[release-announce] openstack-ansible 24.4.0 (xena)
no-reply at openstack.org
no-reply at openstack.org
Thu Aug 11 09:46:53 UTC 2022
We are overjoyed to announce the release of:
openstack-ansible 24.4.0: Ansible playbooks for deploying OpenStack
This release is part of the xena stable release series.
The source is available from:
https://opendev.org/openstack/openstack-ansible
Download the package from:
https://tarballs.openstack.org/openstack-ansible/
Please report issues through:
https://bugs.launchpad.net/openstack-ansible/+bugs
For more details, please see below.
24.4.0
^^^^^^
New Features
************
* Neutron VPN as a Service (VPNaaS) with customized configuration
files can now be defined with the variable
"neutron_vpnaas_custom_config". deployers should define
"neutron_vpnaas_custom_config" in 'user_variables.yml'. Example:
neutron_vpnaas_custom_config:
- src: "/etc/openstack_deploy/strongswan/strongswan.conf.template"
dest: "{{ neutron_conf_dir }}/strongswan.conf.template"
- src: "/etc/openstack_deploy/strongswan/strongswan.d"
dest: "/etc/strongswan.d"
- src: "/etc/openstack_deploy/{{ neutron_vpnaas_distro_packages }}/ipsec.conf.template"
dest: "{{ neutron_conf_dir }}/ipsec.conf.template"
- src: "/etc/openstack_deploy/{{ neutron_vpnaas_distro_packages }}/ipsec.secret.template"
dest: "{{ neutron_conf_dir }}/ipsec.secret.template"
We should be also define "neutron_l3_agent_ini_overrides" in
'user_variables.yml' to tell "l3_agent" use the new config file.
Example:
neutron_l3_agent_ini_overrides:
ipsec:
enable_detailed_logging: True
strongswan:
strongswan_config_template : "{{ neutron_conf_dir }}/strongswan.conf.template"
openswan:
ipsec_config_template: "{{ neutron_conf_dir }}/ipsec.conf.template"
* Implemented variables "rally_openstack_git_repo" and
"rally_openstack_git_install_branch" that allow to override
installation source for rally-openstack package as well as control
installed version of the package.
Upgrade Notes
*************
* Erlang version is changed from "24.1-1" to "24.1.3-1". Depending
on when deployment was done, that could be different minor releases.
This means that your erlang version might be either minorly upgraded
or downgraded. This should not lead to incompatabilities with
RabbitMQ in any scenario.
* If you have defined "haproxy_tuning_params" in your deployment,
make sure that before upgrade all keys are valid haproxy options.
For example, instead of "chksize: 16384" you should set
"tune.chksize: 16384". Otherwise invalid config will be generated
and haproxy will fail on startup. No upgrade scripts are provided
for this change as well as no backwards compatability.
Security Issues
***************
* MariaDB has been updated to version 10.6.8 by default. This covers
following CVEs:
* https://nvd.nist.gov/vuln/detail/CVE-2022-27376
* https://nvd.nist.gov/vuln/detail/CVE-2022-27377
* https://nvd.nist.gov/vuln/detail/CVE-2022-27380
Bug Fixes
*********
* Fixed Erlang installation from Cloudsmith repository for CentOS 8
Stream by adjusting version that will be installed.
* Erlang version is now synced between Ubuntu/Debian and CentOS 8
Stream.
* By default we increase "tune.maxrewrite" as otherwise while using
CSP headers, their size could exceed allowed buffer. Also deployers
can override this value if needed.
Other Notes
***********
* Restriction on parameters that can be passed to
"haproxy_tuning_params" has been released. This means, that any
tuning parameter can be passed in key/value format.
* Default source of rabbitmq and erlang packages has been switched
to cloudsmith.io
Changes in openstack-ansible 24.3.0..24.4.0
-------------------------------------------
c69a621b5 Bump OpenStack-Ansible Xena
b8429d28d Let git choose the branch when cloning a repo
e7462f3c4 Set minimum and maximum microversions for manila api
e3df7b7f7 Increase manila flavor size
134b29cf1 Switch ARA report type from html to database for openstack-ansible jobs
606881a78 Do not try to run etcd in serial mode
76752fda3 Fix facts gathering for zun
d1f672340 Return facts gathering to pre_tasks for masakari
3f55a77c9 Add mistra-extra repo
458d51b72 Set zuul post-timeout to 3 hours
50b733c6b Exclude /var/log/journal from log collection
41547fc5b Define corosync interface for facts gathering
f6d7c4033 Reduce neutron WSGI workers for CI
93280fe48 Install rally only when rally_install is set
0885aa4dd [doc] Fix supporeted Debian version for Xena
Diffstat (except docs and test files)
-------------------------------------
ansible-role-requirements.yml | 78 +++++++++++-----------
deploy-guide/source/targethosts-prepare.rst | 1 +
playbooks/defaults/repo_packages/gnocchi.yml | 4 +-
playbooks/defaults/repo_packages/nova_consoles.yml | 2 +-
.../defaults/repo_packages/openstack_services.yml | 42 ++++++------
playbooks/etcd-install.yml | 2 +-
playbooks/library/git_requirements.py | 1 -
playbooks/os-masakari-install.yml | 33 +++++----
playbooks/os-rally-install.yml | 4 ++
playbooks/os-zun-install.yml | 15 ++++-
...rlang_version_redhat_xena-0699f934689c51be.yaml | 14 ++++
...xy_tuning_params_released-45eb40104747561a.yaml | 20 ++++++
.../mariadb_security_upgrade-41359dd7b59f7330.yaml | 9 +++
...tron-vpnaas-custom-config-ad991bb02b9ed655.yaml | 33 +++++++++
.../notes/rabbit_cloudsmith-36ccc2f807688f4f.yaml | 5 ++
.../rally-openstack-git-121821ef54c48419.yaml | 8 +++
scripts/log-collect.sh | 4 +-
.../templates/user_variables.aio.yml.j2 | 2 +
.../templates/user_variables_manila.yml.j2 | 6 +-
zuul.d/jobs.yaml | 5 ++
20 files changed, 209 insertions(+), 79 deletions(-)
More information about the Release-announce
mailing list