Release-announce
Threads by month
- ----- 2025 -----
- March
- February
- January
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
June 2022
- 1 participants
- 44 discussions
We are tickled pink to announce the release of:
taskflow 5.0.0: Taskflow structured state management library.
The source is available from:
https://opendev.org/openstack/taskflow
Download the package from:
https://pypi.org/project/taskflow
For more details, please see below.
Changes in taskflow 4.7.0..5.0.0
--------------------------------
2521e3ee Quote string representations
44f17d00 Remove six
a26e2d88 Drop python3.6/3.7 support in testing runtime
Diffstat (except docs and test files)
-------------------------------------
requirements.txt | 3 --
setup.cfg | 5 ++-
taskflow/atom.py | 27 +++++++--------
taskflow/conductors/backends/impl_executor.py | 4 +--
taskflow/conductors/backends/impl_nonblocking.py | 3 +-
taskflow/conductors/base.py | 4 +--
taskflow/deciders.py | 4 +--
taskflow/engines/action_engine/actions/base.py | 5 +--
taskflow/engines/action_engine/compiler.py | 6 ++--
taskflow/engines/action_engine/completer.py | 4 +--
taskflow/engines/action_engine/deciders.py | 9 ++---
taskflow/engines/action_engine/engine.py | 10 +++---
taskflow/engines/action_engine/executor.py | 4 +--
taskflow/engines/action_engine/process_executor.py | 36 +++++---------------
taskflow/engines/base.py | 5 +--
taskflow/engines/helpers.py | 3 +-
taskflow/engines/worker_based/executor.py | 3 +-
taskflow/engines/worker_based/protocol.py | 12 +++----
taskflow/engines/worker_based/proxy.py | 5 ++-
taskflow/engines/worker_based/types.py | 13 ++++----
taskflow/examples/example_utils.py | 2 +-
.../examples/jobboard_produce_consume_colors.py | 24 ++++++-------
taskflow/examples/parallel_table_multiply.py | 7 ++--
taskflow/examples/run_by_iter.py | 4 +--
taskflow/examples/share_engine_thread.py | 3 +-
taskflow/examples/simple_map_reduce.py | 4 +--
taskflow/examples/tox_conductor.py | 5 ++-
taskflow/examples/wbe_event_sender.py | 4 +--
taskflow/examples/wbe_mandelbrot.py | 12 +++----
taskflow/exceptions.py | 17 +++++-----
taskflow/flow.py | 8 ++---
taskflow/jobs/backends/impl_redis.py | 12 +++----
taskflow/jobs/backends/impl_zookeeper.py | 5 ++-
taskflow/jobs/base.py | 16 ++++-----
taskflow/listeners/base.py | 4 +--
taskflow/listeners/claims.py | 4 +--
taskflow/listeners/timing.py | 3 +-
taskflow/patterns/graph_flow.py | 7 ++--
taskflow/persistence/backends/impl_memory.py | 3 +-
taskflow/persistence/backends/impl_sqlalchemy.py | 13 ++++----
taskflow/persistence/base.py | 8 ++---
taskflow/persistence/models.py | 20 +++++------
taskflow/persistence/path_based.py | 7 ++--
taskflow/retry.py | 6 ++--
taskflow/storage.py | 23 ++++++-------
taskflow/task.py | 19 +++++------
taskflow/test.py | 3 +-
taskflow/types/failure.py | 18 ++++++----
taskflow/types/graph.py | 6 ++--
taskflow/types/notifier.py | 11 +++---
taskflow/types/sets.py | 4 +--
taskflow/types/timing.py | 4 +--
taskflow/types/tree.py | 7 ++--
taskflow/utils/banner.py | 6 ++--
taskflow/utils/iter_utils.py | 8 ++---
taskflow/utils/kazoo_utils.py | 10 +++---
taskflow/utils/misc.py | 27 +++++++--------
taskflow/utils/mixins.py | 35 -------------------
taskflow/utils/redis_utils.py | 4 +--
taskflow/utils/threading_utils.py | 6 ++--
tools/schema_generator.py | 7 ++--
tools/speed_test.py | 5 ++-
tox.ini | 1 -
84 files changed, 280 insertions(+), 469 deletions(-)
Requirements updates
--------------------
diff --git a/requirements.txt b/requirements.txt
index f1cdc800..32ded5c7 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -10,3 +9,0 @@ pbr!=2.1.0,>=2.0.0 # Apache-2.0
-# Python 2->3 compatibility library.
-six>=1.10.0 # MIT
-
1
0
We exuberantly announce the release of:
designate 13.0.1: DNS as a Service
This release is part of the xena stable release series.
The source is available from:
https://opendev.org/openstack/designate
Download the package from:
https://tarballs.openstack.org/designate/
Please report issues through:
https://bugs.launchpad.net/designate/+bugs
For more details, please see below.
13.0.1
^^^^^^
Bug Fixes
* Fixed an issue that caused the recordset_records quota to not be
enforced.
* Fixes bug 1934252 which ignored invalid denylist patterns. The fix
entailed checking the pattern string via regular expression compiler
and testing for zero length.
Previously you could create blacklist/denylist using string that
cannot be used either as a regex or as a zone name, for example:
patterns = ['', "'#(*&^%$%$#@$']"
In addition, the server will return a 400 BadRequest response to an
invalid pattern.
(https://bugs.launchpad.net/designate/+bug/1934252)
* Fixed an issue where new BIND9 pool instances may fail on zone
update.
* Fixed an issue where set-quotas will always return the default
quotas if it was called with a non-project scoped token and the all-
projects flag was not set.
* Fixes support for keystone default roles and scoped tokens.
* Allows for a minimum TTL value of zero to be used instead of 1. As
stated in RFC
https://datatracker.ietf.org/doc/html/rfc2181#section-8.
(https://bugs.launchpad.net/designate/+bug/1926429)
* CAA records now allow the use of *+* prefixed subadresses like
*security+caa(a)example.net* within mail urls. (https://www.rfc-
editor.org/rfc/rfc5233.html#section-1)
See bug 1958533 for more information.
(https://bugs.launchpad.net/designate/+bug/1958533)
* Fixed a bug where deleting a zone transfer request may fail when
using a system scoped token.
Changes in designate 13.0.0..13.0.1
-----------------------------------
2159c7a5 Fix misleading release note for RBAC changes.
2862a550 Clarifies the zone import error message
8fea6838 Fix duplicate zone when creating ptr records
5237ce97 Fix incorrect 404 error on floating IP create
fab62ff8 Fix dns.query.tcp/udp not always handling ipv6 properly
4e6da9b9 Improve wording for validation error messages
9f9480bd Modernize PTR implementation in Central
d04a2e17 Fix designate-manage pool update bugs
0b818283 Allow email subadresses to be used within mail url of CAA records
e6922d74 Simplify create zone import implementation
d1402da7 Fixed incorrect message when zone import failed due to quota
5b1b404e Fix zone update when adding new Bind9 target to pool.
6b595bd4 Add proper quota error messages
63bc0c1d Fix delete zone transfer request with scoped token
264ac571 Minimum TTL value allowed is zero
f4396df7 Fix a typo in the tsigkey policy file
721184fc Validate worker actions before retrying poll
fc0c6b37 Fixed incorrect quota exception message
b5bb17cf Fix support for scoped tokens and default roles
c78db47c Update zuul queue configuration
28e969e7 Improve quota API validations
08d56f87 Fix tox docs env to have the correct dependencies
6072ef37 Fix set-quotas for non-project scoped tokens
df605a79 Fix recordset_records quota enforcement
e2027bfb Add fips jobs
b55afb59 Checks for invalid denylist regex patterns
e8217d5b Remove lower-constraint job from stable/xena
5e9cca1b Allow TXT record over 255 characters if split
8634d531 Fix race condition in the sink when deleting records
86db7954 Update TOX_CONSTRAINTS_FILE for stable/xena
1bfcf16c Update .gitreview for stable/xena
Diffstat (except docs and test files)
-------------------------------------
.gitreview | 1 +
.zuul.yaml | 37 +-
designate/api/middleware.py | 6 +-
designate/api/v2/controllers/quotas.py | 10 +
.../api/v2/controllers/zones/tasks/exports.py | 9 +-
designate/backend/agent.py | 40 +-
designate/backend/impl_bind9.py | 31 +-
designate/central/service.py | 1266 +++++++++++++-------
designate/common/constants.py | 28 +
designate/common/policies/base.py | 70 +-
designate/common/policies/context.py | 50 +-
designate/common/policies/diagnostics.py | 51 +-
designate/common/policies/quota.py | 2 +-
designate/common/policies/recordset.py | 64 +-
designate/common/policies/tsigkey.py | 15 +-
designate/common/policies/zone.py | 25 +-
designate/common/policies/zone_export.py | 24 +-
designate/common/policies/zone_import.py | 2 +-
designate/common/policies/zone_transfer_accept.py | 6 +-
designate/common/policies/zone_transfer_request.py | 25 +-
designate/context.py | 5 +-
designate/dnsutils.py | 152 ++-
designate/exceptions.py | 13 +
designate/mdns/notify.py | 24 +-
designate/notification_handler/base.py | 50 +-
.../adapters/api_v2/zone_transfer_request.py | 12 +-
designate/objects/blacklist.py | 4 +-
designate/objects/fields.py | 53 +-
designate/objects/quota.py | 8 +-
designate/objects/rrdata_txt.py | 38 +-
designate/objects/zone.py | 2 +-
designate/policy.py | 15 +-
designate/quota/base.py | 19 +-
designate/quota/impl_storage.py | 2 +-
designate/storage/impl_sqlalchemy/__init__.py | 11 +-
.../nova/compute.instance.create.end-2.json | 180 +++
.../test_notification_handler/test_neutron.py | 40 +-
designate/worker/README.md | 2 +-
designate/worker/tasks/base.py | 48 +
designate/worker/tasks/zone.py | 38 +-
designate/worker/utils.py | 82 --
playbooks/enable-fips.yaml | 3 +
...x-recordset-records-quota-76ed3095dd2afbbe.yaml | 4 +
...atterns-not-being-checked-ec1f1316ccc6cb1d.yaml | 16 +
...x-update-zone-create-zone-ada1fd81de479492.yaml | 4 +
...non-project-scoped-tokens-ffe3082db3dbb55b.yaml | 6 +
.../Support-scoped-tokens-6b7d6052a258cd11.yaml | 4 +
...429-allow-ttl-min-of-zero-688f7c2cf095d89d.yaml | 8 +
...33-allow-caa-mail-subaddr-d02cdc46bbb118ad.yaml | 10 +
...sfer-request-scoped-token-fc9d3be407e1a50a.yaml | 5 +
tox.ini | 9 +-
73 files changed, 2778 insertions(+), 1156 deletions(-)
1
0
We enthusiastically announce the release of:
designate 14.0.1: DNS as a Service
This release is part of the yoga stable release series.
The source is available from:
https://opendev.org/openstack/designate
Download the package from:
https://tarballs.openstack.org/designate/
Please report issues through:
https://bugs.launchpad.net/designate/+bugs
For more details, please see below.
14.0.1
^^^^^^
Bug Fixes
* Fixed an issue where set-quotas will always return the default
quotas if it was called with a non-project scoped token and the all-
projects flag was not set.
* Allows for a minimum TTL value of zero to be used instead of 1. As
stated in RFC
https://datatracker.ietf.org/doc/html/rfc2181#section-8.
(https://bugs.launchpad.net/designate/+bug/1926429)
* Fixed a bug where deleting a zone transfer request may fail when
using a system scoped token.
Changes in designate 14.0.0..14.0.1
-----------------------------------
38081027 Fix misleading release note for RBAC changes.
1b7b7df1 Validate worker actions before retrying poll
22d3c0c0 Fixed incorrect quota exception message
1ba0f1a1 Minimum TTL value allowed is zero
34976032 Clarifies the zone import error message
5b014685 Update zuul queue configuration
8f5e8db1 Improve quota API validations
5b40d3d9 Fix tox docs env to have the correct dependencies
276a9fbe Fix delete zone transfer request with scoped token
a8e74f4f Fix set-quotas for non-project scoped tokens
0f25a811 Update TOX_CONSTRAINTS_FILE for stable/yoga
5f590606 Update .gitreview for stable/yoga
Diffstat (except docs and test files)
-------------------------------------
.gitreview | 1 +
.zuul.yaml | 5 +-
designate/api/v2/controllers/quotas.py | 10 ++
designate/central/service.py | 1 +
designate/common/constants.py | 11 ++
designate/objects/quota.py | 8 +-
designate/objects/zone.py | 2 +-
designate/quota/base.py | 2 +-
designate/quota/impl_storage.py | 2 +-
designate/storage/impl_sqlalchemy/__init__.py | 2 +
designate/worker/tasks/base.py | 48 +++++++++
designate/worker/tasks/zone.py | 30 ++++--
...non-project-scoped-tokens-ffe3082db3dbb55b.yaml | 6 ++
.../Support-scoped-tokens-6b7d6052a258cd11.yaml | 4 +-
...429-allow-ttl-min-of-zero-688f7c2cf095d89d.yaml | 8 ++
...sfer-request-scoped-token-fc9d3be407e1a50a.yaml | 5 +
tox.ini | 9 +-
23 files changed, 484 insertions(+), 60 deletions(-)
1
0
We are pleased to announce the release of:
glance 24.1.0: OpenStack Image Service
This release is part of the yoga stable release series.
The source is available from:
https://opendev.org/openstack/glance
Download the package from:
https://tarballs.openstack.org/glance/
Please report issues through:
https://bugs.launchpad.net/glance/+bugs
For more details, please see below.
24.1.0
^^^^^^
New Features
************
* When the Glance image cache is being used, the CURRENT version of
the Image service API, as indicated in the "GET /versions" response,
is 2.16.
Upgrade Notes
*************
* The Image service API call "PUT /v2/cache/{image_id}" now returns
a 202 (Accepted) response code to indicate success. In glance
24.0.0 (the initial Yoga release), it had mistakenly returned a 200.
Bug Fixes
*********
* Bug #1972666 (https://bugs.launchpad.net/glance/+bug/1972666)
Added cli_opts and cache_opts to support configgen to pick all
groups from wsgi.py
* Bug 1971521 (https://bugs.launchpad.net/glance/+bug/1971521)
Fixed the success response code of the REST API call "PUT
/v2/cache/{image_id}" to be 202 (Accepted), following the original
design of the feature.
Changes in glance 24.0.0..24.1.0
--------------------------------
55c000ee Bump Image API version to 2.16
cc98dbef Fix failing namespace list delete race
e943645f Added cli_opts and cache_opts
9043efc5 [APIImpact] Correct API response code for PUT /v2/cache/{image_id}
49d25474 [CI] Add upper constraints to install command
1beee78e Update TOX_CONSTRAINTS_FILE for stable/yoga
c7e1b3b4 Update .gitreview for stable/yoga
Diffstat (except docs and test files)
-------------------------------------
.gitreview | 1 +
api-ref/source/v2/cache-manage.inc | 2 +-
glance/api/middleware/version_negotiation.py | 3 +-
glance/api/v2/cached_images.py | 4 +-
glance/api/v2/metadef_namespaces.py | 8 +-
glance/api/versions.py | 3 +-
glance/opts.py | 2 +
.../add-cli-and-cache-opts-902f28d65c8fb827.yaml | 5 ++
releasenotes/notes/api-2.16-8417b1e23322fedb.yaml | 19 +++++
tox.ini | 8 +-
13 files changed, 153 insertions(+), 36 deletions(-)
1
0
We are chuffed to announce the release of:
kayobe 11.1.0: Deployment of OpenStack to bare metal using OpenStack
kolla and bifrost
This release is part of the xena stable release series.
The source is available from:
https://opendev.org/openstack/kayobe
Download the package from:
https://tarballs.openstack.org/kayobe/
Please report issues through:
https://storyboard.openstack.org/#!/project/openstack/kayobe
For more details, please see below.
11.1.0
^^^^^^
New Features
************
* Adds support for custom Placement configuration.
* Adds support for global configuration options for Apt in files in
"/etc/apt/apt.conf.d/" on Ubuntu systems. See story 2009655 for
details.
* Adds support for configuring Apt repositories on Ubuntu hosts. See
story 2009655 for details.
* Add the bonding 802.3ad aggregation selection option.
* Enables hardware clock (RTC) synchronisation by default when
applying the chrony role. This setting is configurable with the new
variable "chrony_rtcsync_enabled".
* Adds support for inspection of L3-routed Ironic networks via DHCP-
relay.
* The new filter "net_no_ip" adds the attribute "no_ip" which can be
set to "true" to skip IP address allocation and configuration for
specific networks.
* Adds a new variable "seed_hypervisor_enable_snat" that allows
users to enable SNAT service on the seed hypervisor. The default
value is "false".
* Adds support for Rocky Linux 8 as Host OS.
* Adds support for running package updates on Ubuntu hosts via the
following existing commands:
* "kayobe seed host package update --packages <packages>"
* "kayobe seed hypervisor host package update --packages
<packages>"
* "kayobe infra vm host package update --packages <packages>"
* "kayobe overcloud host package update --packages <packages>"
Security Issues
***************
* Fixes an issue where any passwords in
"kolla_ansible_custom_passwords" were exposed in Ansible logs. When
using verbosity level 3 ("-vvv"), they were also exposed in Ansible
output.
Bug Fixes
*********
* Ironic inspection through Bifrost now work even if DHCP-relay is
used. The dhcp-range in dnsmasq.conf corrctly configured with
network mask.
* In production environments, the provision network may be separated
from the other networks, so in this case, if you want Bifrost's DHCP
service provides the correct gateway for the clients the
"inspection_gateway" should be used instead of the "gateway"
attribute for the provision network. This also avoids configuring
the multiple IP gateways on a single host which leads to
unpredictable results.
* Fixes an issue where the Neutron SR-IOV agent image is not built
when the service is enabled.
* Fixes an issue with idempotence of local Kolla Ansible
configuration generation.
* Fixes an issue with the seed's configdrive when the admin network
is a VLAN. See story 2008089 for details.
* Enables deployment of Grafana when Monasca is enabled, as a
replacement for the retired "monasca-grafana" image. See story
2009717 for details.
* Fixes Ansible inventory generation with some custom group mappings
using the same group names for Kayobe and Kolla Ansible. See story
2009927 for details.
* The set of commands starting with "kayobe overcloud database" now
generate the kolla configuration necessary to login to the nodes
running the database.
* Fixes an issue with config drive generation for infrastructure and
seed VMs when using untagged interfaces. The symptom of this issue
is that kayobe cannot login to the instance. If you check the
libvirt console log, you will see "KeyError: 'vlan_link'". See story
2009910 for details.
* Fixes an issue where hacluster images are not built when the
service is enabled.
* Fixes an issue with IPA image builds which used the "master"
branch of "ironic-python-agent", even on stable releases of Kayobe,
or when explicitly setting "ipa_build_source_version".
* Fixes an issue seen when using Jinja2 3.1.0.
* Fixes an issue where any passwords in
"kolla_ansible_custom_passwords" were exposed in Ansible logs. When
using verbosity level 3 ("-vvv"), they were also exposed in Ansible
output.
* Fixes an issue where patch links could be erroneously created on
hosts not in the overcloud group. See Story 2009911 for details.
* Fixes an issue where the MTU defined in Kayobe was not applied to
Ironic provisioning and cleaning networks in Neutron.
* Deployment image (IPA) build no longer uses master version of
upper- constraints. Instead, it defaults to using the constraints
for the OpenStack release associated with the version of Kayobe
being used. See story 2009810 for details.
* Fixes failures to run "kayobe overcloud bios raid configure" by
upgrading the "stackhpc.drac" role to version 1.1.6.
* Fixes an issue with masking NTP services which are not found. See
story 2009821 for details.
Changes in kayobe 11.0.1..11.1.0
--------------------------------
0467484a ironic: Set MTU on provisioning and cleaning Neutron networks
1b4a34a6 Fix forgotten hacluster regexp for image build
d5fe7852 kolla_passwords: add no_log for password overrides
fe07bd3c Fix Bifrost inspection through DHCP-relay
4e3c0405 Bump stackhpc.drac role
82193e8b Cleanup old and deprecated Swift configuration
f5792171 docs: Fix custom LVM example
b1f9b4b8 Update documentation link for NCLU
65ad855e CI: separate image builds into a non-voting job
75c18cc1 Fix variable name for stackhpc.os-networks upper constraints
63b22c96 Restore forgotten linuxbridge-agent container
5c96d8cf Fix Ansible inventory generation when reusing group names
ef3bb407 Sync Kolla Ansible feature flags and inventory
a7791250 CI: fix TLS job by freeing up memory
a451ff7a Fix custom config idempotence
4efb80a1 Ubuntu: add support for Apt configuration
5b78b375 Use jinja2.pass_context instead of contextfilter
98d7cc13 Ubuntu: add support for Apt repository configuration
c083073c Add support for Rocky Linux 8
1a9dc309 Ubuntu: support host package update
efa8209c CI: pin pytest-metadata<2 for molecule
1ff569ac CI: Don't download Cirros or IPA in seed jobs
0bf197a4 Skip IP address allocation and configuration if needed
512f4c1e Only create patch links on overcloud hosts
c8571765 CI: Disable container image builds on Ubuntu
ffbd3d7e Use naming convention to infer VLAN tagging
15790c98 CI: remove qemu-utils installation
0e0a3038 Add the bonding 802.3ad aggregation selection option
d5006cc6 CI: stop using zuul as kayobe_ansible_user in TLS jobs
c69a808a Sync enable flag defaults with kolla ansible
f4a81e48 Enable rtcsync in chrony by default
451d1c3a Bump up manage-lvm role version to v0.2.6
e0a5bf17 CI: Enable bare metal testing for Ubuntu
deb969e5 Set requirements branch for IPA build
81645697 ntp: Fix service mask when service doesn't exist
bbd22d55 Set correct gateway for the bifrost provision network
717c6321 Use net_mask filter instead of ansible's ipaddr
e0627ac4 Fix Sphinx syntax typo
14b4e204 Fix 'ModuleNotFoundError: No module named 'docker'
2c881818 Adds support for custom Placement configuration.
