[release-announce] kolla-ansible 8.1.1 (stein)
no-reply at openstack.org
no-reply at openstack.org
Tue May 5 09:14:13 UTC 2020
We are thrilled to announce the release of:
kolla-ansible 8.1.1: Ansible Deployment of Kolla containers
This release is part of the stein stable release series.
The source is available from:
https://opendev.org/openstack/kolla-ansible
Download the package from:
https://tarballs.openstack.org/kolla-ansible/
Please report issues through:
https://bugs.launchpad.net/kolla-ansible/+bugs
For more details, please see below.
8.1.1
^^^^^
Upgrade Notes
*************
* The octavia user is no longer given the admin role in the admin
project. Octavia does not require this role and instead uses octavia
user with admin role in service project. During an upgrade the
octavia user is removed from the admin project. See bug 1873176 for
details.
Bug Fixes
*********
* Adds necessary "region_name" to "octavia.conf" when
"enable_barbican" is set to "true". LP#1867926
* Adds "/etc/timezone" to "Debian/Ubuntu" containers. LP#1821592
* Fixes an issue with Nova live migration not using
"migration_interface_address" even when TLS was not used. When
migrating an instance to a newly added compute host, if addressing
depended on "/etc/hosts" and it had not been updated on the source
compute host to include the new compute host, live migration would
fail. This did not affect DNS-based name resolution. Analogically,
Nova live migration would fail if the address in DNS/"/etc/hosts"
was not the same as "migration_interface_address" due to user
customization. LP#1729566
* Fix qemu loading of ceph.conf (permission error). LP#1861513
* Remove /run bind mounts in Neutron services causing dbus host-
level errors and add /run/netns for neutron-dhcp-agent and
neutron-l3-agent. LP#1861792
* Fixes an issue where old fluentd configuration files would persist
in the container across restarts despite being removed from the
"node_custom_config" directory. LP#1862211
* Use more permissive regex to remove the offending 127.0.1.1 line
from /etc/hosts. LP#1862739
* Each Prometheus mysqld exporter points now to its local mysqld
instance (MariaDB) instead of VIP address. LP#1863041
* Cinder Backup has now access to kernel modules to load e.g.
iscsi_tcp module. LP#1863094
* Makes RabbitMQ hostname address resolution precheck stronger by
requiring uniqueness of resolution to avoid later issues. LP#1863363
* Fixes haproxy role to avoid restarting haproxy service multiple
times in a single Ansible run. LP#1864810 LP#1875228
* Fixes failure to deploy telegraf with monitoring of zookeeper due
to wrong variable being referenced. LP#1867179
* Fixes "ceph" deployment reconfiguration error, when Gathering OSDs
step would fail due to Kolla-Ansible user not having access to
"/var/lib/ceph/osd/_FSID_/whoami". LP#1867946
* Fixes "designate-worker" not to use "etcd" as its coordination
backend because it is not supported by Designate (no group
membership support available via tooz). LP#1872205
* Fixes source-IP-based load balancing for Horizon when using the
"split" HAProxy service template.
* Fixes issue where HAProxy would have no backend servers in its
config files when using the "split" config template style.
* Manage nova scheduler workers through "openstack_service_workers"
variable. LP#1873753
* Remove the meta field of the Swift rings from the default
rsync_module template. Having it by default, undocumented, can lead
to unexpected behavior when the Swift documentation states that this
field is not processed.
* Fixes an issue with HAProxy prechecks when scaling out using "--
limit" or "--serial". LP#1868986.
* Fixes an issue with the HAProxy monitor VIP precheck when some
instances of HAProxy are running and others are not. See bug
1866617.
* Fixes gnocchi-api script name for Ubuntu/Debian binary
deployments. LP#1861688
* Fixes an issue with port prechecks for the Placement service. See
bug 1861189 for details.
* Removes the "[http]/max-row-limit = 10000" setting from the
default InfluxDB configuration, which resulted in the CloudKitty v1
API returning only 10000 dataframes when using InfluxDB as a storage
backend. See bug 1862358 for details.
