We are excited to announce the release of: puppet-tripleo 10.3.0: Puppet module for OpenStack TripleO This release is part of the stein release series. The source is available from: http://git.openstack.org/cgit/openstack/puppet-tripleo Download the package from: https://tarballs.openstack.org/puppet-tripleo/ Please report issues through launchpad: http://bugs.launchpad.net/tripleo (tag: puppet) For more details, please see below. 10.3.0 ^^^^^^ New Features ************ * Support setting values for "cephfs_volume_mode" parameter which controls the rwx mode of the cephfs volumes, snapshots, and groups of these that back manila shares. * Add the ability to configure the cinder-volume service to run in active-active mode using the specified cluster name. Note that active-active mode requires the etcd service be enabled, as it's used by the cinder-volume service for its Distributed Lock Manager (DLM). Bug Fixes ********* * qemu certs are note used by libvirt and therefore does not need a restart. In case certs gets renewed, right now qemu processes (instances) need to be restarted. This removes the postsave_cmd and also restart libvirt on cert file change. Changes in puppet-tripleo 10.2.0..10.3.0 ---------------------------------------- cc173294 Prepare Stein-3 28adf389 snmp: remove ununsed trapsink 427464f6 Support cinder-volume running active-active 32827b39 Support cephfs_volume_mode parameter cd31dd2d Adding a udev rule to save sriov interface name before configuring switchdev dc3d3a92 Support redfish inside a fencing yaml file 8253d883 Add httpd and tls support to manila-api ec976671 Change haproxy mode to http for octavia 1514e983 Fix generating connections to OVN db 48b1775e Extra variables to reprovision pacemaker cluster one node at a time. 035de749 cell_v2 multi-cell 7cc4a3da neutron dhcpd: Add script for certmonger postsave_cmd e6306bad novnc-proxy: Remove default post-save command for certmonger 8fa561f8 Remove default post-save command from mysql 98e9879f Only request certs in step 1 bc6cbaf1 Set pacemaker cluster_members_addr a08257f0 Remove postsave_cmd and restart libvirt on cert files change 49492570 noop package installations inside containers 1eedba81 Load python3 mod_wsgi for fedora/rhel8 4deea3a4 redis: Remove default post-save command for certmonger 801391a1 rabbitmq: Remove default post-save command for certmonger f1f4a6cc httpd: Remove default post-save command for certmonger bd984606 Reload HAProxy when certificate is renewed 5fff984c Fix interface_for_ip for newer facter versions 5bd82e9e Redirect keystone admin endpoint to public endpoint f25c27aa Ensure we get a clean firewall a63ce4ae Allow disabling nova::cache 7de34bf5 Loadbalance keystone's admin endpoints towards the internal backends dfd408a7 Create barbican's creator role by default 5d6201f9 Explicitly set certmonger's CA cert's permissions d8691bcd Make the neutron-haproxy-wrapper compatible with haproxy 1.8 2eacff99 Modify puppet version 4 to 5 de98e141 Aodh deprecation 907cd2ed Sensu-client deprecation 4aaa4a3e Fluentd deprecation f9582a02 Use the tripleo-standalone-scenarios-full template f7245dd6 Add layout.yaml into the scenario003-standalone files: section 8e1dc7bf Replace mysql invalid open_files_limit of -1 with 65536 a3aeb0b7 Filter apache_certificates_specs if hostname is empty d0b4ecde Only include neutron::designate class in neutron server 9bdb8199 remove ssh from tripleo::firewall::pre e7a9acf2 Allow mysql options to be set for the HA bundle a0b814e9 Update mailinglist from dev to discuss ff918903 Fix stdlib version in metadata 12038a82 Update min tox version to 2.0 0f869724 Configure the Metadata Agent only when enable_metadata_agent is set adc4f3fc Dissuade .gitignore references to personal tools de017051 Remove the duplicated word Diffstat (except docs and test files) ------------------------------------- .gitignore | 13 +- files/certmonger-haproxy-refresh.sh | 51 ++++++ files/certmonger-neutron-dhcpd-refresh.sh | 21 +++ files/certmonger-novnc-proxy-refresh.sh | 17 ++ files/certmonger-rabbitmq-refresh.sh | 17 ++ files/certmonger-redis-refresh.sh | 14 ++ lib/puppet/parser/functions/interface_for_ip.rb | 53 +++++- lib/puppet/provider/sriov_vf_config/numvfs.rb | 18 ++ manifests/certmonger/ca/local.pp | 7 + manifests/certmonger/haproxy.pp | 29 ++-- manifests/certmonger/httpd.pp | 3 +- manifests/certmonger/mysql.pp | 17 +- manifests/certmonger/neutron.pp | 8 +- manifests/certmonger/novnc_proxy.pp | 10 +- manifests/certmonger/qemu.pp | 7 +- manifests/certmonger/rabbitmq.pp | 11 +- manifests/certmonger/redis.pp | 8 +- manifests/fencing.pp | 3 + manifests/firewall.pp | 22 +++ manifests/firewall/pre.pp | 6 - manifests/haproxy.pp | 12 +- manifests/haproxy/endpoint.pp | 42 +++-- manifests/packages.pp | 3 +- manifests/profile/base/aodh/api.pp | 1 + manifests/profile/base/aodh/evaluator.pp | 2 +- manifests/profile/base/aodh/listener.pp | 2 +- manifests/profile/base/aodh/notifier.pp | 2 +- manifests/profile/base/apache.pp | 10 +- manifests/profile/base/certmonger_user.pp | 184 +++++++++++---------- manifests/profile/base/cinder/volume.pp | 53 +++++- manifests/profile/base/database/mysql.pp | 6 +- manifests/profile/base/horizon.pp | 2 +- manifests/profile/base/keystone.pp | 6 + manifests/profile/base/logging/fluentd.pp | 2 + manifests/profile/base/manila/api.pp | 40 +++++ manifests/profile/base/manila/share.pp | 1 + manifests/profile/base/monitoring/rabbitmq.pp | 2 + manifests/profile/base/monitoring/sensu.pp | 1 + manifests/profile/base/monitoring/uchiwa.pp | 1 + manifests/profile/base/neutron.pp | 17 +- manifests/profile/base/neutron/agents/nuage.pp | 27 +-- manifests/profile/base/neutron/agents/ovn.pp | 2 +- manifests/profile/base/neutron/ovn_metadata.pp | 2 +- manifests/profile/base/neutron/plugins/ml2/ovn.pp | 4 +- manifests/profile/base/neutron/server.pp | 8 + manifests/profile/base/nova.pp | 15 +- manifests/profile/base/nova/conductor.pp | 16 ++ manifests/profile/base/pacemaker.pp | 16 +- manifests/profile/base/snmp.pp | 1 - .../profile/pacemaker/cinder/backup_bundle.pp | 7 +- .../profile/pacemaker/cinder/volume_bundle.pp | 8 +- manifests/profile/pacemaker/database/mysql.pp | 2 +- .../profile/pacemaker/database/mysql_bundle.pp | 28 +++- manifests/profile/pacemaker/database/redis.pp | 2 +- .../profile/pacemaker/database/redis_bundle.pp | 9 +- manifests/profile/pacemaker/haproxy_bundle.pp | 7 +- manifests/profile/pacemaker/ovn_dbs_bundle.pp | 4 +- manifests/profile/pacemaker/ovn_northd.pp | 4 +- manifests/profile/pacemaker/rabbitmq_bundle.pp | 14 +- metadata.json | 6 +- ...eph_volume_mode-parameter-220b1026aebd9e3b.yaml | 5 + ...nder-volume-active-active-ffaa12e6ba862f51.yaml | 7 + .../qemu_remove_postsave_cmd-07ad04ac44d7b706.yaml | 7 + setup.cfg | 2 +- spec/classes/tripleo_certmonger_ca_local_spec.rb | 8 + spec/classes/tripleo_certmonger_mysql_spec.rb | 6 - spec/classes/tripleo_firewall_spec.rb | 13 -- .../tripleo_profile_base_cinder_volume_spec.rb | 52 +++++- spec/classes/tripleo_profile_base_neutron_spec.rb | 2 +- spec/classes/tripleo_profile_base_snmp_spec.rb | 1 - .../tripleo_host_sriov_numvfs_persistence_spec.rb | 1 + ...o_profile_base_neutron_wrappers_haproxy_spec.rb | 4 +- templates/neutron/haproxy.epp | 7 +- templates/switchdev/switchdev.epp | 1 + tox.ini | 2 +- zuul.d/layout.yaml | 74 +-------- 76 files changed, 780 insertions(+), 318 deletions(-)