[release-announce] tripleo-heat-templates 12.4.1 (ussuri)
no-reply at openstack.org
no-reply at openstack.org
Mon Oct 5 17:23:10 UTC 2020
We jubilantly announce the release of:
tripleo-heat-templates 12.4.1: Heat templates for deploying OpenStack
with OpenStack.
This release is part of the ussuri stable release series.
The source is available from:
https://opendev.org/openstack/tripleo-heat-templates
Download the package from:
https://tarballs.openstack.org/tripleo-heat-templates/
Please report issues through:
https://bugs.launchpad.net/tripleo/+bugs
For more details, please see below.
12.4.1
^^^^^^
New Features
************
* Adds a new ContainerNovaLibvirtPidsLimit parameter in order to set
the PIDs limit for nova_libvirt container. Defaults to 65536, set to
0 for unlimited.
* The following parameters were added to support configuration of
gnocchi nfs backend.
* GnocchiNfsEnabled
* GnocchiNfsShare
* GnocchiNfsOptions
* Add the NovaImageCacheTTL to the nova compute service. This
exposes the remove_unused_original_minimum_age_seconds from
nova.conf which controls the time (in seconds) that nova compute
should continue caching an image once it is no longer used by and
instances on the host. Defaults to 86400 (24hrs)
* When SwiftRawDisks is set, try to mount the disks using uuids
instead of paths. This makes mounts more stable, eg. if a kernel
gets updates and device orders are changed.
* A new Heat parameter 'ZaqarWsTimeout' exposes the Puppet variable
'tripleo::haproxy::zaqar_ws_timeout_tunnel'. This allows operators
to configure the Mistral API timeout. It currently defaults to four
hours.
Upgrade Notes
*************
* The CIDR for the StorageNFS network in the sample
network_data_ganesha.yaml file has been modified to provide more
usable IPs for the corresponding Neutron overcloud StorageNFS
provider network. Since the CIDR of an existing network cannot be
modified, deployments with existing StorageNFS networks should be
sure to customize the StorageNFS network definition to use the same
CIDR as that in their existing deployment in order to avoid a heat
resource failure when updating or upgrading the overcloud.
Deprecation Notes
*****************
* As the fast forward upgrade workflow to skip multiple releases now
relies on the very same upgrade_tasks, there is no need to mantain
the fast_forward_upgrade_tasks, as well as any of its references.
Bug Fixes
*********
* Ansible GroupVars incorrectly keept a single subnet prefix per-
network. This caused a problem when multiple subnets using different
subnet prefixes where defined. Resulting in the wrong subnet prefix
being referenced in the NetworkConfig for roles.
AnsibleHostVars stores networks subnet prefixes instead. See bug:
1895899 (https://bugs.launchpad.net/tripleo/+bug/1895899).
* Fixed issue in the sample network_data_ganesha.yaml file where the
IPv4 allocation range for the StorageNFS network occupies almost the
whole of its CIDR. If network_data_ganesha.yaml is used without
modification in a customer deployment then there are too few IPs
left over in its CIDR for use by the corresponding overcloud Neutron
StorageNFS provider network for its overcloud DHCP service. (See
bug: #1889682 (https://bugs.launchpad.net/tripleo/+bug/1889682))
* Fix Swift ring synchronization to ensure every node on the
overcloud has the same copy to start with. This is especially
required when replacing nodes or using manually modifed rings.
Changes in tripleo-heat-templates 12.4.0..12.4.1
------------------------------------------------
b2b553f4f Implement a Minimal role
1f5218100 Default cinder_volume_node_names to []
cd0448f01 Force container fetch
164a28d5d Adapt container health check for built-in podman health checks
9b6b665bd Assume Grafana and Ceph Dashboard to be on the storage or ctlplane nets
95e8fbd49 Set NeutronEnableDVR to False for OVN-HA
94a301c01 Create container-puppet-tasks files per step in check mode
7bfe3701a Gather more extra stats with the collectd virt plugin
af26d0ff3 Configure rsyncd without pid file for Swift
1e4ce7537 Allow optional volumes for nova_libvirt container
fdb9a3954 enable-ssh-admin: allow to override plan name
b09c769a7 Clear cached facts based on the tag as well
3752f15cd Get the CIDR of the neutron port for NetworkConfig
92b7d4950 Use UUID for mounted SwiftRawDisks
011a2d867 Add dashboard_tls_external ceph-ansible parameter
47d18baf3 Revert "Disable Designate service for scenario 03"
0f0e7fa11 Remove race during mysql database creation
ca8d98cf3 Complete missing description
76b5ae081 Memcached collectd plugin uses host URI instead of IP address.