* Skydive's API and the web UI now rely on Keystone for
authentication. Only users in the Keystone project defined by
skydive_admin_tenant_name will be able to authenticate. See
*LP#1870903 <https://launchpad.net/bugs/1870903>* for more details.
* Switch endpoint_type from public to internal for octavia
communicating with the barbican service. See bug 1875618 for
details.
Changes in kolla-ansible 8.1.0..8.1.1
-------------------------------------
a5975ebe2 Make sure octavia uses internal endpoint to barbican
72cd552d7 Remove redundant listen on haproxy handler
4b70bb52e Manage nova scheduler workers count
5f563ed49 Fix haproxy restarting twice per Ansible run
967b3be71 [octavia] Adds region_name if enable_barbican
ca39a9c27 Avoid multiple haproxy restarts after reconfiguration
4df065224 Remove octavia user from admin project
66a2f4935 Fix Designate not to use etcd coordination backend
85c178fc1 Be less confusing about custom Docker registry
0f99f5aa0 Fix telegraf with zookeeper (wrong port variable reference)
d576249f3 Introduce /etc/timezone to Debian/Ubuntu containers
06db02b4b CI: Fix Ironic and Zun scenarios testing
31f09efd1 [skydive] fix: Use Keystone backend to authenticate API users
6450daba0 [horizon] Move 'balance' HAProxy keyword
9f944d4bd [haproxy-config] Fix missing servers in split cfg
4f4c005fa Fix kolla_source_version value
f174ec063 Fix live migration to use migration int. address
aa7b6c355 CI: Use upper constraints to install clients
5da311c69 Fix ovs fw driver for the other ovs agent
2e514a8cf Fix HAProxy prechecks during scale-out with limit
2b04e7111 mariadb container name variable
d4eedf4f9 ceph: Add become to gathering OSD IDs on reconfigure
89e875fb6 Ironic: fix documentation
47915af85 CI: install tox
06fbffe44 Combined fluentd fixes
3eb908272 Fix native openvswitch firewall driver in neutron-openvswitch-agent
79b4d9ede Swift: remove meta field from rsync command
426b7f4b2 Fix HAProxy monitor VIP precheck
6c91da630 Fix renos
ccbba57df Fix Prometheus mysqld exporter pointing to VIP address
3003cb4a1 Fix RabbitMQ hostname address resolution precheck
07c0b83bb CI: Pin pyfakefs to <4 for Python 2
55a346993 Fixes gnocchi-api script name for Ubuntu/Debian
623eb220a Use listen port for Placement precheck
b47bd864e Use InfluxDB default [http]/max-row-limit setting
710af675d Add /run/netns bindmount to Neutron containers
ac158d19f Use more permissive regex to remove the offending 127.0.1.1
8be74eb8c Change /run bind mount for neutron/openvswitch
52302eb53 Fix Cinder Backup access to kernel modules (iscsi_tcp issue)
41f937b5d Haproxy: fix haproxy_cmd for Debian
6c950d842 Fix qemu loading of ceph.conf (permission error)
Diffstat (except docs and test files)
-------------------------------------
ansible/group_vars/all.yml | 6 +-
ansible/roles/aodh/defaults/main.yml | 4 +
ansible/roles/barbican/defaults/main.yml | 3 +
ansible/roles/baremetal/tasks/pre-install.yml | 12 +-
ansible/roles/blazar/defaults/main.yml | 2 +
ansible/roles/ceilometer/defaults/main.yml | 4 +
