[release-announce] puppet-octavia 14.1.0 (stein)

19 Nov 2018

      We are glad to announce the release of:

puppet-octavia 14.1.0: Puppet module for OpenStack Octavia

This release is part of the stein release series.

Download the package from:

    https://tarballs.openstack.org/puppet-octavia/

For more details, please see below.

14.1.0
^^^^^^

New Features
************

* Added new parameter octavia::api::allow_tls_terminated_listeners
  which can be used to set the allow_tls_terminated_listeners config
  option.

* Added new parameters octavia::api::api_v1_enabled and
  api_v2_enabled that can be used for enable/disable the API versions.

* Listeners default timeouts can be set by config in section
  haproxy_amphora:

     * *timeout_client_data*: Frontend client inactivity timeout

     * *timeout_member_connect*: Backend member connection timeout

     * *timeout_member_data*: Backend member inactivity timeout

     * *timeout_tcp_inspect*: Time to wait for TCP packets for
       content inspection

     The value for all of these options is expected to be in
     milliseconds.

* Added new parameter cert_generator, cert_manager, region_name and
  endpoint_type to the octavia::certificates class that configures the
  certificates section in the octavia.conf file.

* Added new parameter client_ca and client_data_data to
  octavia::certificates. These can be used to separate the
  ca_certificate/server_ca and client_ca used which is something you
  want to do in production environment to avoid a compromised Amphora
  being able to connect to the other running amphoras.

* Added new parameter octavia::worker::workers that can be used to
  set the number of worker processes.

* Added all databases parameters in octavia::db in octavia::init.

* Added new class octavia::wsgi::apache, you can now run the API
  under Apache with mod_wsgi.

* Added new octavia::glance class that can be used to configure the
  glance section in octavia.conf

* Added new octavia::neutron class that can be used to configure the
  neutron section in octavia.conf

* Added new octavia::nova class that can be used to configure the
  nova section in octavia.conf

* When certificate data or file paths change in
  octavia::certificates it will not cause a restart of the Octavia
  services so that for example the octavia-worker service can use the
  new certificates.

Upgrade Notes
*************

* The octavia::db class should now be considered a private class.
  You should set all your database parameters in the init class.

* Octavia option [haproxy_amphora]/key_path will no longer be set.
  None of the maintained Octavia releases support it (removed in
  Mitaka).

Deprecation Notes
*****************

* The following octavia::worker parameters are deprecated and have
  been moved to octavia::controller class.

     * amp_flavor_id

     * amp_image_tag

     * amp_secgroup_list

     * amp_boot_network_list

     * loadbalancer_topology

     * amphora_driver

     * compute_driver

     * network_driver

     * amp_ssh_key_name

     * enable_ssh_access

     * timeout_member_connect

     * timeout_member_data

     * timeout_tcp_inspect

Bug Fixes
*********

* There are a couple of configuration options that need to be set
  not only for the worker but also for other Octavia services. For
  example, on a composable node deployment where the API runs on a
  separate node than the rest of the Octavia services, the network
  driver was not being set (hence defaulting to noop driver) while for
  the worker the driver was allowed_address_pairs_driver. Another
  example is the database that was only being set for the API service.
  Such configuration misalignment and omissions lead to operate
  Octavia services and its resources.

Changes in puppet-octavia 13.3.0..14.1.0
----------------------------------------

01593b1 Prepare Stein M1
d86bba9 Fix stdlib version in metadata
ab310a6 Certificate changes should restart services
b264336 Set common configuration options across services
6c768b0 Do not set inexistent haproxy_amphora/key_path
2bf9dc6 Add posibilities to set default values for timeouts
13989b4 Removed faulty option in context block
a040311 Update min tox version to 2.0
7acccc6 Dissuade .gitignore references to personal tools
7820189 Add release note for database change
c65d6cc Fix the duplicated vars defined
8833f40 Fix stupid spacing
2b83ae2 Add octavia::certificates::client_ca and data
e78054f switch documentation job to new PTI
28421c7 import zuul job settings from project-config
45673ee Added missing DB params to init class
e1531c3 Add Octavia API WSGI support
9825353 Bump version for the start of Stein
d2a9586 Add octavia::neutron to configure nova section
6731e53 Add octavia::glance to configure glance section
9b285e7 Add missing options to octavia::certificates
6864cd0 Add octavia::nova to configure nova section
7d6bada Add workers support to octavia::worker class
6e7dacc Add api_v1_enabled and api_v2_enabled options
14c5257 Add allow_tls_terminated_listeners config option
e361fe8 Add the missing 'Table of Contents'
54c9e53 Update reno for stable/rocky
3296b0f Remove PE requirement from metadata.json

Diffstat (except docs and test files)
-------------------------------------

.gitignore                                         |  12 +-
.zuul.yaml                                         |   1 +
README.md                                          |   2 +
manifests/api.pp                                   |  80 +++++++---
manifests/certificates.pp                          |  78 ++++++++-
manifests/controller.pp                            | 129 +++++++++++++++
manifests/db.pp                                    |  33 ++--
manifests/deps.pp                                  |   3 +
manifests/glance.pp                                |  38 +++++
manifests/health_manager.pp                        |   1 +
manifests/housekeeping.pp                          |   1 +
manifests/init.pp                                  |  48 ++++++
manifests/neutron.pp                               |  38 +++++
manifests/nova.pp                                  |  57 +++++++
manifests/params.pp                                |   7 +-
manifests/worker.pp                                | 175 +++++++++++----------
manifests/wsgi/apache.pp                           | 155 ++++++++++++++++++
metadata.json                                      |  18 +--
..._tls_terminated_listeners-5555b0b3bc8c5313.yaml |   5 +
.../notes/api-v1-v2-options-393e026d4d22b94d.yaml  |   5 +
.../notes/bug-1797130-789318b2dff121d3.yaml        |  11 ++
.../certificates-options-45294bca5186878e.yaml     |   6 +
releasenotes/notes/client-ca-b05d5a5e4a93bfe3.yaml |   6 +
.../notes/controller-workers-947eada7f23b5da9.yaml |   5 +
releasenotes/notes/db-init-7a0087aca12e0530.yaml   |   8 +
.../notes/octavia-api-wsgi-2d9469478fd2cd28.yaml   |   5 +
.../notes/octavia-glance-37d48b9829d6ca8d.yaml     |   5 +
.../notes/octavia-neutron-7d3d9cc0e95ecb11.yaml    |   5 +
.../notes/octavia-nova-0205d7406d58e871.yaml       |   5 +
...-haproxy-amphora-key-path-bf21706a6504e28f.yaml |   4 +
...start-service-certificate-b4000c445374129c.yaml |   6 +
...n-options-across-services-91a9057d62b52de0.yaml |  29 ++++
releasenotes/source/index.rst                      |   1 +
releasenotes/source/rocky.rst                      |   6 +
spec/classes/octavia_api_spec.rb                   |  74 +++++++--
spec/classes/octavia_certificates_spec.rb          |  90 ++++++++++-
spec/classes/octavia_controller_spec.rb            |  68 ++++++++
spec/classes/octavia_glance_spec.rb                |  45 ++++++
spec/classes/octavia_init_spec.rb                  |  17 +-
spec/classes/octavia_neutron_spec.rb               |  45 ++++++
spec/classes/octavia_nova_spec.rb                  |  54 +++++++
spec/classes/octavia_worker_spec.rb                |  10 +-
tox.ini                                            |   2 +-
43 files changed, 1236 insertions(+), 157 deletions(-)

[release-announce] puppet-octavia 14.1.0 (stein)

no-reply＠openstack.org