[release-announce] kolla-ansible 7.1.2 (rocky)

no-reply at openstack.org no-reply at openstack.org
Mon Sep 9 09:31:37 UTC 2019


We are amped to announce the release of:

kolla-ansible 7.1.2: Ansible Deployment of Kolla containers

This release is part of the rocky stable release series.

The source is available from:

    https://opendev.org/openstack/kolla-ansible

Download the package from:

    https://tarballs.openstack.org/kolla-ansible/

Please report issues through:

    https://bugs.launchpad.net/kolla-ansible/+bugs

For more details, please see below.

7.1.2
^^^^^


Upgrade Notes
*************

* The Keystone fernet key rotation scheduling algorithm has been
  modified to avoid issues with over-rotation of keys.

  The variables "fernet_token_expiry",
  "fernet_token_allow_expired_window" and
  "fernet_key_rotation_interval" may be set to configure the token
  expiry and key rotation schedule.

  By default, "fernet_token_expiry" is 86400,
  "fernet_token_allow_expired_window" is 172800, and
  "fernet_key_rotation_interval" is the sum of these two variables.
  This allows for the minimum number of active keys - 3.

  See bug 1809469 for details.


Bug Fixes
*********

* Adds system hostnames to "/etc/hosts", if different from short
  hostnames. This can fix live migration of Nova instances in some
  contexts. See bug 1830023 for details.


Other Notes
***********

* While Kolla Ansible now avoids duplicating Nova cells when
  messaging or database connection information are changed, operators
  of existing deployments should perform a manual cleanup of duplicate
  cells using the "nova-manage cell_v2" command from a container
  running the "nova_api" image, leaving only two cells, one named
  "cell0" and another one with the right connection information.

Changes in kolla-ansible 7.1.1..7.1.2
-------------------------------------

d48164e14 Use net_default_mac in ansible/roles/ironic/templates/ironic_pxe_uefi.default.j2
dfaeae010 Use secure websocket for nova serial console proxy when TLS enabled
49bf27042 Set my_ip in ironic.conf
725e189bf Moves monasca-thresh java.io.tmpdir to existing docker volume
c13b8e243 Removes monasca_grafana persistent volume
175c59f94 Add missing Octavia policy file to Horizon
9812eaff9 Add missing when condition for swift config files
ea457f72a Fix swift log level configuration
5e83ba5bb [gnocchi] Don't recursively modify file perms on start
a6f6960b0 Fix checking mongodb replication status
211b0b347 Add ceph-mds/rgw/nfs to gate
07082c508 repair ceph_nfs container start failed
783ae9336 Rocky-only: add rpcbind to CentOS as well
de34995bd Add 'allow *' to getting ceph mds keyring
93df0e86d ceph: fixes to deployment and upgrade
4ab7e4c1f ceph-nfs: Add rpcbind to Ubuntu host bootstrap
19a1a3867 Ensure keystone endpoint is updatable
1c877ce3c Fix ironic inspector iPXE boot with UEFI
cf2e4d726 Add kolla-ansible to zuul job dependencies
2b039bddf Test minimum supported and latest versions of Ansible
69f77205b Let wsgi-gnocchi set use python3 on Ubuntu binary
e006828ad Add Region and Multiples into default globals.yml
441c5a03f During deploy, always sync DB
f2fe9077a Language tweaks in multi-region docs for clarity
099417d8a Don't rotate keystone fernet keys during deploy
1899feac9 Wait for all compute services before cell discovery
25bf57fb5 Fixes for MariaDB bootstrap and recovery
8de5bf3db Specify endpoint when creating monasca user
cf3d42d46 CI: set the same gate queue for kolla and kolla-ansible
1d22714cf (Rocky and Queens only) CI: Fix ceph jobs for kolla
5ed551c1f Enable deflate when using tls for horizon
d8c6e5466 Avoid parallel discover_hosts (nova-related race condition)
924226df1 Remove zuul-cloner usage
e4b550e53 Restart all nova services after upgrade
1234ec189 Remove obsolete roles middleware
1874e48fa Update service_provider for FWaaS v2
ff32b0e63 Fix mongo command for supporting other port
f89f6f0ad Fix mongo command for checking replication status
0bed6dd4b Fix issue finding custom, host specific plugins
05412a1d1 Add blazar to fluentd aggregation
3da9bf3d3 [heat] Multi-region support for bootstrap
9107fe049 Fix Blazar Nova aggregate in multi-region setup
a3a9720d7 Hide logs when looping over passwords
0c5896c99 Support multi-region discovery of Nova cells
d54c41335 Fix monasca grafana organisation check
625cf9f9e Fixes VMTP deploys.
795c9dde8 Elevate privileges for copying gnocchi policy.json
4e95bd8f3 Add ansible_nodename (system hostname) to /etc/hosts
d66e95d1d Fix keystone fernet key rotation scheduling
c3e5ab0dc Add unit test for keystone fernet cron generator
868b64b23 Configure coordination in default for cinder when redis is enabled
3458a7b28 Stop duplicating Nova cells
f956996b6 Fix action_plugins python3 compatibility


