[release-announce] tripleo-common 9.5.0 (rocky)

no-reply at openstack.org no-reply at openstack.org
Thu Mar 14 10:57:21 UTC 2019


We jubilantly announce the release of:

tripleo-common 9.5.0: A common library for TripleO workflows.

This release is part of the rocky stable release series.

The source is available from:

    http://git.openstack.org/cgit/openstack/tripleo-common

Download the package from:

    https://tarballs.openstack.org/tripleo-common/

Please report issues through launchpad:

    https://bugs.launchpad.net/tripleo-common

For more details, please see below.

9.5.0
^^^^^


New Features
************

* The "ironic-staging-drivers" are now installed in the ironic-
  conductor container so that these drivers can be used without
  rebuilding the container. The Ironic Staging Drivers (https
  ://ironic-staging-drivers.readthedocs.io/en/latest/) is used to hold
  out-of-tree Ironic drivers which doesn't have means to provide a 3rd
  Party CI at this point in time which is required by Ironic.

* Increase the size of the security hardened images to 40G. With the
  move to containers more disk space is needed and the disk layout has
  been modified. It needs a global size of 40G to work.


Upgrade Notes
*************

* Package octavia-amphora-image (RHEL) will no longer be installed
  by role octavia-undercloud, and it now installs image files in
  directory /usr/share/openstack-octavia-amphora-images/. Please
  ensure you have the latest package version installed in the
  undercloud node beforehand deploying or updating the overcloud.


Bug Fixes
*********

* Fixes bug 1793605 so when nodes are blacklisted, they are not
  included in the Overcloud config. A warning will show that the
  server_id that was ignored if the it can't be found in the stack.

* Node update now works correctly when capabilities are specified as
  a dict.

* The config_download_deploy workflow now has a
  config_download_timeout input that will honor the user requested
  timeout. Previously, no timeout was honored even though the user
  could request one via tripleoclient.

* The tripleo-bootstrap ansible role will no longer fail if yum
  fails to install the required packages. This fixed behavior aligns
  with previous requirements where enabled package repositories and a
  working package manager are not required on the initially deployed
  images. Errors are ignored on the package install task, and then a
  subsequent task will cause a failure indicating the required
  packages are not present.

* tripleo.access.v1.enable_ssh_admin now honors the server blacklist
  if one is set. Servers in the blacklist will not be used by the
  workflow.

* Previously, running ansible-playbook with --check would cause a
  failure during the individual server deployments when checking the
  result of a previous attempt.

* The tripleo.deployment.v1.get_deployment_status workflow will no
  longer error when requesting the deployment status for a non-
  existant plan. A message is sent in the output instead of failing
  the workflow.

* While we have a dedicated nova_metadata healthcheck script, the
  nova_metadata and nova_api container the same image and the current
  nova api healtcheck script still checks the non wsgi implementation.
  This changes the nova_api healthcheck script to check the metadata
  wsgi vhost config for details instead of the details in nova.conf.

* Add missing httpd and mod_ssl packages to octavia container image
  to support TLS proxy for internal TLS.

* The ServerAliveInterval and ServerAliveCountMax SSH options are
  now set in the mistral ansible action so that when networking
  configuration is performed on the overcloud nodes SSH will not drop
  the connection.

* Workaround bug 1810932 by scripting an in-place update of
  ssh_known_hosts

* A new workflow, config_download_export, for exporting the config-
  download files via a Swift tempurl is added so that the openstack
  overcloud config download tripleoclient command can use the API.


Other Notes
***********

* Individual server deployments that are of type group:hiera now
  support check mode, and when running under check mode, also support
  diff mode.

