We are pleased to announce the release of: puppet-octavia 20.2.0: Puppet module for OpenStack Octavia This release is part of the yoga release series. The source is available from: https://opendev.org/openstack/puppet-octavia Download the package from: https://tarballs.openstack.org/puppet-octavia/ Please report issues through: https://bugs.launchpad.net/puppet-octavia/+bugs For more details, please see below. 20.2.0 ^^^^^^ New Features ************ * It is now possible to specify *octavia::wsgi::apache::wsgi_script_dir* and *octavia::wsgi::apache::wsgi_script_source* to override operating system defaults. * The following parameters have been added to the "octavia::api" class. These parameters allows customizing the same parameters in the "[api_setting]" section. * "default_listener_ciphers" * "default_pool_ciphers" * "tls_cipher_prohibit_list" * "default_listener_tls_versions" * "default_pool_tls_versions" * "minimum_tls_version" * The new "octavia::controller::build_retry_interval" parameter has been added. * Now this module supports CentOS 9 and Red Hat Enterprise Linux 9. * The following parameters have been added to the "octavia::controller" class. * "active_connection_max_retries" * "active_connection_retry_interval" * "failover_connection_max_retries" * "failover_connection_retry_interval" * The "octavia::quota" class now supports the following two parameters. * "default_l7policy_quota" * "default_l7rule_quota" * The "system_scope" parameter has been added to the "octavia::keystone::authtoken" class. * The "octavia::keystone::auth" class now supports customizing roles assigned to the octavia service user. * The "octavia::keystone::auth" class now supports defining assignmet of system-scoped roles to the octavia service user. Upgrade Notes ************* * Default value of the "octavia::worker::amp_project_name" parameter has been changed and now the flavor is created in the "services" project by default. Update the parameter to ensure the flavor is created in the project which the octavia service user belongs to. * The "octavia::amqp_allow_insecure_clients" parameter has been removed. * The following parameters of the "octavia" class has been removed. * "database_min_pool_size" * "database_connection" * "database_db_max_retries" * "database_idle_timeout" * "database_max_overflow" * "database_max_pool_size" * "database_max_retries" * "database_pool_timeout" * "database_retry_interval" * The "database_min_pool_size" parameter of the "octavia::db" class has been removed. * The "octavia::health_manager::event_streamer_driver" parameter has been removed. * The "octavia::service_auth::password" parameter is now required. * Default values of the "octavia::service_auth" parameeters have been updated, so that standalone deployment can be set up with less parameters set. Changes in puppet-octavia 20.1.0..20.2.0 ---------------------------------------- 844a55a Prepare Yoga M3 d45a08e Add CentOS/RHEL 9 to supported operating systems 86ed6dd Avoid hard-coding OS user/group in each manifest e0d45ad Create octavia flavor in the services project by default 09c4552 CentOS 9: Disable unit tests dependent on puppet-postgresql 99dbf04 Remove event_streamer_driver 8524614 TripleO jobs: Replace CentOS 8 jobs by CentOS 9 jobs 5357bb2 api: Add support for TLS cipher/version parameters 93cdf4a Remove deprecated amqp_allow_insecure_clients ce727fb [service_auth] Define default values 5e67744 Wire-in heartbeat_interval f3646c1 Clean up deprecated database parameters ee52fb2 Enable scenario test 6732e26 Simplify definition to ensure keystone resource creation 695b7e7 Use p-o-i manifests in acceptance test c1c20ee Remove unused logic be91306 Allow wsgi script to be configurable aa6219d Avoid testing details of oslo::messaging(::*) ca3c4cc Add support for more connection tunables in [haprpoxy_amphora] 398ec47 Fix dependency to purge default vhost config ccf6792 Add support for [haproxy_amphora] build_retry_interval 95ef3fc Remove usage of custom os_package_type fact c748dc5 Accept system scope credentials for Keystone API request cf21e93 Add support to manage default quota about l7policy/rule Diffstat (except docs and test files) ------------------------------------- .zuul.yaml | 11 +- manifests/api.pp | 39 +++++ manifests/client.pp | 14 +- manifests/controller.pp | 182 ++++++++++++-------- manifests/db.pp | 38 +---- manifests/db/sync.pp | 3 +- manifests/health_manager.pp | 18 +- manifests/init.pp | 101 ----------- manifests/keystone/auth.pp | 20 +++ manifests/keystone/authtoken.pp | 6 + manifests/params.pp | 1 + manifests/quota.pp | 12 ++ manifests/service_auth.pp | 33 ++-- manifests/worker.pp | 14 +- manifests/wsgi/apache.pp | 26 ++- manifests/wsgi/uwsgi.pp | 2 +- metadata.json | 16 +- .../add-wsgi-script-args-1129563527a3e618.yaml | 6 + .../notes/api-tls-params-48cefc42aee491ab.yaml | 13 ++ .../build_retry_interval-96aa9efb9689362d.yaml | 5 + .../notes/centos-9-support-38896bfa2323fb75.yaml | 4 + .../flavor-default-project-a931f9e7649c531c.yaml | 7 + ...y_amphora-connection-opts-abb413396c1d98b8.yaml | 10 ++ .../notes/l7-default-quota-810c3475d7b3e795.yaml | 7 + ...qp_allow_insecure_clients-4498cb1826cc2624.yaml | 4 + .../remove-database-params-6af198c038340c34.yaml | 18 ++ ...ove-event_streamer_driver-fe328ce546d09975.yaml | 5 + .../service_auth-defaults-d8f26d966207f906.yaml | 9 + .../system_scope-keystone-dda7488fa52854e0.yaml | 13 ++ spec/acceptance/octavia_spec.rb | 64 +------ spec/classes/octavia_api_spec.rb | 34 ++++ spec/classes/octavia_controller_spec.rb | 91 +++++----- spec/classes/octavia_db_postgresql_spec.rb | 5 +- spec/classes/octavia_health_manager_spec.rb | 3 + spec/classes/octavia_init_spec.rb | 189 ++++++++++----------- spec/classes/octavia_keystone_auth_spec.rb | 9 + spec/classes/octavia_keystone_authtoken_spec.rb | 3 + spec/classes/octavia_quota_spec.rb | 14 +- spec/classes/octavia_service_auth_spec.rb | 47 ++--- spec/classes/octavia_worker_spec.rb | 32 ++-- spec/classes/octavia_wsgi_apache_spec.rb | 4 + 41 files changed, 620 insertions(+), 512 deletions(-)