Diffstat (except docs and test files)
-------------------------------------

ansible/action_plugins/merge_configs.py            |   2 +-
ansible/action_plugins/merge_yaml.py               |   2 +-
ansible/group_vars/all.yml                         |   9 +
ansible/library/kolla_ceph_keyring.py              |  11 +-
ansible/roles/aodh/tasks/bootstrap.yml             |   2 -
ansible/roles/barbican/tasks/bootstrap.yml         |   2 -
ansible/roles/baremetal/defaults/main.yml          |  11 +-
ansible/roles/baremetal/tasks/install.yml          |  14 +-
ansible/roles/baremetal/tasks/pre-install.yml      |   3 +-
ansible/roles/blazar/tasks/bootstrap.yml           |   3 +-
ansible/roles/ceph/defaults/main.yml               |   4 +-
ansible/roles/ceph/tasks/config.yml                |  13 ++
ansible/roles/ceph/tasks/deploy.yml                |  33 ++--
ansible/roles/ceph/tasks/distribute_keyrings.yml   |  13 ++
ansible/roles/ceph/tasks/start_nfss.yml            |   1 -
ansible/roles/ceph/tasks/upgrade.yml               |  35 +---
ansible/roles/ceph/templates/ceph-nfs.json.j2      |   2 +-
ansible/roles/ceph/templates/ganesha.conf.j2       |  12 +-
ansible/roles/cinder/tasks/bootstrap.yml           |   2 -
ansible/roles/cinder/templates/cinder.conf.j2      |   8 +
ansible/roles/cloudkitty/tasks/bootstrap.yml       |   2 -
.../common/templates/conf/input/00-global.conf.j2  |   1 +
ansible/roles/congress/tasks/bootstrap.yml         |   2 -
ansible/roles/designate/tasks/bootstrap.yml        |   2 -
ansible/roles/glance/tasks/bootstrap.yml           |   2 -
ansible/roles/gnocchi/tasks/bootstrap.yml          |   2 -
ansible/roles/gnocchi/tasks/config.yml             |   1 +
.../roles/gnocchi/templates/gnocchi-api.json.j2    |   3 +-
.../gnocchi/templates/gnocchi-metricd.json.j2      |   3 +-
.../roles/gnocchi/templates/gnocchi-statsd.json.j2 |   3 +-
.../roles/gnocchi/templates/wsgi-gnocchi.conf.j2   |   6 +-
ansible/roles/heat/tasks/bootstrap.yml             |   2 -
ansible/roles/heat/tasks/bootstrap_service.yml     |   1 +
ansible/roles/horizon/tasks/bootstrap.yml          |   2 -
ansible/roles/horizon/tasks/config.yml             |   1 +
ansible/roles/horizon/templates/horizon.conf.j2    |  10 +-
ansible/roles/ironic/tasks/bootstrap.yml           |   4 +-
ansible/roles/ironic/templates/inspector.ipxe.j2   |   2 +-
ansible/roles/ironic/templates/ironic.conf.j2      |   2 +
.../ironic/templates/ironic_pxe_uefi.default.j2    |   2 +-
ansible/roles/karbor/tasks/bootstrap.yml           |   2 -
.../keystone/files/fernet_rotate_cron_generator.py |  83 +++++----
ansible/roles/keystone/tasks/bootstrap.yml         |   2 -
ansible/roles/keystone/tasks/config.yml            |   8 +-
ansible/roles/keystone/tasks/init_fernet.yml       |   2 +-
ansible/roles/keystone/tasks/register.yml          |  21 +++
ansible/roles/keystone/templates/fernet-push.sh.j2 |   7 +
.../roles/keystone/templates/fernet-rotate.sh.j2   |   6 +-
