[release-announce] [openstackansible] openstack-ansible 15.1.7 (ocata)
no-reply at openstack.org
no-reply at openstack.org
Wed Aug 2 11:33:09 UTC 2017
We are glad to announce the release of:
openstack-ansible 15.1.7: Ansible playbooks for deploying OpenStack
This release is part of the ocata stable release series.
The source is available from:
http://git.openstack.org/cgit/openstack/openstack-ansible
Download the package from:
https://tarballs.openstack.org/openstack-ansible/
For more details, please see below.
15.1.7
^^^^^^
New Features
************
* The os_swift role now supports the swift3 middleware, allowing
access to swift via the Amazon S3 API. This feature can enabled by
setting "swift_swift3_enabled" to "true".
* The "os_cinder" role now provides for doing online data migrations
once the db sync has been completed. The data migrations will not be
executed until the boolean variable "cinder_all_software_updated" is
true. This variable will need to be set by the playbook consuming
the role.
* A new repository for installing modern erlang from ESL (erlang
solutions) has been added giving us the ability to install and
support modern stable erlang over numerous operating systems.
* The ability to set the RabbitMQ repo URL for both erlang and
RabbitMQ itself has been added. This has been done to allow
deployers to define the location of a given repo without having to
fully redefine the entire set of definitions for a specific
repository. The default variables *rabbitmq_gpg_keys*,
*rabbitmq_repo_url*, and *rabbitmq_erlang_repo_url* have been
created to facilitate this capability.
* It's now possible to disable heat stack password field in horizon.
"horizon_enable_heatstack_user_pass" variable has been added and
default to True.
* The "os-nova-install.yml" playbook will now execute a rolling
upgrade of nova including database migrations as per the procedure
described in the nova documentation
(https://docs.openstack.org/developer/nova/upgrade.html).
Known Issues
************
* MemcacheD sets *PrivateDevices=true* in its systemd unit file to
add extra security around mount namespaces. While this is useful
when running MemcacheD on a bare metal host with other services, it
is less useful when MemcacheD is already in a container with its own
namespaces. In addition, LXC 2.0.8 presents */dev/ptmx* as a bind
mount within the container and systemd 219 (on CentOS 7) cannot make
an additional bind mount of */dev/ptmx* when *PrivateDevices* is
enabled.
Deployers can *memcached_disable_privatedevices* to *yes* to set
*PrivateDevices=false* in the systemd unit file for MariaDB on
CentOS 7. The default is *no*, which keeps the default systemd unit
file settings from the MemcacheD package.
For additional information, refer to the following bugs:
* https://bugs.launchpad.net/openstack-ansible/+bug/1697531
* https://github.com/lxc/lxc/issues/1623
* https://github.com/systemd/systemd/issues/6121
* MariaDB 10.1+ includes *PrivateDevices=true* in its systemd unit
files to add extra security around mount namespaces for MariaDB.
While this is useful when running MariaDB on a bare metal host with
other services, it is less useful when MariaDB is already in a
container with its own namespaces. In addition, LXC 2.0.8 presents
*/dev/ptmx* as a bind mount within the container and systemd 219 (on
CentOS 7) cannot make an additional bind mount of */dev/ptmx* when
*PrivateDevices* is enabled.
Deployers can *galera_disable_privatedevices* to *yes* to set
*PrivateDevices=false* in the systemd unit file for MariaDB on
CentOS 7. The default is *no*, which keeps the default systemd unit
file settings from the MariaDB package.
For additional information, refer to the following bugs:
* https://bugs.launchpad.net/openstack-ansible/+bug/1697531
* https://github.com/lxc/lxc/issues/1623
* https://github.com/systemd/systemd/issues/6121
Upgrade Notes
*************
* Changing to the ESL repos has no upgrade impact. The version of
erlang provided by ESL is newer than that what is found in the
distro repos. Furthermore, a pin has been added to ensure that APT
always uses the ESL repos as it's preferred source which has been
done to simply ensure APT is always pointed at ESL.
* The entire repo build process is now idempotent. From now on when
the repo build is re-run, it will only fetch updated git
repositories and rebuild the wheels/venvs if the requirements have
changed, or a new release is being deployed.
* The git clone part of the repo build process now only happens when
the requirements change. A git reclone can be forced by using the
boolean variable "repo_build_git_reclone".
* The python wheel build process now only happens when requirements
change. A wheel rebuild may be forced by using the boolean variable
"repo_build_wheel_rebuild".
* The python venv build process now only happens when requirements
change. A venv rebuild may be forced by using the boolean variable
"repo_build_venv_rebuild".
* The repo build process now only has the following tags, providing
a clear path for each deliverable. The tag "repo-build-install"
completes the installation of required packages. The tag "repo-
build-wheels" completes the wheel build process. The tag "repo-
build-venvs" completes the venv build process. Finally, the tag
"repo-build-index" completes the manifest preparation and indexing
of the os-releases and links folders.
Bug Fixes
*********
* Based on documentation from RabbitMQ [ https://www.rabbitmq.com
/which-erlang.html ] this change ensures the version of erlang we're
using across distros is consistent and supported by RabbitMQ.
Changes in openstack-ansible 15.1.6..15.1.7
-------------------------------------------
aab48ca Fix variable names in sripts-library.sh
ada6672 Make master repos contain all distros
23c6942 SHA Bump for Nova role to include include_role fixes
0fb164d Restart nova-placement service only when necessary
fd4b58e Updated from global requirements
08b32b2 Fix a typo
7f28511 Revert "Update setuptools to 36.2.0"
d9f8e54 SHA Bump repo_server to fix CentOS caching
cfc62b0 Reduce ansible bootstrap packages
11f94c5 Bump Ansible version to include include_role fix
6c6be4a Correctly map nova git sources
4b24177 update package locations path in repo-build play
63c4c22 Only gather facts when necessary
fecdfb1 Idempotent nova db privilege grants
93fd760 Add missing group_vars for glance
534d0b1 Restart glance services only when necessary
fb3c74d Update keystone role SHA for db sync fix
504da78 Remove ceph_client role execution from playbooks
9689aaf Tidy up keystone need_db_sync fact
31a9cee Implement rolling upgrades for nova
311daab Set PrivateDevices=false for CentOS7 Ceph deploys
4079911 Update role requirements for rolling upgrades
e9e6462 Change the variable name play_hosts to ansible_play_hosts
b55635b SHA Bump nova role to fix CentOS7 issues
70cae9b Implement rolling upgrades for glance
1594bca Add Swift3 middleware to openstack_services
fa20f6b Update all SHAs for 15.1.7
bf0c57c Update Calico repo build information
0891e2a Consolidate final two keystone plays
Diffstat (except docs and test files)
-------------------------------------
ansible-role-requirements.yml | 34 +--
deploy-guide/source/overview-requirements.rst | 2 +-
playbooks/ceph-install.yml | 19 ++
playbooks/common-playbooks/cinder.yml | 9 -
playbooks/common-playbooks/glance.yml | 89 ++++++
playbooks/common-playbooks/nova.yml | 157 ++++++++++
playbooks/common-tasks/restart-service.yml | 2 +-
playbooks/defaults/repo_packages/gnocchi.yml | 4 +-
playbooks/defaults/repo_packages/nova_consoles.yml | 2 +-
.../defaults/repo_packages/openstack_services.yml | 73 ++---
playbooks/defaults/repo_packages/projectcalico.yml | 22 --
playbooks/inventory/group_vars/all.yml | 16 +-
playbooks/inventory/group_vars/cinder_all.yml | 4 +-
playbooks/inventory/group_vars/cinder_volume.yml | 5 +
playbooks/inventory/group_vars/glance_all.yml | 10 +
playbooks/inventory/group_vars/nova_all.yml | 15 +
playbooks/inventory/host_vars/localhost.yml | 4 +
playbooks/os-cinder-install.yml | 3 +-
playbooks/os-glance-install.yml | 175 ++++++++----
playbooks/os-keystone-install.yml | 21 +-
playbooks/os-neutron-install.yml | 2 +-
playbooks/os-nova-install.yml | 318 +++++++++++++--------
playbooks/repo-build.yml | 9 +-
.../templates/crontab.j2 | 10 +-
playbooks/vars/configs/keepalived_haproxy.yml | 12 +-
.../notes/add-swift3-support-a3f1a5d866fd8883.yaml | 5 +
...tos-private-devices-issue-0088e6f8c70a601f.yaml | 21 ++
...tos-private-devices-issue-99aab9a30b1f8014.yaml | 21 ++
.../cinder-data-migrations-ce31707c078b335c.yaml | 9 +
releasenotes/notes/esl-repo-6ff0c7f24ad2a043.yaml | 25 ++
.../notes/heatstack_password-25956b6143577735.yaml | 5 +
.../idempotent-wheel-build-4c527045bec09fd5.yaml | 22 ++
.../nova-rolling-upgrades-5a3927330c6be5fd.yaml | 7 +
requirements.txt | 2 +-
scripts/bootstrap-ansible.sh | 44 +--
scripts/scripts-library.sh | 22 +-
.../templates/user_variables.aio.yml.j2 | 6 +
tox.ini | 2 +-
38 files changed, 851 insertions(+), 357 deletions(-)
Requirements updates
--------------------
diff --git a/requirements.txt b/requirements.txt
index ef3c3d9..c6fb0f1 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -5 +5 @@ pip>=7.1.0 # MIT
-setuptools!=24.0.0,!=34.0.0,!=34.0.1,!=34.0.2,!=34.0.3,!=34.1.0,!=34.1.1,!=34.2.0,!=34.3.0,!=34.3.1,!=34.3.2,>=16.0 # PSF/ZPL
+setuptools!=24.0.0,!=34.0.0,!=34.0.1,!=34.0.2,!=34.0.3,!=34.1.0,!=34.1.1,!=34.2.0,!=34.3.0,!=34.3.1,!=34.3.2,!=36.2.0,>=16.0 # PSF/ZPL
More information about the Release-announce
mailing list