kayobe 10.2.0 (wallaby)

7 Jun 2022

We are pleased to announce the release of:

kayobe 10.2.0: Deployment of OpenStack to bare metal using OpenStack
kolla and bifrost

This release is part of the wallaby stable release series.

The source is available from:

    https://opendev.org/openstack/kayobe

Download the package from:

    https://tarballs.openstack.org/kayobe/

Please report issues through:

    https://storyboard.openstack.org/#!/project/openstack/kayobe

For more details, please see below.

10.2.0
^^^^^^


New Features
************

* Enables hardware clock (RTC) synchronisation by default when
  applying the chrony role. This setting is configurable with the new
  variable "chrony_rtcsync_enabled".

* Adds support for inspection of L3-routed Ironic networks via DHCP-
  relay.

* Adds support for running package updates on Ubuntu hosts via the
  following existing commands:

  * "kayobe seed host package update --packages <packages>"

  * "kayobe seed hypervisor host package update --packages
    <packages>"

  * "kayobe infra vm host package update --packages <packages>"

  * "kayobe overcloud host package update --packages <packages>"


Security Issues
***************

* Fixes an issue where any passwords in
  "kolla_ansible_custom_passwords" were exposed in Ansible logs. When
  using verbosity level 3 ("-vvv"), they were also exposed in Ansible
  output.


Bug Fixes
*********

* In production environments, the provision network may be separated
  from the other networks, so in this case, if you want Bifrost's DHCP
  service provides the correct gateway for the clients the
  "inspection_gateway" should be used instead of the "gateway"
  attribute for the provision network. This also avoids configuring
  the multiple IP gateways on a single host which leads to
  unpredictable results.

* Fixes an issue where the Neutron SR-IOV agent image is not built
  when the service is enabled.

* Fixes an issue with idempotence of local Kolla Ansible
  configuration generation.

* Fixes an issue with the seed's configdrive when the admin network
  is a VLAN. See story 2008089 for details.

* Enables deployment of Grafana when Monasca is enabled, as a
  replacement for the retired "monasca-grafana" image. See story
  2009717 for details.

* Fixes Ansible inventory generation with some custom group mappings
  using the same group names for Kayobe and Kolla Ansible. See story
  2009927 for details.

* The set of commands starting with "kayobe overcloud database" now
  generate the kolla configuration necessary to login to the nodes
  running the database.

* Fixes an issue with config drive generation for infrastructure and
  seed VMs when using untagged interfaces. The symptom of this issue
  is that kayobe cannot login to the instance. If you check the
  libvirt console log, you will see "KeyError: 'vlan_link'". See story
  2009910 for details.

* Fixes an issue where hacluster images are not built when the
  service is enabled.

* Fixes an issue with IPA image builds which used the "master"
  branch of "ironic-python-agent", even on stable releases of Kayobe,
  or when explicitly setting "ipa_build_source_version".

* Fixes an issue where any passwords in
  "kolla_ansible_custom_passwords" were exposed in Ansible logs. When
  using verbosity level 3 ("-vvv"), they were also exposed in Ansible
  output.

* Fixes an issue where patch links could be erroneously created on
  hosts not in the overcloud group. See Story 2009911 for details.

* Pins Jinja2 to less than "3.1.0" to avoid breaking changes.

* Fixes an issue where the MTU defined in Kayobe was not applied to
  Ironic provisioning and cleaning networks in Neutron.

* Deployment image (IPA) build no longer uses master version of
  upper- constraints. Instead, it defaults to using the constraints
  for the OpenStack release associated with the version of Kayobe
  being used. See story 2009810 for details.

* Fixes failures to run "kayobe overcloud bios raid configure" by
  upgrading the "stackhpc.drac" role to version 1.1.6.

* Fixes an issue with masking NTP services which are not found. See
  story 2009821 for details.

Changes in kayobe 10.1.0..10.2.0
--------------------------------

313a9851 ironic: Set MTU on provisioning and cleaning Neutron networks
4d68a5dd CI: Disable horizon in upgrade jobs to save disk space
8888e406 Fix forgotten hacluster regexp for image build
c231848e CI: separate image builds into a non-voting job
3beff4ca kolla_passwords: add no_log for password overrides
c0988335 Bump stackhpc.drac role
712c41b4 Cleanup old and deprecated Swift configuration
26cb0bde docs: Fix custom LVM example
9f469c36 Update documentation link for NCLU
09a4c294 Fix variable name for stackhpc.os-networks upper constraints
4d7e7a57 Restore forgotten linuxbridge-agent container
e23ce7a4 Fix Ansible inventory generation when reusing group names
56f01b53 CI: Avoid image downloads and builds in seed jobs
7e348126 CI: Fix molecule job failure
6cafdb8a Fix custom config idempotence
ea7a9059 Pin Jinja2<3.1.0 to avoid contextfilter removal
035f2f40 Ubuntu: support host package update
a7e3b0c2 CI: Pin ansible-lint to <6
6886ce6b Only create patch links on overcloud hosts
c129808c CI: Disable container image builds on Ubuntu
1f006150 Use naming convention to infer VLAN tagging
00d6ad65 CI: remove qemu-utils installation
ee6d4614 CI: stop using zuul as kayobe_ansible_user in TLS jobs
ae617ae7 Enable rtcsync in chrony by default
c5f9a5ee Bump up manage-lvm role version to v0.2.6
8a859c23 CI: Enable bare metal testing for Ubuntu
52973754 Set requirements branch for IPA build
4b3bb2c0 Set correct gateway for the bifrost provision network
180fd4ba ntp: Fix service mask when service doesn't exist
ed3a0556 Fix Sphinx syntax typo
42c87d2c Fix 'ModuleNotFoundError: No module named 'docker'
1c65af8e Fix seed VM configdrive when admin network is a VLAN
e9dd7e0d Generate kolla config when running database commands
b08a2197 Build neutron-sriov-agent image when enabled
933cf53c ipa: Use openstack_branch instead of master
c68913d8 Deploy Grafana when Monasca is enabled
4d777082 [CI] Drop unused nodeset
43451c49 CI: Use correct TD agent repository version
9ae0401f Document that extra kernel parameters are important for inspection
679fa2a7 Add support for Ironic inspection through DHCP-relay
c92a97ce Limit ip-routing and snat to seed hosts only


