[tripleo] puppet-tripleo 6.5.0 (ocata)
We are jazzed to announce the release of:
puppet-tripleo 6.5.0: Puppet module for OpenStack TripleO
This release is part of the ocata stable release series.
Download the package from:
https://tarballs.openstack.org/puppet-tripleo/
For more details, please see below.
6.5.0 ^^^^^
New Features
* Restrict nova migration ssh tunnel * The ssh authorized_keys file is only writeable by root. * Creates a new user for migration instead of using root/nova. * Disables SSH forwarding for this user. * Restricts the networks that this user can connect from. * Uses an ssh wrapper command to whitelist the commands that this user can run over ssh. Adds new parameter "tripleo::profile::base::nova::migration_ssh_localaddrs" to specify which incoming IPs are allow for SSH tunnel connections.
Changes in puppet-tripleo 6.4.0..6.5.0 --------------------------------------
c6de6cf Release 6.5.0 (ocata) bcdea36 Move gnocchi upgrade and api to step 4 8779d1a Cover gnocchi api step 4 and 5 ff58a86 Dell SC: Add secondary DSM support 265cb21 Add support for autofencing to Pacemaker Remote. 7ea37ea Add conditional for setting authlogin_nsswitch_use_ldap selboolean fd20b30 Restrict nova migration ssh tunnel e4a2936 make release note a list of strings be62099 Dell SC: Add exclude_domain_ip option d46db3b Add support for Cinder "NAS secure" driver params 220fa8d Update gitignore not to exclude fixture hieradata 72392a3 Use verify_on_create when creating pacemaker remote resources 7e1e609 IPv6 VIP addresses need to be /128
Diffstat (except docs and test files) -------------------------------------
.gitignore | 3 +- manifests/pacemaker/haproxy_with_vip.pp | 20 ++- manifests/profile/base/cinder/volume/dellsc.pp | 23 +-- manifests/profile/base/cinder/volume/netapp.pp | 2 + manifests/profile/base/cinder/volume/nfs.pp | 33 +++- manifests/profile/base/gnocchi/api.pp | 36 +++-- manifests/profile/base/keystone.pp | 6 + manifests/profile/base/nova.pp | 134 ++++++++++------ manifests/profile/base/pacemaker.pp | 1 + manifests/profile/base/pacemaker_remote.pp | 27 ++++ metadata.json | 2 +- ...e-dhcp-agents-per-network-3089c5e7b15f8b7b.yaml | 5 +- .../cold_migration_security-1543136408c76459.yaml | 10 ++ releasenotes/source/conf.py | 4 +- .../tripleo_profile_base_gnocchi_api_spec.rb | 101 +++++++----- spec/classes/tripleo_profile_base_nova_spec.rb | 169 +++++++++++++++++++-- spec/fixtures/hieradata/default.yaml | 3 + 17 files changed, 449 insertions(+), 130 deletions(-)
participants (1)
-
no-reply@openstack.org