0ad235806 pcs commands on host: rabbitmq
0eb998930 pcs commands on host: redis bundle
ec70716ad pcs commands on host: ovn dbs
4f56371f9 pcs commands on host: cinder backup/volume
06209fa28 pcs commands on host: manila-share
be1fee4af pcs commands on host: mysql
3f8c22b56 pcs commands on host: haproxy bundle
3a803c618 Mount libpod container volume into collectd container
aeeacb507 Bind mount /var/lib/container-config-scripts inside the restart bundles
1cde17b81 Make sure IPA has the right ACI
c4ce02707 Add parameter and CI config to enable Ceph OTW encryption
b42881eae Add the NovaImageCacheTTL to the nova compute service
8d3a89dbf Fix Swift ring file synchronization issue
451c83f1b Fix nCipher (aka thales) ansible role name
9471eb030 DCN: use FQDN in glance endpoint with internal TLS
ee90c5d60 Remove Etcd from DCN roles that don't need it
2406ffc4c Use container_file_t for Cinder*NfsMountOptions by default
6efb29dcc Use appropriate allocation pools for StorageNFS
472deb921 Remove remaining Skydive references
4907bf8fb Default to storage_dashboard, when set, for the CephDashboard service
daff4688f Set a higher PIDs limit for nova_libvirt container
991395882 Re-enable driver agent for scenario 10
eddbc4b2c Avoid failing on deleted file
cc17467c5 minor update: only migrate HA VIP away when needed
3e7c6b9a3 Use tripleo_network_config
05470b62e Create container config scripts with a new module
b54a4be78 Create Container configs with a new module
10be0c53b Modify how libvirt related containers use SELinux
bc8e2f9b9 [FFWD Ceph] Fix ceph post_upgrade_tasks for osd options
91c17d54e Fix endpoint map tls - zaqar wss port
3ce68de0f Fix up ovn-dbs update tasks
7dcd5eb87 Add new Luna HSM parameter for Barbican
9ee9b945f Fix pcs restart in composable HA
701841df5 Do not hard-code vars_from
2c1db9ed0 Update, avoid task skipping by directly importing step file.
aaad2cd70 undercloud_upgrade: tear-down keepalived
838741633 pcmk_remote FFU support for Instance HA
3e2a8d91c Add PermitRootLogin option in sshd_config before leapp.
26e532449 Run external_deploy_tasks per step for each role
00850a30a Reset sriov_numvfs to 0 before leapp upgrade
b245565d7 Fix delegation with FreeIPA cleanup
3631ee2ff Add support for Gnocchi NFS Backend
70a099159 Fix permissions for paunch
28ed5c0b8 Align kernel args for system upgrade using leapp
7f8770b6e Stop using a conditional for role tasks
7f3eb2371 Fix HA resource restart when no replicas are running
978c4e05d Revamp how etcd's cert and key are handled in containers
e4192e033 Add CephAnsibleRepo warning to make this validation more flexible
94f62d874 Prevent skip package fact to run on all steps.
5f336195f Update octavia playbooks parameters
c59f31ea4 Remove redundant file management for /run/redis
fdd0547c4 Expose the zaqar_ws_timeout_tunnel variable.
c2b828fbb Add openvswitch special treatment to update too.
8c6ada0d1 Do not manage healthcheck for nova-compute anymore
ebea6f33e Add dashboard_protocol variable when internal_tls is enabled
aeaeff3a3 Remove /var/lib/config-data context task
b66f39550 Generated passthrough_whitelist shall use all the user_configs fields
729bb5259 Remove ffwd-upgrade leftovers from THT.
09f524e70 Unset keystone::public_endpoint
bad56a5fd Add missing config_files kolla directives
be1184b06 Use a single task for fact gathering
a1443bb82 Relax facts gathering plays on the overcloud
7e3315110 Prevent ovn dbs related facts to run on each step.
