We are jazzed to announce the release of: tripleo-heat-templates 9.2.0: Heat templates for deploying OpenStack with OpenStack. This release is part of the rocky stable release series. The source is available from: http://git.openstack.org/cgit/openstack/tripleo-heat-templates Download the package from: https://tarballs.openstack.org/tripleo-heat-templates/ Please report issues through launchpad: https://bugs.launchpad.net/tripleo For more details, please see below. 9.2.0 ^^^^^ New Features ************ * Added Dell EMC SC multipath support This change adds support for cinder::backend::dellsc_iscsi::use_multipath_for_image_xfer Added a new parameter CinderDellScMultipathXfer. * Add new parameter 'GlanceImageImportPlugins', to enable plugins used by image import process. Add parameter 'GlanceImageConversionOutputFormat', to provide desired output format for image conversion plugin. * Adds support to configure disjoint address pools for Ironic Inspector. When Inspector is deployed as a HA service disjoint address pools should be served by the DHCP instances to avoid address conflict issues. The disjoint address pools are configured by using hostname (short form) as the key, then pass the list of ranges for each host. For example: parameter_defaults: IronicInspectorSubnets: overcloud-ironic-0: - ip_range: 192.168.24.100,192.168.24.119 - ip_range: 192.168.25.100,192.168.25.119 netmask: 255.255.255.0 gateway: 192.168.25.254 tag: subnet1 overcloud-ironic-1: - ip_range: 192.168.24.120,192.168.24.139 - ip_range: 192.168.25.120,192.168.25.139 netmask: 255.255.255.0 gateway: 192.168.25.254 tag: subnet1 * Add *OctaviaEventStreamDriver* parameter to specify which driver to use for syncing Octavia and Neutron LBaaS databases. Upgrade Notes ************* * The default Octavia event_streamer_driver has changed from *queue_event_streamer* to *noop_event_streamer*. See https://bugs.launchpad.net/tripleo/+bug/1787608 * Octavia amphora images are now expected to be located in directory /usr/share/openstack-octavia-amphora-images on the undercloud node for uniformization across different OpenStack distributions. * Remove zaqar wbesocket service when upgrading from non- containerized environment. Deprecation Notes ***************** * Ensure Octavia amphora image files are placed in directory /usr/share/openstack-octavia-amphora-images on the undercloud node. Bug Fixes ********* * Make sure all Swift services are disabled after upgrading to a containerized undercloud. * Directory /var/lib/gnocchi/tmp is created by gnocchi-upgrade with root ownership. It is now ensured that the directory is created before upgrade with proper ownership. For details see: https://bugs.launchpad.net/tripleo/+bug/1799522 * With tls-everywhere enabled connecting to keystone endpoint fails to retrieve the URL for the placement endpoint as the certificate can not be verified. While verification is disabled to check the placement endpoint later, it is not to communicate with keystone. This disables certificate verification for communication with keystone. * Fix an issue where Octavia amphora images were not accessible during overcloud deployment. * The deployed-server get-occ-config.sh script now allows $SSH_OPTIONS to be overridden. Changes in tripleo-heat-templates 9.1.0..9.2.0 ---------------------------------------------- bc49263 Remove unused nova packages from host during upgrade and update 23614e9 ovn-metadata: Fix bug when upgrading 3e6e978 Ironic Inspector - disjoint ip range(s) for HA f5974f2 Update kolla_config to deal with keystone fernet key rotation cf3946e Enable neutron-sriov-agent health check 9be2652 Add config files/templates to integrate nsx plugin with container cdeb05c Upload amphora image in RAW format if RBD backend 033e6f7 Perform docker reconfiguration on upgrade_tasks. c7d702d Remove invalid comment in ips-from-pool-ctlplane e770e36 Fix horizon's iptables rules for haproxy when split off a separate role fc28e44 Update tuned profile variable configuration file if it exists c7d10a5 Run local registry and prep cont at standalone aac9581 Configure registry to use gluster f36adbc Call etcd scaleup playbook when adding master nodes bcad833 Allow to skip docker reconfiguration during stack update 533892f Enable image import plugins & image output format e6c373f Force rhsm re-registration during upgrades. 35eb3e1 Handle missing or bad dmidecode 09daf69 mistral-executor: bind-mount undercloud.conf when validations are enabled 39ed1ec Fix multiple-nic sample template df0c4f3 Allow to run docker-puppet.py with SELinux enabled 2e620b9 Check for available networks for a role 2f85534 Remove nic for storage_mgt network 90b8bde Add hosts to expected ansible groups 4070380 Use correct permission on Gnocchi tmp dir 6ae4bb0 ctlplane pre-alloc IPs - deprecated/non-deprecated role name 19e9b6a Lower mistral-executor nofile to 1024 d89fe2a Set facter variable 'uuid' explicitly in docker-puppet.py 8cead22 Invoke redhat-subscription role during upgrade. af415ba Standalone: Disable persisting VIPs on /etc/hosts bf4d94a Fix Swift S3 API configuration 7efdc91 Mount puppet-generated directory for tripleo-validations 4f67585 neutron-cleanup skips ports marked skip_cleanup=true da9c928 Enable ironic-inspector support in ironic when enabling ironic-inspector 9c4fcad Mount config-data/puppet-generated/nova for nova_api_ensure_default_cell 5950cfe Set balance to source for openshift_router endpoints 0df3b82 Use InternalApi network for openshift_master_cluster_hostname 323548a Verify docker as part of the online database migration pre-upgrade. 