[release-announce] kolla-ansible 12.0.0 (wallaby)
no-reply at openstack.org
no-reply at openstack.org
Wed Jun 23 18:00:33 UTC 2021
We are psyched to announce the release of:
kolla-ansible 12.0.0: Ansible Deployment of Kolla containers
This release is part of the wallaby release series.
The source is available from:
https://opendev.org/openstack/kolla-ansible
Download the package from:
https://tarballs.openstack.org/kolla-ansible/
Please report issues through:
https://bugs.launchpad.net/kolla-ansible/+bugs
For more details, please see below.
12.0.0
^^^^^^
New Features
************
* Adds support for CentOS Stream 8 as a host Operating System and
base container image. This is the only distribution of CentOS
supported from the Wallaby release. The Victoria release will
support both CentOS Linux 8 and CentOS Stream 8 hosts and images,
and provides a route for migration.
* Supports Debian Bullseye (11) as host distribution.
* Adds support in "kolla_docker" module to set "CgroupnsMode" for
Docker containers (via "cgroupns_mode" module param). Requires
Docker 20.10. Note that pre-20.10 all containers behave as if they
were run with mode "host".
* OVN deployment will now configure "external_ids:ovn-chassis-mac-
mappings" to make DVR work on VLAN tenant networks.
* Due to the removal of the Monasca Grafana fork, the Monasca
datasource is now configured in vanilla Grafana.
Upgrade Notes
*************
* Bumps minimum required Docker version to 18.09 and minimum
required Docker Python SDK version to 3.4.1. These two are checked
in prechecks.
* CentOS Linux 8 is no longer supported as a host Operating System
or base container image. CentOS users should migrate to CentOS
Stream 8. The Victoria release will support both CentOS Linux 8 and
CentOS Stream 8 hosts and images, and provides a route for
migration.
* Adds a new flag, "docker_disable_ip_forward", which defaults to
"docker_disable_default_iptables_rules" and is used to disable
docker's "ip-forward" option which makes docker set
"net.ipv4.ip_forward" sysctl to "1". By default,
"docker_disable_default_iptables_rules" is "true", in which case
docker's "ip-forward" option is "disabled".
For existing hosts, this configuration change is applied when
configuring docker via "kolla-ansible bootstrap-servers". Docker
changes the sysctl in a non-persistent manner, so it will revert to
the default of "0" after a reboot, if not configured elsewhere. This
should not cause a problem, since Kolla Ansible applies the sysctl
where necessary. Operators may wish to perform a proactive reboot,
or apply the default through other means.
* Service containers and configuration for the Monasca Grafana
service will be removed automatically. It is up to the operator to
remove the related HAProxy configuration, the Monasca Grafana
database, and associated Docker volumes.
Deprecation Notes
*****************
* Support for configuration of NTP daemon (via "enable_host_ntp") is
deprecated and will be removed in the next Kolla Ansible release
(Xena). Please use other means of configuring NTP.
* The Monasca Fork of Grafana is deprecated due to lack of
maintenance and will be removed in the Xena release. Instead,
support will be provided to allow Monasca users to migrate to the
vanilla Grafana service with the Monasca datasource.
* Support for deploying "tempest" and "rally" is deprecated and will
be removed in the Xena cycle. The reason is that these are not
services of an OpenStack cloud but its clients.
Bug Fixes
*********
* chronyd crash loop if server is rebooted (Debian) LP#1915528
* Fixed an issue when Docker was configured after startup on
Debian/Ubuntu, which resulted in iptables rules being created -
before they were disabled. LP#1923203
* Fixes an issue with Octavia SSH key copying if user disabled
Octavia auto configuration. LP##1927727
* Fixed an issue where docker python SDK 5.0.0 was failing due to
missing six - introduced a constraint to install version lower than
5.x. LP#1928915
* Fixes more-than-2-node RabbitMQ upgrade failing randomly.
LP#1930293.
* Fixes Swift deploy when TLS enabled. Added the missing handler and
corrected the container name. LP#1931097
* Fixes "iscsid" failing in current CentOS 8 based images due to pid
file being needlessly set. LP#1933033
* Fixes host bootstrap on Debian not removing the conflicting
packages. It now behaves in accordance with the docs. LP#1933122
* Fixes potential issue with Alertmanger in non-HA deployments. In
this scenario, peer gossip protocol is now disabled and Alertmanager
won't try to form a cluster with non-existing other instances.
LP#1926463
* Adds a new flag, "docker_disable_ip_forward", which defaults to
"docker_disable_default_iptables_rules" and is used to disable
docker's "ip-forward" option which makes docker set
"net.ipv4.ip_forward" sysctl to "1". This is to protect from
creating all-forwarding hosts. LP#1931615
* Fixes an issue when generating "/etc/hosts" during "kolla-ansible
bootstrap-servers" when one or more hosts has an "api_interface"
with dashes ("-") in its name. LP#1927357
* Fixes the container image used by mariabackup. It was using the
"mariadb" image, which was deprecated in Victoria and removed in
Wallaby. LP#1928129
* Fixes an issue with Octavia deployment when using a custom service
auth project. If "octavia_service_auth_project" is set to a project
that does not exist, Octavia deployment would fail. The project is
now created. LP#1922100
Changes in kolla-ansible 12.0.0.0rc1..12.0.0
--------------------------------------------
bcce291aa Fix host bootstrap pkg removal on Debian
ecddf74d7 Do not set pid file for iscsid
2e76e0565 Support editable installation in all cases
cf58c0460 tox: Add find command to allowlist_externals list
315d8eec2 baremetal: fix /etc/hosts generation when api_interface has dashes
a6a2e5ec1 chronyd crash loop if Debian server is rebooted
252671f8b Stop fluentd deprecation warnings of type vs @type
381e3a40d Fix parsing of infra.mariadb.xinetd logs
189c1c245 Fix neutron-ovn-metadata-agent with policy.yaml
cbd474cc4 octavia: Ensure service auth project exists
c24a56b7d Merge glance sections for nova.conf.j2
b79d2a4f0 Redis configuration syntax update
13deb4304 Update blazar.conf template
5ba041019 Add the ansible_managed header for admin-openrc.sh
e3f43eee5 Reno follow up for docker_disable_ip_forward
c272af91c Drop /sys/fs/cgroup mounts
eb4815345 Disable docker's ip-forward when iptables disabled
f11af96cc Fix RabbitMQ restart ordering
98c29107a Add forgotten 'Restart container' handler for swift
12dc47483 grafana: add bootstrap during upgrade
a8982e571 Bump min Docker version
94e115e15 chrony: allow to remove the container
12382be7a [CI] Drop Zuul host groups
0c58f83d6 [CI] Move to Debian Bullseye
7b3190871 Add support for Debian Bullseye (11) as host distro
efd51bccb [docker] Add support for setting CgroupnsMode
58f3f3042 Trivial if conditional fix in keystone.json
e7c68252f docs: Update Freenode to OFTC
0b971b61d Fix release note markup
ee92b33b3 Use mariadb-server image for mariabackup
d8b4e81c0 CI: Use PATH to find kolla-ansible script
d31ec6609 cinder: fix condition to copy backend TLS certs
af7c7cc6b Remove [octavia]/base_url option from neutron.conf