Changes in tripleo-common 9.4.0..9.5.0
--------------------------------------

70a5be49 Bump the Ceph container image to 3.2.1
5f2705f2 Publish a better failure message for Update Ansible
5d47b74d Publish error for package_update workflow
9b3e9b2c Check for physical_resource_id before getting deployments
5defaf30 Add AllNodesConfig to config-download group vars
d434b88d Enable Ansible error handling per role
985cb0ff Set heatclient exceptions to verbose
261de49f Run scenario009 on tripleo-deploy-openshift changes
0077402b Workaround ssh_known_hosts changes not being propagated to containers
c51cce0c Look for lower-case hostname when adding to ssh_known_hosts
0e1368bf Fail node cleaning on timeout
112cc3b5 Additional images for openshift services
6fc7e1bf Fix tags for openshift images
0af9f994 Fix AnsibleAction.run() when argument is not a dict
c42fb903 IPv6 healthcheck fixes for nova-vnc-proxy
15b70b09 Fix DeploymentStatusAction KeyError
f863f02b Move Octavia config opts to common config directory
56690bc3 Activate remaining set of healthchecks
d284d78b Add a way to update ContainerImagePrepare params
48ab9fa9 Option to upload Octavia amphora img in RAW format
b710e530 Fix environments sorting
244736fd Handle missing or bad dmidecode
8b40faa7 Fix skip of octavia-undercloud Ansible role
362ddf79 Add python-notario package to mistral-executor container
98011150 Increase ansible gather_timeout to 30secs for config-download
39ea2afb Switch scenarios to non-voting
5bc57959 Catch heat exceptions in DeployStackAction
a1a0bc46 Set DeployIdentifier on update/upgrade/ffwd prepare actions
58ff892e image_uploader: use /v2 suffix to validate SSL
74ee6747 Do not fail deploy for empty ceph ansible fetch directory
040849c6 Stop installing octavia-amphora-image package
027002bb Rename tripleo-ci-centos-7-scenario009-multinode-oooq (rocky)
7d609f11 Generating fencing for capitalized MACs
6341671c Bump the Ceph container image to 3.2.0
935bd8a0 Update swift_backup workflow success status message
b45a5cee Exit when container is missing or empty when downloading logs
d8f06646 Select message IDs properly when publishing to swift
b37abe26 Correct handling of capabilities on node update
8dd9125d Fix rotate_fernet_keys workflow to not use heat deployment
93668935 Don't resolve Heat stack output when unnecessary
0176878f Fix nova-api healthcheck
fa7bceb5 Omit grep process in nova_api healthcheck.
e71a6a9a Cache swift responses in process_environments_and_files
e9ce11d1 Install ironic-staging-drivers in ironic-conductor
f4e06c5d Fix config-download timeout
79c687cd Sync state if needed during retrieval
5e221edb Switch stable scenarios to voting
34b0d730 Delete old tarball from config container on download
c43e1b0d Don't reset parameter cache in a loop
181fb4a0 Add health checks for Swift services
03c67d9a Add health check script for Sahara API
9a57702d Run Mistral workflow to make temporary Swift URLs on upgrade
52628ffa Add container images for openshift 3.11
b49f0c54 Store prepare defaults in packaged yaml
f25a2f35 Add Ironic inspector health checks
a32cbdee Increase size for security hardened images
709bc35f write_config: force utf8
d213435a Run NetworkDeployment as async task
9ea9472b Skip deployments with no uuid
e8d9d162 Don't add tarball to config-download dir
eb2b7dc1 Change ceph-ansible fetch directory format on upgrade from Q to R
6c5f1c11 Set workflow status to success when manipulating deployment status
123616fe Fix nova-api healthcheck in case of nova metadata wsgi
e6d6efa3 Add wrapper for openshift-ansible docker command
5d84aeb5 Add openshift-ansible container image
99049c27 Fix temp file locking issues in tests
67bab168 Run prepare during package_update workflow
437ce769 Default the scale status to SUCCESS
e2c12d40 Add httpd and mod_ssl packages to octavia api image
30c7bfff Check mode support for hiera deployments
17a10d99 Honor blacklist with enable_ssh_admin
14c23619 Make ODL healthcheck IPv6 compatible
23235106 Do not include ceph-ansible in the container image.
d709699b Add on-error task to parse_node_data_lookup
8a0474e6 Revert "Add container runtime packages for cron image"
35112154 Fix check mode for server deployments
1ff57952 Tag openshift images for Infra service
933c620d Add container-registry image to openshift master role
417d5eab Switch to origin-docker-build
9c486dc9 Switch to openshift 3.10
f4f4c920 Add config_download_timeout input
40cd1d39 Increase upload concurrency
5a552022 Update swift_rings_backup workflow to also backup ceph fetch dir
2da9b4ab Don't fail tripleo-bootstrap on package installs
00e776de Handle non-existant plan when getting deployment status
f8fe46d7 Set prepare neutron_driver from NeutronMechanismDrivers
f86b2b4c config: ignore missing server_id from the stack
792bc26f Add workflow for config-download export
0b41bc23 Add override_ansible_cfg
b17791ae Set SSH server keep alive options
fc31a1c6 Add container runtime packages for cron image
ed76b768 Upgrade docker ceph container
15484a00 Fix validation runs in a containerized environment