2971c4fbb Attempt to remove octavia tls proxy service only present
4ac41b46d Improve documentations for NovaLibvirtFileBackedMemory
Diffstat (except docs and test files)
-------------------------------------
ci/environments/scenario001-standalone.yaml | 1 +
ci/environments/scenario003-standalone.yaml | 17 +-
ci/environments/scenario010-standalone.yaml | 1 -
common/deploy-steps-playbooks-common.yaml | 52 ++--
common/deploy-steps-tasks-step-1.yaml | 29 +--
common/deploy-steps-tasks.yaml | 1 +
common/deploy-steps.j2 | 242 +++---------------
common/generate-config-tasks.yaml | 2 +-
common/host-container-puppet-tasks.yaml | 3 +-
common/services/role.role.j2.yaml | 20 --
.../monitoring/collectd_check_health.py | 92 +++++++
.../nova_statedir_ownership.py | 68 +++--
.../pacemaker_restart_bundle.sh | 13 +-
deployed-server/scripts/enable-ssh-admin.sh | 3 +-
deployment/README.rst | 30 ---
deployment/aodh/aodh-api-container-puppet.yaml | 46 ----
.../aodh/aodh-evaluator-container-puppet.yaml | 18 --
.../aodh/aodh-listener-container-puppet.yaml | 18 --
.../aodh/aodh-notifier-container-puppet.yaml | 18 --
.../barbican/barbican-api-container-puppet.yaml | 31 ++-
.../ceilometer-agent-central-container-puppet.yaml | 18 --
.../ceilometer-agent-compute-container-puppet.yaml | 18 --
.../ceilometer-agent-ipmi-container-puppet.yaml | 18 --
...ometer-agent-notification-container-puppet.yaml | 18 --
deployment/ceph-ansible/ceph-base.yaml | 50 +++-
deployment/ceph-ansible/ceph-mds.yaml | 3 +-
deployment/ceph-ansible/ceph-mgr.yaml | 1 +
deployment/ceph-ansible/ceph-mon.yaml | 3 +-
deployment/ceph-ansible/ceph-osd.yaml | 52 +++-
deployment/ceph-ansible/ceph-rgw.yaml | 3 +-
deployment/cinder/cinder-api-container-puppet.yaml | 55 +---
.../cinder/cinder-backend-netapp-puppet.yaml | 2 +-
.../cinder/cinder-backup-container-puppet.yaml | 11 +-
.../cinder/cinder-backup-pacemaker-puppet.yaml | 107 +++-----
.../cinder/cinder-common-container-puppet.yaml | 4 +-
.../cinder/cinder-scheduler-container-puppet.yaml | 27 +-
.../cinder/cinder-volume-container-puppet.yaml | 46 +---
.../cinder/cinder-volume-pacemaker-puppet.yaml | 103 ++------
deployment/containers-common.yaml | 3 +-
deployment/database/mysql-container-puppet.yaml | 24 +-
deployment/database/mysql-pacemaker-puppet.yaml | 70 ++---
deployment/database/redis-container-puppet.yaml | 3 -
deployment/database/redis-pacemaker-puppet.yaml | 120 ++-------
.../sahara/sahara-api-container-puppet.yaml | 30 ---
.../sahara/sahara-engine-container-puppet.yaml | 18 --
deployment/etcd/etcd-container-puppet.yaml | 55 ++--
deployment/glance/glance-api-container-puppet.yaml | 28 --
.../glance/glance-api-edge-container-puppet.yaml | 22 +-
.../gnocchi/gnocchi-api-container-puppet.yaml | 128 +++++-----
.../gnocchi/gnocchi-metricd-container-puppet.yaml | 34 ++-
.../gnocchi/gnocchi-statsd-container-puppet.yaml | 36 ++-
deployment/haproxy/haproxy-container-puppet.yaml | 5 +
.../haproxy/haproxy-edge-container-puppet.yaml | 22 +-
deployment/haproxy/haproxy-pacemaker-puppet.yaml | 71 ++----
deployment/heat/heat-api-cfn-container-puppet.yaml | 18 --
.../heat/heat-api-cloudwatch-disabled-puppet.yaml | 24 --
deployment/heat/heat-api-container-puppet.yaml | 30 ---
deployment/heat/heat-engine-container-puppet.yaml | 18 --
deployment/ipa/ipaservices-baremetal-ansible.yaml | 2 +-
deployment/ironic/ironic-api-container-puppet.yaml | 36 ---
.../ironic/ironic-conductor-container-puppet.yaml | 25 --
.../kernel-boot-params-baremetal-ansible.yaml | 20 ++
deployment/keystone/keystone-container-puppet.yaml | 44 ----
deployment/manila/manila-api-container-puppet.yaml | 32 ---
.../manila/manila-scheduler-container-puppet.yaml | 20 --
.../manila/manila-share-container-puppet.yaml | 20 --
