February 2021 - Release-announce - lists.openstack.org

tripleo-validations 11.4.0 (train)
by no-reply＠openstack.org 08 Feb '21

08 Feb '21

We are psyched to announce the release of: tripleo-validations 11.4.0: A collection of Ansible playbooks to detect and report potential issues during TripleO deployments This release is part of the train stable release series. The source is available from: https://opendev.org/openstack/tripleo-validations Download the package from: https://tarballs.openstack.org/tripleo-validations/ Please report issues through: https://bugs.launchpad.net/tripleo/+bugs For more details, please see below. 11.4.0 ^^^^^^ Bug Fixes * Existing resources "DISK_GB", "MEMORY_MB", "VCPU" were not considered to be available in case of custom_resource_class_val == False, also use correct types for resource comparison and required_count calculation. Changes in tripleo-validations 11.3.1..11.4.0 --------------------------------------------- 2e5e112 Change path for validation Ansible files ae68264 Add validation to verify the RHSM version. fc10280 Add tripleo-validations role for component testing ce2e525 Ensures script is executable 937fb3a Add tripleo-validation.py as script in setup.cfg b9ae60f replace max_fds with sysctl call c1b0791 Add a validation to check the local. 658cc5c Fix conditionals/types in check_flavors and verify_profiles f53da00 Validation collect-flavors-and-verify-profiles bug 6cc25c0 Remove callback plugin from tripleo-validation 3c006ba Remove objects migrated to validations-common d949f0e Use the default flavor name when flavor parameter is not defined 02f3308 Optimize container_cli usage by mysql-open-files-limit validation c8d92bc Refactor vif plugging validations 79de7e8 Remove ceph-pg from openstack tripleo validator run groups 83411f3 [train and before] Define default firewall_driver value 76d2e78 fix mixed up molecule tests cec1318 [train] Switch to content provider jobs/templates 41b580d Correct how the image_serve validation works 3d72980 Add TripleO validation CLI script 6722b0d New validation: Ensure sVirt is active 4db92ba Convert all of the fedora28 container usage to CentOS8 c7ea360 Migrate molecule jobs from centos 7 to 8 0c1fdb2 Add validation to check status of ipa server a66936f Switch install-docker with ensure-docker 8755caa Add new Upgrades validation groups. 2f92663 Add os-cloud support for tripleo-ansible-inventory script 4fe38aa Allows to use custom role name for validations e440143 Corrected work directory for validate-selinux c761798 Get UUID from ansible environment variables 015dab2 Updated "overcloud" to "allovercloud" group f8d7882 Fix neutron_sanity_check for ML2/OVS overcloud 5dcaa10 Make Get OSD stat percentage compatible with jq < 1.5 034dc8a Ensure virtualenv is installed. 5ea8cc2 Port jobs from centos7 to centos8 02664d1 Make Get OSD stat percentage compatible with both Luminous and Nautilus 082d48b Fix ceph-ansible permissions when checking the repo name 2a644ab Don't write playbook stats in binary mode e548b86 remove non-voting ceph validation from gate 08f469d Update Ceph role's Get OSD stat to use new data structure 4b27bcd Introducing tripleo_delegate_to on ceph health validation 287602b Improve the ceph-ansible repository error message b43da87 Remove fwaas_driver.ini from neutron sanity checks 7b94843 Fix multistack inventory 5d5c02c tripleo-validations failing on lower constraints 3fd14c9 Don't validate token_flush for non-persistent token formats 5163ca7 Skeleton role, get with the decade 1994eba Adds Search Path Override 365e5a6 Add basic molecule tests for uncovered roles 155d1a5 Add custom ansible-lint rule for Role Names c0fd6b0 tripleo-validations failing on lower constraints 95a049f Remove default ansible option in test runs 63e2a13 Make groups documentation part dynamic 3b50632 Add pre/post ceph validation groups d74065f Fix upper and lower constraints 65545f3 Better task name and loop control d1e8126 Delete healthcheck-service-status role a4c7660 Normalize role names when generating roles 9a000ab molecule-xfs_check_ftypefailure (non-voting), remove from gate 14411dc Replace all references to the old role name 2be56c5 Adds basic molecule testing for ceph validations 1a9b92a zuul: all functional jobs now depend on linter job first 02ebd6b Validate the playboooks metadata structure 65ceb1c New validation: validate-selinux 966b96a Remove the useless environment variable. 16f471a Removed workaround for ansible-lint issue 875d0b3 Stop testing python2.7 c5cd3b5 Add new validation_json callback 760a790 Introduce Ceph placement group validation dc4fd10 Fix ceph-ansible repo check 7f9f738 Add an additional validation to check ceph-ansible repository 6f850ab Add a validation to fail if a Ceph dependency is not installed Diffstat (except docs and test files) ------------------------------------- .ansible-lint | 5 +- .ansible-lint_rules/RoleNames.py | 57 ++++ .ansible-lint_rules/ValidationHasMetadataRule.py | 138 ++++++++ .pre-commit-config.yaml | 10 +- .yamllint | 11 + _skeleton_role_/defaults/main.yml.j2 | 2 +- _skeleton_role_/handlers/main.yml | 2 +- _skeleton_role_/molecule/default/Dockerfile.j2 | 5 +- .../default/{playbook.yml.j2 => converge.yml.j2} | 3 +- _skeleton_role_/molecule/default/molecule.yml | 15 +- _skeleton_role_/molecule/default/verify.yml | 2 +- _skeleton_role_/tasks/main.yml.j2 | 2 +- _skeleton_role_/vars/main.yml.j2 | 2 +- .../prepare.yml => ansible-role-requirements.yml | 14 +- bindep.txt | 14 +- callback_plugins/.keep | 0 callback_plugins/fail_if_no_hosts.py | 31 -- callback_plugins/validation_output.py | 207 ------------ .../modules/modules-ceph_pools_pg_protection.rst | 15 + .../modules/modules-check_package_update.rst | 15 - .../modules/modules-validations_read_ini.rst | 15 - .../roles/role-advanced-format-512e-support.rst | 7 - ...ane-ip-range.rst => role-ceilometerdb_size.rst} | 4 +- .../roles/role-check-latest-packages-version.rst | 6 - ...sk-space.rst => role-check_network_gateway.rst} | 4 +- ...> role-collect_flavors_and_verify_profiles.rst} | 4 +- ...tainer-status.rst => role-container_status.rst} | 4 +- ...st => role-containerized_undercloud_docker.rst} | 4 +- ...ercloud-debug.rst => role-controller_token.rst} | 4 +- ...-node-count.rst => role-controller_ulimits.rst} | 4 +- ...meterdb-size.rst => role-ctlplane_ip_range.rst} | 4 +- ...ler-ulimits.rst => role-default_node_count.rst} | 4 +- ...p-validations.rst => role-dhcp_validations.rst} | 4 +- ...tus.rst => role-healthcheck_service_status.rst} | 4 +- .../{role-image-serve.rst => role-image_serve.rst} | 4 +- ...tion.rst => role-ironic_boot_configuration.rst} | 4 +- ...s-limit.rst => role-mysql_open_files_limit.rst} | 4 +- ...nvironment.rst => role-network_environment.rst} | 4 +- ...ity-check.rst => role-neutron_sanity_check.rst} | 4 +- ...ver.rst => role-no_op_firewall_nova_driver.rst} | 3 +- .../{role-node-disks.rst => role-node_disks.rst} | 4 +- .../{role-node-health.rst => role-node_health.rst} | 4 +- ...t-callback.rst => role-nova_event_callback.rst} | 4 +- .../{role-nova-status.rst => role-nova_status.rst} | 4 +- ...enstack.rst => role-openshift_on_openstack.rst} | 4 +- ...-endpoints.rst => role-openstack_endpoints.rst} | 4 +- ...role-ovs-dpdk-pmd.rst => role-ovs_dpdk_pmd.rst} | 4 +- ...troller-token.rst => role-pacemaker_status.rst} | 4 +- ...abbitmq-limits.rst => role-rabbitmq_limits.rst} | 4 +- ...role-stack-health.rst => role-stack_health.rst} | 4 +- ...-service-status.rst => role-stonith_exists.rst} | 4 +- ...role-switch-vlans.rst => role-switch_vlans.rst} | 4 +- ...-stonith-exists.rst => role-tls_everywhere.rst} | 4 +- ...emaker-status.rst => role-undercloud_debug.rst} | 4 +- ...kenflush.rst => role-undercloud_disk_space.rst} | 4 +- ....rst => role-undercloud_heat_purge_deleted.rst} | 4 +- ...count.rst => role-undercloud_process_count.rst} | 4 +- ...atus.rst => role-undercloud_service_status.rst} | 4 +- ...-gateway.rst => role-undercloud_tokenflush.rst} | 5 +- groups.yaml | 48 +++ library/advanced_format.py | 97 ------ library/ceph_pools_pg_protection.py | 249 ++++++++++++++ library/check_flavors.py | 9 +- library/check_package_update.py | 145 -------- library/haproxy_conf.py | 89 ----- library/hiera.py | 64 ---- library/reportentry.py | 89 ----- library/validations_read_ini.py | 166 --------- library/verify_profiles.py | 2 +- library/warn.py | 55 --- lookup_plugins/roles_info.py | 2 +- lower-constraints.txt | 118 ------- molecule-requirements.txt | 9 +- playbooks/512e.yaml | 13 - playbooks/ceilometerdb-size.yaml | 2 +- playbooks/ceph-ansible-installed.yaml | 2 + playbooks/ceph-dependencies-installed.yaml | 18 + playbooks/ceph-health.yaml | 4 +- playbooks/ceph-pg.yaml | 21 ++ playbooks/check-ftype.yaml | 12 - playbooks/check-latest-packages-version.yaml | 13 - playbooks/check-network-gateway.yaml | 2 +- playbooks/check-rhsm-version.yaml | 16 + playbooks/collect-flavors-and-verify-profiles.yaml | 6 +- playbooks/container-status.yaml | 4 +- playbooks/containerized-undercloud-docker.yaml | 2 +- playbooks/controller-token.yaml | 8 +- playbooks/controller-ulimits.yaml | 6 +- playbooks/ctlplane-ip-range.yaml | 2 +- playbooks/default-node-count.yaml | 4 +- playbooks/dhcp-introspection.yaml | 2 +- playbooks/dhcp-provisioning.yaml | 2 +- playbooks/dns.yaml | 12 - playbooks/haproxy.yaml | 17 - playbooks/healthcheck-service-status.yaml | 4 +- playbooks/image-serve.yaml | 2 +- playbooks/ironic-boot-configuration.yaml | 2 +- playbooks/mysql-open-files-limit.yaml | 6 +- playbooks/network-environment.yaml | 2 +- playbooks/neutron-sanity-check.yaml | 16 +- playbooks/no-op-firewall-nova-driver.yaml | 4 +- playbooks/no-op.yaml | 12 - playbooks/node-disks.yaml | 2 +- playbooks/node-health.yaml | 2 +- playbooks/nova-event-callback.yaml | 4 +- playbooks/nova-status.yaml | 2 +- playbooks/nova-svirt.yaml | 13 + playbooks/ntp.yaml | 14 - playbooks/openshift-hw-requirements.yaml | 8 +- playbooks/openshift-nw-requirements.yaml | 4 +- playbooks/openstack-endpoints.yaml | 8 +- playbooks/ovs-dpdk-pmd-cpus-check.yaml | 4 +- playbooks/pacemaker-status.yaml | 4 +- playbooks/rabbitmq-limits.yaml | 4 +- playbooks/repos.yaml | 4 +- playbooks/service-status.yaml | 16 - playbooks/stack-health.yaml | 2 +- playbooks/stonith-exists.yaml | 7 +- playbooks/switch-vlans.yaml | 2 +- playbooks/system_encoding.yaml | 13 + playbooks/tls-everywhere-post-deployment.yaml | 8 +- playbooks/tls-everywhere-pre-deployment.yaml | 6 +- playbooks/tls-everywhere-prep.yaml | 4 +- playbooks/undercloud-cpu.yaml | 16 - playbooks/undercloud-debug.yaml | 2 +- playbooks/undercloud-disk-space-pre-upgrade.yaml | 8 +- playbooks/undercloud-disk-space.yaml | 12 +- playbooks/undercloud-heat-purge-deleted.yaml | 6 +- playbooks/undercloud-neutron-sanity-check.yaml | 15 +- playbooks/undercloud-process-count.yaml | 2 +- playbooks/undercloud-ram.yaml | 17 - playbooks/undercloud-selinux-mode.yaml | 13 - playbooks/undercloud-service-status.yaml | 2 +- playbooks/undercloud-tokenflush.yaml | 4 +- ...nsider_existing_resources-addc5b2527d9db1b.yaml | 6 + requirements.txt | 14 +- role-addition.yml | 27 +- roles/advanced-format-512e-support/tasks/main.yml | 10 - roles/advanced-format-512e-support/vars/main.yml | 9 - .../defaults/main.yml | 0 .../molecule/default/Dockerfile.j2 | 2 +- .../molecule/default/converge.yml} | 11 + .../molecule/default/molecule.yml | 19 +- .../tasks/main.yml | 0 .../vars/main.yml | 0 roles/ceph/defaults/main.yml | 4 +- .../molecule/ceph-ansible-installed/Dockerfile | 37 +++ .../molecule/ceph-ansible-installed/converge.yml | 70 ++++ .../molecule/ceph-ansible-installed/molecule.yml | 49 +++ .../molecule/ceph-ansible-installed/prepare.yml | 29 ++ roles/ceph/molecule/default/Dockerfile | 37 +++ .../molecule/default/converge.yml} | 8 +- .../molecule/default/molecule.yml | 13 +- roles/ceph/tasks/ceph-ansible-installed.yaml | 21 +- roles/ceph/tasks/ceph-dependencies-installed.yaml | 26 ++ roles/ceph/tasks/ceph-health.yaml | 116 ++++--- roles/ceph/tasks/ceph-pg.yaml | 145 ++++++++ .../defaults/main.yml | 10 - roles/check-latest-packages-version/tasks/main.yml | 16 - roles/check-latest-packages-version/vars/main.yml | 8 - .../molecule/default/Dockerfile | 37 +++ .../molecule/default/converge.yml} | 10 +- .../molecule/default/molecule.yml | 17 +- .../molecule/default/prepare.yml | 2 +- .../tasks/main.yml | 8 +- .../vars/main.yml | 0 roles/check_rhsm_version/defaults/main.yml | 29 ++ .../check_rhsm_version/molecule/default/Dockerfile | 37 +++ .../molecule/default/converge.yml | 24 ++ .../molecule/default/molecule.yml | 30 +- .../molecule/rhsm_mismatch/Dockerfile | 37 +++ .../molecule/rhsm_mismatch/converge.yml | 43 +++ .../molecule/rhsm_mismatch/molecule.yml | 38 +++ roles/check_rhsm_version/tasks/main.yml | 27 ++ .../molecule/default/Dockerfile.j2 | 2 +- .../molecule/default/converge.yml | 26 ++ .../molecule/default/molecule.yml | 46 +++ .../tasks/main.yml | 0 .../vars/main.yml | 4 +- .../molecule/default/Dockerfile.j2 | 2 +- .../container_status/molecule/default/converge.yml | 26 ++ .../container_status/molecule/default/molecule.yml | 46 +++ .../tasks/main.yaml | 36 +- .../defaults/main.yml | 0 .../tasks/main.yml | 4 +- .../vars/main.yml | 0 .../defaults/main.yml | 0 .../molecule/default/Dockerfile.j2 | 2 +- .../molecule/default/converge.yml} | 6 +- .../molecule/default/molecule.yml | 17 +- .../tasks/main.yml | 2 +- .../vars/main.yml | 2 +- .../defaults/main.yml | 0 .../molecule/default/Dockerfile.j2 | 37 +++ .../molecule/default/converge.yml} | 4 +- .../molecule/default/molecule.yml | 15 +- .../tasks/main.yml | 4 +- .../vars/main.yml | 0 .../molecule/default/Dockerfile.j2 | 37 --- .../defaults/main.yml | 0 .../molecule/default/Dockerfile.j2 | 37 +++ .../molecule/default/converge.yml} | 6 +- .../molecule/default/molecule.yml | 46 +++ .../molecule/default/prepare.yml | 2 +- .../tasks/main.yml | 4 +- .../vars/main.yml | 0 .../tasks/main.yml | 0 .../vars/main.yml | 2 +- .../defaults/main.yml | 0 .../files/rogue_dhcp.py | 0 .../molecule/default/Dockerfile.j2 | 37 +++ .../dhcp_validations/molecule/default/converge.yml | 26 ++ .../dhcp_validations/molecule/default/molecule.yml | 46 +++ .../tasks/dhcp-introspection.yaml | 6 +- .../tasks/dhcp-provisioning.yaml | 2 +- roles/dns/defaults/main.yml | 2 - roles/dns/molecule/default/Dockerfile.j2 | 37 --- roles/dns/tasks/main.yml | 4 - roles/dns/vars/main.yml | 7 - roles/haproxy/README.md | 42 --- roles/haproxy/defaults/main.yml | 8 - roles/haproxy/molecule/default/Dockerfile.j2 | 36 -- roles/haproxy/molecule/default/molecule.yml | 47 --- roles/haproxy/molecule/default/playbook.yml | 71 ---- roles/haproxy/tasks/main.yml | 51 --- roles/haproxy/vars/main.yml | 6 - .../defaults/main.yml | 0 .../molecule/default/Dockerfile.j2 | 37 +++ .../molecule/default/converge.yml | 26 ++ .../molecule/default/molecule.yml | 46 +++ .../tasks/main.yml | 12 +- .../vars/main.yml | 0 roles/image-serve/defaults/main.yaml | 2 - roles/image-serve/molecule/default/Dockerfile.j2 | 37 --- roles/image-serve/tasks/main.yaml | 35 -- roles/image_serve/defaults/main.yaml | 3 + roles/image_serve/molecule/default/Dockerfile.j2 | 37 +++ .../molecule/default/converge.yml} | 28 +- roles/image_serve/molecule/default/molecule.yml | 57 ++++ roles/image_serve/molecule/default/prepare.yml | 25 ++ roles/image_serve/tasks/main.yaml | 31 ++ roles/{image-serve => image_serve}/vars/main.yml | 1 + .../defaults/main.yml | 0 .../molecule/default/Dockerfile.j2 | 37 +++ .../molecule/default/converge.yml | 26 ++ .../molecule/default/molecule.yml | 46 +++ .../tasks/main.yml | 0 .../vars/main.yml | 0 .../defaults/main.yml | 0 .../molecule/default/Dockerfile.j2 | 37 +++ .../molecule/default/converge.yml | 26 ++ .../molecule/default/molecule.yml | 46 +++ .../tasks/main.yml | 8 +- .../vars/main.yml | 0 .../defaults/main.yml | 0 .../molecule/default/Dockerfile.j2 | 37 +++ .../molecule/default/converge.yml | 26 ++ .../molecule/default/molecule.yml | 46 +++ .../tasks/main.yml | 0 .../vars/main.yml | 0 roles/neutron-sanity-check/tasks/main.yml | 67 ---- .../defaults/main.yml | 4 +- .../molecule/default/Dockerfile.j2 | 37 +++ .../molecule/default/converge.yml | 26 ++ .../molecule/default/molecule.yml | 46 +++ roles/neutron_sanity_check/tasks/main.yml | 74 +++++ .../molecule/default/Dockerfile.j2 | 37 --- roles/no-op/tasks/main.yml | 4 - roles/no-op/vars/main.yml | 8 - .../defaults/main.yml | 0 .../molecule/default/Dockerfile.j2 | 37 +++ .../molecule/default/converge.yml} | 8 +- .../molecule/default/molecule.yml | 47 +++ .../tasks/main.yml | 1 + .../vars/main.yml | 2 +- roles/{node-disks => node_disks}/defaults/main.yml | 0 roles/node_disks/molecule/default/Dockerfile.j2 | 37 +++ roles/node_disks/molecule/default/converge.yml | 26 ++ roles/node_disks/molecule/default/molecule.yml | 46 +++ roles/{node-disks => node_disks}/tasks/main.yml | 0 roles/{node-disks => node_disks}/vars/main.yml | 0 roles/node_health/molecule/default/Dockerfile.j2 | 37 +++ roles/node_health/molecule/default/converge.yml | 26 ++ roles/node_health/molecule/default/molecule.yml | 46 +++ roles/{node-health => node_health}/tasks/main.yml | 6 +- .../templates/unreachable_nodes.j2 | 0 roles/{node-health => node_health}/vars/main.yml | 0 roles/nova-status/molecule/default/Dockerfile.j2 | 37 --- .../defaults/main.yml | 0 .../molecule/default/Dockerfile.j2 | 37 +++ .../molecule/default/converge.yml | 26 ++ .../molecule/default/molecule.yml | 46 +++ .../tasks/main.yml | 47 +-- .../vars/main.yml | 0 roles/nova_status/molecule/default/Dockerfile.j2 | 37 +++ .../molecule/default/converge.yml} | 8 +- .../molecule/default/molecule.yml | 17 +- .../molecule/default/prepare.yml | 2 +- roles/{nova-status => nova_status}/tasks/main.yml | 2 +- roles/{nova-status => nova_status}/vars/main.yml | 0 roles/nova_svirt/defaults/main.yml | 21 ++ roles/nova_svirt/molecule/default/Dockerfile | 37 +++ .../molecule/default/converge.yml} | 36 +- .../molecule/default/molecule.yml | 21 +- roles/nova_svirt/molecule/default/prepare.yml | 60 ++++ roles/nova_svirt/tasks/main.yml | 14 + roles/nova_svirt/tasks/validate.yml | 28 ++ roles/ntp/tasks/main.yml | 26 -- roles/ntp/vars/main.yml | 10 - .../tasks/openshift-nw-requirements.yaml | 73 ---- .../defaults/main.yml | 4 +- .../molecule/default/Dockerfile.j2 | 37 +++ .../molecule/default/converge.yml | 26 ++ .../molecule/default/molecule.yml | 46 +++ .../tasks/openshift-hw-requirements.yaml | 10 +- .../tasks/openshift-nw-requirements.yaml | 73 ++++ .../openshift-hw-requirements-warnings.j2 | 0 .../molecule/default/Dockerfile.j2 | 37 +++ .../molecule/default/converge.yml | 26 ++ .../molecule/default/molecule.yml | 46 +++ .../tasks/main.yml | 6 +- .../vars/main.yml | 0 .../defaults/main.yml | 0 roles/ovs_dpdk_pmd/molecule/default/Dockerfile.j2 | 37 +++ roles/ovs_dpdk_pmd/molecule/default/converge.yml | 26 ++ roles/ovs_dpdk_pmd/molecule/default/molecule.yml | 46 +++ .../{ovs-dpdk-pmd => ovs_dpdk_pmd}/tasks/main.yml | 6 +- roles/{ovs-dpdk-pmd => ovs_dpdk_pmd}/vars/main.yml | 0 .../defaults/main.yml | 0 .../molecule/default/Dockerfile.j2 | 37 +++ .../pacemaker_status/molecule/default/converge.yml | 26 ++ .../pacemaker_status/molecule/default/molecule.yml | 46 +++ .../tasks/main.yml | 8 +- .../vars/main.yml | 0 .../rabbitmq-limits/molecule/default/Dockerfile.j2 | 37 --- .../defaults/main.yml | 0 .../rabbitmq_limits/molecule/default/Dockerfile.j2 | 37 +++ .../molecule/default/converge.yml} | 8 +- .../molecule/default/molecule.yml | 15 +- .../molecule/default/prepare.yml | 2 +- .../tasks/main.yml | 2 +- .../vars/main.yml | 0 roles/repos/molecule/default/Dockerfile.j2 | 2 +- .../default/{playbook.yml => converge.yml} | 4 +- roles/repos/molecule/default/molecule.yml | 15 +- roles/repos/tasks/main.yml | 10 +- roles/roles.galaxy/.gitkeep | 0 roles/service-status/meta/main.yml | 27 -- roles/service-status/tasks/main.yaml | 16 - roles/stack_health/molecule/default/Dockerfile.j2 | 37 +++ roles/stack_health/molecule/default/converge.yml | 26 ++ roles/stack_health/molecule/default/molecule.yml | 46 +++ .../{stack-health => stack_health}/tasks/main.yml | 0 roles/{stack-health => stack_health}/vars/main.yml | 0 .../stonith-exists/molecule/default/Dockerfile.j2 | 37 --- .../stonith_exists/molecule/default/Dockerfile.j2 | 37 +++ .../molecule/default/converge.yml} | 6 +- .../molecule/default/molecule.yml | 15 +- .../molecule/default/prepare.yml | 2 +- .../tasks/main.yml | 4 +- .../vars/main.yml | 3 +- .../defaults/main.yml | 0 roles/switch_vlans/molecule/default/Dockerfile.j2 | 37 +++ roles/switch_vlans/molecule/default/converge.yml | 26 ++ roles/switch_vlans/molecule/default/molecule.yml | 46 +++ .../{switch-vlans => switch_vlans}/tasks/main.yml | 0 roles/{switch-vlans => switch_vlans}/vars/main.yml | 0 roles/system_encoding/defaults/main.yml | 24 ++ roles/system_encoding/molecule/default/Dockerfile | 37 +++ .../molecule/default/converge.yml} | 24 +- .../system_encoding/molecule/default/molecule.yml | 48 +++ roles/system_encoding/tasks/main.yml | 36 ++ roles/tls-everywhere/vars/main.yml | 1 - .../defaults/main.yml | 3 + .../handlers/main.yml | 0 .../tls_everywhere/molecule/default/Dockerfile.j2 | 37 +++ roles/tls_everywhere/molecule/default/converge.yml | 52 +++ roles/tls_everywhere/molecule/default/molecule.yml | 46 +++ roles/tls_everywhere/molecule/default/prepare.yml | 21 ++ .../tasks/common.yaml | 10 +- roles/tls_everywhere/tasks/ipa-server-check.yaml | 107 ++++++ .../tasks/overcloud-post-deployment.yaml | 6 +- .../tasks/pre-deployment-containerized.yaml | 16 +- .../tasks/pre-deployment-non-containerized.yaml | 13 +- .../tasks/pre-deployment.yaml | 34 +- .../tasks/prep.yaml | 16 +- roles/tripleo_validations/defaults/main.yml | 25 ++ roles/tripleo_validations/tasks/main.yml | 16 + roles/tripleo_validations/tasks/run.yml | 42 +++ roles/tripleo_validations/tasks/test_script.yml | 13 + roles/tripleo_validations/vars/main.yml | 18 + roles/undercloud-cpu/README.md | 36 -- roles/undercloud-cpu/defaults/main.yml | 3 - .../undercloud-cpu/molecule/default/Dockerfile.j2 | 37 --- roles/undercloud-cpu/molecule/default/playbook.yml | 42 --- roles/undercloud-cpu/tasks/main.yml | 7 - roles/undercloud-cpu/vars/main.yaml | 10 - .../molecule/default/Dockerfile.j2 | 37 --- roles/undercloud-disk-space/defaults/main.yml | 9 - .../molecule/default/Dockerfile.j2 | 37 --- .../molecule/default/molecule.yml | 46 --- .../molecule/default/Dockerfile.j2 | 37 --- roles/undercloud-ram/README.md | 36 -- roles/undercloud-ram/defaults/main.yml | 3 - .../undercloud-ram/molecule/default/Dockerfile.j2 | 37 --- roles/undercloud-ram/molecule/default/molecule.yml | 46 --- roles/undercloud-ram/molecule/default/playbook.yml | 42 --- roles/undercloud-ram/tasks/main.yml | 9 - roles/undercloud-ram/vars/main.yaml | 11 - roles/undercloud-selinux-mode/README.md | 37 --- roles/undercloud-selinux-mode/tasks/main.yml | 24 -- roles/undercloud-selinux-mode/vars/main.yml | 8 - .../molecule/default/Dockerfile.j2 | 37 --- roles/undercloud-tokenflush/tasks/main.yml | 29 -- .../README.md | 0 .../defaults/main.yml | 2 +- .../molecule/default/Dockerfile.j2 | 37 +++ .../molecule/default/converge.yml} | 12 +- .../molecule/default/molecule.yml | 17 +- .../tasks/main.yml | 4 +- .../vars/main.yaml | 0 .../README.md | 0 roles/undercloud_disk_space/defaults/main.yml | 8 + .../molecule/default/Dockerfile.j2 | 37 +++ .../molecule/default/converge.yml} | 2 +- .../molecule/default/molecule.yml | 15 +- .../tasks/main.yml | 8 +- .../vars/main.yaml | 0 .../README.md | 0 .../defaults/main.yml | 0 .../molecule/default/Dockerfile.j2 | 37 +++ .../molecule/default/converge.yml} | 8 +- .../molecule/default/molecule.yml | 21 +- .../molecule/default/prepare.yml | 2 +- .../tasks/main.yml | 2 +- .../vars/main.yaml | 4 +- .../README.md | 0 .../defaults/main.yml | 0 .../molecule/default/Dockerfile.j2 | 37 +++ .../molecule/default/converge.yml | 26 ++ .../molecule/default/molecule.yml | 46 +++ .../tasks/main.yml | 34 +- .../vars/main.yaml | 0 .../README.md | 0 .../defaults/main.yml | 0 .../tasks/main.yml | 2 +- .../vars/main.yaml | 0 .../README.md | 0 .../defaults/main.yml | 0 .../molecule/default/Dockerfile.j2 | 37 +++ .../molecule/default/converge.yml} | 8 +- .../molecule/default/molecule.yml | 21 +- .../molecule/default/prepare.yml | 9 +- .../non-persistent-token-format/Dockerfile.j2 | 37 +++ .../non-persistent-token-format/converge.yml | 44 +++ .../non-persistent-token-format}/molecule.yml | 21 +- .../non-persistent-token-format}/prepare.yml | 23 +- roles/undercloud_tokenflush/tasks/main.yml | 50 +++ .../vars/main.yaml | 2 +- .../xfs-check-ftype/molecule/default/Dockerfile.j2 | 37 --- .../xfs-check-ftype/molecule/default/molecule.yml | 48 --- roles/xfs-check-ftype/molecule/default/prepare.yml | 60 ---- roles/xfs-check-ftype/tasks/main.yml | 25 -- roles/xfs-check-ftype/vars/main.yml | 8 - scripts/bindep-install | 2 +- scripts/run-validations.sh | 2 +- scripts/tripleo-ansible-inventory | 74 +++-- scripts/tripleo-validation.py | 48 +++ setup.cfg | 17 +- tools/test-setup.sh | 8 + tox.ini | 23 +- zuul.d/base.yaml | 4 +- zuul.d/layout.yaml | 12 +- zuul.d/layout.yaml.bak | 36 ++ zuul.d/molecule.yaml | 370 ++++++++++++++------- zuul.d/playbooks/pre.yml | 18 +- zuul.d/playbooks/run.yml | 25 +- 503 files changed, 6310 insertions(+), 4305 deletions(-) Requirements updates -------------------- diff --git a/molecule-requirements.txt b/molecule-requirements.txt index 69d6b89..06f6ca8 100644 --- a/molecule-requirements.txt +++ b/molecule-requirements.txt @@ -2 +1,0 @@ -ansible @@ -3,0 +3 @@ ansi2html +ansible @@ -4,0 +5,5 @@ docker +# https://github.com/sqlalchemy/dogpile.cache/issues/178 +dogpile.cache>=0.6.5,<0.9.1 # MIT +jinja2>=2.8.0,<3 +mock +molecule>=3.0,<3.1 @@ -9,2 +13,0 @@ pytest-xdist -mock -molecule>=2.22rc1,<3 diff --git a/requirements.txt b/requirements.txt index d0fadd1..49c14d6 100644 --- a/requirements.txt +++ b/requirements.txt @@ -5 +5 @@ -pbr!=2.1.0,>=2.0.0 # Apache-2.0 +pbr>=3.1.1 # Apache-2.0 @@ -7,2 +7,2 @@ oslo.config>=5.2.0 # Apache-2.0 -keystoneauth1>=3.4.0 # Apache-2.0 -python-novaclient>=9.1.0 # Apache-2.0 +keystoneauth1>=3.13.0 # Apache-2.0 +python-novaclient>=15.1.0 # Apache-2.0 @@ -11 +11 @@ python-glanceclient>=2.9.1 # Apache-2.0 -python-ironicclient>=2.3.0 # Apache-2.0 +python-ironicclient>=2.7.0 # Apache-2.0 @@ -14,3 +14,3 @@ os-net-config>=7.1.0 # Apache-2.0 -oslo.utils>=3.36.0 # Apache-2.0 -six>=1.10.0 # MIT -tripleo-common>=7.1.0 # Apache-2.0 +oslo.utils>=3.40.2 # Apache-2.0 +six>=1.11.0 # MIT +tripleo-common>=11.3.2 # Apache-2.0

1 0

tripleo-heat-templates 11.4.0 (train)
by no-reply＠openstack.org 08 Feb '21

08 Feb '21

We joyfully announce the release of: tripleo-heat-templates 11.4.0: Heat templates for deploying OpenStack with OpenStack. This release is part of the train stable release series. The source is available from: https://opendev.org/openstack/tripleo-heat-templates Download the package from: https://tarballs.openstack.org/tripleo-heat-templates/ Please report issues through: https://bugs.launchpad.net/tripleo/+bugs For more details, please see below. 11.4.0 ^^^^^^ New Features ************ * Adds a new ContainerNovaLibvirtPidsLimit parameter in order to set the PIDs limit for nova_libvirt container. Defaults to 65536, set to 0 for unlimited. * Adds support for IGMP snooping (Multicast) in the Neutron ML2/OVS driver. * Added the configuration option to set reserved_huge_pages. When NovaReservedHugePages is set, "reserved_huge_pages" is set to the value of NovaReservedHugePages. If NovaReservedHugePages is unset and OvsDpdkSocketMemory is set, reserved_huge_pages value is calcuated from KernelArgs and OvsDpdkSocketMemory. KernelArgs helps determine the default huge page size used, the default is set to 2048kb and OvsDpdkSocketMemory helps determine the number of hugepages to reserve. * Add new BarbicanClient tripleo service for configuring DCN/Edge nodes to access a barbican service running in the control plane. The client service is disabled by default, and can be enabled by including the environments/services/barbican-edge.yaml environment file when deploying a DCN/Edge stack. * Added the Octavia anti-affinity parameters. * Added enhancements to Octavia's OVN driver configuration, so it can connect to OVN_Northbound DB using SSL/TLS. * Added new PublicTLSCAFile parameter, that is used to set the ca cert in clouds.yaml for keystone public endpoint. This defaults to empty string ('') assuming that the certs are already trusted. * Add GlanceImagePrefetcherInterval parameter to run periodic job which fetches the queued images for caching in cache directory, when image cache is enabled. * Inclusion and configuration of ReaR service to undercloud and overcloud nodes. * Added "MemcachedMaxConnections" setting with a default of 8192 maximum connections in order to allow an operator to override that value in environments where memcached is heavily sollicited. * Add parameter "NovaAllowResizeToSameHost" to allow instances to resize to the host they are currently on. Normally the source host is excluded. * To isolate LVM volumes created by compute guests, within Cinder volumes, from the LVM volumes created/managed by the host itself, a new task has been introduced to create an allowlist and denylist of devices which should be accessible (or not) to the host, configured in lvm.conf using the global_filter key. The allowlist is generated gathering the list of existing in-use physical disks (or partitions) and appending to it any user provided device passed via *LVMFilterAllowlist* parameter. The denylist is configured via *LVMFilterDenylist* and defaults to ['.*'], which means it blocks any device not explicitly allowed. Both the list parameters can be specified per-role. The feature is, by default, disabled and can be enabled passing *LVMFilterEnabled: true*; when disabled the existing lvm.conf won't be touched and a version of it which includes the global_filter will be left, for debugging, in */tmp/tripleo_lvmfilter.conf*. * The new parameter CephExternalMultiConfig may be used to configure OpenStack to use multiple external Ceph clusters. * Add parameters *NovaLibvirtCPUMode*, *NovaLibvirtCPUModels* and *NovaLibvirtCPUModelExtraFlags* to allow configuration of CPU related parameters *libvirt/cpu_mode*, *libvirt/cpu_model* and *libvirt/cpu_model_extra_flags* respectively. * Add a role specific parameter, ContainerCpusetCpus, default to 'all', which allows to limit the specific CPUs or cores a container can use. To disable it and rely on container engine default, set it to ''. * Add boolean parameter *NovaSchedulerEnableIsolatedAggregateFiltering* which allows to set *scheduler/enable_isolated_aggregate_filtering* parameter. This configures scheduler to restrict hosts in aggregates based on matching required traits in the aggregate metadata and the instance flavor/image. If an aggregate is configured with a property with key trait:$TRAIT_NAME and value required, the instance flavor extra_specs and/or image metadata must also contain trait:$TRAIT_NAME=required to be eligible to be scheduled to hosts in that aggregate. Default value for NovaSchedulerEnableIsolatedAggregateFiltering is False. * This change updates the multiple-nics and multiple-nics-vlans templates so that an external bridge is created if either the role uses the External network or the "external_bridge" tag is set in the role definition. This is done instead of checking if the role name is "Controller". This change also assigns the "external_bridge" tag to the Controller as well as the Compute roles so that both roles can access the Neutron external bridge for floating IPs or SNAT by default so that OVN can use DVR. * Introduce "{{role.name}}ExtraGroupVars" which allows to define a dictionary of Ansible group vars per role. These extra group vars will override any pre-defined group var from a service. * Add parameters for configuring multiple glance-api backends. The existing "GlanceBackend" parameter represents the default backend, and a new "GlanceMultistoreConfig" parameter is a hash representing the configuration of additional backends. A new "GlanceStoreDescription" parameter provides a means of describing each backend. The configuration can specify any combination of supported backend types. Multiple rbd backends can be specified, but cinder, file and swift backends are limited to one each. * The following parameters were added to support configuration of gnocchi nfs backend. * GnocchiNfsEnabled * GnocchiNfsShare * GnocchiNfsOptions * For baremetal operations on DHCPv6-stateful networks multiple IPv6 addresses can now be allocated for neutron ports created for provisioning, cleaning, rescue or inspection. The new parameter "IronicDhcpv6StatefulAddressCount" controls the number of addresses to allocate. * Add Heat parameter "EnableMysqlAuthEd25519", which when set to true, configures MySQL user credentials to require ed25519-based authentication to the mariadb server, instead of the default SHA1-based native authentication. * Add boolean parameter "NeutronDhcpAgentDnsmasqEnableAddr6List" to support the "dnsmasq_enable_addr6_list" option in dhcp agent settings. (See bug: #1861032 (https://bugs.launchpad.net/neutron/+bug/1861032)) * Adding two parameters to manage vPMEM [0] configuration parameters. *NovaPMEMMappings* parameter set Nova's configuration option *pmem_namespaces* that reflects mappings between vPMEM and physical PMEM namespaces. *NovaPMEMNamespaces* creates and manages physical backend PMEM namespaces which win be used as backend for vPMEM. *NovaPMEMMappings* example: 6GB:ns0|ns1|ns2,LARGE:ns3 will expose namespaces ns0, ns1, ns2 using label *6GB* and namespace ns3 using label *LARGE*. *NovaPMEMNamespaces* example: 100G:ns0|14096M:ns1 will create two namespaces: ns0 - size 100G, ns1 - size 14096M. * The NovaApiMaxLimit parameter allows the operator to set Nova API max_limit using a Heat parameter in their templates. * Add the NovaImageCacheTTL to the nova compute service. This exposes the remove_unused_original_minimum_age_seconds from nova.conf which controls the time (in seconds) that nova compute should continue caching an image once it is no longer used by and instances on the host. Defaults to 86400 (24hrs) * Add boolean parameter *NovaSchedulerPlacementAggregateRequiredForTenants* which allows to set *scheduler/placement_aggregate_required_for_tenants* parameter. It controls whether or not a tenant with no aggregate affinity will be allowed to schedule to any available node. If aggregates are used to limit some tenants but not all, then this should be False. If all tenants should be confined via aggregate, then this should be True. Default value for NovaSchedulerPlacementAggregateRequiredForTenants is false. * Add boolean parameter *NovaSchedulerQueryPlacementForAvailabilityZone* that sets *scheduler/query_placement_for_availability_zone* parameter. It allows the scheduler to look up a host aggregate with metadata key of availability zone set to the value provided by incoming request, and request result from placement be limited to that aggregate. Default value for NovaSchedulerQueryPlacementForAvailabilityZone is false. * Adds the "OctaviaLogOffload" setting to enable amphora log offloading. * Adds support for IGMP snooping (Multicast) in the OVN driver. Defaults to False. IGMP snooping requires OVN version 2.12 or above. * Support for PowerMax backend cinder driver. Supports both iSCSI and FC volume drivers and support deploying one or multiple cinder PowerMax storage backends. * Support for Dell EMC SC backend cinder driver. Supports both iSCSI and FC volume drivers and support deploying one or multiple cinder SC storage backends. * Add the ability to deploy the glance-api service at DCN/Edge sites. Glance service at the Edge shares the same database as the Glance service in the central control plane, but allows other services such as Cinder and Nova to access a Glance endpoint that is local to the DCN/Edge site. * When SwiftRawDisks is set, try to mount the disks using uuids instead of paths. This makes mounts more stable, eg. if a kernel gets updates and device orders are changed. * The ansible tripleo-hosts-entries is now used for adding individual entries to /etc/hosts for each overcloud node. This role is used instead of the output data from the Heat stack. * Added support for VxFlexOS cinder block storage backend driver * Support for Dell EMC Xtremio backend cinder driver. Supports both iSCSI and FC volume drivers and support deploying one or multiple cinder Xtremio storage backends. * A new Heat parameter 'ZaqarWsTimeout' exposes the Puppet variable 'tripleo::haproxy::zaqar_ws_timeout_tunnel'. This allows operators to configure the Mistral API timeout. It currently defaults to four hours. Upgrade Notes ************* * Cinder's legacy "volume" service and its associated endpoints are automatically removed from the keystone catalog. The "volume" service is associated with Cinder's v1 API, which was removed in Queens. * Now NotificationDriver is set to noop by default, as legacy telemetry services are disabled by default. Explicitly set NotificationDriver parameter to notifications from each services. * The "external_bridge" tag is now used for the Compute node. An external network bridge is required on the compute nodes in order to host floating IPs when using DVR. OVN deploys with DVR by default. * The CIDR for the StorageNFS network in the sample network_data_ganesha.yaml file has been modified to provide more usable IPs for the corresponding Neutron overcloud StorageNFS provider network. Since the CIDR of an existing network cannot be modified, deployments with existing StorageNFS networks should be sure to customize the StorageNFS network definition to use the same CIDR as that in their existing deployment in order to avoid a heat resource failure when updating or upgrading the overcloud. * Exclude /var/lib/ironic/* from container-puppet.sh rsync, this is a leftover from the initial containerization of TripleO; now we have host prep tasks, the ironic conductor and inspector bind mount /var/lib/ironic and generate the data that they need. But this data should not be in the config volume or it can conflict from each other when rsync runs at the same time. Check launchpad bug 1868934 (https://bugs.launchpad.net/tripleo/+bug/1868934) TripleO upgrade tasks and host prep tasks will take care of removing the var directory from the config volumes and the containers will just use the bind mount, like it should be doing now. These tasks will run during a minor update, major upgrade, and fast forward upgrade. Deprecation Notes ***************** * The deployed-server bootstrap environments, templates, and scripts that were previously deprecated are now removed. These removals include deployed-server/deployed-server-bootstrap-centos.sh deployed-server/deployed-server-bootstrap-centos.yaml deployed- server/deployed-server-bootstrap-rhel.sh deployed-server/deployed- server-bootstrap-rhel.yaml environments/deployed-server-bootstrap- environment-centos.yaml environments/deployed-server-bootstrap- environment-rhel.yaml * As the fast forward upgrade workflow to skip multiple releases now relies on the very same upgrade_tasks, there is no need to mantain the fast_forward_upgrade_tasks, as well as any of its references. * ExternalPublicUrl, ExternalAdminUrl and ExternalInternalUrl are deprecated. ExternalSwiftPublicUrl, ExternalSwiftAdminUrl and ExternalSwiftInternalUrl should now be used. Bug Fixes ********* * The parameter "ControlPlaneSubnetCidr" was missing in the "network/ports/net_vip_map_external.j2.yaml" and "network/ports/net_vip_map_external_v6.j2.yaml" template files. This caused deployment failure since the "VipMap" resource pass this property. (See Bug: #1864912 (https://bugs.launchpad.net/tripleo/+bug/1864912)) * Ensure the barbican Key Manager settings are configured on DCN/Edge nodes when the barbican service is deployed in the control plane. See bug 1886070 (https://bugs.launchpad.net/tripleo/+bug/1886070) * As per launchpad bug 1855704, the lvmfilter task aims at hiding to the host the LVM2 volumes created by compute guests in Cinder volumes or Glance images. * When using the Shared File Systems service (manila), you may now use the Heat template parameter "ManilaEnabledShareProtocols" to configure the NAS protocols that users may use. If not set, the value is inferred per the storage backends that have been enabled. * Ansible GroupVars incorrectly keept a single subnet prefix per- network. This caused a problem when multiple subnets using different subnet prefixes where defined. Resulting in the wrong subnet prefix being referenced in the NetworkConfig for roles. AnsibleHostVars stores networks subnet prefixes instead. See bug: 1895899 (https://bugs.launchpad.net/tripleo/+bug/1895899) * The keystone catalog is automatically updated to remove any entries associated with Cinder's v1 API "volume" service. This fixes bug 1897761 (https://bugs.launchpad.net/tripleo/+bug/1897761) * All roles now default to using the net-config-static-bridge.yaml nic config when using deployed-server. Since OVN is the default in TripleO, Compute roles need to have br-ex. Previously when using deployed-server, the default nic config for the non-Controller roles was net-config-static.yaml, which did not create br-ex. * Fixed issue in the sample network_data_ganesha.yaml file where the IPv4 allocation range for the StorageNFS network occupies almost the whole of its CIDR. If network_data_ganesha.yaml is used without modification in a customer deployment then there are too few IPs left over in its CIDR for use by the corresponding overcloud Neutron StorageNFS provider network for its overcloud DHCP service. (See bug: #1889682 (https://bugs.launchpad.net/tripleo/+bug/1889682)) * Fixed an issue where disabling one or more networks in "network_data.yaml" caused deployment failure. (See bug: #1842001 (https://bugs.launchpad.net/tripleo/+bug/1842001)) * Fixes an issue where the parameter "CloudNameStorageManagement" was used for all custom networks with service_net_map_replace defined. (See bug: 1862679 (https://bugs.launchpad.net/tripleo/+bug/1862679).) * Fixed an issue where containers octavia_api and octavia_driver_agent would fail to start on node reboot. * Certificates get merged into the containers using kolla_config mechanism. If a certificate changes, or e.g. UseTLSTransportForNbd gets disabled and enabled at a later point the containers running the qemu process miss the required certificates and live migration fails. This change moves to use bind mount for the certificates and in case of UseTLSTransportForNbd ans creates the required certificates even if UseTLSTransportForNbd is set to False. With this UseTLSTransportForNbd can be enabled/disabled as the required bind mounts/certificates are already present. * https://review.opendev.org/q/I8df21d5d171976cbb8670dc5aef744b5fae65 7b2 introduced THT parameters to set libvirt/cpu_mode. The patch sets the NovaLibvirtCPUMode wrong to 'none' string which results in puppet-nova not to handle the default cases correct and sets libvirt/cpu_mode to none which results in 'qemu64' CPU model, which is highly buggy and undesirable for production usage. This changes the default to the recommended CPU mode 'host-model', for various benefits documented elsewhere. * When using RHSM Service (deployment/rhsm/rhsm-baremetal- ansible.yaml) based registration of the overcloud nodes and enabling the KSM using NovaComputeEnableKsm=True the overcloud deployment will fail because the RHSM registration and the ksm task run as host_prep task. The handling of enable/disable ksm is now handled in deploy step 1. * In case of cellv2 multicell environment nova-metadata is the only httpd managed service on the cell controller role. In case of tls- everywhere it is required that the cell controller host has ther needed metadata to be able to request the HTTP certificates. Otherwise the getcert request fails with "Insufficient 'add' privilege to add the entry 'krbprincipalname=HTTP/cell1-cellcontrol-0....'" * HA container naming scheme has been updated to look like 'container.common.tag/<servicename>:pcmklatest', in order for podman to not prepend any host suffix in front of this tag, otherwise this confuses the podman resource agent in pacemaker. * Fixes an issue where TripleO fails to set the Barbican key ID for Swift with a permission error if the config files are not relabeled. * Fix Swift ring synchronization to ensure every node on the overcloud has the same copy to start with. This is especially required when replacing nodes or using manually modifed rings. Other Notes *********** * Moving this chcon call to the specific podman container upgrade part allows to prevent consuming time for nothing. This chcon call is needed only if we move from docker to podman, meaning upgrading to train. * The ValidateNtp has been removed from the all nodes validation configuration. During the time sync configuration we already do a check to ensure the ntp servers are available. If they are not we will fail with an appropriate message. The ValidateNtp option came from a time before we could fail in a more explicit way. Changes in tripleo-heat-templates 11.3.1..11.4.0 ------------------------------------------------ 57f5a899e Making sure virt-guest-shutdown.target exists d539906ee Define a new CinderVolumeEdge service 6dde10a52 Set up right DNF module stream for Upgrades and Updates. 