aboutsummaryrefslogtreecommitdiffstats
path: root/releasenotes/notes
AgeCommit message (Collapse)AuthorFilesLines
2017-04-05Adding support for Bagpipe Agent as BGPVPN driverRicardo Noriega1-0/+3
Partially-Implements: blueprint bgpvpn-service-integration Change-Id: I54ef40f9d958e87d187a6d124995aa6951c0651a Signed-off-by: Ricardo Noriega <rnoriega@redhat.com>
2017-04-05Merge "SSHD Service extensions"Jenkins1-1/+3
2017-04-04Merge "Configure migration SSH tunnel"Jenkins1-0/+4
2017-04-04Merge "Fixes missing neutron base in sriov"Jenkins1-0/+3
2017-04-04SSHD Service extensionslhinds1-1/+3
This change adds an `include` statement to bring in the extra functionality available from the existing puppet-ssh module in already available in RDO. By using puppet-ssh it provides a framework to allow the passing in of server options using just hiera values under ssh::server_options. For example, sshd_config banner can now be passed a server option, as well as all the new parameters outlined in the launchpad issue that the patch references for Closing. For this reason, the former augeas setting for `Banner /etc/issue` is now managed by the main puppet-ssh module instead. The change also allows population of MOTD text to `/etc/motd` as well as `issue.net`. $bannertext is refactored in accordance with patch [1] [1] https://review.openstack.org/#/c/442406/ Change-Id: Id329538fb7b623526f1d91d8a513cf3440c86a7c Closes-Bug: 1668543
2017-04-03Merge "Add tunnel timeout for ui proxy container"Jenkins1-0/+6
2017-04-03Restrict mongodb memory usagePradeep Kilambi1-0/+6
Currently, mongodb has no limits on how much memory it can consume. This enforces restriction so mongodb service limits through systemd. The puppet-systemd module has support for limits. The MemoryLimit support is added in the follwoing pull request https://github.com/camptocamp/puppet-systemd/pull/23 Closes-bug: #1656558 Change-Id: Ie9391aa39532507c5de8dd668a70d5b66e17c891
2017-04-03Fixes missing neutron base in sriovTim Rozet1-0/+3
This causes issues in deployments that is not using ML2 ComputeNeutronCorePlugin or OVS agent on the compute nodes. Closes-Bug: 1679202 Change-Id: I9cdfd115add8c0d2d3ae6802e7bde007c1677c67 Signed-off-by: Tim Rozet <trozet@redhat.com>
2017-04-03Configure migration SSH tunnelOliver Walsh1-0/+4
This patch configures SSH tunneling for nova cold-migration and reuses the tunnel for libvirt live-migration unless TLS has been enabled. Change-Id: I367757cbe8757d11943af7e41af620f9ce919a06 Depends-On: Iac1763761c652bed637cb7cf85bc12347b5fe7ec
2017-04-02Move horizon to step 3Alex Schultz1-0/+6
We configure apache in step 3 so horizon should be configured at the same time or else updates will cause horizon to be unvailable during the update process. Change-Id: I4032f7c24edc0ff9ed637e213870cdd3beb9a54e Closes-Bug: #1678338
2017-03-30Add tunnel timeout for ui proxy containerDan Trainor1-0/+6
Add an explicit tunnel timeout configuration option to increase the tunnel timeout for persistent socket connections from two minutes (2m) to one hour (3600s). A configuration was already present to apply a tunnel timeout to the zaqar_ws endpoint, but that only applies to connections made directly to the zaqar_ws endpoint directly. Since UI now uses mod_proxy to proxy WebSocket connections for Zaqar, the timeout is now applied for the same reasons to the ui haproxy server. Change-Id: If749dc9148ccf8f2fa12b56b6ed6740f42e65aeb Closes-Bug: 1672826
2017-03-30Decouple ceilometer user create from APIPradeep Kilambi1-0/+5
Ceilometer user is needed for other ceilometer services to authenticate with keystone even when API is not present. So the data can be dispatched to gnocchi. Lets keep these separate so user always exists even when api is not. Depends-On: Iffebd40752eafb1d30b5962da8b5624fb9df7d48 Closes-bug: #1677354 Change-Id: I8f4e543a7cef5e50a35a191fe20e276d518daf20
2017-03-30Merge "Adds service for managing securetty"Jenkins1-0/+6
