[release-announce] magnum 11.0.0 (victoria)

14 Oct 2020

We high-spiritedly announce the release of:
magnum 11.0.0: Container Management project for OpenStack
This release is part of the victoria release series.
The source is available from:
https://opendev.org/openstack/magnum
Download the package from:
https://tarballs.openstack.org/magnum/
Please report issues through:
https://bugs.launchpad.net/magnum/+bugs
For more details, please see below.
Changes in magnum 10.0.0.0rc1..11.0.0
-------------------------------------
2a61e7dc [goal] Prepare pep8 testing for Ubuntu Focal
662b831f Drop KUBE_API_PORT for kube-apiserver
f3e88ddb Fix syntax error in default rolesync configmap
2c63aca8 Stop using delete_on_termination for BFV instances
1f07c320 ci: Log in to DockerHub using docker_login
f2718315 ci: Quote password on docker login
8020391e [k8s] Support CA certs rotate
0e964f8f Remove duplicated etcd_volume_size param in coreos template
ffed8839 [k8s-atomic] Support master_lb_allowed_cidrs in template
79c4b72f Increase container-publish timeout
37c21654 Build cluster-autoscaler v1.19.0
31623a13 Configure placeholder role-mapping Sync
4fbf9651 [ci] Use stestr for coverage and fail if below 90%
38c28830 Add fedora coreos cluster template to contributor docs
463a0185 Remove zuul legacy jobs
946c1d67 Add master_lb_enabled to cluster
b10b55df [docs] Bring user docs up to date with recent changes
a008e3b4 [k8s] Use helm upgrade --install in deployment loop
5a688b18 [fix] Append v3/v1 to auth_url/magnum_url if discovery fails
b3936451 [ci] Fix gate by installing python3-docker
b2e3f234 Fix proxy issue for etcd and k8s
799563eb Remove shebang from scripts
9513b91c Remove warning for scale_manager
65ab2491 Lower log level of missing output
55fd12a4 [fix] Use default_ng_worker.node_count for patches
001b9c61 Fix label fixed_network_cidr
f1f49798 Use unittest.mock instead of mock
9f4c63a0 resize: Send only nodes_to_remove and node_count
1de7a6af [hca] Use fedora:rawhide now that greenlet 0.4.16 is released
2e181186 [hca] Join threads before closing file descriptor
81d0699c [hca] Pin fedora to 32 until new greenlet release
84324e10 Support proxy for helm install
4b501838 Use full name for hyperkube image inspect
07ba257d api: Do not guess based on name extension
a79f8f52 [k8s] Use Helm v3 by default
1afaa545 atomic: Do not install control-plane on minions
a7f2e210 Switch to newer openstackdocstheme and reno versions
7ab504d1 Scrape internal kubernetes components
20d3cb10 [k8s] Update Cluster Autoscaler ClusterRole
67d5b081 [ci] Fix publish of helm-client containers
a160e29f Remove .testr.conf
2cb23153 Support upgrade on behalf of user by admin
f5d32eb5 [k8s] Fix PreDeletionFailed if Heat stack is missing
3179921f [k8s] Deprecate in-tree Cinder
7103c22b Add newline to fix E004 bashate error
4085b877 Fix small issues rolling upgrade
8e9df14d [k8s] Support configurable health polling interval
3b87c5cc [k8s] Add label 'master_lb_allowed_cidrs'
61648f7c Labels override
1baf13e4 Fix hacking min version to 3.0.1
063a65e4 Update nginx-ingress to v1.36.3 and 0.32.0 tag
33cc92ef [K8S] Delete all related load balancers before deleting cluster
c32c7e03 Fix pep8 for ambiguous variable name
51681ba5 [k8s-fedora-atomic] Build kube_tag v1.15.12
f7a50223 More verbose logs for cluster ops
472ac557 Monkey patch original current_thread _active
26411c29 [ci] Remove unnecessary container build tasks
712caeb6 Add py38 package metadata