48e5cdd2 Allow enable SNAT service on the seed hypervisor
7ca933e7 Fix seed VM configdrive when admin network is a VLAN
1db55d09 Generate kolla config when running database commands
b89b7a73 Build neutron-sriov-agent image when enabled
45797aa4 ipa: Use openstack_branch instead of master
e8ca12ef Deploy Grafana when Monasca is enabled
c97b7e21 [CI] Drop unused nodeset
3dd2dd98 Add support for Ironic inspection through DHCP-relay
7d9b86e2 Document that extra kernel parameters are important for inspection
1d791e2c Limit ip-routing and snat to seed hosts only
b7a804ce Uninstall ansible-base package only if exists
Diffstat (except docs and test files)
-------------------------------------
ansible/group_vars/all/apt | 35 +++++
ansible/group_vars/all/bifrost | 3 +
ansible/group_vars/all/dnf | 8 +-
ansible/group_vars/all/globals | 12 +-
ansible/group_vars/all/infra-vms | 5 +
ansible/group_vars/all/ipa | 9 +-
ansible/group_vars/all/kolla | 19 ++-
ansible/group_vars/all/seed-hypervisor | 3 +
ansible/group_vars/all/seed-vm | 7 +-
ansible/group_vars/all/time | 3 +
ansible/group_vars/seed-hypervisor/snat | 3 +
ansible/group_vars/seed/snat | 3 +
ansible/host-package-update.yml | 6 +-
ansible/ip-allocation.yml | 1 +
ansible/ip-routing.yml | 4 +-
ansible/kolla-ansible.yml | 1 +
ansible/kolla-bifrost-hostvars.yml | 2 +-
ansible/kolla-bifrost.yml | 3 +-
ansible/kolla-openstack.yml | 2 +
ansible/provision-net.yml | 4 +-
ansible/roles/apt/defaults/main.yml | 38 +++++
ansible/roles/apt/handlers/main.yml | 5 +
ansible/roles/apt/tasks/config.yml | 14 ++
ansible/roles/apt/tasks/keys.yml | 19 +++
ansible/roles/apt/tasks/main.yml | 21 +--
ansible/roles/apt/tasks/proxy.yml | 17 +++
ansible/roles/apt/tasks/repos.yml | 23 +++
ansible/roles/apt/templates/kayobe.sources.j2 | 15 ++
ansible/roles/dnf/tasks/local-mirror.yml | 9 +-
.../roles/dnf/templates/Rocky-AppStream.repo.j2 | 16 ++
ansible/roles/dnf/templates/Rocky-BaseOS.repo.j2 | 16 ++
ansible/roles/dnf/templates/Rocky-Extras.repo.j2 | 16 ++
ansible/roles/kolla-ansible/defaults/main.yml | 3 +
.../roles/kolla-ansible/library/kolla_passwords.py | 2 +-
ansible/roles/kolla-ansible/tasks/install.yml | 1 +
.../kolla-ansible/templates/kolla/globals.yml | 2 +-
.../kolla-ansible/templates/overcloud-services.j2 | 6 +-
.../kolla-ansible/templates/overcloud-top-level.j2 | 2 +-
ansible/roles/kolla-ansible/vars/main.yml | 1 +
ansible/roles/kolla-bifrost/defaults/main.yml | 1 +
.../templates/kolla/config/bifrost/bifrost.yml | 1 +
ansible/roles/kolla-openstack/defaults/main.yml | 9 ++
.../molecule/enable-everything/molecule.yml | 4 +
ansible/roles/kolla-openstack/tasks/config.yml | 2 +-
.../roles/kolla-openstack/templates/glance.conf.j2 | 29 ----
.../kolla-openstack/templates/placement.conf.j2 | 9 ++
ansible/roles/kolla-openstack/vars/main.yml | 5 +
ansible/roles/network-redhat/tasks/main.yml | 1 +
ansible/roles/ntp/tasks/prepare.yml | 25 ++-
ansible/snat.yml | 4 +-
dev/functions | 15 +-
.../reference/ironic-python-agent.rst | 7 +-
.../configuration/reference/kolla-ansible.rst | 2 +
.../configuration/reference/os-distribution.rst | 14 +-
.../configuration/reference/physical-network.rst | 2 +-
.../configuration/scenarios/all-in-one/index.rst | 6 +-
.../scenarios/all-in-one/overcloud.rst | 9 +-
etc/kayobe/apt.yml | 35 +++++
etc/kayobe/bifrost.yml | 3 +
etc/kayobe/dnf.yml | 8 +-
etc/kayobe/globals.yml | 7 +-
etc/kayobe/infra-vms.yml | 3 +
etc/kayobe/ipa.yml | 2 +-
etc/kayobe/kolla.yml | 4 +-
etc/kayobe/seed-hypervisor.yml | 3 +
etc/kayobe/seed-vm.yml | 5 +-
etc/kayobe/time.yml | 3 +
kayobe/cli/commands.py | 11 +-
kayobe/plugins/filter/networkd.py | 8 +-
kayobe/plugins/filter/networks.py | 91 ++++++-----
.../plugins/action/test_kolla_ansible_host_vars.py | 6 +-
molecule-requirements.txt | 1 +
playbooks/kayobe-infra-vm-base/pre.yml | 2 +-
playbooks/kayobe-overcloud-base/globals.yml.j2 | 2 +-
playbooks/kayobe-overcloud-base/overrides.yml.j2 | 8 +-
playbooks/kayobe-overcloud-base/run.yml | 11 --
.../overrides.yml.j2 | 36 ++++-
.../kayobe-overcloud-host-configure-base/pre.yml | 2 +-
playbooks/kayobe-overcloud-upgrade-base/run.yml | 5 -
.../kayobe-seed-base/bifrost-overrides.yml.j2 | 6 +-
playbooks/kayobe-seed-base/overrides.yml.j2 | 4 +-
playbooks/kayobe-seed-base/pre.yml | 3 +-
playbooks/kayobe-seed-base/run.yml | 34 +++--
.../bifrost-overrides.yml.j2 | 6 +-
playbooks/kayobe-seed-vm-base/pre.yml | 2 +-
...d-extended-placement-conf-70a4b9a318c1b555.yaml | 3 +
.../notes/apt-config-bc72fd0bff919888.yaml | 6 +
.../notes/apt-repositories-850efef70ba34946.yaml | 5 +
...ifrost-dhcp-range-netmask-fd40642967042267.yaml | 5 +
...ifrost-inspection-gateway-316ab384430ef8df.yaml | 9 ++
.../notes/bond-ad-select-8fc711dcd54e9cea.yaml | 4 +
.../build-neutron-sriov-836acf378bae0b48.yaml | 5 +
.../notes/config-idemoptence-37846db82ecd9f43.yaml | 4 +
.../notes/configdrive-vlans-4e8b6ed07b229233.yaml | 6 +
...able-grafana-with-monasca-497d686e95d89242.yaml | 7 +
...nable-rtc-synchronisation-1179a52e8e6bd12b.yaml | 6 +
...lla-ansible-group-mapping-8fcd6cbb1e744e18.yaml | 6 +
...ckup-with-no-kolla-config-4f857915adabad41.yaml | 6 +
.../fixes-keyerror-vlan-link-c177cf719e070df6.yaml | 8 +
.../hacluster-build-issue-2a8023e0cd80235a.yaml | 5 +
...pector-dhcp-range-netmask-bb46eb7df77587a4.yaml | 4 +
.../notes/ip-allocation-skip-9e81c13324b7a7e1.yaml | 6 +
.../notes/ipa-branch-b29c377c531013a8.yaml | 6 +
.../jinja2-pass-context-fecf00f23e413393.yaml | 4 +
...asswords-overrides-no-log-57054ce64fae8143.yaml | 11 ++
.../patch-links-on-overcloud-e24dbc858d3399cc.yaml | 6 +
.../notes/provision-net-mtu-befdda04224f49a6.yaml | 5 +
.../seed-hypervisor-snat-3f4844bd1156bce9.yaml | 5 +
...ents-branch-for-ipa-build-c3ca977ec21b58f4.yaml | 8 +
.../stackhpc-drac-check-mode-8097215f8eca9991.yaml | 5 +
.../notes/story-2009821-b309165e25e77aea.yaml | 5 +
.../support-rockylinux-8-1da50e2f97b918d5.yaml | 4 +
.../ubuntu-package-update-0db09fc57249b9fc.yaml | 10 ++
requirements.txt | 1 +
requirements.yml | 12 +-
roles/kayobe-ci-prep/tasks/main.yml | 2 +-
roles/kayobe-diagnostics/files/get_logs.sh | 1 +
zuul.d/jobs.yaml | 53 +++++++
zuul.d/nodesets.yaml | 9 +-
zuul.d/project.yaml | 16 ++
134 files changed, 1171 insertions(+), 275 deletions(-)
Requirements updates
--------------------
diff --git a/molecule-requirements.txt b/molecule-requirements.txt
index e2e59cc2..120b4f74 100644
--- a/molecule-requirements.txt
+++ b/molecule-requirements.txt
@@ -7,0 +8 @@ molecule-docker # MIT
+pytest-metadata<2 # MPL
diff --git a/requirements.txt b/requirements.txt
index 8cfd1a87..7502967a 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,0 +2 @@ pbr>=2.0 # Apache-2.0
+Jinja2>3 # BSD
1
0
We are psyched to announce the release of:
kolla-ansible 13.1.0: Ansible Deployment of Kolla containers
This release is part of the xena stable release series.
The source is available from:
https://opendev.org/openstack/kolla-ansible
Download the package from:
https://tarballs.openstack.org/kolla-ansible/
Please report issues through:
https://bugs.launchpad.net/kolla-ansible/+bugs
For more details, please see below.
13.1.0
^^^^^^
New Features
************
* Deploys and configures a prometheus-libvirt-exporter image as part
of the Prometheus monitoring stack.
* Adds a "tls_connect" module to the Prometheus blackbox exporter.
This can be used to test connectivity of TLS servers.
* New switches added to control deployment of the Masakari monitors.
The deployment of each type of monitors can be controlled
individually via "enable_masakari_instancemonitor" and
"enable_masakari_hostmonitor". By default, both are set to "true"
when the deployment of the Masakari is enabled via
"enable_masakari".
* Implements container healthchecks for ironic-neutron-agent
service. See blueprint
* Adds support for libvirt SASL authentication. It is enabled by
default. LP#1964013
* Adds support for Rocky Linux 8 as Host OS.
Known Issues
************
* Existing fluentd log rotation failed to delete old haproxy, swift,
glance-tls-proxy and neutron-tls-proxy logs. These will not be
deleted by the new logrotate config and will have to be removed
manually.
Upgrade Notes
*************
* RabbitMQ's Prometheus plugin is no longer enabled by default if
Prometheus is not deployed. If external Prometheus is used, you need
to turn on "rabbitmq_enable_prometheus_plugin" to get old behaviour.
* The addition of libvirt SASL authentication requires a new
password in "passwords.yml", "libvirt_sasl_password". This may be
generated using the existing "kolla-genpwd" and "kolla-mergepwd"
tooling.
* The addition of libvirt SASL authentication requires both the
"nova_libvirt" and "nova_compute" containers to be updated
simultaneously, using new images with the necessary Cyrus SASL
dependencies, as well as configuration containing the SASL
credentials.
* It is no longer possible to override the removal of the Monasca
Log Metrics service and it will be removed automatically if it
hasn't already been removed in the Wallaby release. It is up to the
operator to remove any associated docker volumes.
* update the default value of node_custom_config to {{ node_config
}}/config, when specified using --configdir
Security Issues
***************
* Explicitly removes the "net.ipv4.ip_forward" sysctl from
"/etc/sysctl.conf" on hosts with Neutron L3 Agent. In the absence of
another source for this sysctl, it should revert to the default of 0
after the next reboot. This is a follow up to a previous change
which stopped setting the sysctl, but leaves existing systems with
the original value of 1 set.
A deployer looking to more aggressively change the value may set
"neutron_l3_agent_host_ipv4_ip_forward" to 0 using a Yoga release of
Kolla Ansible. This option will be removed in future. Any
deployments still relying on the previous value may set
"neutron_l3_agent_host_ipv4_ip_forward" to 1. LP#1945453
* Fixes an issue where the default configuration of libvirt did not
use authentication for the API exposed over TCP on the internal API
network. This allowed anyone with access to the internal API network
read-write access to libvirt. While the internal API network is
typically trusted, other services on this network generally at least
require authentication.
SASL authentication is now enabled for libvirt by default. Kolla
Ansible supports libvirt TLS since the Train release, and this is
recommended to provide a higher level of security. LP#1964013
Bug Fixes
*********
* Fixes an issue with an OIDC authentication flow requiring
unnecessary action from the user. Redirecting to the target IdP page
now happens automatically. LP#930055
* Removes custom value of "max_allowed_secret_in_bytes" in
"barbican.conf". The default maximum size in Barbican was doubled to
avoid issues with some certificates. LP #1957795
* Fixes deploy Zun with Cinder Ceph support. Adds support for zun to
access cinder volumes when external ceph is configured for cinder.
LP#1848934
* Fixed the deployment failure of outward_rabbitmq by resolving port
conflicts by customizing RabbitMQ's "prometheus.tcp.port". LP
#1885106
* Use Volume V3 API in OpenStack exporter. Volume V2 API has been
removed since OpenStack Wallaby. LP#1938194
* Fixes the copy job for grafana custom home dashboard file. The
copy job for the grafana home dashboard file needs to run
priviliged, otherwise permission denied error occurs. LP#[1947710]
* Fixes Octavia's "Connection refused" errors by adding
"ovn_sb_connection" to "octavia.conf". LP#195011
* Ironic API and Ironic Inspector API use separate policy files.
Ironic role was updated to be able to handle both policies
separately. LP#1952948
* Continue to run all actions if one action failed in Elasticsearch
curator. LP#1954720
* Fixes Placement no logrotate configuration LP#1954723
* Fixes Nova resize failing when "migration_interface" is
customised. LP#1956976
* Fixes unable to connect to zun console when
"kolla_enable_tls_external" is true. Access to console of any zun
container fails when "kolla_enable_tls_external" is true. This fix
sets the protocol for wsproxy "base_url" in "zun.conf" according to
the value of "kolla_enable_tls_external" LP#1957117
* Fixes "Register Identity Providers in OpenStack" task which was
missing an *=* in the openstack command causing the task to fail to
register an IDP with Keystone. LP#1959022
* Fixes Glance with Cinder iSCSI backend failing due to lack of
lock_path setting. LP#1959663
* Fixes logrotate config missing for openvswitch and prometheus
services. LP#1961795
* Fixes an issue with Ironic's PXE components not getting updated on
upgrade. LP#1963752
* Fixes configuration of the Prometheus HTTP API URL when using the
Prometheus collector in CloudKitty. LP#1961615
* Fixes an issue with Prometheus scraping when targets' Ansible
inventory hostnames ("inventory_hostname") do not resolve to
reachable IP addresses. Reverts to the previous behaviour of using
IP addresses to communicate with targets. The side effect of this is
that targets instances will again be labelled using IP addresses
rather than hostnames. LP#1955563
* Fix the apache's wsgi configuration for the aodh service in
Debuntu binary flavours. LP#1953059
* Fixes the baremetal role to avoid an error "Unable to remove
"libvirtd". Now the symlink
/etc/apparmor.d/disable/usr.sbin.libvirtd is created by the role.