2017-03-29Adds service for managing securettylhinds1-0/+6
This adds the ability to manage the securetty file. By allowing management of securetty, operators can limit root console access and improve security through hardening. Change-Id: Ic4647fb823bd112648c5b8d102913baa8b4dac1c Closes-Bug: #1665042
2017-03-29Fix reno for rabbitmq-user-checkEmilien Macchi1-0/+6
Change-Id: I5eed22ab0230a477d1629545b8ab1aeff33f4a35
2017-03-28Merge "Re-run gnocchi and ceilometer upgrade in step 5"Jenkins1-0/+5
2017-03-28Merge "Include oslo.messaging amqp support for rpc and notifications"Jenkins1-0/+4
2017-03-27Re-run gnocchi and ceilometer upgrade in step 5Pradeep Kilambi1-0/+5
Without this gnocchi resources types are not created as they are skipped initially and the resources from ceilometer wont make it to gnocchi. Closes-bug: #1674421 Depends-On: I753f37e121b95813e345f200ad3f3e75ec4bd7e1 Change-Id: Ib45bf1b3e526a58f675d7555fe7bb5038dadeede
2017-03-27Add l2 gateway Neutron service plugin profilePeng Liu1-0/+3
Introduce profile to configure l2 gateway Neutron service plugin. Implements: blueprint l2gw-service-integration Change-Id: I01a8afdc51b2a077be1bbc7855892f68756e1fd3 Signed-off-by: Peng Liu <pliu@redhat.com>
2017-03-21Include oslo.messaging amqp support for rpc and notificationsAndrew Smith1-0/+4
This commit conditionally includes messaging amqp class for the oslo.messaging AMQP 1.0 driver to support notifications. This patch: * include keystone::messaging::amqp class for oslo_messaging_amqp opts Change-Id: I8eb23a21d2499795c3a76ae3197bda7773165a8c
2017-03-16Enables OpenDaylight Clustering in HA deploymentsTim Rozet1-0/+5
Previously ODL was restricted to only running on the first node in an tripleO HA deployment. This patches enables clustering for ODL and allows multiple ODL instances (minimum 3 for HA). Partially-implements: blueprint opendaylight-ha Change-Id: Ic9a955a1c2afc040b2f9c6fb86573c04a60f9f31 Signed-off-by: Tim Rozet <trozet@redhat.com>
2017-03-11Merge "Add support for BGPVPN service plugin"Jenkins1-0/+3
2017-03-11Add support for BGPVPN service pluginRicardo Noriega1-0/+3
Introduce profile to configure networking-bgpvpn service Implements: blueprint bgpvpn-service-integration Change-Id: I7c1686693a29cc1985f009bd7a3c268c0e211876 Signed-off-by: Ricardo Noriega <rnoriega@redhat.com>
2017-03-11Merge "httpd: Clean up heat API profiles and add release note"Jenkins1-0/+3
2017-03-07sahara: include authtoken classEmilien Macchi1-0/+4
authtoken class configures the keystone_authtoken parameters, required to move to Keystone V3 auth. Change-Id: Ibfd761fef813faa7bf13881c52c34e20d3eac9e5
2017-03-07httpd: Clean up heat API profiles and add release noteJuan Antonio Osorio Robles1-0/+3
There were some values that were passed to the classes manually, and this takes the parameters from t-h-t instead. Also, the release note was added. bp tls-via-certmonger Change-Id: I17c4b7041e16da6489f4b713fdeb28a6e1c5563c Depends-On: I88e5ea7b9bbf35ae03f84fdc3ec76ae09f11a1b6
2017-03-07Merge "fix typo in release note"Jenkins1-1/+1
2017-03-06fix typo in release noteEmilien Macchi1-1/+1
Change-Id: I89e544474b3f73a9e00d37dcddb605d5fe979ca8
2017-03-06Add docker profileSteven Hardy1-0/+4
This configures the docker service on the host, as an alternative to the firstboot script in docker/firstboot/setup_docker_host.sh Doing this via puppet will enable easier integration with e.g the multinode jobs where no firstboot scripts run, and also enables a better error path in the event the service fails to start Co-Authored-By: Alex Schultz <aschultz@redhat.com> Change-Id: Id8add1e8a0ecaedb7d8a7dc9ba3747c1ac3b8eea
2017-02-28Merge "Default neutron dhcp_agents_per_network to number of agents"Jenkins1-0/+5
2017-02-27Merge "Add ceilometer polling agent profile"Jenkins1-0/+6
2017-02-27Add release note for httpchkAlex Schultz1-0/+6