.../keystone/templates/keystone-fernet.json.j2     |   6 +
ansible/roles/keystone/templates/keystone.conf.j2  |  12 +-
ansible/roles/magnum/tasks/bootstrap.yml           |   2 -
ansible/roles/manila/tasks/bootstrap.yml           |   2 -
ansible/roles/mariadb/handlers/main.yml            |  22 +++
ansible/roles/mariadb/tasks/recover_cluster.yml    |  35 +++-
ansible/roles/mistral/tasks/bootstrap.yml          |   2 -
ansible/roles/monasca/defaults/main.yml            |   1 -
ansible/roles/monasca/tasks/bootstrap.yml          |   3 -
ansible/roles/monasca/tasks/config.yml             |   1 -
ansible/roles/monasca/tasks/post_config.yml        |   2 +-
ansible/roles/monasca/tasks/register.yml           |   1 +
.../templates/monasca-log-api/log-api-paste.ini.j2 |   4 +-
.../monasca-thresh/monasca-thresh.json.j2          |   2 +-
ansible/roles/mongodb/handlers/main.yml            |   6 +-
ansible/roles/mongodb/tasks/bootstrap_cluster.yml  |   2 +-
ansible/roles/murano/tasks/bootstrap.yml           |   2 -
ansible/roles/neutron/tasks/bootstrap.yml          |   2 -
.../roles/neutron/templates/fwaas_driver.ini.j2    |   4 +
ansible/roles/nova/defaults/main.yml               |   9 +
ansible/roles/nova/handlers/main.yml               |  52 ++++++
ansible/roles/nova/tasks/bootstrap.yml             |   5 +-
ansible/roles/nova/tasks/create_cells.yml          |  77 ++++++++
ansible/roles/nova/tasks/discover_computes.yml     |  53 +++++-
ansible/roles/nova/tasks/reload.yml                |  40 -----
ansible/roles/nova/tasks/upgrade.yml               |   2 -
ansible/roles/nova/templates/nova.conf.j2          |   7 +-
ansible/roles/octavia/tasks/bootstrap.yml          |   2 -
ansible/roles/panko/tasks/bootstrap.yml            |   4 -
ansible/roles/rally/tasks/bootstrap.yml            |   2 -
ansible/roles/sahara/tasks/bootstrap.yml           |   2 -
ansible/roles/senlin/tasks/bootstrap.yml           |   2 -
ansible/roles/solum/tasks/bootstrap.yml            |   2 -
ansible/roles/swift/defaults/main.yml              |   2 +-
ansible/roles/swift/tasks/config.yml               |   7 +
ansible/roles/tacker/tasks/bootstrap.yml           |   2 -
ansible/roles/trove/tasks/bootstrap.yml            |   2 -
ansible/roles/vitrage/tasks/bootstrap.yml          |   2 -
ansible/roles/vmtp/tasks/config.yml                |   2 +-
ansible/roles/watcher/tasks/bootstrap.yml          |   2 -
ansible/roles/zun/tasks/bootstrap.yml              |   2 -
etc/kolla/globals.yml                              |   9 +
...add-nodename-to-etc-hosts-6360acc642ee3d49.yaml |   7 +
.../fernet-key-rotation-8d40041d7d783dc7.yaml      |  16 ++
...op-duplicating-nova-cells-670211557fe2cda3.yaml |   9 +
tools/setup_gate.sh                                |  25 +--
zuul.d/base.yaml                                   |   1 +
zuul.d/project.yaml                                |   1 +
104 files changed, 861 insertions(+), 305 deletions(-)







More information about the Release-announce mailing list