We are chuffed to announce the release of: openstack-ansible-galera_server 15.1.7: Galera Server role for OpenStack-Ansible This release is part of the ocata stable release series. Download the package from: https://tarballs.openstack.org/openstack-ansible-galera_server/ For more details, please see below. 15.1.7 ^^^^^^ Known Issues * MariaDB 10.1+ includes *PrivateDevices=true* in its systemd unit files to add extra security around mount namespaces for MariaDB. While this is useful when running MariaDB on a bare metal host with other services, it is less useful when MariaDB is already in a container with its own namespaces. In addition, LXC 2.0.8 presents */dev/ptmx* as a bind mount within the container and systemd 219 (on CentOS 7) cannot make an additional bind mount of */dev/ptmx* when *PrivateDevices* is enabled. Deployers can *galera_disable_privatedevices* to *yes* to set *PrivateDevices=false* in the systemd unit file for MariaDB on CentOS 7. The default is *no*, which keeps the default systemd unit file settings from the MariaDB package. For additional information, refer to the following bugs: * https://bugs.launchpad.net/openstack-ansible/+bug/1697531 * https://github.com/lxc/lxc/issues/1623 * https://github.com/systemd/systemd/issues/6121 Changes in openstack-ansible-galera_server 15.1.5..15.1.7 --------------------------------------------------------- c6d3668 Move PrivateDevices before mysql password set a8c14f4 Dynamically include upgrade_check task files 26d7409 Disable PrivateDevices for Galera on CentOS 7 Diffstat (except docs and test files) ------------------------------------- defaults/main.yml | 16 +++++++++++ ...tos-private-devices-issue-99aab9a30b1f8014.yaml | 21 ++++++++++++++ tasks/galera_install_yum.yml | 32 ++++++++++++++++++++++ tasks/galera_upgrade_check.yml | 11 +------- templates/without-privatedevices.conf.j2 | 2 ++ 6 files changed, 73 insertions(+), 10 deletions(-)