We are delighted to announce the release of: openstack-ansible 28.0.0: Ansible playbooks for deploying OpenStack This release is part of the bobcat release series. The source is available from: https://opendev.org/openstack/openstack-ansible Download the package from: https://tarballs.openstack.org/openstack-ansible/ Please report issues through: https://bugs.launchpad.net/openstack-ansible/+bugs For more details, please see below. Changes in openstack-ansible 27.0.0.0rc1..28.0.0 ------------------------------------------------ 1403962a8 Bump roles and upstream version for 28.0.0.rc1 7b4640d5f Add variable to control queues redundancy fd4e04160 [doc] Add examples of u-c-r, u-c-c and user.rc 475621bb2 Allow installing collections from repos containing more than one 9350ea0c9 Add compatability matrix for 2023.2 (Bobcat) f33a8b183 Disable RabbitMQ quorum queues by default 8907ce8ee Remove glance_available_stores logic from group_vars 22bc3a5fb Fix classic queues version policy 0d5b44943 chore: Update the BTRFS disk check for AIOs 230288343 Use haproxy_service_setup playbook from plugins collection 2acaad910 Remove amphora provider driver 8f3c02d2d Explicitly add localhost to inventory.ini 9e4187742 Tune SSH in pre-step setup 4245f268f Deprecate OpenDaylight support 6e9e9a056 Disable wheels build for metal AIO deployments 66b373665 Map default value of rabbitmq_management_ssl to haproxy_ssl ceea75fee Track stable/2023.2 SHAs for upstream projects f4be49b6f Replace deprecated httpchk with send 6bd9c19cf Do not try to install packages on each log_instance_info run 6efe79599 Bump ansible version to 2.15.5 3ff832bca Drop ssh_keypairs_install_authorized_keys reference 49b268634 Do not fail add-compute.sh script if exit code is 4 607d237e5 Fix vars-file include for os-nova-install 25f1e9651 Add CI jobs for debian bookworm f37eb32a9 [doc] Add documentation on running as non-root 934817b8f Stop ignoring hostnames without underscores 76e0f9ae3 Remove requirement to have id_rsa.pub f05c90103 Define install_method default when hosts resolution depend on it 5910a88c9 Always use on-disk openstack service git repos in CI jobs a44f1212c Run nova db post setup from nova playbook 61ea7a820 Remove common nova playbook 285c8a04a Switch classic queues to version 2 036e4ae24 Temporary don't use u-c for inventory tox test bef10134e Add barbican api microversion limits for tempest tests 1590f9fef [doc] Re-order OVN diagrams in networking guide 991d24afb Define tempest config overrides in unique variables per service ba9a24855 Gather extra networking facts for keepalived bd0d3d041 Bump ansible collection versions 4130be36d Bump ansible-core to 2.15.3 and ansible-lint f443e9316 [doc] Update deploy guide with relevant roles 1697be9ba [doc] Fix deployment guide renderring 46ffb2702 Add tls upgrade jobs b00b4db3e Allow deployment on debian bookworm hosts f34258518 [doc] Add example network architectures for OVN 33e59f154 Apply deployment env vars during keystone main_pre 974208794 Bump SHA for openstack-ansible-plugins collection 7a32e9a35 Fix container bridge name for octavia 48847ab07 Update Senlin SHA 66d0dc762 Enable multiple console proxies when required in deployments a831e4b6c Fix ansible_ssh_extra_args extra newline 811183909 Set correct language for docs 7ba58e15f Add default name for user collections file cc9e72b7f Do not add all computes as OVN gateways 62fb57b2d Replace HA policies for RabbitMQ with quorum 5ea6f419c Fix linters to satisfy ansible-lint 6.18 20c963ab2 Apply rate limit for journald in AIO builds a8c159098 Respect haproxy_bind_internal_lb_vip_* variables c19c11c53 Allow bind mount of types other than directory f175a2d21 Do not override tempest_plugins for AIO scenarios c987557c0 Update haproxy healthcheck options 391cf35b2 Bump upstream SHAs 45afeaefb Update SHAs for Gnoochi and plugins 5d0dc7248 Stop reffering _member_ role 3d6e5cb16 haproxy: fix health checks for serialconsole in http mode 70cccd074 haproxy: fix csp issue preventing embedded serial console d0aeb6c5b Remove dynamic-address-fact call which is no longer required d1e30257a nova/haproxy: fix typo in detection of 'serialconsole' 6204256ff Allow to skip roles/collections bootstrap separately 60750a279 Gather facts before including common-playbooks d72b3394a Remove Ubuntu 20.04 support 230004a38 Allow to update AIO config prior to an upgrade d458b1f46 Return PIP_OPTS for load_nodepool_pip_opts 3ff787394 Remove haproxy_accept_both_protocols from repo_all e88bf6b19 Adjust default value for *_backend_ssl 64054e4ca Restore an ability for HAProxy to bind on interal IP 9690b3419 Use include_role in task to avoid lack of access to vars aa558cc36 Pin version of setuptools 4706b1330 [doc] Update releasing documentation b97c4860e Start 2023.2 (Bobcat) development 0eb9ccab3 Allow to pass BOOTSTRAP_EXTRA_PARAMS to bootstrap-aio.yml eb56baefe Allow to run only specific tags from bootstrap-host role e92a4a9dc Do not override user_secrets.yml if it already exists 6f392beb4 Add 2023.1 to the compatability matrix e534b7640 Mark Xena as EM in docs 5b9ea29ff [doc] Update upgrade guide to mention SLURP 29709994f Bump SHAs for Antelope RC2 c5fa98690 Update master for stable/2023.1 e00689d50 Enable S3 API by default 14f69fbb5 Add TLS support to ceph-rgw backends 724caeffd Fix repo url in healthcheck-infrastructure.yml b75a9d0dd Implement support for haproxy_accept_both_protocols 6a0646470 Ensure management_address is used instead of ansible_host Diffstat (except docs and test files) ------------------------------------- .ansible-lint | 19 +- ansible-collection-requirements.yml | 34 +-- ansible-role-requirements.yml | 328 ++++++++++----------- ansible-role-requirements.yml.example | 6 - deploy-guide/source/conf.py | 9 +- deploy-guide/source/configure.rst | 100 ++++--- deploy-guide/source/deploymenthost.rst | 4 +- deploy-guide/source/overview-requirements.rst | 2 - deploy-guide/source/targethosts-networkconfig.rst | 3 +- deploy-guide/source/targethosts-prepare.rst | 23 +- .../admin/upgrades/os-compatibility-matrix.html | 67 ++++- .../architecture/container-networking.rst | 36 +-- .../network-arch-ovn-multibond-compute-drawio.png | Bin 0 -> 48533 bytes .../network-arch-ovn-multibond-gateway-drawio.png | Bin 0 -> 76029 bytes ...network-arch-ovn-single-bond-compute-drawio.png | Bin 0 -> 44083 bytes ...network-arch-ovn-single-bond-gateway-drawio.png | Bin 0 -> 63617 bytes .../openstack_user_config.yml.aio.j2 | 2 +- .../user-collection-requirements.yml.example | 9 + .../user-role-requirements.yml.example | 7 + etc/openstack_deploy/user.rc.example | 4 + global-requirement-pins.txt | 1 + inventory/env.d/neutron.yml | 4 - inventory/env.d/nova.yml | 1 - .../group_vars/adjutant_all/haproxy_service.yml | 5 +- inventory/group_vars/adjutant_all/source_git.yml | 2 +- inventory/group_vars/all/all.yml | 7 +- inventory/group_vars/all/infra.yml | 19 +- inventory/group_vars/all/nova.yml | 6 +- inventory/group_vars/all/oslo-messaging.yml | 1 - inventory/group_vars/all/source_git.yml | 6 +- inventory/group_vars/aodh_all/haproxy_service.yml | 5 +- inventory/group_vars/aodh_all/source_git.yml | 6 +- .../group_vars/barbican_all/haproxy_service.yml | 5 +- inventory/group_vars/barbican_all/source_git.yml | 6 +- .../group_vars/blazar_all/haproxy_service.yml | 7 +- inventory/group_vars/blazar_all/source_git.yml | 10 +- inventory/group_vars/ceilometer_all/source_git.yml | 6 +- inventory/group_vars/ceph-rgw.yml | 62 +++- inventory/group_vars/ceph_all.yml | 2 +- .../group_vars/cinder_all/haproxy_service.yml | 5 +- inventory/group_vars/cinder_all/source_git.yml | 6 +- .../group_vars/cloudkitty_all/haproxy_service.yml | 5 +- inventory/group_vars/cloudkitty_all/source_git.yml | 6 +- .../group_vars/designate_all/haproxy_service.yml | 4 +- inventory/group_vars/designate_all/source_git.yml | 6 +- inventory/group_vars/galera_all.yml | 14 +- inventory/group_vars/glance_all/defaults.yml | 2 - .../group_vars/glance_all/haproxy_service.yml | 5 +- inventory/group_vars/glance_all/source_git.yml | 6 +- .../group_vars/gnocchi_all/haproxy_services.yml | 4 +- inventory/group_vars/gnocchi_all/source_git.yml | 10 +- inventory/group_vars/haproxy/haproxy.yml | 9 +- inventory/group_vars/heat_all/haproxy_service.yml | 10 +- inventory/group_vars/heat_all/source_git.yml | 6 +- .../group_vars/horizon_all/haproxy_service.yml | 6 +- inventory/group_vars/horizon_all/source_git.yml | 50 ++-- .../group_vars/ironic_all/haproxy_service.yml | 10 +- inventory/group_vars/ironic_all/source_git.yml | 10 +- .../group_vars/keystone_all/haproxy_service.yml | 5 +- inventory/group_vars/keystone_all/source_git.yml | 6 +- .../group_vars/magnum_all/haproxy_service.yml | 5 +- inventory/group_vars/magnum_all/source_git.yml | 6 +- .../group_vars/manila_all/haproxy_service.yml | 5 +- inventory/group_vars/manila_all/source_git.yml | 6 +- .../group_vars/masakari_all/haproxy_service.yml | 5 +- inventory/group_vars/masakari_all/source_git.yml | 10 +- inventory/group_vars/memcached.yml | 2 +- .../group_vars/mistral_all/haproxy_service.yml | 5 +- inventory/group_vars/mistral_all/source_git.yml | 10 +- .../group_vars/murano_all/haproxy_service.yml | 5 +- inventory/group_vars/murano_all/source_git.yml | 6 +- .../group_vars/neutron_all/haproxy_service.yml | 31 +- inventory/group_vars/neutron_all/source_git.yml | 38 ++- inventory/group_vars/nova_all/haproxy_service.yml | 38 ++- inventory/group_vars/nova_all/source_git.yml | 8 +- .../group_vars/octavia_all/haproxy_service.yml | 5 +- inventory/group_vars/octavia_all/source_git.yml | 10 +- .../group_vars/placement_all/haproxy_service.yml | 5 +- inventory/group_vars/placement_all/source_git.yml | 6 +- inventory/group_vars/rabbitmq_all.yml | 10 +- inventory/group_vars/repo_all.yml | 11 +- .../group_vars/sahara_all/haproxy_service.yml | 5 +- inventory/group_vars/sahara_all/source_git.yml | 6 +- .../group_vars/senlin_all/haproxy_service.yml | 5 +- inventory/group_vars/senlin_all/source_git.yml | 6 +- inventory/group_vars/swift_all/haproxy_service.yml | 5 +- inventory/group_vars/swift_all/source_git.yml | 6 +- .../group_vars/tacker_all/haproxy_service.yml | 4 +- inventory/group_vars/tacker_all/source_git.yml | 6 +- inventory/group_vars/trove_all/haproxy_service.yml | 5 +- inventory/group_vars/trove_all/source_git.yml | 6 +- inventory/group_vars/utility_all/source_git.yml | 44 +-- inventory/group_vars/zun_all/haproxy_service.yml | 9 +- inventory/group_vars/zun_all/source_git.yml | 14 +- inventory/inventory.ini | 3 + osa_toolkit/manage.py | 4 - playbooks/ceph-install.yml | 7 +- playbooks/ceph-nfs-install.yml | 2 +- playbooks/ceph-rgw-install.yml | 26 +- playbooks/ceph-rgw-keystone-setup.yml | 5 +- playbooks/certificate-ssh-authority.yml | 1 - playbooks/common-playbooks/cinder.yml | 32 +- .../common-playbooks/haproxy-service-config.yml | 41 --- playbooks/common-playbooks/neutron.yml | 32 +- playbooks/common-playbooks/nova.yml | 178 ----------- playbooks/common-tasks/ceph-server.yml | 2 +- playbooks/common-tasks/os-lxc-container-setup.yml | 4 +- playbooks/common-tasks/unbound-clients.yml | 8 +- playbooks/containers-deploy.yml | 6 +- playbooks/containers-lxc-destroy.yml | 3 +- playbooks/containers-lxc-host.yml | 4 +- playbooks/defaults/healthchecks-vars.yml | 2 +- playbooks/galera-install.yml | 14 +- playbooks/haproxy-install.yml | 18 +- playbooks/healthcheck-hosts.yml | 3 +- playbooks/healthcheck-infrastructure.yml | 35 ++- playbooks/healthcheck-openstack.yml | 25 +- playbooks/infra-journal-remote.yml | 6 +- playbooks/listening-port-report.yml | 3 +- playbooks/memcached-install.yml | 6 +- playbooks/openstack-hosts-setup.yml | 4 +- playbooks/os-adjutant-install.yml | 13 +- playbooks/os-aodh-install.yml | 8 +- playbooks/os-barbican-install.yml | 8 +- playbooks/os-blazar-install.yml | 8 +- playbooks/os-ceilometer-install.yml | 6 +- playbooks/os-cinder-install.yml | 25 +- playbooks/os-cloudkitty-install.yml | 14 +- playbooks/os-designate-install.yml | 8 +- playbooks/os-glance-install.yml | 11 +- playbooks/os-gnocchi-install.yml | 8 +- playbooks/os-heat-install.yml | 8 +- playbooks/os-horizon-install.yml | 8 +- playbooks/os-ironic-install.yml | 8 +- playbooks/os-keystone-install.yml | 20 +- playbooks/os-magnum-install.yml | 8 +- playbooks/os-manila-install.yml | 18 +- playbooks/os-masakari-install.yml | 14 +- playbooks/os-mistral-install.yml | 8 +- playbooks/os-murano-install.yml | 8 +- playbooks/os-neutron-install.yml | 28 +- playbooks/os-nova-install.yml | 231 ++++++++++++++- playbooks/os-octavia-install.yml | 8 +- playbooks/os-placement-install.yml | 8 +- playbooks/os-rally-install.yml | 3 +- playbooks/os-sahara-install.yml | 8 +- playbooks/os-senlin-install.yml | 13 +- playbooks/os-swift-install.yml | 8 +- playbooks/os-tacker-install.yml | 5 +- playbooks/os-trove-install.yml | 8 +- playbooks/os-zun-install.yml | 14 +- playbooks/qdrouterd-install.yml | 6 +- playbooks/rabbitmq-install.yml | 16 +- playbooks/repo-install.yml | 8 +- playbooks/security-hardening.yml | 6 +- playbooks/setup-everything.yml | 11 +- playbooks/setup-hosts.yml | 23 +- playbooks/setup-infrastructure.yml | 46 ++- playbooks/setup-openstack.yml | 126 ++++++-- playbooks/unbound-install.yml | 9 +- playbooks/utility-install.yml | 16 +- playbooks/zookeeper-install.yml | 6 +- ...ing_sandboxing_var_rename-95725d5a123c0dc5.yaml | 22 ++ .../backend_config_per_host-14cec3ec5f708934.yaml | 7 + .../backups-systemd-override-e36d6bf010eb6b92.yaml | 7 + releasenotes/notes/cache-89ff11c4e085126e.yaml | 4 + .../notes/erlang_extra_args-bba75332abeabd3e.yaml | 5 + ...licit-localhost-inventory-96c5b0b28e23a066.yaml | 7 + .../fix_lxc_cache_expiration-1656b5758c4ec24e.yaml | 10 + ...her-include-exclude-lists-91007886c06ebb74.yaml | 10 + ..._available_stores_mapping-8e239dbedc625e73.yaml | 11 + .../notes/h2_initial_support-99a3277939942405.yaml | 22 ++ .../notes/haproxy_ssl_path-7130354314aee961.yaml | 4 + .../notes/journald_config-e3b0e5060dd5f6e7.yaml | 5 + ...tone-oidc-forwarded-proto-92471121e3949428.yaml | 5 + .../mariabackup-compression-337b04c68f370c1d.yaml | 28 ++ .../notes/no_sshd_in_lxc-b73334d0c82470b4.yaml | 6 + .../no_zun_ssh_keypairs-4d2f4f6e92ee4ea4.yaml | 7 + .../nova_console_proxies-98f7705e3ecec051.yaml | 5 + .../notes/nova_device_spec-0175a30b2295b768.yaml | 4 + ...ht_multiplier_deprecation-1b152707b4737b3c.yaml | 8 + .../oidc-fix-redirect-uri-5909172a1db5457f.yaml | 13 + .../opendaylight_deprecated-31aa11363c0ec736.yaml | 7 + ...ice_accept_both_protocols-c7d1a89befeae9fe.yaml | 6 + .../ovn_gateway_computes-a9509fd25e8d25db.yaml | 5 + ...f-packagecloud-deprecated-5ee62da847ccae1f.yaml | 11 + ...abbitmq_additional_config-8d5c0c0b6fc6d750.yaml | 4 + ...rabbitmq_longnames_config-d20b703185074acd.yaml | 7 + ...abbitmq_queue_replication-4deacbb389dd2e25.yaml | 7 + .../rabbitmq_quorum_queues-5f47b8a047faa8b5.yaml | 29 ++ ...reduce-memory-consumption-b849f8cc386c1d19.yaml | 5 + .../notes/remove-cache-map-8552368f6d7c604c.yaml | 7 + ...emove-whitelist-blacklist-b7ee801064de0bca.yaml | 6 + ...move_common_nova_playbook-9fde48c51bee5b6a.yaml | 5 + .../rename-list-file-path-239294e5a57fef09.yaml | 7 + ...s3-api-enabled-by-default-53e6602aeb4d9ff1.yaml | 4 + releasenotes/source/2023.1.rst | 6 + releasenotes/source/index.rst | 1 + scripts/add-compute.sh | 2 +- scripts/bootstrap-aio.sh | 17 +- scripts/bootstrap-ansible.sh | 74 ++--- scripts/gate-check-commit.sh | 20 +- scripts/get-ansible-collection-requirements.yml | 7 +- scripts/get-ansible-role-requirements.yml | 7 +- scripts/run-upgrade.sh | 8 +- scripts/scripts-library.sh | 27 +- .../upgrade-utilities/define-neutron-plugin.yml | 48 --- .../galera-cluster-rolling-restart.yml | 2 +- test-requirements.txt | 2 +- .../bootstrap-host/tasks/check-requirements.yml | 7 +- .../bootstrap-host/tasks/prepare_aio_config.yml | 1 + .../templates/user_variables.aio.yml.j2 | 32 +- .../templates/user_variables_barbican.yml.j2 | 8 +- .../templates/user_variables_horizon.yml.j2 | 2 +- .../templates/user_variables_magnum.yml.j2 | 2 +- .../templates/user_variables_manila.yml.j2 | 7 +- .../templates/user_variables_murano.yml.j2 | 2 +- .../templates/user_variables_octavia.yml.j2 | 4 +- .../templates/user_variables_tls.yml.j2 | 26 +- .../templates/user_variables_zun.yml.j2 | 2 +- tox.ini | 5 +- zuul.d/jobs.yaml | 185 ++++++------ zuul.d/playbooks/pre-gate-cleanup.yml | 53 +++- zuul.d/project-templates.yaml | 61 ++-- 239 files changed, 2522 insertions(+), 1458 deletions(-) Requirements updates -------------------- diff --git a/test-requirements.txt b/test-requirements.txt index d6e73cb9e..88615ad25 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -14 +14 @@ flake8==3.8.3 # MIT -ansible-lint==5.3.2 # MIT +ansible-lint==6.19.0 # MIT