Adding release note for Ie72b96c76d7513f84003bc15b6527c97df7ba92f Change-Id: Ie3dd31519a4a2cc7aa94a5fc7cd7e906482668f3 Related-Bug: #1629052
2017-02-27Default neutron dhcp_agents_per_network to number of agentsBrent Eagles1-0/+5
This patch will set neutron's dhcp_agents_per_network equal to the number of deployed neutron DHCP agents unless otherwise explicitly set. Partial-bug: #1632721 Change-Id: I5533e42c5ba9f72cc70d80489a07e30ee2341198
2017-02-25Add ceilometer polling agent profilePradeep Kilambi1-0/+6
Ceilometer central, compute and ipmi agent classes are deprecated. Instead we should be using polling agent with relevant namespace. Closes-bug: #1662685 Change-Id: I1ee50124bf8936e12414f984e1bcd4545d92e953
2017-02-25Merge "Remove the string cast for using transport_url"Jenkins1-0/+4
2017-02-22Remove the string cast for using transport_urlCarlos Camacho1-0/+4
os_transport_url was updated to allow receiving a string or an integer as parameter. Fixes the workarounds in puppet-tripleo Change-Id: I50993514048bf96b5a42b3425a7d6f98778fe694 Depends-On: I9e56f8e2de542b20fe9e6995506cff5bb435e220
2017-02-21Merge "Add VPP service"Jenkins1-0/+7
2017-02-18Merge "Enable languages in UI config"Jenkins1-0/+5
2017-02-17Add VPP serviceFeng Pan1-0/+7
Vector Packet Processing (VPP) is a high performance packet processing stack that runs in user space in Linux. VPP is used as an alternative to kernel networking stack for accelerated network data path. Implements: blueprint fdio-integration-tripleo Change-Id: I70a68a204a8b9d533fc2fa4fc33c39c3b1c366bf Signed-off-by: Feng Pan <fpan@redhat.com>
2017-02-17Enable languages in UI configJulie Pichon1-0/+5
Which language options to offer to the UI users is determined in the configuration file. Let's show all possible languages by default, unless specified otherwise. Change-Id: I513303bf82dca53e2291ab66f2385a2985a1846e Related-Bug: #1663279
2017-02-15Add missing release notes for Ocata RC1Emilien Macchi1-0/+64
Change-Id: I95f7b57a6cb0811af324996bd00580732503ed28
2017-02-12Merge "Add support to changing the Rabbitmq password on update"Jenkins1-0/+4
2017-02-07Merge "Proxy API endpoints that UI uses"Jenkins2-0/+18
2017-02-06nova/libvirt: switch vnc server bindingEmilien Macchi1-0/+7
On compute nodes, instead of binding vnc server on 0.0.0.0, use the IP address provided by libvirt's t-h-t profile (hiera). Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com> Depends-On: Ie377c09734e9f6170daa519aed69c53fc67c366b Change-Id: If6b116b238a52144aad5e76c9edc7df6aa15313c Closes-Bug: #1660099
2017-02-06Merge "Revert "Revert "set innodb_file_per_table to ON for MySQL / Galera"""Jenkins1-0/+20
2017-02-03Proxy API endpoints that UI usesDan Trainor2-0/+18
Add support to enable the UI to use paths via mod_proxy to access API endpoints instead of connecting to each endpoint directly on a port other than where the UI is served from. This is necessary to prevent certificate acceptance errors from non-Chrome browsers which take exception to connections made to other ports on the same hostname, using one SSL certificate. This change extends the UI's Apache configuration to create one mod_proxy location for each of the API endpoints that UI calls upon. These mod_proxy (using ProxyPass, ProxyPassReverse) endpoints are configured using new heira variables provided in the dependent commit. Additionally, this change modifies the default UI configuration file to include endpoint URLs formatted to use the new endpoint paths that are created. Removed puppet variables which were previously used to generate the contents of the tripleo_ui_config.js template, since they are no longer used to generate this file, replaced with the new endpoint URLs formatted to use the new endpoint paths that are created. Change-Id: I55e375ad462fa98e181277ec0bd88658e620e8ad Implements: blueprint proxy-undercloud-api-services Depends-On: Ib20f4b0891563ae90ec80675635a64c39bd2fdb7
2017-02-03Revert "Revert "set innodb_file_per_table to ON for MySQL / