We are psyched to announce the release of: openstack-ansible 23.4.0: Ansible playbooks for deploying OpenStack This release is part of the wallaby stable release series. The source is available from: https://opendev.org/openstack/openstack-ansible Download the package from: https://tarballs.openstack.org/openstack-ansible/ Please report issues through: https://bugs.launchpad.net/openstack-ansible/+bugs For more details, please see below. 23.4.0 ^^^^^^ New Features ************ * Neutron VPN as a Service (VPNaaS) with customized configuration files can now be defined with the variable "neutron_vpnaas_custom_config". deployers should define "neutron_vpnaas_custom_config" in 'user_variables.yml'. Example: neutron_vpnaas_custom_config: - src: "/etc/openstack_deploy/strongswan/strongswan.conf.template" dest: "{{ neutron_conf_dir }}/strongswan.conf.template" - src: "/etc/openstack_deploy/strongswan/strongswan.d" dest: "/etc/strongswan.d" - src: "/etc/openstack_deploy/{{ neutron_vpnaas_distro_packages }}/ipsec.conf.template" dest: "{{ neutron_conf_dir }}/ipsec.conf.template" - src: "/etc/openstack_deploy/{{ neutron_vpnaas_distro_packages }}/ipsec.secret.template" dest: "{{ neutron_conf_dir }}/ipsec.secret.template" We should be also define "neutron_l3_agent_ini_overrides" in 'user_variables.yml' to tell "l3_agent" use the new config file. Example: neutron_l3_agent_ini_overrides: ipsec: enable_detailed_logging: True strongswan: strongswan_config_template : "{{ neutron_conf_dir }}/strongswan.conf.template" openswan: ipsec_config_template: "{{ neutron_conf_dir }}/ipsec.conf.template" * Implemented variables "rally_openstack_git_repo" and "rally_openstack_git_install_branch" that allow to override installation source for rally-openstack package as well as controll installed version of the package. Security Issues *************** * MariaDB has been updated to version 10.5.16 by default. This covers following CVEs: * https://nvd.nist.gov/vuln/detail/CVE-2022-27376 * https://nvd.nist.gov/vuln/detail/CVE-2022-27377 * https://nvd.nist.gov/vuln/detail/CVE-2022-27380 Other Notes *********** * Default source of rabbitmq and erlang packages has been switched to cloudsmith.io Changes in openstack-ansible 23.3.1..23.4.0 ------------------------------------------- a83bc9b14 Bump OpenStack-Ansible for Wallaby 4d8d9e8bf Fix facts gathering for zun f84023a45 Add mistra-extra repo b14c95dac Exclude /var/log/journal from log collection 36db12f34 Install rally only when rally_install is set Diffstat (except docs and test files) ------------------------------------- ansible-role-requirements.yml | 75 +++++++++++----------- playbooks/defaults/repo_packages/gnocchi.yml | 4 +- playbooks/defaults/repo_packages/nova_consoles.yml | 2 +- .../defaults/repo_packages/openstack_services.yml | 36 ++++++----- playbooks/os-rally-install.yml | 4 ++ playbooks/os-zun-install.yml | 2 +- .../mariadb_security_upgrade-24e89cb878cc1389.yaml | 10 +++ ...tron-vpnaas-custom-config-ad991bb02b9ed655.yaml | 33 ++++++++++ .../notes/rabbit_cloudsmith-36ccc2f807688f4f.yaml | 5 ++ .../rally-openstack-git-121821ef54c48419.yaml | 8 +++ scripts/log-collect.sh | 2 +- .../templates/user_variables.aio.yml.j2 | 1 + zuul.d/jobs.yaml | 1 + 13 files changed, 124 insertions(+), 59 deletions(-)