LP#1960302
* Existing fluentd log rotation failed to delete old haproxy, swift,
glance-tls-proxy and neutron-tls-proxy logs. Standardise rotation
and deletion of logs using logrotate.
* Fixes an issue with setting up OIDC based Keystone federation
against IDP that has a different response type than id_token. This
can now be set using a new variable
"keystone_federation_oidc_response_type". LP#1959781
* adds back the option to configure the rabbitmq clustering
interface via kolla *LP#1900160 <https://bugs.launchpad.net/kolla-
ansible/+bug/1900160>*
* Fixes an issue seen when using Jinja2 3.1.0.
* Fixes an issue with Masakari instance monitor when libvirt SASL is
enabled. libvirt SASL was enabled by default in a recent change to
Kolla Ansible. LP#1965754
* Fixes the configuration option setting the type of endpoint used
by Neutron to send requests to Placement. LP#1960503
* Fixes a configuration issue with Node Exporter causing all file
system metrics of a host to be identical. LP#1961438
* Fixes an issue where a failure of any Nova compute service to
register itself would cause only the host querying the nova API to
fail. Now, only hosts that fail to register will fail the Kolla
Ansible run. Alternatively, to fail all hosts in a cell when any
compute service fails to register, set
"nova_compute_registration_fatal" to "true". LP#1940119
* The prometheus openstack exporters are now behind haproxy,
providing a unique time series in the prometheus database. Also
ensures that only one exporter queries the openstack APIs at any
given time interval. With the previous behavior each openstack
exporter was scraped at the same time. This caused each exporter to
query the openstack APIs simultaneously introducing unneccesary load
and duplicate time series in the prometheus database due to the
instance label being unique for each exporter. LP#1972818
* Fixes an issue where RabbitMQ was configured to mirror classic
transient queues for all services. According to the RabbitMQ
documentation this is not a supported configuration, and contributed
to numerous bug reports. In order to avoid making unexpected changes
to the RabbitMQ cluster, it is necessary to set
"rabbitmq_remove_ha_all_policy" to "yes" in order to apply this fix.
This variable will be removed in the Yoga release. LP#1954925
* Fixes an issue with Cinder upgrade where Cinder services would
remain pinned to the previous release's RPC & object versions.
LP#1954932
Changes in kolla-ansible 13.0.1..13.1.0
---------------------------------------
d988c5991 Control Masakari monitors deploy
6a0b1bd42 Make redis connection string configurable
2e5e1b554 [CI] Nullify attempts
704da0b9c talk TLS to openstack exporter via haproxy
87a217fc9 genpwd: handle lack of password file nicer
8a0acd0a2 Use 'cloudkitty_influxdb_use_ssl' when creatign InfluxDB database
5a613d64c masakari: support libvirt SASL in instance monitor
fff725d18 [CI] Restore token critical error filter
7525f1e08 Grafana: Run priviliged when copying home dashboard file
5d0686731 Put openstack exporter behind HAproxy so only one is queried at a time
ce94b4dde [CI] Raise [keystone_authtoken]http_request_max_retries
91fd18b2b [CI] Always use quay.io via infra's mirror
14ce30530 nova: improve compute service registration failure handling
d1b7814c7 nova: use any_errors_fatal for once-per-cell tasks
6e982e076 [CI] Make kolla-build quiet
18d7859bd added missing become in ovs-dpdk role
6abe02571 re-add rabbitmq config for clustering interface
4c1c44d42 Use jinja2.pass_context instead of contextfilter
50100fb2b designate: fix external backend deployment
9cfb4ebf8 Ironic: rebootstrap ironic-pxe on upgrade
fb3aa1bf0 Fix prometheus fix
425ead579 Allow removal of classic queue mirroring for internal RabbitMQ
60c80ffac cinder: restart services after upgrade
fc13c40f5 Add Rocky Linux support as Host OS
dfdbddffa Fix failure in deployment with missing group
7259672ef Add support for deploying Prometheus libvirt exporter
d7092dca8 CI: pin ansible-lint to <6
daef31a42 libvirt: support SASL authentication
800f08e61 Fix prechecks for "Ironic iPXE" container
f5dcd8d5b Explicitly unset net.ipv4.ip_forward sysctl
4a1a70469 [CI] Use Tenks in Ironic job
6a1f4a782 [CI] Test Ironic when touching Neutron
71af20c15 [CI] Test Ironic on Debian
e1cab1604 Fix hard coded OIDC response type
7ef67c88c Remove grafana [session] configuration
98a462cd5 Add openvswitch and prometheus to logrotate
0c55b6521 CI: Bump Ceph to Pacific
e51c21ed2 Fix location of release note for ironic-neutron-agent healthcheck
c91e85cf2 cloudkitty: fix URL used for Prometheus collector
b4f68a991 Configure node-exporter to report correct file system metrics
b7470787f Fix fluentd v1 buffer syntax issue
d661dab49 Refactor fluentd syslog logging
859efbaf3 CI: Fix new ansible-lint failures
47ac706d2 neutron: fix placement endpoint type configuration
ae8900855 Fix Apparmor libvirt profile removal
79ed0470c [CI] Check fluentd errors
a763f586b Fix log rotation for fluentd created files
905dc7fae Glance: add lock_path setting
f70008b35 [CI] Replace parted with lsblk
920089c9f Deploy Zun with Cinder Ceph support
827656dbb Add OIDCDiscoverURL mod_oidc option
e1423e9b6 prometheus: add tls_connect blackbox module
6562c6d8e Fix usage of Subject Alternative Name for TLS
a9edcd3e8 update the default value of node_custom_config
464877f01 Fix bad openstack command while registering IDP
e15b35e81 Revert "Use friendly target names in Prometheus"
e891bfdf2 Use Docker healthchecks for ironic-neutron-agent services
0354b39b1 Make nova_ssh listen on api_interface as well
51fff9cf9 Continue to run all actions if one action failed in curator
107636766 Revert "[CI] [to-revert] Avoid upgrades on CentOS Stream 8"
c80d2068e Remove custom value of max_allowed_secret_in_bytes
dc8853a9a Fix permission denied errors with ping on c8s
1b6bd8d33 [CI] [to-revert] Avoid upgrades on CentOS Stream 8
72be14b3f Add logrotate to libvirt service
f36a00a97 Access to zun container fails when tls_external enabled.
58775d20a OpenID Connect certifiate file is optional
e2ba1bb39 Add logrotate configuration for placement service
1f5bf1f00 rabbitmq: enable/disable prometheus plugin follow up
cf8dbd6d0 Support enable/disable rabbitmq prometheus plugins
681bcc59e CI: check-logs - add another exception
75fd5c894 Use Volume V3 API in OpenStack exporter
a5e0e986b docs: adjust to current defaults
6c695564b Move project_name and kolla_role_name to role vars
a4376cd74 [CI] Drop unused nodeset
54718a90f horizon: move horizon_enable_tls_backend to group_vars
f00e54be7 Add ovn_sb_connection to octavia.conf
837a2fd4a Add ironic-inspector policy configuration
89353bd31 Remove Monasca Log Metrics service
3ee71d248 Fix aodh wsgi config file in Debuntu binary
Diffstat (except docs and test files)
-------------------------------------
.ansible-lint | 6 +
ansible/group_vars/all.yml | 20 +-
ansible/inventory/all-in-one | 3 +
ansible/inventory/multinode | 3 +
ansible/nova.yml | 4 +
ansible/roles/aodh/defaults/main.yml | 2 -
ansible/roles/aodh/templates/wsgi-aodh.conf.j2 | 4 -
ansible/roles/aodh/vars/main.yml | 2 +
ansible/roles/barbican/defaults/main.yml | 2 -
ansible/roles/barbican/templates/barbican.conf.j2 | 1 -
ansible/roles/barbican/vars/main.yml | 2 +
ansible/roles/baremetal/defaults/main.yml | 21 +-
.../roles/baremetal/tasks/bootstrap-servers.yml | 5 +
.../baremetal/tasks/configure-ceph-for-zun.yml | 55 ++++++
ansible/roles/baremetal/tasks/install.yml | 2 +-
ansible/roles/baremetal/tasks/post-install.yml | 6 +-
ansible/roles/baremetal/tasks/pre-install.yml | 9 +
ansible/roles/bifrost/defaults/main.yml | 2 -
ansible/roles/bifrost/vars/main.yml | 2 +
ansible/roles/blazar/defaults/main.yml | 2 -
ansible/roles/blazar/vars/main.yml | 2 +
ansible/roles/ceilometer/defaults/main.yml | 2 -
ansible/roles/ceilometer/vars/main.yml | 2 +
ansible/roles/ceph-rgw/defaults/main.yml | 2 -
ansible/roles/ceph-rgw/vars/main.yml | 2 +
.../roles/certificates/tasks/generate-backend.yml | 2 +
ansible/roles/certificates/tasks/generate.yml | 4 +
.../templates/openssl-kolla-internal.cnf.j2 | 4 +-
.../certificates/templates/openssl-kolla.cnf.j2 | 4 +-
ansible/roles/cinder/defaults/main.yml | 11 +-
ansible/roles/cinder/handlers/main.yml | 20 ++
ansible/roles/cinder/tasks/reload.yml | 10 +
ansible/roles/cinder/tasks/upgrade.yml | 2 +
ansible/roles/cinder/vars/main.yml | 2 +
ansible/roles/cloudkitty/defaults/main.yml | 6 +-
ansible/roles/cloudkitty/tasks/bootstrap.yml | 1 +
ansible/roles/cloudkitty/vars/main.yml | 2 +
ansible/roles/collectd/defaults/main.yml | 2 -
ansible/roles/collectd/vars/main.yml | 2 +
ansible/roles/common/defaults/main.yml | 26 ++-
ansible/roles/common/tasks/config.yml | 7 +-
.../conf/filter/00-record_transformer.conf.j2 | 27 +--
.../common/templates/conf/output/00-local.conf.j2 | 217 ++-------------------
.../common/templates/conf/output/01-es.conf.j2 | 6 +-
.../templates/conf/output/02-monasca.conf.j2 | 4 +-
.../templates/cron-logrotate-haproxy.conf.j2 | 2 +-
.../templates/cron-logrotate-nova-libvirt.conf.j2 | 3 +
.../templates/cron-logrotate-openvswitch.conf.j2 | 3 +
.../templates/cron-logrotate-placement.conf.j2 | 3 +
.../templates/cron-logrotate-prometheus.conf.j2 | 3 +
ansible/roles/common/templates/fluentd.json.j2 | 27 +--
ansible/roles/common/vars/main.yml | 2 +
ansible/roles/cyborg/defaults/main.yml | 2 -
ansible/roles/cyborg/vars/main.yml | 2 +
ansible/roles/designate/defaults/main.yml | 2 -
ansible/roles/designate/tasks/backend_external.yml | 2 +
ansible/roles/designate/vars/main.yml | 2 +
ansible/roles/elasticsearch/defaults/main.yml | 2 -
.../templates/elasticsearch-curator-actions.yml.j2 | 14 +-
ansible/roles/elasticsearch/vars/main.yml | 2 +
ansible/roles/etcd/defaults/main.yml | 2 -
ansible/roles/etcd/vars/main.yml | 2 +
ansible/roles/freezer/defaults/main.yml | 2 -
ansible/roles/freezer/vars/main.yml | 2 +
ansible/roles/glance/defaults/main.yml | 2 -
ansible/roles/glance/templates/glance-api.conf.j2 | 3 +
ansible/roles/glance/vars/main.yml | 2 +
ansible/roles/gnocchi/defaults/main.yml | 2 -
ansible/roles/gnocchi/vars/main.yml | 2 +
ansible/roles/grafana/defaults/main.yml | 2 -
ansible/roles/grafana/tasks/config.yml | 1 +
ansible/roles/grafana/templates/grafana.ini.j2 | 8 -
ansible/roles/grafana/vars/main.yml | 2 +
ansible/roles/hacluster/defaults/main.yml | 2 -
ansible/roles/hacluster/vars/main.yml | 2 +
ansible/roles/haproxy-config/defaults/main.yml | 2 -