57bcfe8 Fix ServiceData in docker/services/aodh-api.yaml 14af067 nova_compute fails to start in tls-everywhere configuration 3363bcb Change step to start nova placement and make compute wait for it d5f9842 Add Storage network to IronicConductor role 038b1ea Added Dell EMC SC multipath support b0b5ce2 Remove unnecessary logs due to misconfiguration from pacemaker 027493c Stop upgrade if a task on one node fails 00ced92 Rename tripleo-ci-centos-7-scenario00{6,9}-multinode-oooq (rocky) 5336577 Add template to disable Panko services 13174bb Set Swift workers to 2 2ff663b Make $SSH_OPTIONS overrideable 1306334 Ensure octavia flavor gets configured if composable octavia f1da0a2 Add more NSX config parameters 7a254d1 Make openshift-master service idempotent 2566721 Do not include node scale up playbook in case of new masters f6094a9 Move set of database_connection to OctaviaBase 3223f2d Enable _member_ role for undercloud install. 7f15e92 Restrict number of Swift workers to 1 on the undercloud 420dd84 Mount /usr/share/openstack-octavia-amphora-images into mistral-executor 788c90d Ensure correct tmp ownership for Gnocchi f84d02f Collectd documentation refactor 76cd584 Add support for configuring ppc64le in ironic 338e220 Fix tasks in check mode 6ade724 Sharing hypervisor /var/lib/ironic with ironic-conductor container 76fdd24 Remove non-container zaqar-server on upgrade 1f10fff Disable non-containerized Swift services 668a628 Pass parameters for TLS proxy in front of Octavia-API 7a05790 Simplify ssh known_hosts entries for non-default port 3d5d275 Include ssh known_hosts entries for non-default port 8d2085f Add OctaviaEventStreamerDriver and change default Diffstat (except docs and test files) ------------------------------------- .../network/multiple-nics/nic-configs/compute.yaml | 6 - common/deploy-steps-tasks.yaml | 2 + common/deploy-steps.j2 | 5 + deployed-server/scripts/get-occ-config.sh | 2 +- .../octavia/octavia-deployment-config.yaml | 13 +- .../nova_wait_for_placement_service.py | 110 ++++++++++++++ environments/cinder-dellsc-config.yaml | 1 + environments/collectd-environment.yaml | 94 +++++++++--- environments/disable-panko.yaml | 10 ++ environments/ips-from-pool-ctlplane.yaml | 4 +- environments/metrics-collectd-qdr.yaml | 4 +- environments/neutron-nsx.yaml | 2 + environments/nsx-config.yaml | 22 +++ environments/services/ironic-inspector.yaml | 4 + environments/services/neutron-nsx-lbaasv2.yaml | 6 + environments/standalone/standalone-tripleo.yaml | 6 + environments/undercloud.yaml | 6 + extraconfig/pre_network/boot_param_tasks.yaml | 6 +- extraconfig/services/openshift-cns.yaml | 1 + extraconfig/services/openshift-infra.yaml | 4 +- extraconfig/services/openshift-master.yaml | 160 +++++++++++++++------ extraconfig/services/openshift-node.yaml | 37 +++-- extraconfig/services/rhsm.yaml | 12 +- network/config/multiple-nics/role.role.j2.yaml | 20 ++- overcloud-resource-registry-puppet.j2.yaml | 2 +- overcloud.j2.yaml | 12 +- puppet/extraconfig/pre_deploy/per_node.yaml | 4 +- puppet/role.role.j2.yaml | 58 ++++++-- puppet/services/cinder-backend-dellsc.yaml | 4 + puppet/services/container-image-prepare.j2.yaml | 4 + puppet/services/docker-registry.yaml | 12 +- puppet/services/docker.yaml | 32 ++++- puppet/services/glance-api.yaml | 12 ++ puppet/services/horizon.yaml | 2 +- puppet/services/ironic-conductor.yaml | 13 ++ puppet/services/ironic-inspector.yaml | 31 +++- puppet/services/keystone.yaml | 5 + puppet/services/neutron-plugin-nsx.yaml | 36 +++-- puppet/services/octavia-api.yaml | 62 ++++++-- puppet/services/octavia-base.yaml | 10 ++ puppet/services/octavia-health-manager.yaml | 9 +- puppet/services/swift-proxy.yaml | 2 +- .../notes/dellsc-driver-d7cd300a24a64b01.yaml | 6 + ...tainerized-swift-services-4f7edd98203d749b.yaml | 5 + ...age_conversion_parameters-740e5282385444c7.yaml | 7 + .../notes/gnocchi-tmp-b5b48708c5dd17df.yaml | 8 ++ ...joint-inspection-ip-range-f399a938d50daadd.yaml | 25 ++++ ...rvice_disable_cert_verify-45f532d7a924df86.yaml | 9 ++ ...t_streamer_driver-default-e5152c28713e7707.yaml | 8 ++ ...-mount-amphora-images-dir-31da44a544628687.yaml | 14 ++ .../overrideable-ssh-options-1bd4a78408eb6c2c.yaml | 4 + .../notes/zaqar-ws-upgrade-8dda7caea7e6bc1e.yaml | 5 + roles/IronicConductor.yaml | 1 + roles/OpenShiftAllInOne.yaml | 1 + roles/OpenShiftInfra.yaml | 1 + roles/OpenShiftMaster.yaml | 1 + roles/OpenShiftWorker.yaml | 1 + roles/Standalone.yaml | 8 ++ roles/Undercloud.yaml | 6 + roles_data_undercloud.yaml | 6 + sample-env-generator/standalone.yaml | 13 +- zuul.d/layout.yaml | 4 +- 90 files changed, 1087 insertions(+), 183 deletions(-)