Diffstat (except docs and test files)
-------------------------------------

.../container_image_prepare_defaults.yaml          |  75 ++++++
container-images/overcloud_containers.yaml         |  34 ++-
container-images/overcloud_containers.yaml.j2      | 130 ++++++++-
.../tripleo_kolla_template_overrides.j2            |  64 ++++-
healthcheck/common.sh                              |  11 +
healthcheck/ironic-inspector                       |  16 ++
healthcheck/nova-api                               |   8 +-
healthcheck/nova-vnc-proxy                         |   5 +
healthcheck/opendaylight-api                       |   5 +
...a-vnc-proxy-ipv6-handling-5d0625f1ab10d13f.yaml |   5 +
healthcheck/sahara-api                             |  12 +
healthcheck/swift-account-server                   |  38 ++-
healthcheck/swift-container-server                 |  38 ++-
healthcheck/swift-object-expirer                   |  12 +
healthcheck/swift-object-server                    |  47 +++-
healthcheck/swift-proxy                            |  37 ++-
healthcheck/swift-rsync                            |  14 +
image-yaml/overcloud-hardened-images-uefi.yaml     |   9 +-
image-yaml/overcloud-hardened-images.yaml          |   9 +-
image-yaml/overcloud-odl-rhel7.yaml                |   7 +-
playbooks/octavia-files.yaml                       |   3 +-
playbooks/roles/common/defaults/main.yml           |   1 +
.../roles/octavia-controller-config/tasks/main.yml |   2 +-
.../octavia-controller-config/tasks/octavia.yml    |  20 +-
.../templates/worker-post-deploy.conf.j2           |   4 -
.../roles/octavia-undercloud/tasks/image_mgmt.yml  |  31 ++-
playbooks/roles/octavia-undercloud/tasks/main.yml  |   7 +-
...ck-mode-support-for-hiera-f15fed971d4397f8.yaml |   4 +
...nd-ironic-staging-drivers-d278905bb1ec0683.yaml |   9 +
...acklisted_serverid_config-e079e64e8a04cdb4.yaml |   7 +
releasenotes/notes/caps-fix-f6f8817a48fa5c25.yaml  |   4 +
.../config-download-timeout-7296683716f78022.yaml  |   5 +
...tstrap-on-package-install-a00cd921b0af7168.yaml |   8 +
...ssh-admin-honor-blacklist-f1371554ab1b38f6.yaml |   4 +
...ck-mode-server-deployment-098bcae9e0227c57.yaml |   5 +
...ndle-no-deployment-status-a70a4b950171afbe.yaml |   5 +
...-security-hardened-images-3fc4df73a48d4a91.yaml |   7 +
...heck_metadata_wsgi_change-4a191009d7ef9963.yaml |   8 +
...avia-internal-tls-support-f595ed1c3a1f3353.yaml |   5 +
...server-keep-alive-options-071e1b3b570e78a7.yaml |   5 +
...via-amphora-image-install-5d26e3d37c7b508f.yaml |   8 +
..._known_host_atomic_update-481e0baf3b3d6342.yaml |   5 +
...ow-config-download-export-d22f3eb958b8c97a.yaml |   5 +
roles/tripleo-bootstrap/tasks/main.yml             |   7 +
roles/tripleo-ssh-known-hosts/tasks/main.yml       |  30 ++-
scripts/tripleo-deploy-openshift                   |  55 ++++
setup.cfg                                          |   3 +
sudoers                                            |   2 +-
tripleo_common/actions/__init__.py                 |   4 +
tripleo_common/actions/ansible.py                  |  28 +-
tripleo_common/actions/config.py                   |  18 +-
tripleo_common/actions/container_images.py         |  38 +++
tripleo_common/actions/deployment.py               | 101 ++++++-
tripleo_common/actions/files.py                    |   5 +-
tripleo_common/actions/package_update.py           |  14 +-
tripleo_common/actions/parameters.py               |   2 +-
tripleo_common/actions/plan.py                     |   3 +-
tripleo_common/actions/templates.py                |   7 +-
tripleo_common/actions/validations.py              |  11 +
tripleo_common/image/image_uploader.py             |   6 +-
tripleo_common/image/kolla_builder.py              |  81 +++---
tripleo_common/templates/deployments.yaml          | 152 ++++++++++-
tripleo_common/templates/group_var_role.j2         |   4 +
tripleo_common/utils/config.py                     |  79 +++++-
tripleo_common/utils/nodes.py                      |  19 +-
tripleo_common/utils/plan.py                       |  13 +-
workbooks/access.yaml                              |  28 +-
workbooks/baremetal.yaml                           |  10 +-
workbooks/ceph-ansible.yaml                        |   7 +
workbooks/container_images.yaml                    |  51 ++++
workbooks/deployment.yaml                          | 140 +++++++++-
workbooks/fernet-key-rotate.yaml                   |  13 +-
workbooks/octavia_post.yaml                        |   2 +
workbooks/package_update.yaml                      |  40 ++-
workbooks/plan_management.yaml                     |  87 ++++++-
workbooks/rename_ceph_ansible_fetch_directory.yaml | 105 ++++++++
workbooks/scale.yaml                               |   2 +-
.../{swift_rings_backup.yaml => swift_backup.yaml} |  48 ++--
workbooks/swift_ring_rebalance.yaml                |   8 +-
zuul.d/layout.yaml                                 |  26 +-
94 files changed, 2481 insertions(+), 358 deletions(-)







More information about the Release-announce mailing list