ansible/roles/haproxy-config/vars/main.yml | 2 +
ansible/roles/heat/defaults/main.yml | 2 -
ansible/roles/heat/vars/main.yml | 2 +
ansible/roles/horizon/defaults/main.yml | 7 -
ansible/roles/horizon/vars/main.yml | 2 +
ansible/roles/influxdb/defaults/main.yml | 2 -
ansible/roles/influxdb/vars/main.yml | 2 +
ansible/roles/ironic/defaults/main.yml | 2 -
ansible/roles/ironic/tasks/bootstrap.yml | 19 --
ansible/roles/ironic/tasks/bootstrap_service.yml | 19 ++
ansible/roles/ironic/tasks/config.yml | 42 +++-
ansible/roles/ironic/tasks/precheck.yml | 1 -
.../ironic/templates/ironic-inspector.json.j2 | 8 +-
ansible/roles/ironic/vars/main.yml | 2 +
ansible/roles/iscsi/defaults/main.yml | 2 -
ansible/roles/iscsi/vars/main.yml | 2 +
ansible/roles/kafka/defaults/main.yml | 2 -
ansible/roles/kafka/vars/main.yml | 2 +
ansible/roles/keystone/defaults/main.yml | 3 +-
.../keystone/tasks/config-federation-oidc.yml | 1 +
.../keystone/tasks/register_identity_providers.yml | 2 +-
.../roles/keystone/templates/wsgi-keystone.conf.j2 | 3 +-
ansible/roles/keystone/vars/main.yml | 2 +
ansible/roles/kibana/defaults/main.yml | 2 -
ansible/roles/kibana/vars/main.yml | 2 +
ansible/roles/kuryr/defaults/main.yml | 1 -
ansible/roles/kuryr/vars/main.yml | 2 +
ansible/roles/loadbalancer/defaults/main.yml | 2 -
ansible/roles/loadbalancer/vars/main.yml | 2 +
ansible/roles/magnum/defaults/main.yml | 2 -
ansible/roles/magnum/vars/main.yml | 2 +
ansible/roles/manila/defaults/main.yml | 2 -
ansible/roles/manila/vars/main.yml | 2 +
ansible/roles/mariadb/defaults/main.yml | 2 -
ansible/roles/mariadb/vars/main.yml | 2 +
ansible/roles/masakari/defaults/main.yml | 17 +-
ansible/roles/masakari/tasks/config.yml | 18 ++
ansible/roles/masakari/templates/auth.conf.j2 | 6 +
.../templates/masakari-instancemonitor.json.j2 | 8 +-
ansible/roles/masakari/vars/main.yml | 2 +
ansible/roles/memcached/defaults/main.yml | 2 -
ansible/roles/memcached/vars/main.yml | 2 +
ansible/roles/mistral/defaults/main.yml | 2 -
ansible/roles/mistral/vars/main.yml | 2 +
ansible/roles/monasca/defaults/main.yml | 10 +-
ansible/roles/monasca/handlers/main.yml | 15 --
ansible/roles/monasca/tasks/config.yml | 18 --
.../monasca-log-metrics/log-metrics.conf.j2 | 75 -------
.../monasca-log-metrics.json.j2 | 18 --
ansible/roles/monasca/vars/main.yml | 2 +
ansible/roles/multipathd/defaults/main.yml | 2 -
ansible/roles/multipathd/vars/main.yml | 2 +
ansible/roles/murano/defaults/main.yml | 2 -
ansible/roles/murano/vars/main.yml | 2 +
ansible/roles/neutron/defaults/main.yml | 17 +-
ansible/roles/neutron/tasks/config-host.yml | 2 +
ansible/roles/neutron/templates/neutron.conf.j2 | 2 +-
ansible/roles/neutron/vars/main.yml | 2 +
ansible/roles/nova-cell/defaults/main.yml | 20 +-
ansible/roles/nova-cell/handlers/main.yml | 15 ++
ansible/roles/nova-cell/tasks/config.yml | 20 ++
ansible/roles/nova-cell/tasks/deploy.yml | 3 +-
.../roles/nova-cell/tasks/discover_computes.yml | 88 ++-------
ansible/roles/nova-cell/tasks/precheck.yml | 17 +-
.../nova-cell/tasks/wait_discover_computes.yml | 88 +++++++++
ansible/roles/nova-cell/templates/auth.conf.j2 | 6 +
ansible/roles/nova-cell/templates/libvirtd.conf.j2 | 3 +-
.../roles/nova-cell/templates/nova-compute.json.j2 | 8 +-
.../roles/nova-cell/templates/nova-libvirt.json.j2 | 12 ++
ansible/roles/nova-cell/templates/sasl.conf.j2 | 2 +
ansible/roles/nova-cell/templates/sshd_config.j2 | 3 +
ansible/roles/nova-cell/vars/main.yml | 6 +
ansible/roles/nova/defaults/main.yml | 2 -
ansible/roles/nova/vars/main.yml | 2 +
ansible/roles/octavia/defaults/main.yml | 2 -
ansible/roles/octavia/templates/octavia.conf.j2 | 1 +
ansible/roles/octavia/vars/main.yml | 2 +
ansible/roles/openvswitch/defaults/main.yml | 2 -
ansible/roles/openvswitch/vars/main.yml | 2 +
ansible/roles/ovn/defaults/main.yml | 2 -
ansible/roles/ovn/vars/main.yml | 2 +
ansible/roles/ovs-dpdk/defaults/main.yml | 1 -
ansible/roles/ovs-dpdk/tasks/config.yml | 2 +
ansible/roles/ovs-dpdk/vars/main.yml | 2 +
ansible/roles/placement/defaults/main.yml | 2 -
ansible/roles/placement/vars/main.yml | 2 +
ansible/roles/prechecks/vars/main.yml | 2 +
ansible/roles/prometheus/defaults/main.yml | 29 ++-
ansible/roles/prometheus/handlers/main.yml | 15 ++
.../roles/prometheus/tasks/check-containers.yml | 2 +-
ansible/roles/prometheus/tasks/config.yml | 4 +-
ansible/roles/prometheus/tasks/precheck.yml | 15 ++
ansible/roles/prometheus/templates/clouds.yml.j2 | 1 +
.../templates/prometheus-blackbox-exporter.yml.j2 | 4 +
.../templates/prometheus-libvirt-exporter.json.j2 | 4 +
.../templates/prometheus-node-exporter.json.j2 | 2 +-
.../roles/prometheus/templates/prometheus.yml.j2 | 88 +++------
ansible/roles/prometheus/vars/main.yml | 2 +
ansible/roles/qdrouterd/defaults/main.yml | 2 -
ansible/roles/qdrouterd/vars/main.yml | 2 +
ansible/roles/rabbitmq/defaults/main.yml | 16 +-
ansible/roles/rabbitmq/tasks/config.yml | 36 ++++
ansible/roles/rabbitmq/tasks/deploy.yml | 3 +
.../roles/rabbitmq/tasks/remove-ha-all-policy.yml | 29 +++
ansible/roles/rabbitmq/tasks/upgrade.yml | 3 +
.../roles/rabbitmq/templates/advanced.config.j2 | 7 +
.../roles/rabbitmq/templates/definitions.json.j2 | 4 +
.../roles/rabbitmq/templates/enabled_plugins.j2 | 1 +
ansible/roles/rabbitmq/templates/rabbitmq.conf.j2 | 5 +
ansible/roles/rabbitmq/templates/rabbitmq.json.j2 | 12 ++
ansible/roles/rabbitmq/vars/main.yml | 2 +
ansible/roles/redis/defaults/main.yml | 2 -
ansible/roles/redis/vars/main.yml | 2 +
ansible/roles/sahara/defaults/main.yml | 2 -
ansible/roles/sahara/vars/main.yml | 2 +
ansible/roles/senlin/defaults/main.yml | 2 -
ansible/roles/senlin/vars/main.yml | 2 +
ansible/roles/skydive/defaults/main.yml | 2 -
ansible/roles/skydive/vars/main.yml | 2 +
ansible/roles/solum/defaults/main.yml | 2 -
ansible/roles/solum/vars/main.yml | 2 +
ansible/roles/storm/defaults/main.yml | 2 -
ansible/roles/storm/vars/main.yml | 2 +
ansible/roles/swift/defaults/main.yml | 2 -
ansible/roles/swift/vars/main.yml | 2 +
ansible/roles/tacker/defaults/main.yml | 2 -
ansible/roles/tacker/vars/main.yml | 2 +
ansible/roles/telegraf/defaults/main.yml | 2 -
ansible/roles/telegraf/vars/main.yml | 2 +
ansible/roles/trove/defaults/main.yml | 2 -
ansible/roles/trove/vars/main.yml | 2 +
ansible/roles/vitrage/defaults/main.yml | 2 -
ansible/roles/vitrage/vars/main.yml | 2 +
ansible/roles/vmtp/defaults/main.yml | 2 -
ansible/roles/vmtp/vars/main.yml | 2 +
ansible/roles/watcher/defaults/main.yml | 2 -
ansible/roles/watcher/vars/main.yml | 2 +
ansible/roles/zookeeper/defaults/main.yml | 2 -
ansible/roles/zookeeper/vars/main.yml | 2 +
ansible/roles/zun/defaults/main.yml | 3 +-
ansible/roles/zun/tasks/config.yml | 5 +
ansible/roles/zun/tasks/external_ceph.yml | 27 +++
ansible/roles/zun/templates/zun-compute.json.j2 | 20 +-
ansible/roles/zun/templates/zun.conf.j2 | 2 +-
ansible/roles/zun/vars/main.yml | 2 +
ansible/site.yml | 3 +
.../reference/shared-services/keystone-guide.rst | 4 +-
.../reference/storage/external-ceph-guide.rst | 27 +++
etc/kolla/globals.yml | 3 +-
etc/kolla/passwords.yml | 5 +
kolla_ansible/cmd/genpwd.py | 8 +-
kolla_ansible/filters.py | 8 +-
kolla_ansible/kolla_address.py | 4 +-
kolla_ansible/put_address_in_context.py | 21 +-
.../add-oidc-discover-url-83edb9f43f73a97f.yaml | 7 +
...ometheus-libvirt-exporter-b05a3a9c08db517c.yaml | 5 +
...n-max-allowed-secret-size-1941307ab5d2a9fd.yaml | 7 +
.../blackbox-tls-connect-517cd8ebdf87f16e.yaml | 5 +
.../notes/bug-1848934-878a08b490856a53.yaml | 7 +
.../notes/bug-1885106-2347d7458a8f9cb0.yaml | 13 ++
.../notes/bug-1938194-80dba28f9cdd434c.yaml | 6 +
.../notes/bug-1945453-2-287bfcaf060689d8.yaml | 16 ++
.../notes/bug-1947710-6d0975ae72f43ada.yaml | 7 +
.../notes/bug-1950111-8e477fb6a5b58822.yaml | 6 +
.../notes/bug-1952948-003aabe18144f569.yaml | 6 +
.../notes/bug-1954720-4fc48610a56f3e98.yaml | 6 +
.../notes/bug-1954723-2d49335022492891.yaml | 5 +
.../notes/bug-1956976-8a2623ca1fbfd546.yaml | 5 +
.../notes/bug-1957117-7832104d66a91da7.yaml | 11 ++
.../notes/bug-1959022-e3bb9448414b4ebe.yaml | 7 +
.../notes/bug-1959663-afda889b9aa4c63f.yaml | 6 +
.../notes/bug-1961795-16fb2ac27152fc03.yaml | 6 +
.../notes/bug-1963752-ee12e15c17c24bb0.yaml | 6 +
...cloudkitty-prometheus-url-ee14bc486e810631.yaml | 6 +
...control-masakari-monitors-1107c10c45678b0a.yaml | 8 +
.../notes/fix-1955563-42a14bb080e15df2.yaml | 9 +
.../fix-aodh-wsgi-config-7679adda584e33bb.yaml | 6 +
...r-libvirt-profile-removal-01db6ca6dd66879f.yaml | 7 +
.../fix-haproxy-logrotate-e299a0000728fd8f.yaml | 12 ++
...x-hardcoded-oidc-response-fc0f115f0b56cddf.yaml | 7 +
.../fix-openstack-exporter-tls-bug-1975598.yml | 8 +
...q-interface-configuration-b39c954fb8763d9c.yaml | 6 +
...-for-ironic-neutron-agent-61ec4d0d237da075.yaml | 6 +
.../jinja2-pass-context-2afc328ade8c407b.yaml | 4 +
.../notes/libvirt-sasl-404199143610fb75.yaml | 27 +++
.../masakari-libvirt-sasl-f368c31c0b5567b6.yaml | 6 +
...n-placement-endpoint-type-90073ba5ecc9e663.yaml | 6 +
...porter-filesystem-metrics-d3ae7b0a892d2957.yaml | 6 +
.../nova-discover-hosts-0353e9274f22195c.yaml | 9 +
.../openstack-exporter-hammering-os-apis.yaml | 14 ++
...emove-monasca-log-metrics-02a81671f864d1a9.yaml | 7 +
...ue-mirroring-for-rabbitmq-d54b9e7e25e57a88.yaml | 10 +
.../notes/support-rockylinux-ad6d48db054ead2b.yaml | 4 +
.../notes/unpin-cinder-rpcs-8eb7e0858a91b9b8.yaml | 6 +
...update-node-custom-config-7b378b25ce22779f.yaml | 5 +
requirements.txt | 2 +-
roles/cephadm/defaults/main.yml | 7 +-
roles/cephadm/tasks/main.yml | 9 +
roles/cephadm/templates/cephadm.yml.j2 | 6 +-
roles/multi-node-managed-addressing/tasks/main.yml | 1 +
test-requirements.txt | 2 +-
zuul.d/base.yaml | 12 +-
zuul.d/jobs.yaml | 20 ++
zuul.d/nodesets.yaml | 44 +----
zuul.d/project.yaml | 2 +
297 files changed, 1750 insertions(+), 967 deletions(-)
Requirements updates
--------------------
diff --git a/requirements.txt b/requirements.txt
index e85f7744c..59147c1bd 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -14 +14 @@ oslo.utils>=3.33.0 # Apache-2.0
-Jinja2>=2.10 # BSD License (3 clause)
+Jinja2>=3 # BSD License (3 clause)
diff --git a/test-requirements.txt b/test-requirements.txt
index ef84c6b8a..55a39db11 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -2 +2 @@
-ansible-lint>=4.2.0,!=4.3.0 # MIT
+ansible-lint>=4.2.0,!=4.3.0,<6.0.0 # MIT
1
0
We joyfully announce the release of:
kolla-ansible 12.4.0: Ansible Deployment of Kolla containers
This release is part of the wallaby stable release series.