.../manila/manila-share-pacemaker-puppet.yaml | 101 ++------
.../memcached/memcached-container-puppet.yaml | 21 +-
deployment/metrics/collectd-container-puppet.yaml | 58 ++---
.../neutron/derive_pci_passthrough_whitelist.py | 11 +-
.../neutron/neutron-api-container-puppet.yaml | 37 ---
.../neutron/neutron-dhcp-container-puppet.yaml | 18 --
.../neutron/neutron-l3-container-puppet.yaml | 18 --
.../neutron/neutron-metadata-container-puppet.yaml | 18 --
.../neutron-ovs-agent-container-puppet.yaml | 18 --
.../neutron-ovs-dpdk-agent-container-puppet.yaml | 2 -
.../neutron-sriov-agent-container-puppet.yaml | 31 ++-
deployment/nova/nova-api-container-puppet.yaml | 149 -----------
deployment/nova/nova-compute-container-puppet.yaml | 50 ++--
.../nova/nova-conductor-container-puppet.yaml | 18 --
deployment/nova/nova-ironic-container-puppet.yaml | 24 --
deployment/nova/nova-libvirt-container-puppet.yaml | 43 ++--
.../nova-migration-target-container-puppet.yaml | 2 +-
.../nova/nova-scheduler-container-puppet.yaml | 18 --
.../nova/nova-vnc-proxy-container-puppet.yaml | 20 +-
deployment/nova/novajoin-container-puppet.yaml | 10 +
.../octavia/octavia-api-container-puppet.yaml | 36 +--
.../octavia/octavia-deployment-config.j2.yaml | 10 +-
deployment/ovn/ovn-dbs-pacemaker-puppet.yaml | 65 +++--
.../pacemaker/pacemaker-baremetal-puppet.yaml | 4 +-
.../pacemaker-remote-baremetal-puppet.yaml | 60 +++++
deployment/podman/podman-baremetal-ansible.yaml | 3 +-
...rabbitmq-messaging-notify-pacemaker-puppet.yaml | 79 ++----
.../rabbitmq-messaging-pacemaker-puppet.yaml | 79 ++----
.../rabbitmq-messaging-rpc-pacemaker-puppet.yaml | 79 ++----
deployment/swift/swift-proxy-container-puppet.yaml | 22 --
.../swift/swift-ringbuilder-container-puppet.yaml | 2 +-
.../swift/swift-storage-container-puppet.yaml | 56 +---
.../tripleo-packages-baremetal-puppet.yaml | 282 +++------------------
deployment/undercloud/undercloud-upgrade.yaml | 163 ++----------
environments/barbican-backend-pkcs11-lunasa.yaml | 29 ++-
environments/ceph-ansible/ceph-ansible.yaml | 7 +
environments/cinder-netapp-config.yaml | 2 +-
environments/lifecycle/ffwd-upgrade-prepare.yaml | 1 -
environments/services/neutron-ovn-ha.yaml | 1 +
environments/ssl/no-tls-endpoints-public-ip.yaml | 1 +
environments/ssl/tls-endpoints-public-dns.yaml | 3 +-
environments/ssl/tls-endpoints-public-ip.yaml | 3 +-
environments/ssl/tls-everywhere-endpoints-dns.yaml | 3 +-
environments/storage-environment.yaml | 2 +-
environments/storage/cinder-netapp-config.yaml | 2 +-
environments/storage/cinder-nfs.yaml | 2 +-
network/service_net_map.j2.yaml | 2 +-
network_data_ganesha.yaml | 50 +++-
overcloud.j2.yaml | 25 --
puppet/role.role.j2.yaml | 14 +
...ainerNovaLibvirtPidsLimit-cdad2166b6c0195f.yaml | 6 +
.../notes/bug-1895899-8d675670a0d05c15.yaml | 12 +
...e-for-StorageNFS-net.yaml-bd77be924e8b7056.yaml | 20 ++
.../gnocchi-nfs-backend-90febc9f87e7df08.yaml | 9 +
.../nova_image_cache_ttl-824f241363b9dd4e.yaml | 8 +
.../notes/remove_ffwd_tasks-d1ab630d96a66a59.yaml | 6 +
.../swift-fix-ring-sync-7bf3ddbb1ea1e342.yaml | 6 +
.../swift-mount-by-uuid-7744fe7696db4b85.yaml | 6 +
.../zaqar_ws_timeout_tunnel-d5d1e900dce79b34.yaml | 7 +
roles/ControllerSriov.yaml | 2 -
roles/DistributedCompute.yaml | 1 -
roles/DistributedComputeHCI.yaml | 2 +-
roles/DistributedComputeHCIScaleOut.yaml | 3 +-
roles/DistributedComputeScaleOut.yaml | 3 +-
roles/Minimal.yaml | 30 +++
roles/NetworkerSriov.yaml | 1 -
roles/README.rst | 1 +
sample-env-generator/ssl.yaml | 6 +-
sample-env-generator/storage.yaml | 1 +
tools/yaml-validate.py | 24 --
138 files changed, 1383 insertions(+), 2814 deletions(-)
More information about the Release-announce
mailing list