 +-
puppet/services/haproxy-public-tls-certmonger.yaml | 2 +-
puppet/services/haproxy.yaml | 6 +
puppet/services/heat-api-cfn.yaml | 16 +-
puppet/services/heat-api.yaml | 16 +-
puppet/services/horizon.yaml | 13 +-
puppet/services/ironic-api.yaml | 16 +-
puppet/services/ironic-conductor.yaml | 30 +++-
puppet/services/ironic-inspector.yaml | 14 +-
puppet/services/kernel.yaml | 4 +
puppet/services/keystone.yaml | 16 +-
puppet/services/manila-api.yaml | 56 ++++++-
puppet/services/manila-backend-cephfs.yaml | 4 +
puppet/services/manila-scheduler.yaml | 21 +--
puppet/services/manila-share.yaml | 17 ++
puppet/services/memcached.yaml | 7 +-
puppet/services/metrics/collectd.yaml | 1 +
puppet/services/mistral-api.yaml | 14 +-
puppet/services/neutron-api.yaml | 24 ++-
puppet/services/neutron-base.yaml | 30 ----
puppet/services/neutron-dhcp.yaml | 15 ++
puppet/services/neutron-linuxbridge-agent.yaml | 7 +-
puppet/services/neutron-metadata.yaml | 1 -
puppet/services/neutron-ovs-agent.yaml | 16 +-
puppet/services/neutron-plugin-ml2-ovn.yaml | 7 +-
puppet/services/nova-api.yaml | 9 +-
puppet/services/nova-base.yaml | 13 +-
puppet/services/nova-compute.yaml | 71 +++++++-
puppet/services/nova-libvirt.yaml | 13 +-
puppet/services/nova-metadata.yaml | 12 +-
puppet/services/nova-migration-target.yaml | 24 ++-
puppet/services/nova-placement.yaml | 9 +-
puppet/services/nova-vnc-proxy.yaml | 15 +-
puppet/services/octavia-api.yaml | 41 ++---
puppet/services/octavia-base.yaml | 8 +-
puppet/services/opendaylight-api.yaml | 7 +-
puppet/services/opendaylight-ovs.yaml | 7 +-
puppet/services/openvswitch.yaml | 9 +
puppet/services/ovn-controller.yaml | 12 +-
puppet/services/ovn-dbs.yaml | 7 +-
puppet/services/pacemaker.yaml | 23 +++
puppet/services/pacemaker/database/mysql.yaml | 8 +-
puppet/services/pacemaker/database/redis.yaml | 6 +-
puppet/services/panko-api.yaml | 9 +-
puppet/services/qdr.yaml | 7 +-
puppet/services/rabbitmq.yaml | 16 +-
puppet/services/sahara-api.yaml | 9 +-
puppet/services/sshd.yaml | 19 ++-
puppet/services/swift-proxy.yaml | 14 +-
puppet/services/swift-storage.yaml | 7 +-
puppet/services/tacker.yaml | 7 +-
puppet/services/time/timezone.yaml | 13 ++
puppet/services/tripleo-firewall.yaml | 6 +
puppet/services/zaqar-api.yaml | 21 ++-
.../notes/OvsDisableEMC-ab29e5c08856d439.yaml | 3 +
...eph_volume_mode-parameter-5553a9b39718a749.yaml | 9 +
...nder-nfs-snapshot-support-16664aa46a67a5ad.yaml | 13 ++
...add-removal-policies-mode-6869362fbeed2cd2.yaml | 6 +
...n_and_no_ntp_to_ipaclient-048fdfccf0cb7835.yaml | 7 +
.../notes/bug-1823274-ca992c1055035c7b.yaml | 7 +
...-lower-and-tls-everywhere-1f2300f9a2ba4d98.yaml | 7 +
...-service-auth-url-octavia-90f19c835cb1cc0a.yaml | 4 +