The source is available from:
https://opendev.org/openstack/kolla-ansible
Download the package from:
https://tarballs.openstack.org/kolla-ansible/
Please report issues through:
https://bugs.launchpad.net/kolla-ansible/+bugs
For more details, please see below.
12.4.0
^^^^^^
New Features
************
* Adds a "tls_connect" module to the Prometheus blackbox exporter.
This can be used to test connectivity of TLS servers.
* New switches added to control deployment of the Masakari monitors.
The deployment of each type of monitors can be controlled
individually via "enable_masakari_instancemonitor" and
"enable_masakari_hostmonitor". By default, both are set to "true"
when the deployment of the Masakari is enabled via
"enable_masakari".
* Implements container healthchecks for ironic-neutron-agent
service. See blueprint
* Adds support for libvirt SASL authentication. It is enabled by
default. LP#1964013
Known Issues
************
* Existing fluentd log rotation failed to delete old haproxy, swift,
glance-tls-proxy and neutron-tls-proxy logs. These will not be
deleted by the new logrotate config and will have to be removed
manually.
Upgrade Notes
*************
* RabbitMQ's Prometheus plugin is no longer enabled by default if
Prometheus is not deployed. If external Prometheus is used, you need
to turn on "rabbitmq_enable_prometheus_plugin" to get old behaviour.
* An HTTP server is now always deployed for Ironic conductor, while
previously it was only deployed when iPXE is enabled.
In the Wallaby release, Ironic changed the default deploy driver
from iSCSI to direct. In the Xena release, Ironic removed the iSCSI
driver. The recommended deploy driver is "direct", which uses HTTP
to transfer the disk image. This requires an HTTP server, and the
simplest option is to use the one previously deployed when
"enable_ironic_ipxe" is set to "true".
* The addition of libvirt SASL authentication requires a new
password in "passwords.yml", "libvirt_sasl_password". This may be
generated using the existing "kolla-genpwd" and "kolla-mergepwd"
tooling.
* The addition of libvirt SASL authentication requires both the
"nova_libvirt" and "nova_compute" containers to be updated
simultaneously, using new images with the necessary Cyrus SASL
dependencies, as well as configuration containing the SASL
credentials.
* update the default value of node_custom_config to {{ node_config
}}/config, when specified using --configdir
Security Issues
***************
* Explicitly removes the "net.ipv4.ip_forward" sysctl from
"/etc/sysctl.conf" on hosts with Neutron L3 Agent. In the absence of
another source for this sysctl, it should revert to the default of 0
after the next reboot. This is a follow up to a previous change
which stopped setting the sysctl, but leaves existing systems with
the original value of 1 set.
A deployer looking to more aggressively change the value may set
"neutron_l3_agent_host_ipv4_ip_forward" to 0 using a Yoga release of
Kolla Ansible. This option will be removed in future. Any
deployments still relying on the previous value may set
"neutron_l3_agent_host_ipv4_ip_forward" to 1. LP#1945453
* Fixes an issue where the default configuration of libvirt did not
use authentication for the API exposed over TCP on the internal API
network. This allowed anyone with access to the internal API network
read-write access to libvirt. While the internal API network is
typically trusted, other services on this network generally at least
require authentication.
SASL authentication is now enabled for libvirt by default. Kolla
Ansible supports libvirt TLS since the Train release, and this is
recommended to provide a higher level of security. LP#1964013
Bug Fixes
*********
* Fixes an issue with an OIDC authentication flow requiring
unnecessary action from the user. Redirecting to the target IdP page
now happens automatically. LP#930055
* Removes custom value of "max_allowed_secret_in_bytes" in
"barbican.conf". The default maximum size in Barbican was doubled to
avoid issues with some certificates. LP #1957795
* Fixed the deployment failure of outward_rabbitmq by resolving port
conflicts by customizing RabbitMQ's "prometheus.tcp.port". LP
#1885106
* Use Volume V3 API in OpenStack exporter. Volume V2 API has been
removed since OpenStack Wallaby. LP#1938194
* Fixes the copy job for grafana custom home dashboard file. The
copy job for the grafana home dashboard file needs to run
priviliged, otherwise permission denied error occurs. LP#[1947710]
* Fixes Octavia's "Connection refused" errors by adding
"ovn_sb_connection" to "octavia.conf". LP#195011
* Ironic API and Ironic Inspector API use separate policy files.
Ironic role was updated to be able to handle both policies
separately. LP#1952948
* Continue to run all actions if one action failed in Elasticsearch
curator. LP#1954720
* Fixes Placement no logrotate configuration LP#1954723
* Fixes Nova resize failing when "migration_interface" is
customised. LP#1956976
* Fixes unable to connect to zun console when
"kolla_enable_tls_external" is true. Access to console of any zun
container fails when "kolla_enable_tls_external" is true. This fix
sets the protocol for wsproxy "base_url" in "zun.conf" according to
the value of "kolla_enable_tls_external" LP#1957117
* Fixes Glance with Cinder iSCSI backend failing due to lack of
lock_path setting. LP#1959663
* Fixes logrotate config missing for openvswitch and prometheus
services. LP#1961795
* Fixes an issue with Ironic's PXE components not getting updated on
upgrade. LP#1963752
* Fixes configuration of the Prometheus HTTP API URL when using the
Prometheus collector in CloudKitty. LP#1961615
* Fix the apache's wsgi configuration for the aodh service in
Debuntu binary flavours. LP#1953059
* Fixes the baremetal role to avoid an error "Unable to remove
"libvirtd". Now the symlink
/etc/apparmor.d/disable/usr.sbin.libvirtd is created by the role.
LP#1960302
* Existing fluentd log rotation failed to delete old haproxy, swift,
glance-tls-proxy and neutron-tls-proxy logs. Standardise rotation
and deletion of logs using logrotate.
* Fixes an issue with setting up OIDC based Keystone federation
against IDP that has a different response type than id_token. This
can now be set using a new variable
"keystone_federation_oidc_response_type". LP#1959781
* adds back the option to configure the rabbitmq clustering
interface via kolla *LP#1900160 <https://bugs.launchpad.net/kolla-
ansible/+bug/1900160>*
* Fixes an issue seen when using Jinja2 3.1.0.
* Fixes an issue with Masakari instance monitor when libvirt SASL is
enabled. libvirt SASL was enabled by default in a recent change to
Kolla Ansible. LP#1965754
* Fixes the configuration option setting the type of endpoint used
by Neutron to send requests to Placement. LP#1960503
* Fixes a configuration issue with Node Exporter causing all file
system metrics of a host to be identical. LP#1961438
* Fixes an issue where a failure of any Nova compute service to
register itself would cause only the host querying the nova API to
fail. Now, only hosts that fail to register will fail the Kolla
Ansible run. Alternatively, to fail all hosts in a cell when any
compute service fails to register, set
"nova_compute_registration_fatal" to "true". LP#1940119
* The prometheus openstack exporters are now behind haproxy,
providing a unique time series in the prometheus database. Also
ensures that only one exporter queries the openstack APIs at any
given time interval. With the previous behavior each openstack
exporter was scraped at the same time. This caused each exporter to
query the openstack APIs simultaneously introducing unneccesary load
and duplicate time series in the prometheus database due to the
instance label being unique for each exporter. LP#1972818
* Fixes an issue where RabbitMQ was configured to mirror classic
transient queues for all services. According to the RabbitMQ
documentation this is not a supported configuration, and contributed
to numerous bug reports. In order to avoid making unexpected changes
to the RabbitMQ cluster, it is necessary to set
"rabbitmq_remove_ha_all_policy" to "yes" in order to apply this fix.
This variable will be removed in the Yoga release. LP#1954925
* Fixes an issue with Cinder upgrade where Cinder services would
remain pinned to the previous release's RPC & object versions.
LP#1954932
Changes in kolla-ansible 12.3.0..12.4.0
---------------------------------------
bbbebc524 Control Masakari monitors deploy
d34dd8125 Make redis connection string configurable
4e991a98e [CI] Nullify attempts
6a1764885 talk TLS to openstack exporter via haproxy
a53f31bd0 genpwd: handle lack of password file nicer
6281603a5 Use 'cloudkitty_influxdb_use_ssl' when creatign InfluxDB database
59f46c248 masakari: support libvirt SASL in instance monitor
3184bd6ca [CI] Restore token critical error filter
3d25b7169 Grafana: Run priviliged when copying home dashboard file
3c2f416f4 Put openstack exporter behind HAproxy so only one is queried at a time
95d14f52b [CI] Raise [keystone_authtoken]http_request_max_retries
7b07d71c6 [CI] Always use quay.io via infra's mirror
219c39500 nova: improve compute service registration failure handling
fdb52f71a nova: use any_errors_fatal for once-per-cell tasks
1f9c13ad8 [CI] Make kolla-build quiet
b9efda413 added missing become in ovs-dpdk role
8e1c98d98 Allow removal of classic queue mirroring for internal RabbitMQ
51c2edf11 Use jinja2.pass_context instead of contextfilter
29ef33cbe re-add rabbitmq config for clustering interface
d63ebbd8b designate: fix external backend deployment
01fd3b779 Ironic: rebootstrap ironic-pxe on upgrade
4d61344c1 cinder: restart services after upgrade
fd99f70f4 CI: pin ansible-lint to <6
af6b3edfa libvirt: support SASL authentication
35ea7baf6 Fix prechecks for "Ironic iPXE" container
6b33c81aa [CI] Use Tenks in Ironic job
28f1b12e8 [CI] Test Ironic when touching Neutron
6033d070a [CI] Test Ironic on Debian
b59ba5bcf Explicitly unset net.ipv4.ip_forward sysctl
fb4f64c18 Fix hard coded OIDC response type
9cc98b719 Remove grafana [session] configuration
4a2d6b385 Add openvswitch and prometheus to logrotate
5ccc1fdb5 Fix location of release note for ironic-neutron-agent healthcheck
9e9682706 cloudkitty: fix URL used for Prometheus collector
ae46e80f3 Configure node-exporter to report correct file system metrics
5fadf566d Fix fluentd v1 buffer syntax issue
9c532f43b Refactor fluentd syslog logging
f582c52d7 CI: Fix new ansible-lint failures
9b3b2fdab Fix Apparmor libvirt profile removal
d95eb6a26 neutron: fix placement endpoint type configuration
78754d825 [CI] Check fluentd errors
b33c6fa91 Fix log rotation for fluentd created files
c3d8684fe Glance: add lock_path setting
ac6051f54 [CI] Replace parted with lsblk
501c8dec8 Add OIDCDiscoverURL mod_oidc option
25b00b5cf prometheus: add tls_connect blackbox module
0299a3d22 Fix usage of Subject Alternative Name for TLS
bcd8d23a5 update the default value of node_custom_config
170bca95e Make nova_ssh listen on api_interface as well
30d23f380 Use Docker healthchecks for ironic-neutron-agent services
b71004365 Continue to run all actions if one action failed in curator
ff92636dd Revert "[CI] [to-revert] Avoid upgrades on CentOS Stream 8"
e477227ca Remove custom value of max_allowed_secret_in_bytes
735b094f5 Fix permission denied errors with ping on c8s
4bdd9202c [CI] [to-revert] Avoid upgrades on CentOS Stream 8
8616af8f2 Add logrotate to libvirt service
52afd1bdc Access to zun container fails when tls_external enabled.