b887b1c4c docs: update supported OS distros
924affb65 Mariadb shards documentation
af7778e3a CI: Configure IP on a linux bridge instead of OVS br-ex
4e8c1493c CI: add grafana to monasca image list
2bff29328 Remove Monasca Grafana service
7e31c959e [CI] Fix testing in cephadm scenario
ee8bd456b baremetal: Install Docker SDK less than 5.0.0
bf351eb97 CI: Fix nfv job with kolla dependency
34349f6ad CI: Wait for NTP synced status in systemd
3a661b7ad baremetal: Don't start Docker after install on Debian/Ubuntu
e0fc09cde Disable Alertmanager's peer gossip in non-HA deployments
bfdd36ff3 CI: allow Elasticsearch status to be green or yellow
a92ce428a Use @type instead of type
deafe00dd Do not write octavia_amp_ssh_key if auto_config disabled
cb38206dc Fix "Restart mariadb-clustercheck container" during config gen
465a38545 ovn: make DVR work on VLAN tenant networks
71811d947 octavia: Fix duplicate api_settings
1e5709150 ovn: omit unnecessary bridge mappings
381fe0d27 setup.cfg: Replace dashes with underscores
d83aad7ee Deprecate tempest and rally
5894894ff Deprecate enable_host_ntp
f73c00c83 Bump up python version for Debian Bullseye
aaa2bb977 cephadm: Set auth_allow_insecure_global_id_reclaim to true
8ccbdf3c2 Add Monasca Grafana deprecation notice
4f87d9f36 Use wallaby images in wallaby deployments
adef109a1 Avoid an Ansible quirk in hacluster role
3f7e02765 docs: Improve policy documentation
6bcbaf235 Update TOX_CONSTRAINTS_FILE for stable/wallaby
e80783f1d Update .gitreview for stable/wallaby
Diffstat (except docs and test files)
-------------------------------------
.gitreview | 1 +
ansible/chrony-cleanup.yml | 14 +++
ansible/group_vars/all.yml | 7 +-
ansible/library/kolla_docker.py | 44 +++++++-
ansible/roles/baremetal/defaults/main.yml | 2 +
ansible/roles/baremetal/tasks/install.yml | 28 ++++-
ansible/roles/baremetal/tasks/post-install.yml | 30 +++++-
ansible/roles/baremetal/tasks/pre-install.yml | 4 +-
ansible/roles/blazar/templates/blazar.conf.j2 | 10 +-
ansible/roles/chrony/tasks/cleanup.yml | 12 +++
ansible/roles/chrony/templates/chrony.json.j2 | 4 +-
ansible/roles/cinder/tasks/config.yml | 2 +-
ansible/roles/common/templates/admin-openrc.sh.j2 | 2 +
.../common/templates/conf/input/02-mariadb.conf.j2 | 2 +-
.../common/templates/conf/output/00-local.conf.j2 | 8 +-
ansible/roles/grafana/defaults/main.yml | 9 ++
ansible/roles/grafana/tasks/upgrade.yml | 5 +
.../roles/hacluster/tasks/bootstrap_service.yml | 4 +-
ansible/roles/haproxy/tasks/precheck.yml | 27 -----
ansible/roles/iscsi/defaults/main.yml | 2 -
ansible/roles/iscsi/templates/iscsid.json.j2 | 2 +-
ansible/roles/keystone/templates/keystone.json.j2 | 2 +-
ansible/roles/mariadb/defaults/main.yml | 2 +-
ansible/roles/mariadb/handlers/main.yml | 2 +
ansible/roles/monasca/defaults/main.yml | 24 +----
ansible/roles/monasca/handlers/main.yml | 53 ---------
ansible/roles/monasca/tasks/bootstrap.yml | 3 +-
ansible/roles/monasca/tasks/config.yml | 19 ----
ansible/roles/monasca/tasks/deploy.yml | 2 -
ansible/roles/monasca/tasks/post_config.yml | 120 ---------------------
ansible/roles/monasca/tasks/precheck.yml | 11 --