491b54571 Disable notification from services by default e76ad346d [Ussuri/Train] Check mode doesn't work for async tasks e14489eef [TRAIN ONLY] Remove duplicate /var/run/openvswitch bind mount edacbada6 remove c7 update/upgrdae jobs 73eb35255 Enable tripleo_free strategy for upgrade 8cc56bb50 Add setting to override max memcached connections bee00aa6b Fix swift containers idempotency 549cfe21d Refresh Swift ring files without restarting containers b2ac1d378 Add missing IPA services for queens to train upgrades 9410d79e6 Adding key_size option on the certificate creation 63a2f24cd move c7 container upgrades to nv in train tht 1cda5afd2 Remove vfio-pci.conf module load file 98377d020 Ensure cinder LVM volumes work after system restart cf3da8ed8 Wire up new tripleo upgrades jobs template c6a551617 Add NovaDisableImageDownloadToRbd parameter 4b392af30 Don't pass empty values for ipaclient_servers to ipaclient role 9e3509f84 Rely on the HOSTNAME var to resolve the mon container name 98c7bb164 Skip Trilio dirs when setting ownership in /var/lib/nova 5a1a3cc1e Remove Luna HSM clients on scaledown a1cb1e716 Run os-net-config on step 3 5a44e4ad9 Move ipa check to external_deploy_tasks 1ee73dcb8 Run online migration tasks from external_update_tasks too. 64a8cd2d3 [Train Only] Make the docker restart in hybrid state idempotent. d9d854329 Use ansible for nodes validation e87192234 The lower constraint file has been removed 4b882797e Fix barbican settings missing from glance Edge nodes a0330d23a Fix ceilometer_agent_compute healthcheck 95ec1f23b Add possibility to set logging source for Horizon c0c29604c Ensure cloud-init has finished before puppet run 77145eb87 Adding Ceph Dashboard to the Edge roles ff61a5e5e [train/stein only] Add parameter to identify previous nbd-tls state 08ec765f8 Add qemu metadata to compute node when tls for live migration 8bc8771bc Add NovaApiMaxLimit configure max_limit for nova 7d69700eb Identify HSMs using labels instead of Slot ID e99d7212a [stable/ussuri,train] Add cidr to outputs of port_from_pool.j2 e0ce36ea2 Set correct default NovaLibvirtCPUMode 99b236f77 Switch novajoin to use RpcUserName a2510a5e1 Use bind mounts for tls certificates 1747a9976 Add file which enables QoS related L3 agent extensions 43049567a [TRAIN-ONLY] Fix tripleo-work-dir role name in ceph-base 47ec46164 Make sure apache metadata is set for nova-metadata service 83b5691a5 Move enable ksm on compute node to deploy step 1 6eb4cd281 Refresh ceph-ansible group_vars values d32539262 Remove corosync.conf if it's a dir from remote. d9fa437f0 Config options for AMQP1 transport in collectd sensubility af90cef66 [train-only][ffwd] Dont reuse tripleo_step4 for hybrid state 4f4601466 Relax facts gathering plays on the overcloud cc60d8134 Use tripleo linear when not using tripleo free ca5860b4f Switch deploy steps to tripleo_free 3669724d0 [train-only][ffwd] Update InstanceHA script in hybrid mode 00b87e6c6 Add CinderBackupOptVolumes parameter a52fff665 [train-only][ffwd] Create specific paunch config for hybrid state 0b39f391e [stable/train] Check correct location for skip-deploy-identifier 680d341ca node_exporter_container_image is needed in 'all' group 5a0dbe240 Properly compute hostname when looking for the ceph-mon container 4f29c3493 Filter computes with nova_host defined 7585a2854 Enable Ceilometer data transfer for STF 445d159f6 Fix MetricsQdrUseSSL value 6b99abc5d Remove Nova parameters that are no longer used a1f4c4883 Always set dashboard_protocol when Ceph Dashboard is enabled ef2ebb18d Fix memcached logging fc4145068 Simplify consumer job tags 80911871b [c7-train] Switch c7 jobs to content provider 1c97de9a6 Failure status should be set on 0 rather than 1 28762852b Add package install for openssl-perl d6b29f134 Remove centos-7-standalone-upgrade f07ca38a8 Don't manage bridge mappings in scenario file 4afee56af [train] Switch to content provider jobs/templates e3477d92f Run tripleo_lvmfilter role to restrict block devices visible to LVM2 0180a7ef6 Use `undercloud` instead of `Undercloud` when delegating tasks f525e4ab6 Return details in output of container health check 597c00cea Add config option for collectd libpodstats 4667fffa0 Don't use POLL_SERVER_CFN transport for DeployedServer 9071b63b3 Expose new THT params for cpu model flags 6fb47d088 Fix names of the puppet parameters used to set min bw limits in Neutron d574cfe71 Add CephClientConfigOverrides resource 746d26986 [train-only] Introduce hybrid state also for ovn_controller f90a2fcc7 [train-only] Switch sriov agent in hybrid state 7b7687315 [manila] Add "ManilaEnabledShareProtocols" param 88ed572d0 Fix tripleo-hieradata role name in Barbican deployment 5c3b374fb Also configure Ironic for UC minions d4ad97028 Change permissions on /run/octavia to octavia c73a0be54 Force CephAnsiblePlaybook to its default value on FFU prepare 74a6ac6eb [FFU] Remove cinder's v1 keystone service ec2aa2313 Retry container pull 3 times 1482410db [TRAIN-ONLY] Change default sensubility execution shell 0a10aaba1 Revert "Adapt container health check for built-in podman health checks" f35c34550 [train] mysql: adjust CLI args based on container cli f76fab723 Make NovaLibvirtOptVolumes role specific 14e1b12ed Remove dashboard_frontend_vip from the ceph mgr template 01153c914 Squashed backport for 'NovaAllowResizeToSameHost' parameter b2a439fd0 Add ability to manage irqbalance on compute per role d56070a23 Create external bridge on Compute nodes by default for OVN with DVR 33578636d Gather more extra stats with the collectd virt plugin 114c9551b Force container fetch a304f6ff9 Rely on templates for multinode updates job triggering 3d9362c3a Default cinder_volume_node_names to [] 31a1f9c8e Adapt container health check for built-in podman health checks 848569c3f [Train-only] Configure podman registries during a minor update. 062e60eeb Assume Grafana and Ceph Dashboard to be on the storage or ctlplane nets 4c95c55f4 Set NeutronEnableDVR to False for OVN-HA 64a8ca4ac Implement a Minimal role 9a84c0380 Create container-puppet-tasks files per step in check mode 2f8c408a9 Configure rsyncd without pid file for Swift 6dd9eeef6 Allow optional volumes for nova_libvirt container 991d990d5 [train-only] Fix unhealthy ovn_metadata_agent during hybrid state ef3a39c27 enable-ssh-admin: allow to override plan name 15ffac7fa Clear cached facts based on the tag as well 7d4f2f500 Adds new configuration for panko-expirer cbf5e6e70 Centralized logging minor fixes 2f26828a7 Add more metadata to logs c8b424ea0 [Train only] Add missing stop service steps for FFU. ed898531e Revert "Disable Designate service for scenario 03" 5a7f9e14d Get the CIDR of the neutron port for NetworkConfig 205957a8e [train-only] Ensure obsolete module nf_conntrack_proto_sctp is not loaded 80aff677d Add dashboard_tls_external ceph-ansible parameter 0195b441c [TRAIN-ONLY] Remove OVNDBs from multinode sc file 46b45ed6e Remove race during mysql database creation 41d5a77cf Fix up ovn-dbs update tasks 9fdd2c61b Complete missing description 528a7f6d0 Bind mount /var/lib/container-config-scripts inside the restart bundles 29a02c1db Add pacemaker& clustercheck in multinode scenario b08b78bfe Memcached collectd plugin uses host URI instead of IP address. 19de5e8ce Mount libpod container volume into collectd container ea0cd3c37 Use UUID for mounted SwiftRawDisks af905a541 Add parameter and CI config to enable Ceph OTW encryption 688b59301 Use appropriate allocation pools for StorageNFS 0498a62ea Add the NovaImageCacheTTL to the nova compute service 6b98944e3 Fix Swift ring file synchronization issue 8f4cd41c7 Remove Etcd from DCN roles that don't need it 7eb563da2 Replace all the bridge_name variables in templates ca3bd9c3d DCN: use FQDN in glance endpoint with internal TLS c7eb59279 Make sure IPA has the right ACI 02355504f Enable collectd-ceph plugin only where needed b34ca4e1c Use container_file_t for Cinder*NfsMountOptions by default 70f52b992 [Train Only] Renamve tripleo_upgrade_hiera into tripleo-upgrade-hiera. 3505d9563 [ffwd] Add fix for OVN DB vip change 18c36861c Remove remaining Skydive references 6ce282296 Remove skydive 172e03fcd Default to storage_dashboard, when set, for the CephDashboard service 94ba27090 Set a higher PIDs limit for nova_libvirt container ad090f94c minor update: only migrate HA VIP away when needed a549491bd Avoid failing on deleted file 322566b94 Run external_deploy_tasks per step for each role 5a600db08 [ffwd] Don't remove package python2-chardet aacf9c18b Use tripleo_network_config aea1f70ed Create container config scripts with a new module 49b4b2c9e Create Container configs with a new module 73fb30689 Modify how libvirt related containers use SELinux d224d4150 [FFWD Ceph] Fix ceph post_upgrade_tasks for osd options 1848fa025 Fix endpoint map tls - zaqar wss port 3dd00efb8 Add new Luna HSM parameter for Barbican 1fdfa3332 Fix pcs restart in composable HA fffbdc0df Fix HA resource restart when no replicas are running da6b7b424 Drop bootstrap_host_exec from pacemaker_restart_bundle 48f068452 Do not hard-code vars_from a9e7a6fa9 Revamp how etcd's cert and key are handled in containers 82b508a3f Add PermitRootLogin option in sshd_config before leapp. 4b283ae9e pcmk_remote FFU support for Instance HA 906256a1b [Train-only] Move config-data context switching to Upgrade 9f1e98275 Add support for Gnocchi NFS Backend af3b0f202 Remove ffwd-upgrade leftovers from THT. d0c5bcac8 Fix delegation with FreeIPA cleanup 855379056 Reset sriov_numvfs to 0 before leapp upgrade 8120c2df1 Unset keystone::public_endpoint b273143f0 Port jobs from centos7 to centos8 1eb954241 Update octavia playbooks parameters d5aff2e17 [Train Only] Add CephAnsibleWarning into upgrade lifecycle environment files. 2f382ac90 Align kernel args for system upgrade using leapp 7859e7999 Stop using a conditional for role tasks ef76e92bb Add non-string value support for CephAnsibleEnvironmentVariables 8cf38e95c [TRAIN-ONLY] Set the right container_client when set/unset noout 82d8fda57 Add CephAnsibleRepo warning to make this validation more flexible ce6a7a100 Prevent ovn dbs related facts to run on each step. 76e284311 Remove redundant file management for /run/redis a55c34d69 Expose the zaqar_ws_timeout_tunnel variable. ed65866d4 Add openvswitch special treatment to update too. e17ed6430 Add dashboard_protocol variable when internal_tls is enabled e965239d6 Ensure redis_tls_proxy starts after all redis instances bbaded6ca Add BarbicanClient service for configuring edge sites a9076cb59 Generated passthrough_whitelist shall use all the user_configs fields c7036d8ba Add missing config_files kolla directives 63154e137 Add podman service to scenario007 environment 31d8500d9 Remove /run from some services cfb99a967 [TRAIN-only] Remove duplicate register 15df75c31 Drop the relabel flag for bind-mount 69d63e0bc Fix vbmc_setup.yaml for c8 standalone 2ee69f20b Attempt to remove octavia tls proxy service only present 5087bc9c1 Use distinct params for ca cert in nova-vnc-proxy and nova-libvirt d48b22c15 Set and then unset Ceph's noout flag before/after node is rebooted c33f91005 Simplify host entries generation 3a87458ac Add become: true to the container json file modules 0ba5cfa94 FFU support for ceph_nfs b3ee1252c deploy-steps-playbooks-common: fix logic for scale_ignore_unreachable 7bd1d7379 Convert roles section into tasks-include_role in deploy-steps.j2. cc603f197 Fixed libvirt volume path for nova-migration-target-container ec3568e68 Generate container startup configs with a new module 247105809 Allow overriding InterfaceDefaultRoute with ips_from_pool template cf26dcda4 Don't use pacemaker in ironic sa job ed7096f31 Check for correct column name for execution show c276a7e30 Fix bind mount volumes for novajoin containers 716870109 Fix privilege escalation 8d2604dee Use command to set pythonintepreter 9db0d3661 Revert "[train/backport] Prevent nftables to interfere with tripleo firewall" 4e0604603 Task should fail on any failure 4157d5832 Unmount NFS shares before launching LEAPP cbefd789d Collapse deploy steps 16fc8da63 Manual backport of "Move sidecar kill scripts to host prep" to Train 39c977afb undercloud/heat: set YAQL memory quota to 200000 39945d563 Exclude /etc/hostname 934de903c Don't set RABBITMQ_SERVER_ERL_ARGS 40e2bf5dd Always clear cached facts first 4f3597daf Collapse host prep tasks 6dfbdbbca [TRAIN ONLY] Wait until DB is ready for neutron DB rename 883d778f8 Add filestore to bluestore migration tags ea7c886e2 [Q->T] Add FFU steps for manila d0a3da09c Add project template for IPA multinode 728babbc5 Disable Sahara in scenario003-standalone 0dc690ff1 [TRAIN ONLY] Provide way to initialize Leapp cd0d92930 [train-only] Ensure removal of deprecated xinetd c20d10d41 collectd: add support for mcelog service 889163cd8 Add new parameter PublicTLSCACert 4ffe8c3cc Fix Error: invalid arguments you must use just one container 555bba7a5 Adding amphora architecture to heat templates 1495ced5c [train-only] Make sure UpgradeLevelNovaCompute is empty string for upgrade 04abe36ca Disable Designate service for scenario 03 6585e21db Sync httpd conf.modules.d configs 1fd3a3654 Cleanup all container startup configs before generating the new ones eff6fff6c Change the :Z mount flag to :z 9ee059e80 [TRAIN-ONLY] Add keystone_resources for Panko 975e47f21 [TRAIN ONLY] Fix the glance-api-edge firewall configuration 69d2d4581 Improve documentations for NovaLibvirtFileBackedMemory 987df6685 Increase the default UpgradeLeappRebootTimeout to 60 mins ab3548f23 Allow more tasks to be run in check mode 5b4566278 Disable presettled metrics 0395513af [TRAIN ONLY] post Leapp package fixups 5babfe002 [TRAIN ONLY] Ensure interim db migration containers work properly 5c55a46df Move nova online migrations to nova-conductor acc12770b [TRAIN-ONLY] Be explicit when passing vars into deploy steps 8ba26c4a7 Support for Dell EMC VXFlexOS Backend 4980171e0 [TRAIN ONLY] Add FFU parameters in lifecycle env files. 7b0321a9a Adding env file for octavia with kvm 539692ef9 Update minion rabbit credentials a97a738d8 [TRAIN ONLY] Introduce hybrid state for nova compute 09908f92e Allow triggering ceph-ansible filestore-to-bluestore with ceph_fstobs tag 20bb24a0e Ironic create_swift_temp_url_key use internal edpoint 3988e5c07 Add composible service for tls enrollment 4eb593c17 Support for Xtremio Cinder Backend 8b0d9239a Unify metrics_qdr name to underscore cac2eff0c Fix dry-run for NetworkConfig tasks 7ae0132bc Consider user configuration during the derivation of passthrough whitelist bc62de223 Fix reserved name variable 4b4e27305 Only enable leapp tasks when distribution is correct 11125aced Enable glance cache prefetcher interval b6f9ea097 Remove ValidateNtp 80537150a Use empty string for overcloud InternalTLSCAFile param 6108044f7 Add an option to adjust help URL in horizon 6cbee27e9 Add the ability to offload amphora logs 238d751b6 Check transfer data flag to skip pacemaker normal upgrade. fa1e82707 Ensure net.ipv6.conf.lo.disable_ipv6=0 7778c19a4 Fix node scaling 3651e49d4 MaxFailPercentage: default to 0 eaed4046d Revert "Only enable leapp tasks when distribution is correct" 3d16a7009 Add reserved ports for some services ae28b1246 Add parameters for vPMEM features 024afc22a Improve facter cache reliability 637c8ce96 Fix syntax error 05d8e24a5 enable dpdk plugin on neutron ovn and ovs c530e2af7 Set default InternalTLSCAFile in enable-tls.yaml 3b0aa5da1 Configure SNMP on undercloud 872110d14 Update loop_vars 695d96e49 Remove Ceph{Admin,Mon,Mds}Key parameters 3cb88f9be rhsm: add rhsm_release in environment for doc purpose bfbb55e14 Force container deletion if namespace does not exist in service_kill a4af78ed6 Add ci environment file for standalone IPA parameters 273d53278 Add new parameter NovaSchedulerQueryPlacementForAvailabilityZone 78ac9ca05 Move chcon for /var/lib/config-data 85c99e873 Fix sending SIGTERM to the sidecar containers ca9b11584 Fix typo in the description of the Neutron related options 2b85b569b Include tripleo_ceph_workdir role on rgw variables override 1b2679680 Make user value for GlanceImageImportPlugin prevail on logic 075129286 Add ansible hieradata file b4dffb942 Configure valid_exit_code for startup containers c416ddabb Only enable leapp tasks when distribution is correct 1013e6f0c Split ansible_limit with a colon. 6e3c933ff Add common_deploy_steps to post_upgrade_steps. 979e59782 Enable adding packages into Leapp's to_remove/to_install files. 81792032f Remove unnecessary check after removing libvirt rpm dependencies 427df766b Correctly match openvswitch package 55ecd97d3 Add support for resource provider bandwidth in Neutron config d56dcc61b Make /var/lib/mistral traversable by all users c8a0a77b1 Stop nova placement during upgrade data tranfer 405ebda2b Add cacert to clouds.yaml c21972f39 Add option to not install ipa client packages 56acca507 Add mode option when creating persistent directories. 8e20a1fc4 Add retries to initial image fetch 41e856356 Add support for lunasa hsm in barbican 7f6831ed3 Neutron ML2/OVS: add support to enable of IGMP snooping 2367b8aa5 Skip operating system upgrade tasks via UpgradeLeappEnabled param. 45c159f38 Make per_node.yaml py3 safe d92443f96 Execute kvm-setup inside nova_libvirt container 663f103da Fix listen_on_master_ip_only 1d0594ff9 Enable external LB support with ovn d2e6e5e8d Change Collectd ports type to numbers. bd4cc8e85 Support for SC Cinder Backend a8ecd8e5a Fixing powermax config errors 692717bd4 Fix cinder and etcd running with internal TLS enabled 513d5da06 Change Schedule to Scheduler for consistent naming 45760e089 Add hook to run RHOSP policies enforcement. 