summaryrefslogtreecommitdiffstats
path: root/releasenotes
diff options
context:
space:
mode:
Diffstat (limited to 'releasenotes')
-rw-r--r--releasenotes/notes/Composable_role_for_neutron_lbaas-acdf08f1a9dfd3fe.yaml3
-rw-r--r--releasenotes/notes/add-bagpipe-driver-9163f5b22096fde0.yaml1
-rw-r--r--releasenotes/notes/calculate-dhcp-agents-per-network-3089c5e7b15f8b7b.yaml5
-rw-r--r--releasenotes/notes/cold_migration_security-1543136408c76459.yaml10
-rw-r--r--releasenotes/notes/deprecate-redis-file-limit-4a60fa0fde4667ef.yaml5
-rw-r--r--releasenotes/notes/ensure-ssl-conf-2f32c6ead6f3bb0e.yaml10
-rw-r--r--releasenotes/notes/etcd-tls-bb8605c91ff8a94c.yaml3
-rw-r--r--releasenotes/notes/mistral-mod-wsgi-1a1d3eb279daa7fd.yaml7
-rw-r--r--releasenotes/notes/move-ceilo-upgrade-out-3318df875de5cd00.yaml6
-rw-r--r--releasenotes/notes/neutron-bigswitch-agent-profile-1250bb1518199a67.yaml5
-rw-r--r--releasenotes/notes/redfish-9203af1f7bf02bc5.yaml5
-rw-r--r--releasenotes/notes/zaqar-httpd-93db7feb60622687.yaml3
-rw-r--r--releasenotes/source/ocata.rst2
13 files changed, 62 insertions, 3 deletions
diff --git a/releasenotes/notes/Composable_role_for_neutron_lbaas-acdf08f1a9dfd3fe.yaml b/releasenotes/notes/Composable_role_for_neutron_lbaas-acdf08f1a9dfd3fe.yaml
new file mode 100644
index 0000000..20e5994
--- /dev/null
+++ b/releasenotes/notes/Composable_role_for_neutron_lbaas-acdf08f1a9dfd3fe.yaml
@@ -0,0 +1,3 @@
+---
+features:
+ - Adds composable service interface for Neutron LBaaSv2 service.
diff --git a/releasenotes/notes/add-bagpipe-driver-9163f5b22096fde0.yaml b/releasenotes/notes/add-bagpipe-driver-9163f5b22096fde0.yaml
index df6b232..3b9f189 100644
--- a/releasenotes/notes/add-bagpipe-driver-9163f5b22096fde0.yaml
+++ b/releasenotes/notes/add-bagpipe-driver-9163f5b22096fde0.yaml
@@ -1,3 +1,4 @@
---
features:
- Add support for Bagpipe Neutron driver as backend in BGPVPN scenarios
+ - Add ML2 plugin configuration for Bagpipe BGPVPN extension
diff --git a/releasenotes/notes/calculate-dhcp-agents-per-network-3089c5e7b15f8b7b.yaml b/releasenotes/notes/calculate-dhcp-agents-per-network-3089c5e7b15f8b7b.yaml
index 800cedc..1e6c327 100644
--- a/releasenotes/notes/calculate-dhcp-agents-per-network-3089c5e7b15f8b7b.yaml
+++ b/releasenotes/notes/calculate-dhcp-agents-per-network-3089c5e7b15f8b7b.yaml
@@ -1,5 +1,6 @@
---
-features: |
- - Unless a non-default value is provided, the dhcp_agents_per_network
+features:
+ - |
+ Unless a non-default value is provided, the dhcp_agents_per_network
neutron configuration variable is set to the number of deployed
neutron dhcp agents.
diff --git a/releasenotes/notes/cold_migration_security-1543136408c76459.yaml b/releasenotes/notes/cold_migration_security-1543136408c76459.yaml
new file mode 100644
index 0000000..aaea57e
--- /dev/null
+++ b/releasenotes/notes/cold_migration_security-1543136408c76459.yaml
@@ -0,0 +1,10 @@
+---
+features:
+ - |
+ Restrict nova migration ssh tunnel
+ * The ssh authorized_keys file is only writeable by root.
+ * Creates a new user for migration instead of using root/nova.
+ * Disables SSH forwarding for this user.
+ * Restricts the networks that this user can connect from.
+ * Uses an ssh wrapper command to whitelist the commands that this user can run over ssh.