c2439ca1 [k8s] Fix docker storage of Fedora CoreOS
63436a94 Deprecation note for devicemapper and overlay
4446f615 Add Python3 victoria unit tests
1f69856e Update master for stable/ussuri
45fd25c5 Use unittest.mock instead of third party mock
8a35cba2 [k8s] Build helm-client containers v2.16.6 and v3.2.0
b0de93d6 hca: Add hostname command
40f40b77 k8s: Use the same kubectl version as API
b4965416 [k8s] Upgrade k8s dashboard version to v2.0.0
62a4b8ba Update prometheus monitoring chart and images
5b10eb70 k8s: Add admin.conf kubeconfig
3e7924ff Deploy traefik from the heat-agent
2ca71f4b Scrape traefik and autoscaler metrics
4cb8837d [k8s] Expose autoscaler prometheus metrics
5dfb0d94 [k8s] Fix no IP address in api_address
76502dd5 [ci] Use magnum-tempest-plugin-tests-api
9fedb8fe [ci] Use Fedora CoreOS image for devstack plugin
9494a35b Ussuri contributor docs community goal
0e58e267 Fix ServerAddressOutputMapping for private clusters
c09b7ded Use ensure-* roles
Diffstat (except docs and test files)
-------------------------------------
.gitignore                                         |   3 +
.testr.conf                                        |   7 -
.zuul.yaml                                         | 258 +-------------
CONTRIBUTING.rst                                   |  82 ++++-
api-ref/source/certificates.inc                    |  26 ++
api-ref/source/conf.py                             |   6 +-
.../dcos_centos_v1/templates/dcoscluster.yaml      |   4 +-
contrib/drivers/heat/dcos_centos_template_def.py   |   8 +-
contrib/drivers/k8s_opensuse_v1/template_def.py    |   6 +-
.../k8s_opensuse_v1/templates/kubecluster.yaml     |   4 +-
devstack/lib/magnum                                |  10 +-
devstack/plugin.sh                                 |   2 +-
.../heat-container-agent/scripts/hooks/script      |   9 +-
lower-constraints.txt                              |   5 -
magnum/api/app.py                                  |   1 +
magnum/api/controllers/v1/bay.py                   |  13 +-
magnum/api/controllers/v1/certificate.py           |  20 +-
magnum/api/controllers/v1/cluster.py               |  80 ++++-
magnum/api/controllers/v1/cluster_actions.py       |   5 +
magnum/api/controllers/v1/cluster_template.py      |  26 +-
magnum/api/controllers/v1/nodegroup.py             |  33 ++
magnum/api/utils.py                                |  21 ++
magnum/cmd/__init__.py                             |   6 +
magnum/common/cert_manager/local_cert_manager.py   |   2 +-
magnum/common/neutron.py                           |   4 +-
magnum/common/octavia.py                           | 101 ++++--
magnum/common/policies/cluster.py                  |  12 +
magnum/conductor/handlers/ca_conductor.py          |  54 ++-
magnum/conductor/scale_manager.py                  |   8 +-
magnum/conf/kubernetes.py                          |   5 +
...5096e2334ee_add_master_lb_enabled_to_cluster.py |  41 +++
magnum/db/sqlalchemy/models.py                     |   1 +
magnum/drivers/common/k8s_monitor.py               |   2 +-
.../fragments/configure-docker-registry.sh         |   2 +-
...onfigure_docker_storage_driver_fedora_coreos.sh |  72 ++--
.../templates/kubernetes/fragments/add-proxy.sh    |   2 -
.../kubernetes/fragments/calico-service-v3-3-x.sh  |   2 -
.../kubernetes/fragments/calico-service.sh         |   1 -
.../kubernetes/fragments/configure-etcd.sh         |   3 +-
.../fragments/configure-kubernetes-master.sh       |  32 +-
.../fragments/configure-kubernetes-minion.sh       |   6 -
.../kubernetes/fragments/core-dns-service.sh       |   2 -
.../kubernetes/fragments/disable-selinux.sh        |   1 -
.../kubernetes/fragments/enable-auto-healing.sh    |   2 -
.../kubernetes/fragments/enable-auto-scaling.sh    |  70 ++--
.../fragments/enable-cert-api-manager.sh           |   2 -
.../kubernetes/fragments/enable-cinder-csi.sh      |   2 -
.../kubernetes/fragments/enable-helm-tiller.sh     |   2 -
.../fragments/enable-ingress-controller.sh         |   2 -
.../kubernetes/fragments/enable-ingress-traefik.sh |  46 +--
.../kubernetes/fragments/enable-keystone-auth.sh   |  15 +-
.../fragments/enable-prometheus-monitoring.sh      |   4 +-
.../kubernetes/fragments/enable-services-master.sh |   4 +-
.../kubernetes/fragments/enable-services-minion.sh |   2 -
.../kubernetes/fragments/flannel-service.sh        |   2 -
.../kubernetes/fragments/install-clients.sh        |  36 ++
.../templates/kubernetes/fragments/install-cri.sh  |   2 -
.../kubernetes/fragments/install-helm-modules.sh   |  97 +++++-
.../fragments/kube-apiserver-to-kubelet-role.sh    |   2 -
.../kubernetes/fragments/kube-dashboard-service.sh | 305 +++++++++++-----
.../kubernetes/fragments/make-cert-client.sh       |   4 +-
.../templates/kubernetes/fragments/make-cert.sh    |  40 ++-
.../fragments/rotate-kubernetes-ca-certs-master.sh |  45 +++
.../fragments/rotate-kubernetes-ca-certs-worker.sh |  22 ++
.../kubernetes/fragments/start-container-agent.sh  |   2 -
.../kubernetes/fragments/upgrade-kubernetes.sh     |  51 +--
.../kubernetes/fragments/wc-notify-master.sh       |   2 -
.../fragments/write-heat-params-master.sh          |   5 +-
.../kubernetes/fragments/write-heat-params.sh      |   2 -
.../kubernetes/fragments/write-kube-os-config.sh   |   2 -
.../templates/kubernetes/helm/ingress-nginx.sh     | 369 ++++++++------------
.../templates/kubernetes/helm/metrics-server.sh    | 104 +-----
.../kubernetes/helm/prometheus-adapter.sh          | 141 ++------
.../kubernetes/helm/prometheus-operator.sh         | 385 ++++++++++++---------
magnum/drivers/common/templates/lb_api.yaml        |  28 +-
magnum/drivers/common/templates/lb_etcd.yaml       |  28 +-
magnum/drivers/heat/driver.py                      |  88 +++--
magnum/drivers/heat/k8s_coreos_template_def.py     |   4 +-
magnum/drivers/heat/k8s_fedora_template_def.py     |   8 +-
magnum/drivers/heat/k8s_template_def.py            |  52 ++-
magnum/drivers/heat/swarm_fedora_template_def.py   |  10 +-
magnum/drivers/heat/swarm_mode_template_def.py     |  27 +-
magnum/drivers/heat/template_def.py                |  46 ++-
.../k8s_coreos_v1/templates/kubecluster.yaml       |  10 +-
.../templates/kubecluster.yaml                     |  59 +++-
.../k8s_fedora_atomic_v1/templates/kubemaster.yaml |  37 +-
.../k8s_fedora_atomic_v1/templates/kubeminion.yaml |   9 +-
.../templates/kubecluster.yaml                     |  68 +++-
.../k8s_fedora_coreos_v1/templates/kubemaster.yaml |  43 ++-
.../k8s_fedora_coreos_v1/templates/kubeminion.yaml |  35 +-
magnum/drivers/mesos_ubuntu_v1/template_def.py     |   7 +-
.../mesos_ubuntu_v1/templates/mesoscluster.yaml    |   4 +-
.../swarm_fedora_atomic_v1/templates/cluster.yaml  |   6 +-
.../templates/swarmcluster.yaml                    |   6 +-
magnum/objects/cluster.py                          |   4 +-
magnum/service/periodic.py                         |   4 +-
.../unit/api/controllers/v1/test_certificate.py    |  12 +-