905df8b6c OpenID Connect certifiate file is optional
a7c13ad8b ironic: always enable conductor HTTP server
5db2066e5 Add logrotate configuration for placement service
8f98c4adb rabbitmq: enable/disable prometheus plugin follow up
1da4abcb7 docs: adjust to current defaults
b23bab245 Support enable/disable rabbitmq prometheus plugins
aca6cbfd0 CI: check-logs - add another exception
4515dc150 Use Volume V3 API in OpenStack exporter
6cb0e1062 Move project_name and kolla_role_name to role vars
d640a3aff [CI] Drop unused nodeset
9c80df349 horizon: move horizon_enable_tls_backend to group_vars
46249ad5e Add ironic-inspector policy configuration
918397c08 Add ovn_sb_connection to octavia.conf
82f248bcc Fix aodh wsgi config file in Debuntu binary
Diffstat (except docs and test files)
-------------------------------------
.ansible-lint | 6 +
ansible/group_vars/all.yml | 14 +-
ansible/nova.yml | 4 +
ansible/roles/aodh/defaults/main.yml | 2 -
ansible/roles/aodh/templates/wsgi-aodh.conf.j2 | 4 -
ansible/roles/aodh/vars/main.yml | 2 +
ansible/roles/barbican/defaults/main.yml | 2 -
ansible/roles/barbican/templates/barbican.conf.j2 | 1 -
ansible/roles/barbican/vars/main.yml | 2 +
ansible/roles/baremetal/tasks/install.yml | 2 +-
ansible/roles/baremetal/tasks/post-install.yml | 6 +-
ansible/roles/baremetal/tasks/pre-install.yml | 9 +
ansible/roles/bifrost/defaults/main.yml | 2 -
ansible/roles/bifrost/vars/main.yml | 2 +
ansible/roles/blazar/defaults/main.yml | 2 -
ansible/roles/blazar/vars/main.yml | 2 +
ansible/roles/ceilometer/defaults/main.yml | 2 -
ansible/roles/ceilometer/vars/main.yml | 2 +
.../roles/certificates/tasks/generate-backend.yml | 2 +
ansible/roles/certificates/tasks/generate.yml | 4 +
.../templates/openssl-kolla-internal.cnf.j2 | 4 +-
.../certificates/templates/openssl-kolla.cnf.j2 | 4 +-
ansible/roles/chrony/defaults/main.yml | 2 -
ansible/roles/chrony/vars/main.yml | 2 +
ansible/roles/cinder/defaults/main.yml | 11 +-
ansible/roles/cinder/handlers/main.yml | 20 ++
ansible/roles/cinder/tasks/reload.yml | 10 +
ansible/roles/cinder/tasks/upgrade.yml | 2 +
ansible/roles/cinder/vars/main.yml | 2 +
ansible/roles/cloudkitty/defaults/main.yml | 6 +-
ansible/roles/cloudkitty/tasks/bootstrap.yml | 1 +
ansible/roles/cloudkitty/vars/main.yml | 2 +
ansible/roles/collectd/defaults/main.yml | 2 -
ansible/roles/collectd/vars/main.yml | 2 +
ansible/roles/common/defaults/main.yml | 26 ++-
ansible/roles/common/tasks/config.yml | 7 +-
.../conf/filter/00-record_transformer.conf.j2 | 27 +--
.../common/templates/conf/output/00-local.conf.j2 | 217 ++-------------------
.../common/templates/conf/output/01-es.conf.j2 | 6 +-
.../templates/conf/output/02-monasca.conf.j2 | 4 +-
.../templates/cron-logrotate-haproxy.conf.j2 | 2 +-
.../templates/cron-logrotate-nova-libvirt.conf.j2 | 3 +
.../templates/cron-logrotate-openvswitch.conf.j2 | 3 +
.../templates/cron-logrotate-placement.conf.j2 | 3 +
.../templates/cron-logrotate-prometheus.conf.j2 | 3 +
ansible/roles/common/templates/fluentd.json.j2 | 27 +--
ansible/roles/common/vars/main.yml | 2 +
ansible/roles/cyborg/defaults/main.yml | 2 -
ansible/roles/cyborg/vars/main.yml | 2 +
ansible/roles/designate/defaults/main.yml | 2 -
ansible/roles/designate/tasks/backend_external.yml | 2 +
ansible/roles/designate/vars/main.yml | 2 +
ansible/roles/elasticsearch/defaults/main.yml | 2 -
.../templates/elasticsearch-curator-actions.yml.j2 | 14 +-
ansible/roles/elasticsearch/vars/main.yml | 2 +
ansible/roles/etcd/defaults/main.yml | 2 -
ansible/roles/etcd/vars/main.yml | 2 +
ansible/roles/freezer/defaults/main.yml | 2 -
ansible/roles/freezer/vars/main.yml | 2 +
ansible/roles/glance/defaults/main.yml | 2 -
ansible/roles/glance/templates/glance-api.conf.j2 | 3 +
ansible/roles/glance/vars/main.yml | 2 +
ansible/roles/gnocchi/defaults/main.yml | 2 -
ansible/roles/gnocchi/vars/main.yml | 2 +
ansible/roles/grafana/defaults/main.yml | 2 -
ansible/roles/grafana/tasks/config.yml | 1 +
ansible/roles/grafana/templates/grafana.ini.j2 | 8 -
ansible/roles/grafana/vars/main.yml | 2 +
ansible/roles/hacluster/defaults/main.yml | 2 -
ansible/roles/hacluster/vars/main.yml | 2 +
ansible/roles/haproxy-config/defaults/main.yml | 2 -
ansible/roles/haproxy-config/vars/main.yml | 2 +
ansible/roles/haproxy/defaults/main.yml | 2 -
ansible/roles/haproxy/vars/main.yml | 2 +
ansible/roles/heat/defaults/main.yml | 2 -
ansible/roles/heat/vars/main.yml | 2 +
ansible/roles/horizon/defaults/main.yml | 7 -
ansible/roles/horizon/vars/main.yml | 2 +
ansible/roles/influxdb/defaults/main.yml | 2 -
ansible/roles/influxdb/vars/main.yml | 2 +
ansible/roles/ironic/defaults/main.yml | 6 +-
ansible/roles/ironic/tasks/bootstrap.yml | 19 --
ansible/roles/ironic/tasks/bootstrap_service.yml | 19 ++
ansible/roles/ironic/tasks/config.yml | 42 +++-
ansible/roles/ironic/tasks/precheck.yml | 1 -
.../ironic/templates/ironic-inspector.json.j2 | 8 +-
ansible/roles/ironic/templates/ironic.conf.j2 | 7 +-
ansible/roles/ironic/vars/main.yml | 2 +
ansible/roles/iscsi/defaults/main.yml | 2 -
ansible/roles/iscsi/vars/main.yml | 2 +
ansible/roles/kafka/defaults/main.yml | 2 -
ansible/roles/kafka/vars/main.yml | 2 +
ansible/roles/keystone/defaults/main.yml | 3 +-
.../keystone/tasks/config-federation-oidc.yml | 1 +
.../roles/keystone/templates/wsgi-keystone.conf.j2 | 3 +-
ansible/roles/keystone/vars/main.yml | 2 +
ansible/roles/kibana/defaults/main.yml | 2 -
ansible/roles/kibana/vars/main.yml | 2 +
ansible/roles/kuryr/defaults/main.yml | 1 -
ansible/roles/kuryr/vars/main.yml | 2 +
ansible/roles/magnum/defaults/main.yml | 2 -
ansible/roles/magnum/vars/main.yml | 2 +
ansible/roles/manila/defaults/main.yml | 2 -
ansible/roles/manila/vars/main.yml | 2 +
ansible/roles/mariadb/defaults/main.yml | 2 -
ansible/roles/mariadb/vars/main.yml | 2 +
ansible/roles/masakari/defaults/main.yml | 17 +-
ansible/roles/masakari/tasks/config.yml | 18 ++
ansible/roles/masakari/templates/auth.conf.j2 | 6 +
.../templates/masakari-instancemonitor.json.j2 | 8 +-
ansible/roles/masakari/vars/main.yml | 2 +
ansible/roles/memcached/defaults/main.yml | 2 -
ansible/roles/memcached/vars/main.yml | 2 +
ansible/roles/mistral/defaults/main.yml | 2 -
ansible/roles/mistral/vars/main.yml | 2 +
ansible/roles/monasca/defaults/main.yml | 2 -
ansible/roles/monasca/vars/main.yml | 2 +
ansible/roles/multipathd/defaults/main.yml | 2 -
ansible/roles/multipathd/vars/main.yml | 2 +
ansible/roles/murano/defaults/main.yml | 2 -
ansible/roles/murano/vars/main.yml | 2 +
ansible/roles/neutron/defaults/main.yml | 17 +-
ansible/roles/neutron/tasks/config-host.yml | 2 +
ansible/roles/neutron/templates/neutron.conf.j2 | 2 +-
ansible/roles/neutron/vars/main.yml | 2 +
ansible/roles/nova-cell/defaults/main.yml | 20 +-
ansible/roles/nova-cell/handlers/main.yml | 15 ++
ansible/roles/nova-cell/tasks/config.yml | 20 ++
ansible/roles/nova-cell/tasks/deploy.yml | 3 +-
.../roles/nova-cell/tasks/discover_computes.yml | 89 ++-------
ansible/roles/nova-cell/tasks/precheck.yml | 17 +-
.../nova-cell/tasks/wait_discover_computes.yml | 89 +++++++++
ansible/roles/nova-cell/templates/auth.conf.j2 | 6 +
ansible/roles/nova-cell/templates/libvirtd.conf.j2 | 3 +-
.../roles/nova-cell/templates/nova-compute.json.j2 | 8 +-
.../roles/nova-cell/templates/nova-libvirt.json.j2 | 12 ++
ansible/roles/nova-cell/templates/sasl.conf.j2 | 2 +
ansible/roles/nova-cell/templates/sshd_config.j2 | 3 +
ansible/roles/nova-cell/vars/main.yml | 6 +
ansible/roles/nova/defaults/main.yml | 2 -
ansible/roles/nova/vars/main.yml | 2 +
ansible/roles/octavia/defaults/main.yml | 2 -
ansible/roles/octavia/templates/octavia.conf.j2 | 1 +
ansible/roles/octavia/vars/main.yml | 2 +
ansible/roles/openvswitch/defaults/main.yml | 2 -
ansible/roles/openvswitch/vars/main.yml | 2 +
ansible/roles/ovn/defaults/main.yml | 2 -
ansible/roles/ovn/vars/main.yml | 2 +
ansible/roles/ovs-dpdk/defaults/main.yml | 1 -
ansible/roles/ovs-dpdk/tasks/config.yml | 2 +
ansible/roles/ovs-dpdk/vars/main.yml | 2 +
ansible/roles/panko/defaults/main.yml | 2 -
ansible/roles/panko/vars/main.yml | 2 +
ansible/roles/placement/defaults/main.yml | 2 -
ansible/roles/placement/vars/main.yml | 2 +
ansible/roles/prometheus/defaults/main.yml | 11 +-
ansible/roles/prometheus/templates/clouds.yml.j2 | 1 +
.../templates/prometheus-blackbox-exporter.yml.j2 | 4 +
.../templates/prometheus-node-exporter.json.j2 | 2 +-
.../roles/prometheus/templates/prometheus.yml.j2 | 7 +-
ansible/roles/prometheus/vars/main.yml | 2 +
ansible/roles/qdrouterd/defaults/main.yml | 2 -
ansible/roles/qdrouterd/vars/main.yml | 2 +
ansible/roles/rabbitmq/defaults/main.yml | 16 +-
ansible/roles/rabbitmq/tasks/config.yml | 36 ++++
ansible/roles/rabbitmq/tasks/deploy.yml | 3 +
.../roles/rabbitmq/tasks/remove-ha-all-policy.yml | 29 +++
ansible/roles/rabbitmq/tasks/upgrade.yml | 3 +
.../roles/rabbitmq/templates/advanced.config.j2 | 7 +
.../roles/rabbitmq/templates/definitions.json.j2 | 4 +
.../roles/rabbitmq/templates/enabled_plugins.j2 | 1 +
ansible/roles/rabbitmq/templates/rabbitmq.conf.j2 | 5 +
ansible/roles/rabbitmq/templates/rabbitmq.json.j2 | 12 ++
ansible/roles/rabbitmq/vars/main.yml | 2 +
ansible/roles/rally/defaults/main.yml | 2 -
ansible/roles/rally/vars/main.yml | 2 +
ansible/roles/redis/defaults/main.yml | 2 -
ansible/roles/redis/vars/main.yml | 2 +
ansible/roles/sahara/defaults/main.yml | 2 -
ansible/roles/sahara/vars/main.yml | 2 +
ansible/roles/senlin/defaults/main.yml | 2 -
ansible/roles/senlin/vars/main.yml | 2 +
ansible/roles/skydive/defaults/main.yml | 2 -
ansible/roles/skydive/vars/main.yml | 2 +
ansible/roles/solum/defaults/main.yml | 2 -