+ Adds new parameter "tripleo::profile::base::nova::migration_ssh_localaddrs" to specify which incoming IPs are allow for SSH tunnel connections.
diff --git a/releasenotes/notes/deprecate-redis-file-limit-4a60fa0fde4667ef.yaml b/releasenotes/notes/deprecate-redis-file-limit-4a60fa0fde4667ef.yaml
new file mode 100644
index 0000000..a362abc
--- /dev/null
+++ b/releasenotes/notes/deprecate-redis-file-limit-4a60fa0fde4667ef.yaml
@@ -0,0 +1,5 @@
+---
+deprecations:
+ - |
+ The redis_file_limit hiera parameter is now deprecated. Use the
+ redis::ulimit parameter instead.
diff --git a/releasenotes/notes/ensure-ssl-conf-2f32c6ead6f3bb0e.yaml b/releasenotes/notes/ensure-ssl-conf-2f32c6ead6f3bb0e.yaml
new file mode 100644
index 0000000..92f2360
--- /dev/null
+++ b/releasenotes/notes/ensure-ssl-conf-2f32c6ead6f3bb0e.yaml
@@ -0,0 +1,10 @@
+---
+fixes:
+ - |
+ With having package mod_ssl by default installed in images we introduced
+ issue with mod_ssl package update. In case of SSL not being used or
+ provided by HAproxy the puppet-apache module by default purges the
+ ssl.conf file. The package update then recreates the file with default
+ Listen 443 option. This causes conflict on 443 port during httpd restart.
+ If we include ::apache::mod::ssl the ssl.conf file will be configured and
+ the Listen option will be used only if there is vhost set to use SSL.
diff --git a/releasenotes/notes/etcd-tls-bb8605c91ff8a94c.yaml b/releasenotes/notes/etcd-tls-bb8605c91ff8a94c.yaml
new file mode 100644
index 0000000..d041267
--- /dev/null
+++ b/releasenotes/notes/etcd-tls-bb8605c91ff8a94c.yaml
@@ -0,0 +1,3 @@
+---
+features:
+ - Enable internal network TLS for etcd
diff --git a/releasenotes/notes/mistral-mod-wsgi-1a1d3eb279daa7fd.yaml b/releasenotes/notes/mistral-mod-wsgi-1a1d3eb279daa7fd.yaml
new file mode 100644
index 0000000..ae6401f
--- /dev/null
+++ b/releasenotes/notes/mistral-mod-wsgi-1a1d3eb279daa7fd.yaml
@@ -0,0 +1,7 @@
+---
+features:
+ - Move Mistral API to use mod_wsgi under Apache.
+upgrade:
+ - Mistral API systemd service will be stopped and
+ disabled.
+
diff --git a/releasenotes/notes/move-ceilo-upgrade-out-3318df875de5cd00.yaml b/releasenotes/notes/move-ceilo-upgrade-out-3318df875de5cd00.yaml
new file mode 100644
index 0000000..1899db9
--- /dev/null
+++ b/releasenotes/notes/move-ceilo-upgrade-out-3318df875de5cd00.yaml
@@ -0,0 +1,6 @@
+---
+fixes:
+ - Since collector is deprecated, move the ceilo upgrade in step5
+ out of collector profile and into cielometer base. This way
+ ceilo upgrade can run even when collector is disabled which is
+ the default in pike.
diff --git a/releasenotes/notes/neutron-bigswitch-agent-profile-1250bb1518199a67.yaml b/releasenotes/notes/neutron-bigswitch-agent-profile-1250bb1518199a67.yaml
new file mode 100644
index 0000000..daaf6f4
--- /dev/null
+++ b/releasenotes/notes/neutron-bigswitch-agent-profile-1250bb1518199a67.yaml
@@ -0,0 +1,5 @@
+---
+fixes:
+ - |
+ Moves bigswitch neutron agent configuration to a new tripleo profile
+ tripleo::profile::base::neutron::agents::bigswitch
diff --git a/releasenotes/notes/redfish-9203af1f7bf02bc5.yaml b/releasenotes/notes/redfish-9203af1f7bf02bc5.yaml
new file mode 100644
index 0000000..d34c3d9
--- /dev/null
+++ b/releasenotes/notes/redfish-9203af1f7bf02bc5.yaml
@@ -0,0 +1,5 @@
+---
+features:
+ - |
+ Support for Redfish hardware is enabled by default for overcloud Ironic
+ via the ``redfish`` hardware type.
diff --git a/releasenotes/notes/zaqar-httpd-93db7feb60622687.yaml b/releasenotes/notes/zaqar-httpd-93db7feb60622687.yaml
new file mode 100644
index 0000000..cff9d65
--- /dev/null
+++ b/releasenotes/notes/zaqar-httpd-93db7feb60622687.yaml
@@ -0,0 +1,3 @@
+---
+features:
+ - Run the Zaqar WSGI service over httpd.
diff --git a/releasenotes/source/ocata.rst b/releasenotes/source/ocata.rst
index ebe62f4..53fb86e 100644
--- a/releasenotes/source/ocata.rst
+++ b/releasenotes/source/ocata.rst
@@ -3,4 +3,4 @@
===================================
.. release-notes::
- :branch: origin/stable/ocata
+ :branch: stable/ocata