91dbf71eb Fix IHA with ansible 2.9 51565c0c3 Fix typo in setting octavia wsgi server name e6dd20f73 Add an option to disable the DNS record modification in FreeIPA b9f16d501 Add a 600s timeout when creating enable-ssh-admin workflow e054fc3cc Make sure IdMServer is optional 908280a05 tripleo-ci-centos-7-containerized-undercloud-upgrades -> NV 3214bf08c Fix missing OctaviaClientCert* parameters 91c3360e8 Changes in env files due to new SRIOV roles 75111e9c4 Add NeutronDhcpAgentDnsmasqEnableAddr6List param fd775e50a Add tripleo_delegate_to var for ceph health validation 0d3d01edf Revert systemd sidecars f238c25c9 Update container certificate dd9a9ac76 Check for InternalApi in role for HostnameResolveNetwork cbbf6d562 (train) manual backport of: update startup-configs with latest hashes 0e2426423 Split out selinux management 7e1babbab Set Neutron's l3_ha flag to True in standalone ML2/OVS job 7d2aac526 Remove healthcheck from ceilometer_gnocchi_upgrade container 0523324b3 Move /etc/ssh/ssh_known_hosts bind mount where it's needed 3cf7f416f Make neutron ml2/ansible's base plugin variable 765d19889 Ensure <service>_restart_bundle do not run concurrently b938f7cd9 [train-squash] Remove hardcoded reference to cinder LVM loopback device c2e22af3e Exclude /etc/puppet from config generation b95d78df8 Fixed package names for CentOS-8 octavia deployment 885e9e344 Fix NovaCrossAzAttach hiera key 72cb712e1 Add NovaCrossAZAttach parameter 26a21d597 Support for PowerMax Cinder Backend 069a37fa2 Support for mariadb's ed25519 authentication 9d1a35548 [Q->T] Alow supplying command options to leapp 697800360 Add IronicDhcpv6StatefulAddressCount parameter 19f6f42a5 swift-external: deprecate External*Url d570a95c4 Move ceph-rgw and config overrides variables bc63a7b1c [OVN] SRIOV with native OVN DHCP server 553b61ca2 Add new parameter NovaSchedulerEnableIsolatedAggregateFiltering fd1767193 nova-compute: disable scale_tasks when docker is used cf3c03ebd Use kolla tools for memcached configuration 947d3b118 [TRAIN-ONLY] Fix indentation 12bdd6feb [Q->T] Introduce Queens to Train Upgrade 6c04309a3 Move the haproxy iptables rules creation to host_prep_tasks 5b5780c15 Skip both tenant and management networks when generating certs eb414b0de Added scale_tasks to handle cleanup on scale down of nodes 69c2b13f9 Add Octavia OVN Provider configuration 3b5fca296 Exclude /var/lib/ironic/* from container-puppet.sh rsync 0d783d38e Properly place undercloud hosts record upgrade task 2e57b2b8a Create DNS entries in IPA for openstack services afb7b78e3 Add new composable service for IpaClient 86f149ae3 Include {{step}} when setting facts 4ac2d6436 Switch to docker pull aeb5bc9b9 Workaround for cinder A/A and etcd with TLS-everywhere fc36448fe Introduce {{role.name}}ExtraGroupVars f3aaeda76 Add new parameter NovaSchedulePlacementAggregateRequiredForTenants d6cd50b37 Switch to podman_image module 3caf2186c Fetch containers early cd29180c3 Use exec when spawning any neutron sidecar container a5e551cb6 Fix regression in container-puppet.py 7ac642644 Fix selinux denial on centos8/rhel8 when relabelling /var/lib/nova eedb679db Do not fail if /usr/sbin/nft is not present b9c43e1f4 add tht/common to trigger path 0ce171614 [TRAIN-ONLY] Fix systemd-wrapper integration during update. c759bb68c ovn_dbs_virtual_ip created even though ovn is disabled 7529b8cd4 Drop unused remnants of the hosts-config bits ba7193495 Use lists for storing host entries in Heat 3fff96c36 Fail NetworkConfig task on timeout 92433d5c9 Add DNS related settings 7dea79a9e Create a new parameter for the HAProxy external network eea3ff0e1 Tolerate NFS exports in /var/lib/nova when selinux relabelling 59f34c3af Ensure consistency with hostname comparison f6b5ecde9 Revert "Stop using swift temp url for config transport" eec17c517 Pass server metadata to ansible group vars cbec6b3c2 Allow disabling the octavia provider b9ae8b6b5 Add always tags for hieradata render in external upgrade. e7a4cee7b HA: drop spurious mysql user on stack deploy ae38157db Neutron ML2/OVN: Add support to enable IGMP Snooping c3b24599d [train/backport] Prevent nftables to interfere with tripleo firewall c40fa7055 DCN/Edge: Handle ipv6 address for local glance endpoint 2c29f7cb4 Introduce environments/disable-swift.yaml 5f00163a0 HA: check before restarting resource on stack update 1e1f6c769 Parse healthchecks.log instead fetching systemd data bf9c153d0 Fix dashboard_frontend_vip parameter 52a3f896d Move ceph-ansible required variables in the main group 18e574ac4 Use jinja raw tag instead of quoted concatenation fa4214095 Use exists filter instead of stat where possible 8df8c9e38 Fix the mounting issues for the TLS everywhere deployment 99f24b64b Remove unneccessary indentation from common tasks 0e6720a19 ControlPlaneSubnetCidr in net_vip_map_external 393b3b16d Use a smaller,static custom mapping file for Mistral and TripleO dbda46256 Add STF environment 8b8194b17 Generate /etc/hosts early on both under and overcloud 7f8b87a90 Always set hieradata for certmonger_ca 9a7b054f5 Add CephBasePoolVars and CephKeyVars structures d69ec8a5c Fix TenantInterfaceDefaultRoute in net-env-v6 31c6b199b Replace chronyc "waitsync" with "makestep" 85850d8af [TRAIN and before] Introduce ContainerCpusetCpus 76de3fd93 Use exec when spawning dnsmasq inside sidecar container 025171a3a Add j2 per-role MetricsQdrNetwork 7c01813e2 Don't add IpList for disabled networks 40a1e5ba1 rabbitmq: Open ports 25673-25683 for CLI tools 6c2b9900a Create ResellerAdmin role when deploying Ceph RGW 445387589 Use a common playbook import for common plays bee336a03 Use a jinja block to reduce str_replace repetition 6d194bc93 [TRAIN-ONLY] Finish Ceilometer-Panko decouple 16e5e1737 Remove duplicated topic parts from default value 5108054aa [TRAIN-ONLY] Add systemd-wrapper update tasks 2661ea24b [update/upgrade] Use include_tasks instead of import_tasks 95f2e100d Optionally configure Ceph RGW listener with SSL 81c223792 Trigger ceph-ansible on ceph_systemd tag too e4abce799 Cleanup tasks for container-puppet.py 100ed1925 Add the certificate specs in ceph_mgr service d82e6d3ed Update the number of keystone workers 87e241134 Fix mapping of KeystoneOpenIdcEnableOAuth 851bbb31e Remove all ignore_errors to avoid confusion when debugging 8687f5f2a Remove comment about tripleo_container_manage being experimental ae2aac5d0 nova-compute-container: add missing condition for ksmdisabled 5caef8de1 Run the swift_rsync container unprivileged 2bd4cdeb2 HA: reorder init_bundle and restart_bundle for improved updates aabb3cace Restart ovn-dbs resource to take new VIP property. 33ce60d6a Check Ceph*Key value format and halt on error 5ac7a8c49 Remove support for ceph-ansible fetch directory 49fc109bb Configure Undercloud hostname in the overcloud during upgrade. 779f1c846 Add support for glance multistore a20a4f6dc Use ipc:host for cinder-backup 3e2d1fa61 Add setfacl statements for neutron metadata proxy a95fc76f2 Fix krb-service-principals with service_net_map_replace dc4ecf797 Add ceph_ansible_repo variable on ceph-base fb7127a6e Enable sudo rule creation 0a1aeba00 Fix dcn-hci resource mapping path 9545cbc38 NodeDataLookup utility should rely on python env 5f85abc14 Remove BlockStorageCinderVolume service from certain DCN roles 6f2e19988 Add an environment to disable Paunch 5322f30b3 [TRAIN] Backport squash for container-puppet.py ed158f786 Set octavia-ansible dir ownership to Ansible user 8eeba7f51 Add swiftoperator role on ceph-rgw template fadbafd42 tripleo_container_manage: set tripleo_container_manage_check_puppet_config 32279c4a3 [train-squash] Backport "all Keystone resources with Ansible" bf6154170 Introduce CephExternalMultiConfig 0cd97e44c Force facts cache refreshing after OS upgrade. b2f4d6899 Add DCN Scale Out Roles ed4ed7762 Ensures rsync is present on the overcloud nodes 0ac37029f Ensure /var/run/octavia is present upon reboot c41efb62d Fix permission issue when removing octavia temp dirs 83d4e84a4 Add DeployIdentifier to extra config containers a9c6cd058 [stable/train only] Use service_name in heira for firewall rules 2f9a570fb [train-squash] Backport keystone/bootstrap changes 8316a6142 Deploy /etc/openstack/clouds.yaml with Ansible c92f5c4a3 Add support to run Container Puppet tasks without Paunch aa365ee11 [update] Ensure we get fresh hiera data before running update_steps. a885c0e17 Add dependency for enable KSM for RHEL/CentOS8 852dc1013 Remove libvirt packaged dependencies 2d265e868 Use a systemd service to handle sidecar containers 7683b8bca Dynamically include container-puppet tasks cabbd38cf Increase concurrency when starting containers 289632dd6 Remove static reference to InternalApi network 6bfd65adf Enable configuration of notifier publishers d58c133d3 Replace '' by [] when a bind mount isn't needed 60d21eef4 Remove unnecessary slash volume maps e7351d44c [train-squash] Backport legacy log folder and readme cleanups 18f2c2796 Create /var/lib/config-data if it doesn't exist. cb174c919 Default all roles for deployed-server to net-config-static-bridge 2dd84fa5c Rename common deploy step 1 tasks 0551958a1 container-puppet.sh: add -r to rm command 591dd0809 Dynamically include generate-config tasks 45850442d [SQUASH] backport tripleo-container-manage to stable/train c8144799e Update ro excludes ab9f1c1a8 Use action plugin for all_nodes data b2f6cee43 Fix undefined variable in cinder_backup service. bd4c3f6dc container-puppet: update 'env' when not null 87d994905 Generate startup configs files per step and per container 03925f8c9 Fix Placement password hiera is not set for Neutron 26e00764f Swap tasks to avoid non-existing variable error. b2de751d7 Ignore SR-IOV VFs on dhcp_all_interfaces list 73bb3149f Remove all the "container_cli rmi -f" from HA containers fc52667ee Update ffwd-upgrade branch names e04f031b8 Remove stray conditional from aodh-evaluator tasks 2051459b8 Revert "Remove panko" 268610fc3 Ensure Ceph dependencies are installed in pre-provisioned nodes a5e278ea9 Fix keepalived logging on disk d7b13a24d Fix hieradata for Heat API timeout 6d625c3e9 [train/stein] Increase resource bundle timeout during update. e204f16e5 Fix kill-script 97c2d4b99 Switch from 'podman rm' to tripleo-container-rm role 2cbcbb08e Revert "Remove libvirt packaged dependencies" due to https://bugs.launchpad.net/tripleo/+bug/1860971 and planning a backport later 7e1f831fd Correct current cinder-backup image var for upgrades 79c82c231 Add network vip mapping into service data ad95b28c8 Drop z flag on /var/run, it prevents redeployment 557c0c358 Check to make sure compute service is deployed before scale down f632ea38a Force facts cache refreshing before upgrade. 36f9cc78c Set octavia services' stop grace period to 300sec bbe15dae0 split() function expects string not array a854080cb Fix generation of TRIPLEO_CONFIG_HASH for services b1ac5e1e2 [TRAIN ONLY] Check for correct file during --skip-deploy-identifier handling. fb6cbd625 roles: Update description of ComputeRealTime role b1e1e5d31 Add 'scale-up' upgrade steps for cinder-volume b363837fd Add 'scale-up' upgrade steps for cinder-backup 279de1604 Add 'scale-up' upgrade steps for manila fa67cb17a Fix incorrect parameter to set max delay in cinder db purge cron 1e9b551b1 Assign service role for ironic user f38d39d14 Enable external public endpoint for MetricsQdr c9b8b1576 roles: Remove use of NovaVcpuPinSet from ComputeRealTime 66f13a180 Add swiftoperator role on ceph-rgw template f7a0aff19 Use list join for rendering rear config file in heat eb245497e Remove docker_config step 3 for ovn already cover by kolla script 82e2f9dea clustercheck: use fqdn instead of ip for bind address b10f7e2f0 depends_on: add .service to avoid errors in logs f90eb2caa Fix deployment on pacemaker remote nodes 7f9b6c40f Ovn upgrade - test if db already exist 90ed42da1 Don't disable compute cell in scale down tasks for additional cells d8de6badf Add missing any_errors_fatal 9cb5fb76d Open ports for Metrics QDRs 220661582 Remove libvirt packaged dependencies 4d21352e3 Bypass openvswitch update logic if expected packages are not present 4feedd4f0 nova: Always provide LIBGUESTFS_BACKEND=libvirt:qemu:///system 084acebd9 Remove previously deprecated deployed-server bootstrap files 2fc743762 Add 'never' to the tags set for the Ceph systemd units migration task 536550371 Remove upload_validations workflow execution dada51248 Modify import_role to include_role for boot params service f9afb87b4 horizon: put plugins toggles in quotes 02faf53ea Mount /boot from the host within the nova-compute container 8a3735015 Fix permission error if Barbican is enabled for Swift d76180973 Adding ReaR THT e5e6b95bb Run update without yum update to apply hotfixes. 8f93d271a HA: Fix the cluster common tag behaviour with podman 30bde6129 Introduce CephExtraKeys f19e2c714 Use include_tasks instead of import_tasks 02f643cd9 Create a dedicated log file for healthchecks for collectd 00c17b368 Add ability to deploy glance at DCN/Edge sites 259de9b99 Do not configure Hiera and Hieradata in Ansible check mode 7148ebd21 Try deleting container for failures too 7362626ca Use async tasks for long running common tasks 829cefa76 Execute deploy_steps_tasks per step 3bdf0c980 Use ansible for hosts entries bb456e970 Fix rsyslog issues 3d4298a67 Fix typos in hiera values 7ee6cdec1 Make pcsd listen on PacemakerNetwork/PacemakerRemoteNetwork 6fb2aa195 Correct invalid jinja set 13380daec Provide option to set reserved_huge_pages c9dd7ebcf Provide utility to generate NodeDataLookup from Ironic 4b6eb4ca9 Move some common tasks to step 1 add09e863 HA: increase resource default op timeout for podman bundles 9c2008514 ovn standalone: Start OVN ovsdb-servers using the kolla startup script b3bbc24ca Enable horizon healthcheck 8184b9497 Fix Octavia to use correct Puppet class 414449705 Enable healthcheck script in clustercheck service d48f73b18 Remove ceph backend by default for gnocchi fd61d8c98 Move the legacy telemetry environment template to correct location ef66a0f4f Add Octavia anti-affinity parameters 5352a88fe Revert "Disable ceph dashboard to fix upstream ci" 3b6f7d057 Remove unused post update and upgrade tasks Diffstat (except docs and test files) ------------------------------------- README.rst | 2 + all-nodes-validation.yaml | 51 - bindep.txt | 6 + ci/common/all-nodes-validation-disabled.yaml | 43 - ci/common/ironic_standalone_post.yaml | 6 - ci/common/vbmc_setup.yaml | 33 +- ci/environments/disable-unbound.yaml | 2 +- ci/environments/multinode-3nodes-registry.yaml | 1 + ci/environments/multinode-containers.yaml | 6 +- .../network-isolation-absolute.yaml | 1 - .../multiple-nics-ipv6/network-isolation.yaml | 1 - ci/environments/neutron_l3_qos.yaml | 2 + ci/environments/octavia-kvm.yaml | 7 + .../scenario000-multinode-containers.yaml | 4 +- .../scenario001-multinode-containers.yaml | 24 +- ci/environments/scenario001-standalone.yaml | 99 +- .../scenario002-multinode-containers.yaml | 3 + ci/environments/scenario002-standalone.yaml | 10 +- ci/environments/scenario003-standalone.yaml | 5 - .../scenario004-multinode-containers.yaml | 1 + ci/environments/scenario004-standalone.yaml | 14 +- .../scenario007-multinode-containers.yaml | 4 +- ci/environments/scenario007-standalone.yaml | 4 +- .../scenario010-multinode-containers.yaml | 4 +- ci/environments/scenario010-standalone.yaml | 12 +- ci/environments/scenario012-standalone.yaml | 16 +- ci/environments/standalone-ipa.yaml | 23 + common/container-puppet.py | 813 ++++++++------ common/container-puppet.sh | 30 +- common/deploy-steps-playbooks-common.yaml | 77 ++ common/deploy-steps-tasks-step-0.j2.yaml | 38 +- common/deploy-steps-tasks-step-1.yaml | 157 ++- common/deploy-steps-tasks.yaml | 538 ++++----- common/deploy-steps.j2 | 1036 +++++------------- common/generate-config-tasks.yaml | 109 ++ common/hiera-steps-tasks.yaml | 35 + common/host-container-puppet-tasks.yaml | 86 ++ common/services/role.role.j2.yaml | 31 +- config-download-software.yaml | 1 + config-download-structured.yaml | 1 + container_config_scripts/cinder_ffu_db_sync.sh | 42 + container_config_scripts/glance_ffu_db_sync.sh | 21 + container_config_scripts/keystone_ffu_db_sync.sh | 25 + container_config_scripts/manila_ffu_db_sync.sh | 34 + container_config_scripts/mistral_ffu_db_sync.sh | 20 + .../monitoring/collectd_check_health.py | 70 ++ container_config_scripts/neutron_db_rename.sh | 38 + container_config_scripts/neutron_ffu_db_sync.sh | 20 + container_config_scripts/nova_ffu_db_sync.sh | 45 + .../nova_statedir_ownership.py | 119 +- .../pacemaker_restart_bundle.sh | 113 +- container_config_scripts/pacemaker_wait_bundle.sh | 320 ++++++ container_config_scripts/wait-port-and-run.sh | 18 + .../deployed-server-bootstrap-centos.sh | 38 - .../deployed-server-bootstrap-centos.yaml | 27 - deployed-server/deployed-server-bootstrap-rhel.sh | 35 - .../deployed-server-bootstrap-rhel.yaml | 27 - deployed-server/deployed-server-roles-data.yaml | 1 + deployed-server/scripts/enable-ssh-admin.sh | 32 +- deployment/README.rst | 45 +- deployment/aodh/aodh-api-container-puppet.yaml | 112 +- deployment/aodh/aodh-base.yaml | 9 +- .../aodh/aodh-evaluator-container-puppet.yaml | 32 +- .../aodh/aodh-listener-container-puppet.yaml | 31 +- .../aodh/aodh-notifier-container-puppet.yaml | 30 +- deployment/apache/apache-baremetal-puppet.j2.yaml | 24 +- .../backup-and-restore/rear-baremetal-ansible.yaml | 105 ++ .../barbican/barbican-api-container-puppet.yaml | 183 +++- .../barbican-backend-pkcs11-crypto-puppet.yaml | 14 +- deployment/barbican/barbican-client-puppet.yaml | 61 ++ .../liquidio-compute-config-container-puppet.yaml | 2 +- .../ceilometer-agent-central-container-puppet.yaml | 44 +- .../ceilometer-agent-compute-container-puppet.yaml | 34 +- .../ceilometer-agent-ipmi-container-puppet.yaml | 31 +- ...ometer-agent-notification-container-puppet.yaml | 153 ++- .../ceilometer-base-container-puppet.yaml | 56 +- deployment/ceph-ansible/ceph-base.yaml | 526 ++++++--- deployment/ceph-ansible/ceph-client.yaml | 15 +- deployment/ceph-ansible/ceph-external.yaml | 5 +- deployment/ceph-ansible/ceph-grafana.yaml | 30 +- deployment/ceph-ansible/ceph-mds.yaml | 13 +- deployment/ceph-ansible/ceph-mgr.yaml | 105 +- deployment/ceph-ansible/ceph-mon.yaml | 26 +- deployment/ceph-ansible/ceph-nfs.yaml | 51 +- deployment/ceph-ansible/ceph-osd.yaml | 65 +- deployment/ceph-ansible/ceph-rbdmirror.yaml | 5 +- deployment/ceph-ansible/ceph-rgw.yaml | 135 ++- .../certs/certmonger-user-baremetal-puppet.yaml | 15 +- deployment/cinder/cinder-api-container-puppet.yaml | 270 +++-- .../cinder-backend-dellemc-powermax-puppet.yaml | 110 ++ .../cinder/cinder-backend-dellemc-sc-puppet.yaml | 149 +++ .../cinder-backend-dellemc-vxflexos-puppet.yaml | 148 +++ .../cinder-backend-dellemc-xtremio-puppet.yaml | 118 ++ .../cinder/cinder-backend-netapp-puppet.yaml | 2 +- .../cinder/cinder-backup-container-puppet.yaml | 12 +- .../cinder/cinder-backup-pacemaker-puppet.yaml | 160 +-- deployment/cinder/cinder-base.yaml | 2 +- .../cinder/cinder-common-container-puppet.yaml | 121 +- .../cinder/cinder-scheduler-container-puppet.yaml | 45 +- .../cinder/cinder-volume-container-puppet.yaml | 51 +- .../cinder/cinder-volume-pacemaker-puppet.yaml | 151 +-- .../openstack-clients-baremetal-puppet.yaml | 1 + deployment/containers-common.yaml | 30 +- deployment/database/mysql-base.yaml | 22 + deployment/database/mysql-container-puppet.yaml | 64 +- deployment/database/mysql-pacemaker-puppet.yaml | 142 ++- deployment/database/redis-container-puppet.yaml | 36 +- deployment/database/redis-pacemaker-puppet.yaml | 132 +-- .../docker/docker-baremetal-ansible.yaml | 12 + .../panko/panko-api-container-puppet.yaml | 375 +++++++ deployment/etcd/etcd-container-puppet.yaml | 110 +- .../designate/designate-api-container-puppet.yaml | 31 +- .../experimental/designate/designate-base.yaml | 2 +- .../designate-central-container-puppet.yaml | 21 +- .../designate/designate-mdns-container-puppet.yaml | 12 +- .../designate-producer-container-puppet.yaml | 13 +- .../designate/designate-sink-container-puppet.yaml | 13 +- .../designate-worker-container-puppet.yaml | 15 +- deployment/glance/glance-api-container-puppet.yaml | 283 +++-- .../glance/glance-api-edge-container-puppet.yaml | 91 ++ .../glance/glance-api-logging-file-container.yaml | 11 +- .../gnocchi/gnocchi-api-container-puppet.yaml | 199 ++-- .../gnocchi/gnocchi-metricd-container-puppet.yaml | 47 +- .../gnocchi/gnocchi-statsd-container-puppet.yaml | 49 +- deployment/haproxy/haproxy-container-puppet.yaml | 31 +- .../haproxy/haproxy-edge-container-puppet.yaml | 149 +++ .../haproxy-internal-tls-certmonger.j2.yaml | 19 + deployment/haproxy/haproxy-pacemaker-puppet.yaml | 135 ++- .../haproxy/haproxy-public-tls-certmonger.yaml | 33 +- deployment/haproxy/haproxy-public-tls-inject.yaml | 48 +- deployment/heat/heat-api-cfn-container-puppet.yaml | 67 +- .../heat/heat-api-cloudwatch-disabled-puppet.yaml | 24 - deployment/heat/heat-api-container-puppet.yaml | 93 +- deployment/heat/heat-base-puppet.yaml | 7 +- deployment/heat/heat-engine-container-puppet.yaml | 80 +- deployment/horizon/horizon-container-puppet.yaml | 106 +- deployment/ipa/ipaclient-baremetal-ansible.yaml | 27 +- deployment/ipa/ipaservices-baremetal-ansible.yaml | 179 +++ deployment/ironic/ironic-api-container-puppet.yaml | 174 +-- .../ironic/ironic-conductor-container-puppet.yaml | 62 +- .../ironic/ironic-inspector-container-puppet.yaml | 194 ++-- .../ironic-neutron-agent-container-puppet.yaml | 2 +- deployment/ironic/ironic-pxe-container-puppet.yaml | 24 +- deployment/iscsid/iscsid-container-puppet.yaml | 69 +- .../keepalived/keepalived-container-puppet.yaml | 17 +- deployment/kernel/kernel-baremetal-ansible.yaml | 4 + .../kernel-boot-params-baremetal-ansible.yaml | 24 +- deployment/keystone/keystone-container-puppet.yaml | 345 +++--- deployment/logging/files/barbican-api.yaml | 13 +- deployment/logging/files/heat-api-cfn.yaml | 13 +- deployment/logging/files/heat-api.yaml | 13 +- deployment/logging/files/heat-engine.yaml | 11 +- deployment/logging/files/keystone.yaml | 13 +- deployment/logging/files/neutron-api.yaml | 13 +- deployment/logging/files/neutron-common.yaml | 11 +- deployment/logging/files/nova-api.yaml | 13 +- deployment/logging/files/nova-common.yaml | 11 +- deployment/logging/files/nova-libvirt.yaml | 10 +- deployment/logging/files/nova-metadata.yaml | 13 +- deployment/logging/files/panko-api.yaml | 51 + deployment/logging/files/placement-api.yaml | 13 +- deployment/logging/rsyslog-container-puppet.yaml | 40 +- deployment/logging/stdout/haproxy.yaml | 2 +- deployment/logging/stdout/panko-api.yaml | 63 ++ .../logrotate-crond-container-puppet.yaml | 2 +- deployment/logrotate/tmpwatch-install.yaml | 3 +- deployment/manila/manila-api-container-puppet.yaml | 182 +-- deployment/manila/manila-backend-cephfs.yaml | 2 + deployment/manila/manila-base.yaml | 2 +- .../manila/manila-scheduler-container-puppet.yaml | 33 +- deployment/manila/manila-share-common.yaml | 2 +- .../manila/manila-share-container-puppet.yaml | 31 +- .../manila/manila-share-pacemaker-puppet.yaml | 161 +-- .../memcached/memcached-container-puppet.yaml | 56 +- .../messaging/rpc-qdrouterd-container-puppet.yaml | 5 +- deployment/metrics/collectd-container-puppet.yaml | 300 +++-- deployment/metrics/qdr-container-puppet.yaml | 131 ++- deployment/mistral/mapping.json | 373 +++++++ .../mistral/mistral-api-container-puppet.yaml | 110 +- deployment/mistral/mistral-base.yaml | 13 +- .../mistral/mistral-engine-container-puppet.yaml | 13 +- .../mistral-event-engine-container-puppet.yaml | 13 +- .../mistral/mistral-executor-container-puppet.yaml | 15 +- deployment/multipathd/multipathd-container.yaml | 4 +- .../neutron/derive_pci_passthrough_whitelist.py | 247 ++++- deployment/neutron/kill-script | 27 +- .../neutron-agents-ib-config-container-puppet.yaml | 7 + .../neutron/neutron-api-container-puppet.yaml | 181 +-- deployment/neutron/neutron-base.yaml | 2 +- .../neutron/neutron-dhcp-container-puppet.yaml | 116 +- .../neutron-l2gw-agent-baremetal-puppet.yaml | 2 +- .../neutron/neutron-l3-container-puppet.yaml | 119 +- .../neutron/neutron-metadata-container-puppet.yaml | 47 +- .../neutron-mlnx-agent-container-puppet.yaml | 13 +- .../neutron-ovn-dpdk-config-container-puppet.yaml | 6 + .../neutron-ovs-agent-container-puppet.yaml | 55 +- .../neutron-ovs-dpdk-agent-container-puppet.yaml | 32 +- ...eutron-plugin-ml2-ansible-container-puppet.yaml | 2 +- deployment/neutron/neutron-plugin-ml2-ovn.yaml | 5 + deployment/neutron/neutron-plugin-ml2.yaml | 14 + .../neutron-sriov-agent-container-puppet.yaml | 116 +- deployment/nova/nova-api-container-puppet.yaml | 373 +++---- deployment/nova/nova-az-config.yaml | 2 +- deployment/nova/nova-base-puppet.yaml | 13 +- deployment/nova/nova-compute-container-puppet.yaml | 564 +++++++--- .../nova/nova-conductor-container-puppet.yaml | 104 +- deployment/nova/nova-ironic-container-puppet.yaml | 60 +- deployment/nova/nova-libvirt-container-puppet.yaml | 334 +++--- .../nova/nova-libvirt-guests-container-puppet.yaml | 11 +- .../nova/nova-metadata-container-puppet.yaml | 41 +- .../nova-migration-target-container-puppet.yaml | 30 +- .../nova/nova-scheduler-container-puppet.yaml | 53 +- .../nova/nova-vnc-proxy-container-puppet.yaml | 82 +- deployment/nova/novajoin-container-puppet.yaml | 46 +- .../octavia/octavia-api-container-puppet.yaml | 192 ++-- deployment/octavia/octavia-base.yaml | 24 +- .../octavia/octavia-deployment-config.j2.yaml | 36 +- .../octavia-health-manager-container-puppet.yaml | 106 +- .../octavia-housekeeping-container-puppet.yaml | 26 +- .../octavia/octavia-worker-container-puppet.yaml | 51 +- .../octavia/providers/ovn-provider-config.yaml | 150 +++ ...vswitch-dpdk-netcontrold-container-ansible.yaml | 2 +- .../ovn/ovn-controller-container-puppet.yaml | 140 ++- deployment/ovn/ovn-dbs-container-puppet.yaml | 99 +- deployment/ovn/ovn-dbs-pacemaker-puppet.yaml | 159 +-- deployment/ovn/ovn-metadata-container-puppet.yaml | 95 +- .../pacemaker/clustercheck-container-puppet.yaml | 14 +- .../compute-instanceha-baremetal-puppet.yaml | 17 + .../pacemaker/pacemaker-baremetal-puppet.yaml | 101 +- .../pacemaker-remote-baremetal-puppet.yaml | 66 ++ .../placement/placement-api-container-puppet.yaml | 61 +- deployment/podman/podman-baremetal-ansible.yaml | 77 +- deployment/qdr/qdrouterd-container-puppet.yaml | 13 +- deployment/rabbitmq/rabbitmq-container-puppet.yaml | 52 +- ...rabbitmq-messaging-notify-container-puppet.yaml | 47 +- ...rabbitmq-messaging-notify-pacemaker-puppet.yaml | 120 +- .../rabbitmq-messaging-pacemaker-puppet.yaml | 120 +- .../rabbitmq-messaging-rpc-container-puppet.yaml | 47 +- .../rabbitmq-messaging-rpc-pacemaker-puppet.yaml | 120 +- deployment/sahara/sahara-api-container-puppet.yaml | 69 +- deployment/sahara/sahara-base.yaml | 2 +- .../sahara/sahara-engine-container-puppet.yaml | 31 +- .../skydive/skydive-agent-baremetal-ansible.yaml | 40 - .../skydive-analyzer-baremetal-ansible.yaml | 179 --- deployment/snmp/snmp-baremetal-puppet.yaml | 2 +- .../external-swift-proxy-baremetal-puppet.yaml | 72 +- .../swift-refresh-rings-cc327f998490b0df.yaml | 6 + deployment/swift/swift-proxy-container-puppet.yaml | 90 +- .../swift/swift-ringbuilder-container-puppet.yaml | 27 +- .../swift/swift-storage-container-puppet.yaml | 163 +-- deployment/timesync/chrony-baremetal-ansible.yaml | 4 +- deployment/tls/undercloud-tls.yaml | 99 ++ .../tripleo-packages-baremetal-puppet.yaml | 536 ++++----- deployment/undercloud/minion-rabbitmq-puppet.yaml | 25 +- .../undercloud/tempest-container-puppet.yaml | 11 +- deployment/undercloud/undercloud-upgrade.yaml | 188 +--- ...tas-hyperscale-controller-baremetal-puppet.yaml | 28 +- deployment/vpp/vpp-baremetal-puppet.yaml | 2 +- deployment/zaqar/zaqar-container-puppet.yaml | 87 +- environments/backup-and-restore/rear.yaml | 3 + environments/barbican-backend-pkcs11-lunasa.yaml | 50 + environments/ceph-ansible/ceph-ansible.yaml | 7 + environments/cinder-dellemc-powermax-config.yaml | 29 + environments/cinder-dellemc-sc-config.yaml | 39 + environments/cinder-dellemc-vxflexos-config.yaml | 35 + environments/cinder-dellemc-xtremio-config.yaml | 28 + environments/cinder-netapp-config.yaml | 2 +- environments/compute-real-time-example.yaml | 20 +- environments/dcn-hci.yaml | 22 +- environments/dcn.yaml | 18 + ...ployed-server-bootstrap-environment-centos.yaml | 11 - ...deployed-server-bootstrap-environment-rhel.yaml | 11 - environments/deployed-server-environment.j2.yaml | 4 +- environments/disable-panko.yaml | 11 + environments/disable-paunch.yaml | 6 + environments/disable-swift.yaml | 6 + environments/disable-telemetry.yaml | 1 + .../enable-legacy-telemetry.yaml | 8 +- environments/enable-stf.yaml | 39 + environments/hyperconverged-ceph.yaml | 2 +- environments/lifecycle/ffwd-upgrade-converge.yaml | 1 + environments/lifecycle/ffwd-upgrade-prepare.yaml | 3 +- .../lifecycle/undercloud-upgrade-prepare.yaml | 1 + environments/lifecycle/update-prepare.yaml | 4 + environments/lifecycle/upgrade-converge.yaml | 24 +- environments/lifecycle/upgrade-prepare.yaml | 17 +- environments/metrics/ceilometer-write-qdr.yaml | 6 +- environments/metrics/collectd-write-qdr.yaml | 8 +- environments/metrics/qdr-edge-only.yaml | 8 +- environments/metrics/qdr-form-controller-mesh.yaml | 6 - environments/network-environment-v6.j2.yaml | 10 +- environments/network-isolation-v6-all.j2.yaml | 2 - environments/network-isolation-v6.j2.yaml | 2 - environments/nova-nuage-config.yaml | 1 - environments/public-tls-undercloud.yaml | 1 + environments/rhsm.yaml | 2 + .../services-baremetal/neutron-ovn-dvr-ha.yaml | 2 + .../services-baremetal/neutron-ovn-ha.yaml | 4 + .../services-baremetal/undercloud-ceilometer.yaml | 3 + .../services-baremetal/undercloud-panko.yaml | 2 + environments/services/barbican-edge.yaml | 4 + environments/services/neutron-ovn-dvr-ha.yaml | 2 + environments/services/neutron-ovn-ha.yaml | 5 + environments/services/neutron-ovn-sriov.yaml | 1 - environments/services/neutron-ovn-standalone.yaml | 2 + environments/services/neutron-ovs.yaml | 1 + environments/services/skydive-environment.yaml | 12 - environments/services/undercloud-ceilometer.yaml | 3 + environments/services/undercloud-panko.yaml | 4 + environments/services/undercloud-tls.yaml | 4 + environments/ssl/enable-internal-tls.j2.yaml | 2 + environments/ssl/enable-tls.yaml | 4 + environments/ssl/no-tls-endpoints-public-ip.yaml | 8 + environments/ssl/tls-endpoints-public-dns.yaml | 10 +- environments/ssl/tls-endpoints-public-ip.yaml | 10 +- environments/ssl/tls-everywhere-endpoints-dns.yaml | 10 +- environments/standalone.yaml | 3 +- environments/standalone/standalone-overcloud.yaml | 2 + environments/standalone/standalone-tripleo.yaml | 8 +- environments/stdout-logging.yaml | 1 + environments/storage-environment.yaml | 6 +- environments/storage/cinder-netapp-config.yaml | 2 +- environments/storage/cinder-nfs.yaml | 2 +- environments/swift-external.yaml | 6 +- environments/undercloud.yaml | 5 + environments/undercloud/undercloud-minion.yaml | 85 +- .../krb-service-principals/role.role.j2.yaml | 2 +- extraconfig/post_deploy/clouds_yaml.py | 54 - extraconfig/post_deploy/standalone_post.yaml | 73 -- extraconfig/post_deploy/undercloud_post.py | 9 +- extraconfig/post_deploy/undercloud_post.yaml | 43 +- firstboot/userdata_timesync.yaml | 2 +- hosts-config.yaml | 38 - lower-constraints.txt | 166 --- net-config-bridge.j2.yaml | 8 + net-config-linux-bridge.j2.yaml | 9 + ...config-static-bridge-with-external-dhcp.j2.yaml | 8 + .../config/multiple-nics-vlans/role.role.j2.yaml | 8 +- network/config/multiple-nics/role.role.j2.yaml | 6 +- network/endpoints/endpoint_data.yaml | 35 + network/endpoints/endpoint_map.yaml | 1153 +++++++++++++++++++- network/ports/net_ip_list_map.j2.yaml | 12 +- network/ports/net_vip_map_external.j2.yaml | 6 + network/ports/net_vip_map_external_v6.j2.yaml | 6 + network/ports/port_from_pool.j2 | 31 +- network/scripts/run-os-net-config.sh | 7 +- network/service_net_map.j2.yaml | 33 +- network_data_ganesha.yaml | 50 +- overcloud-resource-registry-puppet.j2.yaml | 29 +- overcloud.j2.yaml | 155 ++- puppet/extraconfig/pre_deploy/per_node.yaml | 4 +- puppet/role.role.j2.yaml | 54 +- ...ainerNovaLibvirtPidsLimit-cdad2166b6c0195f.yaml | 6 + .../IGMP-snooping-for-ml2ovs-d794ed4eab7c098c.yaml | 3 + .../NovaReservedHugePages-35a13e828bfc92e9.yaml | 10 + ...r-to-net_vip_map_external-c2c83431feaf7f35.yaml | 10 + ...d-barbican-client-for-dcn-7182e8bab41fce21.yaml | 13 + ...-anti-affinity-parameters-fe9222f17b16ee1f.yaml | 4 + .../add-octavia-provider-ovn-e3780665300e7c58.yaml | 5 + ...publictlscafile-parameter-0fd9c19dcd20be0b.yaml | 6 + ...ce_image_cache_prefetcher-288120ffa6ee2a13.yaml | 6 + .../adding-rear-service-5fac71fa6fbd9c9e.yaml | 5 + ...ddmemcachedmaxconnections-b591c0fa39e821f5.yaml | 6 + ...allow-resize-to-same-host-62f05a5370993425.yaml | 5 + .../automated-lvmfilter-3bee670c0108585a.yaml | 23 + ...ng-manila-share-protocols-6ea6bcbbe21b25ee.yaml | 7 + .../notes/bug-1895899-8d675670a0d05c15.yaml | 12 + ...eph_external_multi_config-80d707e5bf75e886.yaml | 5 + ...chcon-only-podman-upgrade-a2356adf59cde74b.yaml | 6 + .../notes/cinder-v1-cleanup-7154ca07652804cf.yaml | 11 + releasenotes/notes/cpu-flags-5b027db3eb2b86c2.yaml | 7 + .../notes/cpuset_cpus-4dbde2cec2152b30.yaml | 6 + ...-net-config-static-bridge-c15bf767d3a28759.yaml | 7 + ...sable-notification-driver-a888d4e9b8eed1dc.yaml | 6 + ...lated_aggregate_filtering-2aec5a693bf79852.yaml | 12 + ...dge-by-default-on-compute-f3ff6bf46ab80640.yaml | 15 + .../notes/extra_group_vars-aafa71945882442f.yaml | 7 + ...e-for-StorageNFS-net.yaml-bd77be924e8b7056.yaml | 20 + ...ure-when-network-disabled-156190243ff239ea.yaml | 6 + ...h-service-net-map-replace-463dd1296766cc47.yaml | 6 + ...er-agent-failed-on-reboot-373a31d28ea72587.yaml | 5 + .../notes/glance-multistore-82d4fc260acfb355.yaml | 12 + .../gnocchi-nfs-backend-90febc9f87e7df08.yaml | 9 + ...v6-stateful-address-count-ca568a32f07aec53.yaml | 7 + ...ronic_cleanup_config_data-1d4ae909c0869a90.yaml | 15 + ...use_bind_mounts_for_certs-64cb88f78538a64b.yaml | 13 + .../notes/mysql-auth-ed25519-28aaea4e69fbfdf7.yaml | 7 + ...dnsmasq_enable_addr6_list-ead32a7739431607.yaml | 6 + .../notes/new-pmem-params-18fb9c25808a7fe6.yaml | 14 + ...ova_api_max_limit-support-43fe9792eca63599.yaml | 5 + ..._compute_default_cpu_mode-cda2bb3e56463b3a.yaml | 11 + .../notes/nova_compute_ksm-444f1cc51ceafb66.yaml | 8 + .../nova_image_cache_ttl-824f241363b9dd4e.yaml | 8 + ...tadata_http_cert_metadata-274e7e8a66727983.yaml | 9 + ...gate_required_for_tenants-6c7d90fd01bcc88d.yaml | 11 + ...ent_for_availability_zone-ffd415710a9cb903.yaml | 9 + .../octavia-log-offload-d1617e767f688da1.yaml | 4 + ...ovn_igmp_snooping_support-eccdecde74f4b9c8.yaml | 5 + ...cluster-common-tag-podman-f9a71344af5c73d6.yaml | 7 + .../notes/powermax-driver-d428e372280c44e6.yaml | 6 + .../notes/remove-ValidateNtp-15724eaa8345aa4f.yaml | 8 + ...deployed-server-bootstrap-07590a3cf4688cc9.yaml | 11 + .../notes/remove_ffwd_tasks-d1ab630d96a66a59.yaml | 6 + releasenotes/notes/sc-driver-a428e372280c44e6.yaml | 6 + ...pport-glance-at-dcn-sites-6163b8f5333e31a7.yaml | 8 + ...swift-barbican-key-id-fix-108f8b58a5092d0a.yaml | 5 + .../swift-fix-ring-sync-7bf3ddbb1ea1e342.yaml | 6 + .../swift-mount-by-uuid-7744fe7696db4b85.yaml | 6 + .../notes/swift_external-d9870450f191b89a.yaml | 6 + ...ansible-for-hosts-entries-b4905552515e17ff.yaml | 6 + .../notes/vxflexos-driver-bec8e372280c44e6.yaml | 4 + .../notes/xtremio-driver-a428f372280c44e6.yaml | 7 + .../zaqar_ws_timeout_tunnel-d5d1e900dce79b34.yaml | 7 + roles/BlockStorage.yaml | 1 + roles/CellController.yaml | 1 - roles/Compute.yaml | 2 +- roles/ComputeAlt.yaml | 1 - roles/ComputeDVR.yaml | 1 - roles/ComputeHCI.yaml | 2 +- roles/ComputeHCIOvsDpdk.yaml | 2 +- roles/ComputeInstanceHA.yaml | 1 - roles/ComputeLiquidio.yaml | 1 - roles/ComputeLocalEphemeral.yaml | 2 +- roles/ComputeOvsDpdk.yaml | 2 +- roles/ComputeOvsDpdkRT.yaml | 3 +- roles/ComputeOvsDpdkSriov.yaml | 1 - roles/ComputeOvsDpdkSriovRT.yaml | 2 +- roles/ComputePPC64LE.yaml | 2 +- roles/ComputeRBDEphemeral.yaml | 2 +- roles/ComputeRealTime.yaml | 21 +- roles/ComputeSriov.yaml | 2 +- roles/ComputeSriovIB.yaml | 1 - roles/ComputeSriovRT.yaml | 3 +- roles/Controller.yaml | 11 +- roles/ControllerAllNovaStandalone.yaml | 3 +- roles/ControllerNoCeph.yaml | 8 +- roles/ControllerNovaStandalone.yaml | 7 +- roles/ControllerOpenstack.yaml | 4 +- roles/ControllerSriov.yaml | 183 ++++ roles/ControllerStorageDashboard.yaml | 8 +- roles/ControllerStorageNfs.yaml | 8 +- roles/DistributedCompute.yaml | 7 +- roles/DistributedComputeHCI.yaml | 8 +- roles/DistributedComputeHCIDashboard.yaml | 80 ++ roles/DistributedComputeHCIScaleOut.yaml | 69 ++ roles/DistributedComputeScaleOut.yaml | 66 ++ roles/HciCephAll.yaml | 2 +- roles/HciCephFile.yaml | 2 +- roles/HciCephMon.yaml | 2 +- roles/HciCephObject.yaml | 2 +- roles/Minimal.yaml | 30 + roles/Networker.yaml | 1 - roles/NetworkerSriov.yaml | 55 + roles/Novacontrol.yaml | 1 - roles/ObjectStorage.yaml | 1 + roles/README.rst | 1 + roles/Standalone.yaml | 8 +- roles/Telemetry.yaml | 1 + roles/Undercloud.yaml | 4 + roles/UndercloudMinion.yaml | 1 + roles_data.yaml | 15 +- roles_data_undercloud.yaml | 5 +- sample-env-generator/dcn.yaml | 18 +- sample-env-generator/ssl.yaml | 45 +- sample-env-generator/standalone.yaml | 15 +- sample-env-generator/storage.yaml | 1 + sample-env-generator/undercloud-minion.yaml | 52 +- scripts/hosts-config.sh | 47 - tools/make_ceph_disk_list.py | 141 +++ tools/yaml-validate.py | 32 +- tox.ini | 7 - validation-scripts/all-nodes.sh | 40 - zuul.d/layout.yaml | 128 +-- 474 files changed, 15544 insertions(+), 8394 deletions(-)