ansible/roles/ceph/tasks/reconfigure.yml | 1 +
ansible/roles/chrony/defaults/main.yml | 1 +
ansible/roles/cinder/defaults/main.yml | 5 +
ansible/roles/cloudkitty/defaults/main.yml | 2 +
ansible/roles/collectd/defaults/main.yml | 1 +
ansible/roles/common/defaults/main.yml | 3 +
ansible/roles/common/templates/fluentd.json.j2 | 32 +++-
ansible/roles/congress/defaults/main.yml | 3 +
ansible/roles/cyborg/defaults/main.yml | 3 +
ansible/roles/designate/defaults/main.yml | 7 +
.../roles/designate/templates/designate.conf.j2 | 10 +-
ansible/roles/elasticsearch/defaults/main.yml | 1 +
ansible/roles/etcd/defaults/main.yml | 1 +
ansible/roles/freezer/defaults/main.yml | 2 +
ansible/roles/glance/defaults/main.yml | 1 +
ansible/roles/gnocchi/defaults/main.yml | 3 +
.../roles/gnocchi/templates/wsgi-gnocchi.conf.j2 | 4 -
ansible/roles/grafana/defaults/main.yml | 1 +
ansible/roles/haproxy-config/handlers/main.yml | 17 --
.../templates/haproxy_single_service_split.cfg.j2 | 2 +-
ansible/roles/haproxy/defaults/main.yml | 2 +
ansible/roles/haproxy/tasks/deploy.yml | 6 +-
ansible/roles/haproxy/tasks/precheck.yml | 196 ++++++++-------------
ansible/roles/haproxy/tasks/upgrade.yml | 13 +-
ansible/roles/haproxy/templates/haproxy_run.sh.j2 | 2 +-
ansible/roles/heat/defaults/main.yml | 3 +
ansible/roles/horizon/defaults/main.yml | 5 +-
ansible/roles/influxdb/defaults/main.yml | 1 +
ansible/roles/influxdb/templates/influxdb.conf.j2 | 1 -
ansible/roles/ironic/defaults/main.yml | 6 +
ansible/roles/iscsi/defaults/main.yml | 2 +
ansible/roles/kafka/defaults/main.yml | 1 +
ansible/roles/karbor/defaults/main.yml | 3 +
ansible/roles/keystone/defaults/main.yml | 3 +
ansible/roles/kibana/defaults/main.yml | 1 +
ansible/roles/kuryr/defaults/main.yml | 1 +
ansible/roles/magnum/defaults/main.yml | 2 +
ansible/roles/manila/defaults/main.yml | 4 +
ansible/roles/mariadb/defaults/main.yml | 1 +
ansible/roles/mariadb/tasks/check.yml | 2 +-
ansible/roles/mariadb/tasks/recover_cluster.yml | 2 +-
ansible/roles/memcached/defaults/main.yml | 1 +
ansible/roles/mistral/defaults/main.yml | 4 +
ansible/roles/monasca/defaults/main.yml | 12 ++
ansible/roles/mongodb/defaults/main.yml | 1 +
ansible/roles/multipathd/defaults/main.yml | 1 +
ansible/roles/murano/defaults/main.yml | 2 +
ansible/roles/neutron/defaults/main.yml | 29 +--
ansible/roles/nova/defaults/main.yml | 11 ++
ansible/roles/nova/templates/nova-libvirt.json.j2 | 2 +-
.../nova/templates/nova.conf.d/libvirt.conf.j2 | 1 +
ansible/roles/nova/templates/nova.conf.j2 | 1 +
ansible/roles/octavia/defaults/main.yml | 4 +
ansible/roles/octavia/tasks/register.yml | 12 --
ansible/roles/octavia/tasks/upgrade.yml | 14 ++
ansible/roles/octavia/templates/octavia.conf.j2 | 4 +
ansible/roles/opendaylight/defaults/main.yml | 1 +
ansible/roles/openvswitch/defaults/main.yml | 6 +-
ansible/roles/ovs-dpdk/defaults/main.yml | 6 +-
ansible/roles/panko/defaults/main.yml | 1 +
ansible/roles/placement/defaults/main.yml | 1 +
ansible/roles/placement/tasks/precheck.yml | 2 +-