ansible/roles/solum/vars/main.yml | 2 +
ansible/roles/storm/defaults/main.yml | 2 -
ansible/roles/storm/vars/main.yml | 2 +
ansible/roles/swift/defaults/main.yml | 2 -
ansible/roles/swift/vars/main.yml | 2 +
ansible/roles/tacker/defaults/main.yml | 2 -
ansible/roles/tacker/vars/main.yml | 2 +
ansible/roles/telegraf/defaults/main.yml | 2 -
ansible/roles/telegraf/vars/main.yml | 2 +
ansible/roles/tempest/defaults/main.yml | 2 -
ansible/roles/tempest/vars/main.yml | 2 +
ansible/roles/trove/defaults/main.yml | 2 -
ansible/roles/trove/vars/main.yml | 2 +
ansible/roles/vitrage/defaults/main.yml | 2 -
ansible/roles/vitrage/vars/main.yml | 2 +
ansible/roles/vmtp/defaults/main.yml | 2 -
ansible/roles/vmtp/vars/main.yml | 2 +
ansible/roles/watcher/defaults/main.yml | 2 -
ansible/roles/watcher/vars/main.yml | 2 +
ansible/roles/zookeeper/defaults/main.yml | 2 -
ansible/roles/zookeeper/vars/main.yml | 2 +
ansible/roles/zun/defaults/main.yml | 2 -
ansible/roles/zun/templates/zun.conf.j2 | 2 +-
ansible/roles/zun/vars/main.yml | 2 +
ansible/site.yml | 2 +
.../reference/shared-services/keystone-guide.rst | 4 +-
etc/kolla/globals.yml | 2 +-
etc/kolla/passwords.yml | 5 +
kolla_ansible/cmd/genpwd.py | 8 +-
kolla_ansible/filters.py | 14 +-
kolla_ansible/kolla_address.py | 8 +-
kolla_ansible/put_address_in_context.py | 21 +-
.../add-oidc-discover-url-83edb9f43f73a97f.yaml | 7 +
...n-max-allowed-secret-size-1941307ab5d2a9fd.yaml | 7 +
.../blackbox-tls-connect-517cd8ebdf87f16e.yaml | 5 +
.../notes/bug-1885106-2347d7458a8f9cb0.yaml | 13 ++
.../notes/bug-1938194-80dba28f9cdd434c.yaml | 6 +
.../notes/bug-1945453-2-287bfcaf060689d8.yaml | 16 ++
.../notes/bug-1947710-6d0975ae72f43ada.yaml | 7 +
.../notes/bug-1950111-8e477fb6a5b58822.yaml | 6 +
.../notes/bug-1952948-003aabe18144f569.yaml | 6 +
.../notes/bug-1954720-4fc48610a56f3e98.yaml | 6 +
.../notes/bug-1954723-2d49335022492891.yaml | 5 +
.../notes/bug-1956976-8a2623ca1fbfd546.yaml | 5 +
.../notes/bug-1957117-7832104d66a91da7.yaml | 11 ++
.../notes/bug-1959663-afda889b9aa4c63f.yaml | 6 +
.../notes/bug-1961795-16fb2ac27152fc03.yaml | 6 +
.../notes/bug-1963752-ee12e15c17c24bb0.yaml | 6 +
...cloudkitty-prometheus-url-ee14bc486e810631.yaml | 6 +
...control-masakari-monitors-1107c10c45678b0a.yaml | 8 +
.../notes/enable-ipxe-cf461344bdb99881.yaml | 12 ++
.../fix-aodh-wsgi-config-7679adda584e33bb.yaml | 6 +
...r-libvirt-profile-removal-01db6ca6dd66879f.yaml | 7 +
.../fix-haproxy-logrotate-e299a0000728fd8f.yaml | 12 ++
...x-hardcoded-oidc-response-fc0f115f0b56cddf.yaml | 7 +
.../fix-openstack-exporter-tls-bug-1975598.yml | 8 +
...q-interface-configuration-b39c954fb8763d9c.yaml | 6 +
...-for-ironic-neutron-agent-61ec4d0d237da075.yaml | 6 +
.../jinja2-pass-context-2afc328ade8c407b.yaml | 4 +
.../notes/libvirt-sasl-404199143610fb75.yaml | 27 +++
.../masakari-libvirt-sasl-f368c31c0b5567b6.yaml | 6 +
...n-placement-endpoint-type-90073ba5ecc9e663.yaml | 6 +
...porter-filesystem-metrics-d3ae7b0a892d2957.yaml | 6 +
.../nova-discover-hosts-0353e9274f22195c.yaml | 9 +
.../openstack-exporter-hammering-os-apis.yaml | 14 ++
...ue-mirroring-for-rabbitmq-d54b9e7e25e57a88.yaml | 10 +
.../notes/unpin-cinder-rpcs-8eb7e0858a91b9b8.yaml | 6 +
...update-node-custom-config-7b378b25ce22779f.yaml | 5 +
roles/multi-node-managed-addressing/tasks/main.yml | 1 +
test-requirements.txt | 2 +-
zuul.d/base.yaml | 12 +-
zuul.d/jobs.yaml | 8 +
zuul.d/nodesets.yaml | 38 ----
zuul.d/project.yaml | 1 +
273 files changed, 1460 insertions(+), 777 deletions(-)
Requirements updates
--------------------
diff --git a/test-requirements.txt b/test-requirements.txt
index 8b10965c0..2bff582dc 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -2 +2 @@
-ansible-lint>=4.2.0,!=4.3.0 # MIT
+ansible-lint>=4.2.0,!=4.3.0,<6.0.0 # MIT
1
0
We are amped to announce the release of:
kolla-ansible 14.1.0: Ansible Deployment of Kolla containers
This release is part of the yoga stable release series.
The source is available from:
https://opendev.org/openstack/kolla-ansible
Download the package from:
https://tarballs.openstack.org/kolla-ansible/
Please report issues through:
https://bugs.launchpad.net/kolla-ansible/+bugs
For more details, please see below.
14.1.0
^^^^^^
New Features
************
* New switches added to control deployment of the Masakari monitors.
The deployment of each type of monitors can be controlled
individually via "enable_masakari_instancemonitor" and
"enable_masakari_hostmonitor". By default, both are set to "true"
when the deployment of the Masakari is enabled via
"enable_masakari".
Bug Fixes
*********
* Fixes an issue with Masakari instance monitor when libvirt SASL is
enabled. libvirt SASL was enabled by default in a recent change to
Kolla Ansible. LP#1965754
* The prometheus openstack exporters are now behind haproxy,
providing a unique time series in the prometheus database. Also
ensures that only one exporter queries the openstack APIs at any
given time interval. With the previous behavior each openstack
exporter was scraped at the same time. This caused each exporter to
query the openstack APIs simultaneously introducing unneccesary load
and duplicate time series in the prometheus database due to the
instance label being unique for each exporter. LP#1972818
Changes in kolla-ansible 14.0.0..14.1.0
---------------------------------------
eee165968 Control Masakari monitors deploy
910d033a0 Make redis connection string configurable
3f085dbc0 [CI] Do not test Venus on Yoga
c443692be [CI] Nullify attempts
c9b9b62e6 talk TLS to openstack exporter via haproxy
785e269e5 genpwd: handle lack of password file nicer
5c801e33e Fix malformed OIDCMemCacheServers
cd818de69 Use 'cloudkitty_influxdb_use_ssl' when creatign InfluxDB database
166a4e5fe masakari: support libvirt SASL in instance monitor
6d6ecaefb [CI] Restore token critical error filter
6191db3f8 Put openstack exporter behind HAproxy so only one is queried at a time
d29d98275 [CI] Raise [keystone_authtoken]http_request_max_retries
e812853c6 Add doc fix for all-in-one in venv
Diffstat (except docs and test files)
-------------------------------------
ansible/group_vars/all.yml | 5 ++++-
ansible/roles/cloudkitty/defaults/main.yml | 2 +-
ansible/roles/cloudkitty/tasks/bootstrap.yml | 1 +
ansible/roles/keystone/templates/wsgi-keystone.conf.j2 | 2 +-
ansible/roles/masakari/defaults/main.yml | 15 +++++++++++++--
ansible/roles/masakari/tasks/config.yml | 18 ++++++++++++++++++
ansible/roles/masakari/templates/auth.conf.j2 | 6 ++++++
.../templates/masakari-instancemonitor.json.j2 | 8 +++++++-
ansible/roles/prometheus/defaults/main.yml | 6 ++++++
ansible/roles/prometheus/templates/prometheus.yml.j2 | 7 ++++---
kolla_ansible/cmd/genpwd.py | 8 ++++++--
.../control-masakari-monitors-1107c10c45678b0a.yaml | 8 ++++++++
.../notes/fix-openstack-exporter-tls-bug-1975598.yml | 8 ++++++++
.../notes/masakari-libvirt-sasl-f368c31c0b5567b6.yaml | 6 ++++++
.../notes/openstack-exporter-hammering-os-apis.yaml | 14 ++++++++++++++
zuul.d/base.yaml | 1 -
zuul.d/project.yaml | 2 --
22 files changed, 132 insertions(+), 26 deletions(-)
1
0
We are pleased to announce the release of:
kolla 14.1.0: Kolla OpenStack Deployment
This release is part of the yoga stable release series.
The source is available from:
https://opendev.org/openstack/kolla
Download the package from:
https://tarballs.openstack.org/kolla/
Please report issues through:
https://bugs.launchpad.net/kolla/+bugs
For more details, please see below.
14.1.0
^^^^^^
New Features
************
* Updates Alertmanager version to 0.24.0.
Upgrade Notes
*************
* The Debian and Ubuntu images use rabbitmq and erlang from
cloudsmith now. Operators might want to mirror/proxy this new source
as it provides the correct set of packages unlike the previous
combination.
Bug Fixes
*********
* Fixes the Debian and Ubuntu images to use rabbitmq and erlang from
cloudsmith so that the images are still buildable and use proper
versions.
Changes in kolla 14.0.0..14.1.0
-------------------------------
240b3cf44 Fix Ubuntu image builds
4ecd200b9 Bump up Alertmanager version
3a65c4842 [bifrost] Force Bifrost to use the correct u-c
b80d47566 Fix local sources of git repositories
6cf2912d5 [bifrost] Force Bifrost to use the correct git branch
Diffstat (except docs and test files)
-------------------------------------
.../prometheus-alertmanager/Dockerfile.j2 | 2 +-
kolla/image/build.py | 26 +++++++++++++---------
kolla/template/repos.yaml | 22 +++++++++---------
...bump-alertmanager-to-0.24-e73778e9d954cf85.yaml | 4 ++++
...abbitmq-erlang-cloudsmith-c837bf4a450dd802.yaml | 10 +++++++++
7 files changed, 46 insertions(+), 26 deletions(-)
1
0
We are gleeful to announce the release of:
kayobe 12.1.0: Deployment of OpenStack to bare metal using OpenStack
kolla and bifrost
This release is part of the yoga stable release series.
The source is available from:
https://opendev.org/openstack/kayobe
Download the package from:
https://tarballs.openstack.org/kayobe/
Please report issues through:
https://storyboard.openstack.org/#!/project/openstack/kayobe
For more details, please see below.
Changes in kayobe 12.0.0..12.1.0
--------------------------------
7e9175b9 ironic: Set MTU on provisioning and cleaning Neutron networks
2f3a8f80 Fix forgotten hacluster regexp for image build
Diffstat (except docs and test files)
-------------------------------------
ansible/group_vars/all/kolla | 2 ++
ansible/provision-net.yml | 2 ++
releasenotes/notes/hacluster-build-issue-2a8023e0cd80235a.yaml | 5 +++++
releasenotes/notes/provision-net-mtu-befdda04224f49a6.yaml | 5 +++++
4 files changed, 14 insertions(+)
1
0