1 0

puppet-tripleo 11.5.0 (train)
by no-reply＠openstack.org 08 Feb '21

08 Feb '21

We are pumped to announce the release of: puppet-tripleo 11.5.0: Puppet module for OpenStack TripleO This release is part of the train stable release series. The source is available from: https://opendev.org/openstack/puppet-tripleo Download the package from: https://tarballs.openstack.org/puppet-tripleo/ Please report issues through: https://bugs.launchpad.net/puppet-tripleo/+bugs For more details, please see below. 11.5.0 ^^^^^^ New Features ************ * Added tripleo::profile::base::octavia::provider::ovn for configuring OVN driver properties, including protocol. * Adds ceph_dashboard endpoint and ceph_dashboard_port to properly expose the ceph-dashboard frontend service * Add support for configuring the glance-api service with multiple store backends. The primary backend becomes the service's default backend, and additional backends may be specified using an optional 'multistore_config' hash. * Add new PowerMax backend Cinder driver options. Supports both iSCSI and FC volume drivers and multiple backends as well. * Add Dell EMC SC backend Cinder driver options. Supports both iSCSI and FC volume drivers and multiple backends as well. * This change introduces two hiera keys that allow an operator to specify which NIC (or NICs) the VIPs will be bound to. One hiera key has global effect (tripleo::pacemaker::force_nic) and forces all VIPs to listen to that NIC. There is also the possibility to override that for specific VIPs with the force_vip_nic_overrides hiera hash. This change is only useful for deployments where BGP is used to advertise IP addresses from the host across multiple L3 networks. * Added support for VxFlexOS backend driver * Add Dell EMC XtremIO backend Cinder driver options. Supports both iSCSI and FC volume drivers and multiple backends as well Deprecation Notes ***************** * ovn_db_host and ovn_nb_port from tripleo::profile::base::octavia::api are now deprecated and will be removed in the future release. Please use ovn_db_host and ovn_nb_port from tripleo::profile::base::octavia::provider::ovn instead. Bug Fixes ********* * It is now possible to override the "enabled_share_protocols" configuration for the Shared File Systems service (manila) with the hiera parameter "manila_enabled_share_protocols". Changes in puppet-tripleo 11.4.0..11.5.0 ---------------------------------------- 5b0ca71c Adding key_size option on the certmonger_certificate function 6c3bd01a Wire up new tripleo upgrades jobs template 3be8a551 Remove haproxy ironic-inspector http-check workaround 69eed9e3 Revert "[Train and before] Apply default_listen_options to ironic-inspector" dd1d17da Allow to specify a nic for the VIPs + Fix nic selection when no nic is specified 2b246e34 Defauts mariadb's innodb_strict_mode to OFF e73ba50f Revert "Cleanup old workaround for ipv6 VIPs" 0d5da092 Filter haproxy_certificate_specs if hostname is empty d371cf5e Make sure qemu CA has correct permissions f34afbea Force MySQL / MariaDB log_warnings to 1 5de371ee Fixing incorrect parameter names in Dell EMC Storage Templates 3e9b801d galera: expose 2-node mode for the galera resource 6cbd8137 Generic cluster properties support b28243fa Include ovs_driver and sriov_driver classes in base neutron profile ecf7416a Cleanup old workaround for ipv6 VIPs a57c0e9c [c7-train] Switch c7 jobs to content provider 896009f6 Puppet config options for AMQP1 sensubility transport 4309addb Add changes for collectd libpod stats plugin e6632c94 [train] Switch to content provider jobs/templates 4d5a9c05 Allow overriding share protocols with manila c49d8de7 Make ceph_dashboard haproxy config parametric f716ef5a Replace union to create tcp-check list for redis 819c2592 Change branch name for selinux_core puppet module 72ad205f Fix tls - zaqar wss default port 2d862f1a [Train and before] Apply default_listen_options to ironic-inspector 48f35b52 HA: ensure scaling up galera does not cause promotion errors 8c8fa833 Fix typos, extreamio and xtreamio to xtremio f28b6907 Make sure python3-novaclient is installed before creating fence_compute 7d21ae36 Use pcs 0.9 style authkey/remotes when doing an upgrade d833f860 Add certmonger-etcd-refresh.sh script abbc4e4c Fix up cluster_setup_extras usage 5ec551b0 Switch includes to absolute 2a16409d Make promote timeout configurable ddf21633 Ensure post-save certmonger scripts target the right HA container 207e6d62 HA: fix rabbitmq readiness check for rabbitmq-server 3.8 c2899322 Enable to modify params of logrotate-crond.conf 8cc3c772 Add FFU support for ceph_nfs 77da001c Switch RGW HAProxy healthcheck to use special RGW healthcheck url 90a28fd1 Fix haproxy ceph dashboard condition f930e3a5 Fix RABBITMQ_SERVER_ADDITIONAL_ERL_ARGS usage with a proper override mechanism + Make the additional_erl_args change more independent b9a5dae6 Fix the default values for ca_file and cert_file 4f6da07e Powermax Config Fixes 56e56b15 Make haproxy.pp honor EnableInternalTLS for rgw b81fc164 Support for Dell EMC VXFlexOS Backend 0ddf5da2 Finish HAProxy config for metrics_qdr e791ca04 Allow override of mysql/galera open files limit ca6367f1 ovn-dbs-bundle: Prepare for supporting new OVN version with separarte run dirs 68291df8 Remove obsolete 'http' backend from glance configuration 9aedd84c Remove selinux relabel mount option for neutron 037996d1 Support for Dell EMC SC Volume Config 73ac7699 Prepare 11.5.0 release 91acf870 Support for Dell EMC XtremIO Volume Config 9bd83310 Allow the Mistral tunnel timeout to be configurable. 658956db Include vendordata in nova-api and nova-metadata-api 7e033245 [stable only] Fix duplicated test case for nova::api 8cf37936 Only run the VIP creation code when enable_load_balancer is set to true a1da18ae Fix etcd's support for internal TLS 4cefed3c Remove duplicate entry of collectd-python package a3ccad2d CephRgw healthcheck aligned with ceph-ansible 3b5b9440 Ensure that the HAProxy certificate is updated 478a5e10 Do not manage pv/vg for cinder iscsi backend 97f1d208 Hardcode openidc_cache_type parameter for keystone federation with OpenIdc 7e4aca45 Log stdout of HA containers 1d09aa68 Make the bundle user configurable via hiera 67e9708b Enable deployment with external loadbalancers b2348525 Add Octavia OVN Provider configuration (2 of 2) 5d41a097 Support for PowerMax Volume Config 6fe363c0 Support for mariadb's ed25519 authentication ebc19599 Add Octavia OVN Provider configuration (1 of 2) 21fc0306 Add heat::cache to heat profile e0e24c20 Use ctlplane for internal QDR communication cd4bd436 Make all mysql root users managed during stack creation/update c31de022 Use memcached for token caching in designate authtoken 7ce90cb7 Handle ipv6 addresses in etcd and cinder's backend_url 02b30834 Fix grafana haproxy frontend ip variable 91627ee5 pacemaker-remote is broken on CentOS/RHEL < 8 74dcdac6 Add Certmonger ceph_rgw class to config tls dd44d155 Make sure we create stonith resources before stonith levels 06a5359a Revert "Remove neutron wrappers" 012039bd Add ceph dashboard frontend endpoint and tls-e integration 4db9d153 Enforce firewall rules before pacemaker-auth c49ebf01 Add support for glance multistore 39b7cfd1 Enable sudo rule creation d8cf2fad keystone: add a new parameter 'keystone_resources_managed' 19f0181d Remove neutron wrappers 8c1e9628 Add keystone_resources_managed option to the cinder api class 7e0a976f Don't use defined 78a97af3 Make pipeline config more flexible 378580d3 Remove side-car containers in Create status 801f789f Fix typo in remote pcsd_bind_addr 09fa984a Change the name of the HAProxy service to reflict the new name 7aec7fc5 HA: Honour all hiera override variables in mysql_bundle becddfad Make rsyslog file_input bulletproof 3db5bae6 Add short node name override support to manila 545b4809 Remove unused manila_share_nodes_count variable 6247b7a4 Enable metrics qdr to use public VIP 64951b5c Allow mysql haproxy stanza do be customized d187413e Change parameter to 'coordination_uri' 2df86b98 Make sure neutron [placement] config section is set 36a748b4 Avoid failing on rsyslog ab44e2b9 Fix typo in sslProfile conditional 95111e6c Add support to configure pcsd bind address 14e31e64 Add octavia::nova to Octavia services Diffstat (except docs and test files) ------------------------------------- Gemfile | 1 + Puppetfile_extras | 4 +- files/certmonger-dashboard-refresh.sh | 10 + files/certmonger-etcd-refresh.sh | 25 ++ files/certmonger-haproxy-refresh.sh | 5 +- files/certmonger-rabbitmq-refresh.sh | 2 +- files/certmonger-rgw-refresh.sh | 9 + files/mysql_ed25519_password.py | 43 ++++ lib/puppet/functions/mysql_ed25519_password.rb | 21 ++ lib/puppet/functions/pacemaker_bundle_replicas.rb | 23 ++ manifests/certmonger/ceph_dashboard.pp | 87 +++++++ manifests/certmonger/ceph_grafana.pp | 6 + manifests/certmonger/ceph_rgw.pp | 123 ++++++++++ manifests/certmonger/etcd.pp | 31 ++- manifests/certmonger/haproxy.pp | 6 + manifests/certmonger/httpd.pp | 6 + manifests/certmonger/libvirt.pp | 6 + manifests/certmonger/libvirt_vnc.pp | 6 + manifests/certmonger/metrics_qdr.pp | 6 + manifests/certmonger/mysql.pp | 6 + manifests/certmonger/neutron.pp | 6 + manifests/certmonger/neutron_ovn.pp | 6 + manifests/certmonger/novnc_proxy.pp | 5 + manifests/certmonger/openvswitch.pp | 6 + manifests/certmonger/ovn_controller.pp | 6 + manifests/certmonger/ovn_dbs.pp | 6 + manifests/certmonger/ovn_metadata.pp | 6 + manifests/certmonger/ovn_octavia.pp | 76 ++++++ manifests/certmonger/qemu.pp | 26 +++ manifests/certmonger/rabbitmq.pp | 6 + manifests/certmonger/redis.pp | 6 + manifests/fencing.pp | 1 + manifests/haproxy.pp | 119 ++++++++-- manifests/network/contrail/neutron_plugin.pp | 8 +- manifests/pacemaker/haproxy_with_vip.pp | 18 +- manifests/profile/base/ceilometer.pp | 42 ---- .../profile/base/ceilometer/agent/notification.pp | 80 ++++++- manifests/profile/base/certmonger_user.pp | 39 +++- manifests/profile/base/cinder/api.pp | 9 +- manifests/profile/base/cinder/volume.pp | 69 +++++- .../profile/base/cinder/volume/dellemc_powermax.pp | 70 ++++++ manifests/profile/base/cinder/volume/dellemc_sc.pp | 87 +++++++ .../profile/base/cinder/volume/dellemc_vxflexos.pp | 55 +++++ .../profile/base/cinder/volume/dellemc_xtremio.pp | 71 ++++++ manifests/profile/base/cinder/volume/iscsi.pp | 5 - manifests/profile/base/database/mysql.pp | 120 ++++++---- .../base/database/mysql/include_and_check_auth.pp | 49 ++++ manifests/profile/base/designate/authtoken.pp | 44 ++++ manifests/profile/base/etcd.pp | 10 +- manifests/profile/base/glance/api.pp | 77 +++--- manifests/profile/base/glance/backend/cinder.pp | 113 +++++++++ manifests/profile/base/glance/backend/file.pp | 65 ++++++ manifests/profile/base/glance/backend/rbd.pp | 110 +++++++++ manifests/profile/base/glance/backend/swift.pp | 148 ++++++++++++ manifests/profile/base/heat.pp | 1 + manifests/profile/base/keystone.pp | 15 +- manifests/profile/base/logging/logrotate.pp | 10 + manifests/profile/base/logging/rsyslog.pp | 6 +- .../profile/base/logging/rsyslog/file_input.pp | 31 +-- manifests/profile/base/manila/api.pp | 39 +++- manifests/profile/base/metrics/collectd.pp | 38 ++- .../profile/base/metrics/collectd/libpodstats.pp | 70 ++++++ .../profile/base/metrics/collectd/sensubility.pp | 60 ++++- manifests/profile/base/metrics/qdr.pp | 28 +-- manifests/profile/base/neutron/plugins/ml2.pp | 8 + .../base/neutron/plugins/ml2/networking_ansible.pp | 2 +- manifests/profile/base/neutron/server.pp | 1 + manifests/profile/base/nova/api.pp | 1 + manifests/profile/base/nova/metadata.pp | 1 + manifests/profile/base/octavia/api.pp | 18 +- manifests/profile/base/octavia/health_manager.pp | 1 + manifests/profile/base/octavia/housekeeping.pp | 1 + manifests/profile/base/octavia/provider/ovn.pp | 86 +++++++ manifests/profile/base/octavia/worker.pp | 1 + manifests/profile/base/pacemaker.pp | 61 ++++- manifests/profile/base/pacemaker_remote.pp | 19 +- manifests/profile/base/rabbitmq.pp | 27 ++- manifests/profile/pacemaker/ceph_nfs.pp | 7 +- .../profile/pacemaker/cinder/backup_bundle.pp | 20 +- .../profile/pacemaker/cinder/volume_bundle.pp | 20 +- manifests/profile/pacemaker/database/mysql.pp | 16 +- .../profile/pacemaker/database/mysql_bundle.pp | 92 +++++++- .../profile/pacemaker/database/redis_bundle.pp | 20 +- manifests/profile/pacemaker/haproxy_bundle.pp | 54 ++++- manifests/profile/pacemaker/manila/share_bundle.pp | 32 ++- manifests/profile/pacemaker/ovn_dbs_bundle.pp | 260 +++++++++++++-------- manifests/profile/pacemaker/rabbitmq.pp | 2 +- manifests/profile/pacemaker/rabbitmq_bundle.pp | 20 +- metadata.json | 2 +- .../add-octavia-provider-ovn-6734aa08af4772e4.yaml | 5 + ...-enabled-protocols-manila-86b6662a8b617866.yaml | 6 + .../ceph_dashboard_endpoint-10035021352fc190.yaml | 6 + ...cate-ovn-from-octavia-api-15e33154a31f20ec.yaml | 7 + .../notes/glance-multistore-766022d470827d1d.yaml | 8 + .../notes/powermax-driver-d428e372280c44e6.yaml | 5 + releasenotes/notes/sc-driver-a428e372280c44e6.yaml | 5 + .../notes/vip-bind-nic-11e80207fcb78a20.yaml | 10 + .../notes/vxflexos-driver-aec8e372280c44e6.yaml | 3 + .../notes/xtremio-driver-f428e372280c44e6.yaml | 5 + spec/classes/tripleo_certmonger_etcd_spec.rb | 52 +++-- ...file_base_ceilometer_agent_notification_spec.rb | 68 ++++++ .../tripleo_profile_base_cinder_powermax_spec.rb | 72 ++++++ .../classes/tripleo_profile_base_cinder_sc_spec.rb | 72 ++++++ ...ripleo_profile_base_cinder_volume_iscsi_spec.rb | 7 - .../tripleo_profile_base_cinder_volume_spec.rb | 173 ++++++++++++-- .../tripleo_profile_base_cinder_vxflexos_spec.rb | 58 +++++ ...ipleo_profile_base_cinder_xtremio_iscsi_spec.rb | 2 +- .../tripleo_profile_base_cinder_xtremio_spec.rb | 72 ++++++ ...ripleo_profile_base_designate_authtoken_spec.rb | 70 ++++++ spec/classes/tripleo_profile_base_etcd_spec.rb | 131 +++++++++++ .../tripleo_profile_base_glance_api_spec.rb | 94 +++++++- ...pleo_profile_base_glance_backend_cinder_spec.rb | 105 +++++++++ ...ripleo_profile_base_glance_backend_file_spec.rb | 89 +++++++ ...tripleo_profile_base_glance_backend_rbd_spec.rb | 124 ++++++++++ ...ipleo_profile_base_glance_backend_swift_spec.rb | 99 ++++++++ .../tripleo_profile_base_manila_api_spec.rb | 23 ++ ...ofile_base_metrics_collectd_sensubility_spec.rb | 43 ++++ .../tripleo_profile_base_metrics_collectd_spec.rb | 53 ++++- .../tripleo_profile_base_metrics_qdr_spec.rb | 66 ++---- .../tripleo_profile_base_neutron_server_spec.rb | 6 + spec/classes/tripleo_profile_base_nova_api_spec.rb | 20 +- .../tripleo_profile_base_nova_metadata_spec.rb | 6 + .../tripleo_profile_base_octavia_api_spec.rb | 16 -- ...ipleo_profile_base_octavia_provider_ovn_spec.rb | 138 +++++++++++ ..._profile_pacemaker_cinder_backup_bundle_spec.rb | 3 +- ..._profile_pacemaker_cinder_volume_bundle_spec.rb | 3 +- ...o_profile_pacemaker_manila_share_bundle_spec.rb | 9 +- ...profile_base_logging_rsyslog_file_input_spec.rb | 33 ++- spec/fixtures/hieradata/default.yaml | 11 +- spec/fixtures/hieradata/step5.yaml | 9 + templates/logrotate/containers_logrotate.conf.erb | 4 +- templates/metrics/collectd-sensubility.conf.epp | 27 ++- templates/metrics/libpodstats.conf.epp | 4 + templates/neutron/dibbler-client.epp | 5 +- templates/neutron/dnsmasq.epp | 2 +- templates/neutron/haproxy.epp | 5 +- templates/neutron/keepalived.epp | 5 +- templates/neutron/radvd.epp | 5 +- zuul.d/layout.yaml | 13 +- 139 files changed, 4392 insertions(+), 525 deletions(-)