...rver_certs_key_passphrase-229a677df1b7f6e0.yaml | 6 +
.../notes/hiera_net_ip_map-ff866b443a28bdc4.yaml | 9 +
.../notes/ipa-mkhomedir-c126291bcbdd0111.yaml | 5 +
.../notes/minor-update-env-20657417094d4aeb.yaml | 7 +
...enroll-to-host-prep-tasks-934c6e0a9f75f15b.yaml | 8 +
.../notes/neutron-placement-6ea6de89bd30b592.yaml | 8 +
...a-nfs-parms-role-specific-527915c6e99ceb89.yaml | 7 +
...va-rbd-pool-role-specific-010f6072d641d84f.yaml | 6 +
...va_add_nfs_vers_parameter-62b9e9d6150358d1.yaml | 8 +
...mpute_fix_log_permissions-e866f91848d647fb.yaml | 9 +
.../nova_compute_nofile-0427e49cc8ae70a6.yaml | 6 +
...ell_discovery_on_each_run-11dbb6096ebbf51b.yaml | 7 +
...run_chown_on_every_deploy-c366af9898ecaeed.yaml | 9 +
.../ovn_tunnel_encap_type-04df21d622874c27.yaml | 7 +
.../remove-cinder-api-v1-66a24998d7f8e985.yaml | 9 +
...-api-to-httpd-support-tls-9b995fe4113b2412.yaml | 5 +
.../notes/tag-common-tasks-4a78275787655fdd.yaml | 6 +
.../notes/tag-step-plays-b1b1ea7584f1665d.yaml | 5 +
...-pcmk-resource-by-default-ed54100721f55a30.yaml | 8 +
roles/BlockStorage.yaml | 1 +
roles/CephAll.yaml | 1 +
roles/CephFile.yaml | 1 +
roles/CephObject.yaml | 1 +
roles/CephStorage.yaml | 1 +
roles/Compute.yaml | 1 +
roles/ComputeAlt.yaml | 1 +
roles/ComputeDVR.yaml | 1 +
roles/ComputeHCI.yaml | 1 +
roles/ComputeHCIOvsDpdk.yaml | 61 +++++++
roles/ComputeInstanceHA.yaml | 1 +
roles/ComputeLiquidio.yaml | 1 +
roles/ComputeOvsDpdk.yaml | 2 +
roles/ComputeOvsDpdkRT.yaml | 2 +
roles/ComputeOvsDpdkSriov.yaml | 4 +-
roles/ComputeOvsDpdkSriovRT.yaml | 4 +-
roles/ComputeRealTime.yaml | 2 +
roles/ComputeSriov.yaml | 2 +
roles/ComputeSriovRT.yaml | 2 +
roles/Controller.yaml | 2 +
roles/ControllerAllNovaStandalone.yaml | 1 +
roles/ControllerNoCeph.yaml | 2 +
roles/ControllerNovaStandalone.yaml | 1 +
roles/ControllerOpenstack.yaml | 1 +
roles/ControllerStorageNfs.yaml | 2 +
roles/Database.yaml | 1 +
roles/HciCephAll.yaml | 1 +
roles/HciCephFile.yaml | 1 +
roles/HciCephMon.yaml | 1 +
roles/HciCephObject.yaml | 1 +
roles/IronicConductor.yaml | 1 +
roles/Messaging.yaml | 1 +
roles/Networker.yaml | 1 +
roles/Novacontrol.yaml | 1 +
roles/ObjectStorage.yaml | 1 +
roles/Telemetry.yaml | 1 +
roles/Undercloud.yaml | 1 +
roles_data.yaml | 6 +
roles_data_undercloud.yaml | 1 +
sample-env-generator/ssl.yaml | 13 +-
sample-env-generator/storage.yaml | 2 +
tools/check-up-to-date.sh | 2 +-
tools/process-templates.py | 7 +
tools/yaml-diff.py | 32 ++++
tools/yaml-validate.py | 22 ++-
validation-scripts/all-nodes.sh | 8 +-
zuul.d/layout.yaml | 7 -
337 files changed, 3059 insertions(+), 1009 deletions(-)
More information about the Release-announce
mailing list