Diffstat (except docs and test files)
-------------------------------------

ansible/group_vars/all/bifrost                     |  3 +
ansible/group_vars/all/ipa                         |  9 ++-
ansible/group_vars/all/kolla                       |  9 ++-
ansible/group_vars/all/time                        |  3 +
ansible/host-package-update.yml                    |  6 +-
ansible/ip-routing.yml                             |  2 +-
ansible/kolla-ansible.yml                          |  1 +
ansible/kolla-bifrost.yml                          |  2 +-
ansible/provision-net.yml                          |  4 +-
ansible/roles/kolla-ansible/defaults/main.yml      |  3 +
.../roles/kolla-ansible/library/kolla_passwords.py |  2 +-
.../roles/kolla-ansible/templates/globals.yml.j2   |  2 +-
.../kolla-ansible/templates/overcloud-top-level.j2 |  2 +-
ansible/roles/kolla-openstack/tasks/config.yml     |  1 -
.../roles/kolla-openstack/templates/glance.conf.j2 | 29 --------
ansible/roles/network-redhat/tasks/main.yml        |  1 +
ansible/roles/ntp/tasks/prepare.yml                | 25 +++++--
ansible/snat.yml                                   |  2 +-
dev/functions                                      | 11 +++
.../reference/ironic-python-agent.rst              |  7 +-
.../configuration/reference/physical-network.rst   |  2 +-
etc/kayobe/bifrost.yml                             |  3 +
etc/kayobe/ipa.yml                                 |  2 +-
etc/kayobe/time.yml                                |  3 +
kayobe/cli/commands.py                             |  8 ++
kayobe/plugins/filter/networks.py                  |  8 ++
molecule-requirements.txt                          | 12 +++
playbooks/kayobe-overcloud-base/globals.yml.j2     |  2 +-
playbooks/kayobe-overcloud-base/overrides.yml.j2   |  3 -
playbooks/kayobe-overcloud-base/run.yml            | 11 ---
.../overrides.yml.j2                               |  2 +-
.../kayobe-overcloud-upgrade-base/overrides.yml.j2 |  3 +-
playbooks/kayobe-overcloud-upgrade-base/pre.yml    |  4 +
.../kayobe-seed-base/bifrost-overrides.yml.j2      |  8 +-
playbooks/kayobe-seed-base/overrides.yml.j2        |  4 +-
playbooks/kayobe-seed-base/run.yml                 | 34 +++++----
.../bifrost-overrides.yml.j2                       |  6 +-
...ifrost-inspection-gateway-316ab384430ef8df.yaml |  9 +++
.../build-neutron-sriov-836acf378bae0b48.yaml      |  5 ++
.../notes/config-idemoptence-37846db82ecd9f43.yaml |  4 +
.../notes/configdrive-vlans-4e8b6ed07b229233.yaml  |  6 ++
...able-grafana-with-monasca-497d686e95d89242.yaml |  7 ++
...nable-rtc-synchronisation-1179a52e8e6bd12b.yaml |  6 ++
...lla-ansible-group-mapping-8fcd6cbb1e744e18.yaml |  6 ++
...ckup-with-no-kolla-config-4f857915adabad41.yaml |  6 ++
.../fixes-keyerror-vlan-link-c177cf719e070df6.yaml |  8 ++
.../hacluster-build-issue-2a8023e0cd80235a.yaml    |  5 ++
...pector-dhcp-range-netmask-bb46eb7df77587a4.yaml |  4 +
.../notes/ipa-branch-b29c377c531013a8.yaml         |  6 ++
...asswords-overrides-no-log-57054ce64fae8143.yaml | 11 +++
.../patch-links-on-overcloud-e24dbc858d3399cc.yaml |  6 ++
.../notes/pin-jinja2-988297e06a2cf790.yaml         |  4 +
.../notes/provision-net-mtu-befdda04224f49a6.yaml  |  5 ++
...ents-branch-for-ipa-build-c3ca977ec21b58f4.yaml |  8 ++
.../stackhpc-drac-check-mode-8097215f8eca9991.yaml |  5 ++
.../notes/story-2009821-b309165e25e77aea.yaml      |  5 ++
.../ubuntu-package-update-0db09fc57249b9fc.yaml    | 10 +++
requirements.txt                                   |  1 +
requirements.yml                                   |  8 +-
roles/kayobe-diagnostics/files/get_logs.sh         |  1 +
test-requirements.txt                              |  8 +-
tox.ini                                            |  2 +-
zuul.d/jobs.yaml                                   | 26 +++++++
zuul.d/nodesets.yaml                               |  6 --
zuul.d/project.yaml                                |  5 ++
69 files changed, 395 insertions(+), 129 deletions(-)


Requirements updates
--------------------

diff --git a/molecule-requirements.txt b/molecule-requirements.txt
new file mode 100644
index 00000000..9ae944e6
--- /dev/null
+++ b/molecule-requirements.txt
@@ -0,0 +1,12 @@
+# The order of packages is significant, because pip processes them in the order
+# of appearance. Changing the order has an impact on the overall integration
+# process, which may cause wedges in the gate later.
+
+ansible-lint>=3.0.0,<6.0.0,!=4.3.0 # MIT
+docker # Apache-2.0
+molecule # MIT
+molecule-docker # MIT
+pytest-molecule # MIT
+pytest-testinfra
+rich<12.1.0
+yamllint # GPLv3
diff --git a/requirements.txt b/requirements.txt
index ed81d1d1..43ec9103 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -2,0 +3 @@ ansible>=2.9.0,<2.11.0,!=2.9.8,!=2.9.12 # GPLv3
+Jinja2<3.1.0 # BSD
diff --git a/test-requirements.txt b/test-requirements.txt
index f3184134..b732c830 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -5 +5 @@
-ansible-lint>=3.0.0,!=4.3.0 # MIT
+ansible-lint>=3.0.0,<6.0.0,!=4.3.0 # MIT
@@ -9 +8,0 @@ doc8 # Apache-2.0
-docker # Apache-2.0
@@ -11,2 +9,0 @@ hacking>=3.0.1,<3.1.0 # Apache-2.0
-molecule # MIT
-molecule-docker # MIT
@@ -14,3 +10,0 @@ oslotest>=1.10.0 # Apache-2.0
-paramiko
-pytest-molecule # MIT
-pytest-testinfra

    

no-reply＠openstack.org

tags

participants (1)