1 0

python-tripleoclient 12.4.0 (train)
by no-reply＠openstack.org 08 Feb '21

08 Feb '21

We exuberantly announce the release of: python-tripleoclient 12.4.0: TripleO client This release is part of the train stable release series. The source is available from: https://opendev.org/openstack/python-tripleoclient Download the package from: https://tarballs.openstack.org/python-tripleoclient/ Please report issues through: https://bugs.launchpad.net/tripleo/+bugs For more details, please see below. 12.4.0 ^^^^^^ New Features ************ * The *overcloud delete* subcommand now supports cleaning up overcloud hosts, services, and DNS entries in FreeIPA. This is applicable to deployments with TLS support enabled since FreeIPA serves DNS and manages certificates for overcloud infrastructure. This subcommand also includes a new option called "--skip-ipa- cleanup" that allows the caller to forego cleaning up FreeIPA. This may be useful when deployers want to forcibly cleanup overcloud stacks and leave FreeIPA entries intact (e.g., network partition events where the FreeIPA server isn't reachable). Note that you will need to manually cleanup FreeIPA if you use "--skip-ipa-cleanup". * A new *--ansible-forks* argument has been added to the TripleO and Overcloud commands. The default value for forks has also been adjusted to no longer exceed 100 forks. * Add --work-dir to openstack overcloud container image build command and every run will create a unique workspace which where will be stored Kolla configs and build logs. Default directory will be in /tmp/container-builds. UUIDs are used to identify each time we run the command and will be the directory name in the work dir. * Added *--overcloud-ssh-enable-timeout* to allow end users to increase the wait time during the deploy, ffu, upgrade and admin actions. By default this is 600 seconds. * Added *--overcloud-ssh-port-timeout* to allow end users to increase the time we wait for ssh to become ready on the hosts during the deploy, ffu, upgrade and admin actions. On older hardware or slow booting hardware, the 300 seconds we wait by default for the port to come up may not be sufficient. * A new command "openstack overcloud export ceph" is added. The command is used to export the Ceph deployment data from one stack for use in another stack with storage services which use that Ceph cluster when using the multi-stack deployment feature. * The network interface drivers for the Baremetal service on the undercloud is now configurable. New undercloud.conf options "enabled_network_interfaces" (Default: "flat") and "default_network_interface" (Default: "flat") control the enabled network interface and the default network interface when enrolling nodes. * The upgrade/update commands have a prompt by default now that ask for confirmation before proceeding. It'll prevent an operator to run the command and cause the problems to infrastructure. This prompt can be skipped with --yes/-y argument. * The TripleO Validator CLI has now a new logging feature which keep every validation execution log in the Undercloud (/var/log/validations/). The CLI is able to display the history and allow the user to get the full execution details. Upgrade Notes ************* * The *undercloud.conf* file is now strictly parsed. If there are detected issues within the *undercloud.conf* configuration file operations will halt, producing an error and highlighting how to resolve the issue. Deprecation Notes ***************** * The ffwd-upgrade command isn't needed anymore since Queens. The ffwd upgrade now relies on the overcloud upgrade commands, therefore there is no need to keep the old ffwd-upgrade commands around as they could just cause confusion to the user. Bug Fixes ********* * Ansible connection timeout used for config download and the deployment timeout now will be given proper values. It fixes bug 1868063. * The client (tripleoclient) now raises a new exception, ConfigDownloadInProgress, if there is already an instance of the tripleo.deployment.v1.config_download_deploy workflow in progress for the current stack. * With adding UseTLSTransportForNbd feature in stein, UseTLSTransportForNbd is enabled per default. If an environment gets upgraded where UseTLSTransportForNbd was not enabled will make live migration to fail as the required certs are not part of the env of the previously created qemu process containers. This change handles UseTLSTransportForNbd as: * new environments it is enabled, which is the default in THT since stein * if it is an existing environment: - global_config_settings get checked for use_tls_for_nbd key - if the global_config_settings does not exist, e.g. update from previous THT version or previous major release, the hieradata key nova::compute::libvirt::qemu::nbd_tls gets evaluated that there is no unnecessary disable of nbd_tls In change I7f583d18e558b95922a66eb539cc91de74409c96 we move the certs to be handled using bind mounts, so the upgrade path to enable nbd-tls would be 1. deploy with this change + the puppet-tripleo and tht change to use bind mounts for certs. 2. migrate all instances once that the containers running the qemu processes have the correct cert bind mounts 3. run an overcloud deploy using UseTLSTransportForNbd=true * openstack overcloud export now exports user defined password values instead of just always exporting the generated password values. * The *undercloud.conf* file is now strictly parsed which ensures a clean configuration when deploying the undercloud. Changes in python-tripleoclient 12.3.1..12.4.0 ---------------------------------------------- 7f001ff7 Make workflow monitoring more resilient 9c343949 [train-only] Extend list of DEPRECATED_SERVICES 76bb5725 [train-only] Set rc = 0 for successful standalone/output-only action bfd01adc Expose --ansible-forks 9c89072f remove c7 update/upgrdae jobs e5b8ebde [TRAIN-Only] Reduce open mock scope 302d2f2b Wire up new tripleo upgrades jobs template ac397523 Revert "Removed ubi-8 based jobs" d239ca70 [TRAIN] Default ceph export config-download dir to mistral dfa32942 Do not require authentication for the validator CLI f5892a58 [TRAIN-only] Don't stop scale down if ansible fails 52014762 Map build host repos to distro.repos.d instead of yum.repos.d 8274fa5b remove lower-constraints 15050a25 Add config-download-dir flag to cell export command 94ada5c0 [train/stein] Handle UseTLSTransportForNbd for previous created envs 85ca8946 Removed ubi-8 based jobs 9d1e3df8 [Container build] raise Exception post logging error 4a5027a6 Add detection of package manager for undercloud upgrade 709a3377 [c7-train] Simplify tags for consumer jobs f962b728 Remove centos-7-standalone-upgrade c83a3f80 [train] Switch to content provider jobs/templates 05a909c3 Check CephClusterFSID against proposed env files 7700507f Fix tcib build 2bac6517 Add openstack overcloud export ceph d4bb4fe1 Fix if conditions in constants.py e00630cf Remove playbook param from tripleo_validator.py 89fe42bd Set portmap cidr fields to extracted CIDR a09ddc85 Remove c7 containers multinode job ae583292 Inject both paths for validations roles location 370be5b4 [TRAIN-Only] Fix missing mock de7ef0ca [TRAIN-Only] Remove extra linebreak 04840122 Add --temp-dir to overcloud image build 49fd5d47 Train only: supply the stack name when creating the inventory 86c9fa70 Combined cherry-pick to allow TCIB to run config-less 8b336981 Make python interpreter option for ansible validation run e55aaaba Update tripleo-validations path to /usr/share/ansible 73e1b63a Allow to pass a static inventory to the validator CLI bd22a7fb Fix extra_env_files option and type in format string f3853c94 Implement validations-libs framework for ALL validator commands 5e3097e4 [train-only] Add ipa config check to _cleanup_ipa 79bb147b (UX) Improve logging if the ephemeral heat stack wasn't created b02ed76d TCIB: add --rhel-modules argument 8e7a8e76 Allow usage of duplicated IPs for undercloud config fa012996 overcloud_deploy: move horizon url/rc files before config-download 1399785a Limit ip_version when resolving public_host and admin_host 182892b1 Add tripleo container image hotfix command c15d0d0b Use user set password values in overcloud export 29686a65 Cleanup UndercloudHostsEntries 6bf36b3b Correct YAML load warning 66c1f75a Don't build image upload tasks when dry_run is True c62e12db Rename UpgradeConvergeOvercloud into UpgradeConverge. 8d98d0b5 [train-only] Run tripleo-build-containers-ubi-8 under specific conditions 846911ef [TRAIN-Only] Increase deploy workflow wait ad603d39 Port jobs from centos7 to centos8 d77bb6e3 Close session objects in container_image.py b40432f1 Add openstack tripleo container image build aedc6146 Correct ansible playbook execution handler 6c8086ff Remove ffwd-upgrade commands from tripleoclient. 9e08f1ea [TRAIN-and-older] Properly close sockets 309df8af [stable-only] Use folder with plan name for config download export 6f8134b2 [train] manual backport & squash for overcloud_deploy raise changes cc4d0599 Throw warning if --limit used with a skip list in Heat 28975947 Add "yes" prompt for update/upgrades commands bf17d081 Skip network check with stack env when validations disabled 57ed1b88 Identify not allowed parameters in upgrades. f0c2113c update constraint for tripleo-common to new release 11.4.0 d58ea5bb [TRAIN ONLY] Do not encode hostnames in validation result 0ba53608 Refactor upgrade prepare and converge. 4b1a018e Detect TLS for pre-provisioned nodes 6f877f6b TripleO Validations Logging CLI Introduction ecf22416 [TRAIN-AND-OLDER] Improve timeout error handling ed0ed100 [stable/train] Revert "Remove download_ansible_playbooks" fc34403e Remove left over print f0c8e5f1 Fix upgrade prompt 55c99266 Use undercloud upgrade to update all required pkgs e277e46f Removed job tripleo-ci-centos-7-scenario009-multinode-oooq-container 3b52fa2c tripleo-ci-centos-7-containerized-undercloud-upgrades -> NV 54f1e93e Add option to skip ipa cleanup when deleting overclouds da9dc6eb [stable-only] Add retry for inserting temp_ssh_key 3b0f307c Add login flag to container image prepare defaults 9b0f5dd8 Raise a new ValueError with the contents of the JSON is parsing fails 5627d8d9 [stable-only] Raise error for temp_ssh_key import failure 7fc95cac Expose --limit, --skip-tags, and --tags on the CLI. 934d713a [stable only] Remove timeout in config-download-export b9511925 Add release note for undercloud.conf parsing 42822ff9 Update necessary packages before undercloud upgarde. 8b7d1be9 Fix ResourceWarning: unclosed file 780139aa Fix misused deployment vs connection timeouts d4c35c06 Ensure the undercloud output dir constant is consistent 6efccee3 Add logic to clean up ipa on stack delete fdce01fc Improve container_images_file comments 8f5a2dab Normalize the 'undercloud-passwords.conf' return data 7f4622dd Add --work-dir option to container image build command b1703f2f Local file based image uploader 63f4078b Add option to control ironic network interfaces f8671e51 baremetal provision expose concurrency and timeout b5bc064b Use correct default key file and normalize the usage 25c00613 Update undercloud.conf with correct SSL information f3064562 overcloud: set DeployIdentifier to '' if --skip-deploy-identifier is used 8e0c0cd7 Make _get_undercloud_host_entry(self) python3 friendly f39c1823 Refactor image upload command 42c04f7f Relax ~/.config permissions 5e40c707 Remove extra whitespaces from getent. 3818c0e3 Fix default image registry address lookup 760b354d Increase ssh port timeout eefe92ee Add source auth to image push 4c46dc16 undercloud: introduce undercloud_enable_paunch option 358465d2 Revert "Default to zero verbosity when using Ansible." df649121 Revert "Added for support for generating overcloud clouds.yaml" 629a35f0 Implement utils.copy_clouds_yaml 23884fe1 tripleo_deploy: set RootStackName 5e09e827 Allow import to specify image location ipxe=false 27ce58ac Enable stack status output for tripleo deploy 303a334d Fix all py27 tests 449a77a4 Revert "Remove panko" b2f0a34f openstack overcloud node delete --baremetal-deployment aef369e7 Default to zero verbosity when using Ansible. bd2a3773 Enforce 0600 permissions on private SSH key file. 6367d58c Handle config-download in progress in tripleoclient 1f52be58 Add additional ssh timeout options 6acea631 Complete overcloud deploy --baremetal-deployment f15890bd Improvements to unprovision command 13e24cdc Allow ctlplane subnets in undercloud chrony acl rules be999f12 Catch exceptions when processing subnets 585fb281 Pass container name to update_nodes workflow 94163f40 TripleO Validator CLI Refactor Diffstat (except docs and test files) ------------------------------------- bindep.txt | 1 + lower-constraints.txt | 7 +- ...eanup-to-overcloud-delete-ab5835b098805d45.yaml | 12 + .../notes/ansible-forks-arg-9f7b439e4b6980dd.yaml | 6 + ...nsible_connection_timeout-78e45f20ff91f672.yaml | 6 + ...nfig-download-in-progress-4af02517cb5a5c0c.yaml | 6 + .../notes/container_work_dir-edb40007cb25168e.yaml | 8 + .../libvirtd_handle_nbd_tls-277e72f07dd867c8.yaml | 26 + ...ent-timeouts-configurable-326124c81ce56fca.yaml | 11 + ...ack-overcloud-export-ceph-f36421e1685db302.yaml | 6 + ...ironic-network-interfaces-7e185f5fd67c7500.yaml | 8 + ...rcloud-cloud-yaml-support-fae7585c46eda8e8.yaml | 8 - ...vercloud-export-passwords-bfa698491601a734.yaml | 4 + ...panko-deprecated-in-train-0444baa3ba4688f1.yaml | 6 - ...ove_ffwd-upgrade_commands-579f885957f02863.yaml | 7 + .../strict-config-parsing-ded8d4994c8ea363.yaml | 9 + ...eo_validator_cli_refactor-64c298348d405347.yaml | 17 + .../upgrade_update_prompt-f6ace53f02b62fa0.yaml | 7 + ...lidation_logging_features-a7c096868197c42a.yaml | 7 + requirements.txt | 4 +- setup.cfg | 14 +- test-requirements.txt | 2 +- tripleoclient/command.py | 23 + tripleoclient/config/standalone.py | 17 +- tripleoclient/config/undercloud.py | 27 +- tripleoclient/constants.py | 132 +++- tripleoclient/exceptions.py | 23 + tripleoclient/export.py | 99 ++- tripleoclient/plugin.py | 14 +- .../__init__.py | 0 .../test_tripleo_container_image.py | 300 ++++++++ .../v1/overcloud_config/test_overcloud_config.py | 10 +- .../v1/overcloud_delete/test_overcloud_delete.py | 78 ++ .../v1/overcloud_deploy/test_overcloud_deploy.py | 303 +++++++- .../test_overcloud_external_update.py | 28 +- .../test_overcloud_external_upgrade.py | 28 +- .../test_overcloud_ffwd_upgrade.py | 247 ------ .../v1/overcloud_image/test_overcloud_image.py | 829 +++++++++++++++------ .../v1/overcloud_update/test_overcloud_update.py | 72 +- .../v1/overcloud_upgrade/test_overcloud_upgrade.py | 178 +++-- tripleoclient/utils.py | 559 ++++++++------ tripleoclient/v1/container_image.py | 224 ++++-- tripleoclient/v1/mock_clouds_yaml.py | 3 - tripleoclient/v1/overcloud_admin.py | 25 +- tripleoclient/v1/overcloud_cell.py | 18 +- tripleoclient/v1/overcloud_config.py | 10 +- tripleoclient/v1/overcloud_delete.py | 87 +++ tripleoclient/v1/overcloud_deploy.py | 270 +++++-- tripleoclient/v1/overcloud_export_ceph.py | 114 +++ tripleoclient/v1/overcloud_external_update.py | 38 +- tripleoclient/v1/overcloud_external_upgrade.py | 39 +- tripleoclient/v1/overcloud_ffwd_upgrade.py | 218 ------ tripleoclient/v1/overcloud_image.py | 502 ++++++++----- tripleoclient/v1/overcloud_node.py | 229 +++++- tripleoclient/v1/overcloud_update.py | 107 ++- tripleoclient/v1/overcloud_upgrade.py | 151 ++-- tripleoclient/v1/tripleo_container_image.py | 738 ++++++++++++++++++ tripleoclient/v1/tripleo_deploy.py | 62 +- tripleoclient/v1/tripleo_upgrade.py | 7 + tripleoclient/v1/tripleo_validator.py | 493 +++++++----- tripleoclient/v1/undercloud.py | 100 ++- tripleoclient/v1/undercloud_config.py | 91 ++- tripleoclient/v1/undercloud_preflight.py | 6 +- tripleoclient/workflows/baremetal.py | 11 + tripleoclient/workflows/base.py | 9 +- tripleoclient/workflows/deployment.py | 140 ++-- tripleoclient/workflows/parameters.py | 82 ++ tripleoclient/workflows/scale.py | 3 +- zuul.d/layout.yaml | 58 +- 88 files changed, 6326 insertions(+), 2429 deletions(-) Requirements updates -------------------- diff --git a/requirements.txt b/requirements.txt index 739e8e1d..e7167d1e 100644 --- a/requirements.txt +++ b/requirements.txt @@ -19 +19,2 @@ websocket-client>=0.44.0 # LGPLv2+ -tripleo-common>=11.3.1 # Apache-2.0 +tenacity>=5.0.1 # Apache-2.0 +tripleo-common>=11.4.0 # Apache-2.0 @@ -21,0 +23 @@ futures>=3.0.0;python_version=='2.7' or python_version=='2.6' # BSD +validations-libs>=1.0.0 diff --git a/test-requirements.txt b/test-requirements.txt index 3a42b24d..4c821db0 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -9 +9 @@ fixtures>=3.0.0 # Apache-2.0/BSD -mock>=2.0.0 # BSD +mock>=3.0.0 # BSD

1 0

os-refresh-config 10.4.1 (train)
by no-reply＠openstack.org 08 Feb '21

08 Feb '21

We are happy to announce the release of: os-refresh-config 10.4.1: Refresh system configuration This release is part of the train stable release series. The source is available from: https://opendev.org/openstack/os-refresh-config Download the package from: https://tarballs.openstack.org/os-refresh-config/ Please report issues through: https://bugs.launchpad.net/os-refresh-config/+bugs For more details, please see below. Changes in os-refresh-config 10.4.0..10.4.1 ------------------------------------------- d0fdb42 [train] Switch to content provider jobs/templates b5e8cc4 Update TOX/UPPER_CONSTRAINTS_FILE for stable/train e24cf15 Update .gitreview for stable/train Diffstat (except docs and test files) ------------------------------------- .gitreview | 1 + tox.ini | 2 +- zuul.d/layout.yaml | 2 +- 3 files changed, 3 insertions(+), 2 deletions(-)

1 0

murano 8.1.1 (train)
by no-reply＠openstack.org 08 Feb '21

08 Feb '21

We are stoked to announce the release of: murano 8.1.1: Murano API This release is part of the train stable release series. The source is available from: https://opendev.org/openstack/murano Download the package from: https://tarballs.openstack.org/murano/ Please report issues through: https://bugs.launchpad.net/murano/+bugs For more details, please see below. Changes in murano 8.1.0..8.1.1 ------------------------------ e7d37190 Fix murano ci UT error fa8332f4 Fix versions api by using webob correctly cfef69e3 Murano api add monkey patch Diffstat (except docs and test files) ------------------------------------- murano/api/__init__.py | 14 ++++++++++++++ murano/api/versions.py | 2 +- murano/cmd/__init__.py | 14 ++++++++++++++ murano/cmd/api.py | 9 --------- murano/cmd/cfapi.py | 9 --------- murano/cmd/engine.py | 9 --------- murano/monkey_patch.py | 25 +++++++++++++++++++++++++ 9 files changed, 59 insertions(+), 28 deletions(-)

1 0

os-net-config 11.4.0 (train)
by no-reply＠openstack.org 08 Feb '21

08 Feb '21

We are excited to announce the release of: os-net-config 11.4.0: OpenStack network configuration This release is part of the train stable release series. The source is available from: https://opendev.org/openstack/os-net-config Download the package from: https://tarballs.openstack.org/os-net-config/ Please report issues through: https://bugs.launchpad.net/os-net-config/+bugs For more details, please see below. Changes in os-net-config 11.3.1..11.4.0 --------------------------------------- 0cdb1d2 basic support for Linux tap devices 47d6343 Wire up new tripleo upgrades jobs template 884c3e4 Fixing the dependency for sriov_config service b52ac80 Enable smfs software steering when switchdev is enabled 86cc40e [train] Switch to content provider jobs/templates f49ab16 Add NIC Partitioning support for Mellanox VFs ac8d1b9 Avoid openvswitch restarts during re-run 904fa24 Set OVSBOOTPROTO to dhcp when using dhcpv6 with OVS b34a730 Skip VFs configured for DPDKs during NIC ordering 4954748 Retries are attempted if VF configuration fails f8c4a2e Run ifup on a bond when a slave interface is restarted a1f75de SRIOV VF: Add min_tx_rate and max_tx_rate 049314b Enable new routing rules on the fly without restarting interfaces 74d3212 We need to use the MAC instead of PCI Address for Mellanox cards Diffstat (except docs and test files) ------------------------------------- etc/os-net-config/samples/linux_tap.json | 8 +++ etc/os-net-config/samples/linux_tap.yaml | 6 ++ etc/os-net-config/samples/sriov_pf.json | 12 ++++ etc/os-net-config/samples/sriov_pf.yaml | 7 ++ os_net_config/__init__.py | 11 +++ os_net_config/cli.py | 8 ++- os_net_config/impl_ifcfg.py | 115 +++++++++++++++++++++++++++++-- os_net_config/objects.py | 70 +++++++++++++++++-- os_net_config/schema.yaml | 42 +++++++++++ os_net_config/sriov_config.py | 21 +++++- os_net_config/utils.py | 79 ++++++++++++++++----- zuul.d/layout.yaml | 3 +- 16 files changed, 571 insertions(+), 38 deletions(-)

1 0

barbican_tempest_plugin 1.2.0 (wallaby)
by no-reply＠openstack.org 08 Feb '21

08 Feb '21

We exuberantly announce the release of: barbican_tempest_plugin 1.2.0: OpenStack barbican tempest tests. This release is part of the wallaby release series. The source is available from: https://opendev.org/openstack/barbican_tempest_plugin Download the package from: https://tarballs.openstack.org/barbican-tempest-plugin/ For more details, please see below. Changes in barbican_tempest_plugin 1.1.0..1.2.0 ----------------------------------------------- 35ffd4e Add py38 package metadata 0525790 Remove six a4523f3 Remove a dummy test 696827e bump py37 to py38 in tox.ini Diffstat (except docs and test files) ------------------------------------- .../services/key_manager/json/consumer_client.py | 2 +- .../services/key_manager/json/container_client.py | 2 +- .../services/key_manager/json/order_client.py | 2 +- .../services/key_manager/json/quota_client.py | 2 +- .../services/key_manager/json/secret_client.py | 3 +-- requirements.txt | 1 - setup.cfg | 1 + tox.ini | 2 +- 9 files changed, 7 insertions(+), 37 deletions(-) Requirements updates -------------------- diff --git a/requirements.txt b/requirements.txt index 761711f..67ae150 100644 --- a/requirements.txt +++ b/requirements.txt @@ -7 +6,0 @@ pbr!=2.1.0,>=2.0.0 # Apache-2.0 -six>=1.10.0 # MIT

1 0

oslo.metrics 0.2.0 (wallaby)
by no-reply＠openstack.org 08 Feb '21

08 Feb '21

We are tickled pink to announce the release of: oslo.metrics 0.2.0: Oslo Metrics API This release is part of the wallaby release series. The source is available from: https://opendev.org/openstack/oslo.metrics Download the package from: https://pypi.org/project/oslo.metrics Please report issues through: https://bugs.launchpad.net/oslo.metrics/+bugs For more details, please see below. Changes in oslo.metrics 0.1.0..0.2.0 ------------------------------------ 82928b5 Update Metric Naming 4fcf2c1 Handle Sigterm Properly Diffstat (except docs and test files) ------------------------------------- oslo_metrics/__main__.py | 12 +++++ oslo_metrics/metrics/oslo_messaging.py | 77 ++++++++++++++++-------------- 3 files changed, 55 insertions(+), 38 deletions(-)

1 0

os-apply-config 10.5.2 (train)
by no-reply＠openstack.org 08 Feb '21

08 Feb '21

We are stoked to announce the release of: os-apply-config 10.5.2: Config files from cloud metadata This release is part of the train stable release series. The source is available from: https://opendev.org/openstack/os-apply-config Download the package from: https://tarballs.openstack.org/os-apply-config/ Please report issues through: https://bugs.launchpad.net/os-apply-config/+bugs For more details, please see below. Changes in os-apply-config 10.5.1..10.5.2 ----------------------------------------- 6dd7738 [train] Switch to content provider jobs/templates Diffstat (except docs and test files) ------------------------------------- zuul.d/layout.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)

1 0