ansible/roles/monasca/tasks/upgrade.yml | 30 ------
.../templates/monasca-grafana/grafana.ini.j2 | 55 ----------
.../monasca-grafana/monasca-grafana.json.j2 | 23 ----
ansible/roles/multipathd/defaults/main.yml | 1 -
.../templates/neutron-ovn-metadata-agent.json.j2 | 13 ++-
ansible/roles/neutron/templates/neutron.conf.j2 | 5 -
ansible/roles/nova-cell/defaults/main.yml | 2 +-
ansible/roles/nova-cell/handlers/main.yml | 1 +
ansible/roles/nova-cell/tasks/check-containers.yml | 1 +
ansible/roles/nova-cell/templates/nova.conf.j2 | 5 +-
ansible/roles/octavia/defaults/main.yml | 7 ++
ansible/roles/octavia/tasks/config.yml | 4 +-
ansible/roles/octavia/tasks/register.yml | 15 ---
ansible/roles/octavia/templates/octavia.conf.j2 | 4 +-
ansible/roles/ovn/defaults/main.yml | 2 +
ansible/roles/ovn/tasks/bootstrap.yml | 6 +-
ansible/roles/prechecks/defaults/main.yml | 3 +
ansible/roles/prechecks/tasks/timesync_checks.yml | 73 +++++++++++--
ansible/roles/prechecks/vars/main.yml | 5 +-
.../templates/prometheus-alertmanager.json.j2 | 2 +-
ansible/roles/rabbitmq/handlers/main.yml | 18 +++-
ansible/roles/rally/tasks/main.yml | 5 +
ansible/roles/redis/templates/redis.conf.j2 | 10 +-
ansible/roles/swift/defaults/main.yml | 2 +-
ansible/roles/swift/handlers/main.yml | 4 +
ansible/roles/tempest/tasks/main.yml | 5 +
.../bootstrap-servers.rst | 5 +
.../logging-and-monitoring/monasca-guide.rst | 54 +++++-----
etc/kolla/globals.yml | 4 +-
etc/kolla/passwords.yml | 1 -
...yd-crash-loop-if-server-is-rebooted-debian.yaml | 5 +
.../notes/bug-1922721-19163cfb491d0035.yaml | 4 +-
.../notes/bug-1923203-f9ff247befc4bd75.yaml | 6 ++
.../notes/bug-1927727-4437103de59e85e5.yaml | 6 ++
.../notes/bug-1928915-482b2d53bb2a4d92.yaml | 6 ++
.../notes/bug-1930293-d8a524f2070e6779.yaml | 5 +
.../notes/bug-1931097-c94832ed2ed92c3a.yaml | 6 ++
.../notes/bug-1933033-76746d127285cfe8.yaml | 6 ++
.../notes/bug-1933122-b34311ba73092080.yaml | 6 ++
...imum-docker-version-18-09-37af3b4c134da67e.yaml | 6 ++
.../notes/centos-stream-686441cc4c0e47d7.yaml | 13 +++
.../debian-bullseye-host-adc7778d7103b84f.yaml | 4 +
.../notes/deprecate-chrony-077a8686e79a919e.yaml | 16 ++-
...deprecate-enable-host-ntp-3ad934c097f18b1b.yaml | 7 ++
...deprecate-monasca-grafana-f5bfc61a5d453a8e.yaml | 7 ++
...precate-tempest-and-rally-2418cbe2a9f315a4.yaml | 7 ++
...e-alertmanager-clustering-ec70f5f970c4933a.yaml | 7 ++
.../docker-cgroupns-mode-9e1b32c357a14095.yaml | 7 ++
...docker-disable-ip-forward-b0490b71f9f07cd6.yaml | 24 +++++
.../notes/etc-hosts-dashes-37d0dc07c8fc881f.yaml | 7 ++
.../notes/mariabackup-image-8b31622f59890e28.yaml | 6 ++
...eate-service-auth-project-aa38b12ebb601777.yaml | 7 ++
.../notes/ovn_dvr_vlan-f36a6868cfd4776e.yaml | 5 +
.../remove-monasca-grafana-43cf1f74b09a6e54.yaml | 11 ++
roles/bridge/tasks/main.yml | 12 +++
roles/cephadm/tasks/main.yml | 11 ++
roles/veth/tasks/main.yml | 12 +++
setup.cfg | 8 +-
tools/kolla-ansible | 33 +++++-
tox.ini | 17 +--
zuul.d/base.yaml | 6 +-
zuul.d/jobs.yaml | 8 +-
zuul.d/nodesets.yaml | 62 +++--------
114 files changed, 878 insertions(+), 635 deletions(-)
More information about the Release-announce
mailing list