.../api/controllers/v1/test_cluster_actions.py     |  41 ++-
.../api/controllers/v1/test_cluster_template.py    |  24 +-
.../unit/api/controllers/v1/test_federation.py     |   8 +-
.../unit/api/controllers/v1/test_magnum_service.py |   2 +-
.../unit/api/controllers/v1/test_nodegroup.py      |  80 ++++-
.../unit/common/cert_manager/test_barbican.py      |   4 +-
.../unit/common/cert_manager/test_cert_manager.py  |   3 +-
.../cert_manager/test_x509keypair_cert_manager.py  |   2 +-
.../conductor/handlers/common/test_cert_manager.py |   2 +-
.../handlers/common/test_trust_manager.py          |   4 +-
.../unit/conductor/handlers/test_ca_conductor.py   |   2 +-
.../conductor/handlers/test_cluster_conductor.py   |   5 +-
.../handlers/test_k8s_cluster_conductor.py         |  85 ++++-
.../handlers/test_mesos_cluster_conductor.py       |   8 +-
.../conductor/handlers/test_nodegroup_conductor.py |   4 +-
.../handlers/test_swarm_cluster_conductor.py       |   8 +-
.../drivers/test_k8s_fedora_atomic_v1_driver.py    |  13 +-
playbooks/container-builder-setup-gate.yaml        |   8 +-
playbooks/container-builder-vars.yaml              |  27 +-
playbooks/container-builder.yaml                   |  90 +----
playbooks/container-publish.yaml                   |  32 +-
...aefik-from-the-heat-agent-0bb32f0f2c97405d.yaml |  18 +
...ter_lb_enabled-to-cluster-c773fac9086b2531.yaml |   5 +
...s-health-polling-interval-75bb83b4701d48c5.yaml |  13 +
...ault-ng-worker-node-count-a88911a0b7a760a7.yaml |   6 +
.../deprecate-in-tree-cinder-c781a5c160d45ab6.yaml |   8 +
.../devicemapper-deprecation-46a59adbf131bde1.yaml |   8 +
...expose_autoscaler_metrics-0ea9c61660409efe.yaml |   4 +
...-label-fixed_network_cidr-95d6a2571b58a8fc.yaml |   6 +
...ping-for-private-clusters-73a874bb4827d568.yaml |   6 +
.../k8s-dashboard-v2.0.0-771ce78b527209d3.yaml     |   5 +
.../master-lb-allowed-cidrs-cc599da4eb96e983.yaml  |   7 +
.../notes/merge-labels-9ba7deffc5bb3c7f.yaml       |  10 +
...missing-ip-in-api-address-c25eef757d5336aa.yaml |   8 +
...ing_scrape_ca_and_traefik-5544d8dd5ab7c234.yaml |   5 +
...onitoring_scrape_internal-6697e50f091b0c9c.yaml |   5 +
...-delete-all-loadbalancers-350a69ec787e11ea.yaml |   5 +
.../notes/support-helm-v3-5c68eca89fc9446b.yaml    |  19 +
.../support-rotate-ca-certs-913a6ef1b571733c.yaml  |   8 +
...upgrade-on-behalf-of-user-c04994831360f8c1.yaml |   5 +
...ate_prometheus_monitoring-342a86f826be6579.yaml |   8 +
releasenotes/source/conf.py                        |   6 +-
releasenotes/source/index.rst                      |   1 +
releasenotes/source/ussuri.rst                     |   6 +
setup.cfg                                          |   1 +
test-requirements.txt                              |   5 +-
tools/cover.sh                                     |  40 ++-
tox.ini                                            |  14 +-
210 files changed, 3109 insertions(+), 1968 deletions(-)
Requirements updates
--------------------

diff --git a/test-requirements.txt b/test-requirements.txt
index 952e0b83..e07448d8 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -13,2 +13 @@ fixtures>=3.0.0 # Apache-2.0/BSD
-hacking>=3.0,<3.1.0 # Apache-2.0
-mock>=2.0.0 # BSD
+hacking>=3.0.1,<3.1.0 # Apache-2.0
@@ -17,0 +17 @@ os-testr>=1.0.0 # Apache-2.0
+Pygments>=2.2.0 # BSD license
@@ -20 +19,0 @@ pytz>=2013.6 # MIT
-sphinx>=1.8.0,!=2.1.0 # BSD

    

[release-announce] magnum 11.0.0 (victoria)

no-reply＠openstack.org