[release-announce] kolla 12.2.0 (wallaby)
no-reply at openstack.org
no-reply at openstack.org
Tue Jun 7 11:12:39 UTC 2022
We are thrilled to announce the release of:
kolla 12.2.0: Kolla OpenStack Deployment
This release is part of the wallaby stable release series.
The source is available from:
https://opendev.org/openstack/kolla
Download the package from:
https://tarballs.openstack.org/kolla/
Please report issues through:
https://bugs.launchpad.net/kolla/+bugs
For more details, please see below.
12.2.0
^^^^^^
New Features
************
* Adds Cyrus SASL packages necessary for the DIGEST-MD5 and SCRAM-
SHA-256 mechanisms. These can be used for libvirt SASL
authentication. LP#1964013
* Quiet mode (enabled with "--quiet" argument) can be combined with
" --logs-dir" option now. Console output will be quiet as expected
while building output will be stored in separate log files.
Upgrade Notes
*************
* The Debian and Ubuntu images use rabbitmq and erlang from
cloudsmith now. Operators might want to mirror/proxy this new source
as it provides the correct set of packages unlike the previous
combination.
Security Issues
***************
* Adds mitigation for Apache Log4j 2 Remote Code Execution (RCE)
vulnerabilities CVE-2021-44228 and CVE-2021-45046 to Apache Storm.
Bug Fixes
*********
* Fixes an issue with Ironic deployments using UEFI and iPXE, where
the default UEFI iPXE bootloader in Ironic was not available in the
TFTP server. This affects all Kolla releases on CentOS, and Xena on
Debian/Ubuntu. LP#1959203
* Installs "glusterfs-client" in Debian and Ubuntu "manila-share"
images to support GlusterFS across supported distributions.
LP#1964140
* Latest version of the elasticsearch gem no longer works with older
(OSS) versions of Elasticsearch. This is fixed by capping the
version of the elasticsearch gem installed into the fluentd
container. LP#1954759
* Fixes an issue when older version of Python OpenvSwitch bindings
package was used, than the running OpenvSwitch code. LP#1961874
* Fix AArch64 ubuntu ironic-python-agent images UEFI PXE booting
failure. Also fix x86_64 lacking of GRUB efi files issue. LP#1879265
* Fixes an issue building images that use a source with a "type" of
"git", when using a git that includes the fix for CVE-2022-24765
(2.35.2 or later). By default, this includes the "gnocchi-base"
image, but may include other images with a non-default
configuration. LP#837710
* Fixes disabling the use of the "curlrc" configuration file in
"healthcheck_curl". LP#1967272
* Fixes an issue seen when using Jinja2 3.1.0.
* Fixes an issue with missing Magnum Keystone auth default policy.
LP#1957159
* Fixes the Debian and Ubuntu images to use rabbitmq and erlang from
cloudsmith so that the images are still buildable and use proper
versions.
* Fixes set_configs.py configuring same permission for directories
and files, causing directories lacking execute permission if not set
for files.
Changes in kolla 12.1.0..12.2.0
-------------------------------
b0517b356 Fix Ubuntu image builds
8ffdee926 Fix local sources of git repositories
444bdffcc masakari: add Cyrus SASL packages to monitors image
cfc365520 cloudkitty: disable building for ubuntu/binary
42c79cdd4 enable logging to file for quiet mode
43dce2cf0 Revert "CI: add templated Dockerfiles to build logs"
7fb3ecb18 Fix image builds with sources using a type=git
5943f32af Emit log when copying file/directory permissions
6a39d8e3d elasticsearch: install Java first on CentOS too
30fbbadd5 Restore use of contextfunction decorator
d8708b713 cloudkitty-api: make sure that we install packages
f3a066673 Fix disabling of curlrc in healthcheck_curl
4ac3ae718 macros/pip: revert to old setuptools way
41b43807b Use jinja2.pass_context instead of contextfilter
cbd2bc7e1 libvirt: add Cyrus SASL packages for DIGEST-MD5
d1cd4e91a Install glusterfs-client in Debuntu
a3fab9d6a Add qemu-img also in nova-libvirt image
76d2e589d [CI] Test Ironic on Debian
b3e2bcdc2 Use python3-openvswitch from distro
4c893661f CI: Drop Ceph stream override
94cecf86e Ensure set_configs sets execute bit on directories
50b1f117a erlang: use packages from Erlang Solutions on AArch64
a29648baf collectd: pcie-errors is x86-64 only now
7f38bce81 base: Drop usage of Ceph Nautilus from RDO
1ac4662c1 ironic: Fix UEFI & iPXE bootloader filenames
3bbc5b329 Unpin td-agent and cap elasticsearch gem
f439afa42 Remove missing collectd packages
67e4f50bf Use distro provided GRUB efi
5ba4fb275 openstack-base: drop anyjson
4835d402f Mitigate two Log4j vulnerabilities in Apache Storm
59adcfd80 magnum: fix issue with keystone auth default policy
320fcbdce Fix variable name
Diffstat (except docs and test files)
-------------------------------------
.zuul.d/base.yaml | 1 -
.zuul.d/debian.yaml | 2 +
kolla/common/utils.py | 34 ++++++++-----
kolla/image/build.py | 16 +++++-
kolla/template/filters.py | 9 +++-
kolla/template/methods.py | 8 ++-
kolla/template/repos.yaml | 21 ++++----
.../notes/bug-1959203-1bb695e052248d78.yaml | 8 +++
.../notes/bug-1964140-57b433329bab067e.yaml | 6 +++
...cap-fluentd-elasticsearch-18c0ca8e90c1234c.yaml | 7 +++
.../notes/distro-python-ovs-df705d1e59f16cde.yaml | 6 +++
...n-agent-pxe-booting-issue-95adaf9249207d5b.yaml | 6 +++
.../git-security-fix-fix-ea56c0071585237d.yaml | 9 ++++
...check-curl-disable-curlrc-0f85aad47379e2a5.yaml | 5 ++
.../jinja2-pass-context-3f3febcd944e3a51.yaml | 4 ++
.../notes/libvirt-sasl-07a8a1a25d2450c6.yaml | 6 +++
...stone-auth-default-policy-e16f7bb558aa4b14.yaml | 5 ++
.../quiet-mode-with-logs-0abafc07923945ac.yaml | 6 +++
...abbitmq-erlang-cloudsmith-c837bf4a450dd802.yaml | 10 ++++
...ectory-execute-permission-8ab919b7b17025d2.yaml | 5 ++
...-vulnerability-mitigation-6746a8a0bb329485.yaml | 5 ++
46 files changed, 308 insertions(+), 122 deletions(-)
More information about the Release-announce
mailing list