ansible/roles/prechecks/tasks/datetime_checks.yml | 26 +++
ansible/roles/prechecks/tasks/main.yml | 2 +
ansible/roles/prometheus/defaults/main.yml | 9 +
ansible/roles/prometheus/templates/my.cnf.j2 | 4 +-
ansible/roles/qdrouterd/defaults/main.yml | 1 +
ansible/roles/rabbitmq/defaults/main.yml | 1 +
ansible/roles/rabbitmq/tasks/precheck.yml | 20 ++-
ansible/roles/rally/defaults/main.yml | 1 +
ansible/roles/redis/defaults/main.yml | 2 +
ansible/roles/sahara/defaults/main.yml | 2 +
ansible/roles/searchlight/defaults/main.yml | 2 +
ansible/roles/senlin/defaults/main.yml | 2 +
ansible/roles/skydive/defaults/main.yml | 3 +
.../skydive/templates/skydive-analyzer.conf.j2 | 9 +-
ansible/roles/solum/defaults/main.yml | 4 +
ansible/roles/storm/defaults/main.yml | 2 +
ansible/roles/swift/templates/account.conf.j2 | 2 +-
ansible/roles/swift/templates/container.conf.j2 | 2 +-
ansible/roles/swift/templates/object.conf.j2 | 2 +-
ansible/roles/tacker/defaults/main.yml | 2 +
ansible/roles/telegraf/defaults/main.yml | 1 +
ansible/roles/telegraf/templates/telegraf.conf.j2 | 2 +-
ansible/roles/tempest/defaults/main.yml | 1 +
ansible/roles/trove/defaults/main.yml | 3 +
ansible/roles/vitrage/defaults/main.yml | 4 +
ansible/roles/vmtp/defaults/main.yml | 1 +
ansible/roles/watcher/defaults/main.yml | 3 +
ansible/roles/zookeeper/defaults/main.yml | 1 +
ansible/roles/zun/defaults/main.yml | 3 +
.../reference/networking/designate-guide.rst | 9 +-
etc/kolla/globals.yml | 19 +-
...d-region-name-for-octavia-292594e29ef36bf2.yaml | 6 +
.../notes/adds-etc-timezone-9708f538c3c2cb5e.yaml | 5 +
.../notes/bug-1729566-8b77402fd8236962.yaml | 13 ++
.../notes/bug-1861513-8e09a6fb42dfc99c.yaml | 5 +
.../notes/bug-1861792-a44a31693b0c786f.yaml | 6 +
.../notes/bug-1862211-1c44c4a16963baad.yaml | 7 +
.../notes/bug-1862739-05246e7599375800.yaml | 7 +
.../notes/bug-1863041-30d87a768339251b.yaml | 6 +
.../notes/bug-1863094-1564f489a7eecb28.yaml | 6 +
.../notes/bug-1863363-eb5d0ddd0d0d1090.yaml | 6 +
.../notes/bug-1864810-5a5d0f91c0171b19.yaml | 7 +
.../notes/bug-1867179-9e31460ba53757d4.yaml | 6 +
.../notes/bug-1867946-53c214be2b2482f1.yaml | 7 +
.../notes/bug-1872205-2eb7e57e0a334fb7.yaml | 7 +
.../notes/bug-1872540-0e9bed299f657b25.yaml | 5 +
.../notes/bug-1872545-52f00bd340a800c2.yaml | 5 +
.../notes/bug-1873753-73fe82e70559f928.yaml | 5 +
...aut-rsync-module-template-7c891efbe79a96a9.yaml | 7 +
...ix-haproxy-limit-precheck-c56b3ac2331867ee.yaml | 6 +
...-haproxy-monitor-precheck-487b85f4e93313b1.yaml | 6 +
...fixes-gnocchi-script-name-e4715e3b9fc5b021.yaml | 5 +
.../placement-listen-port-ebbd6aa61aa551da.yaml | 5 +
...hen-alertmanager-disabled-0090c1570ff4e632.yaml | 8 +-
...ve-influxdb-max-row-limit-f814a310aa6bf6ab.yaml | 8 +
...r-in-admin-project-action-95c87ca45a1188d6.yaml | 9 +
.../skydive-keystone-auth-0fe96463b27dd914.yaml | 6 +
...t-for-barbican-in-octavia-0bcdcf91a8adc95c.yaml | 7 +
tools/setup_gate.sh | 13 +-
130 files changed, 612 insertions(+), 259 deletions(-)
More information about the Release-announce
mailing list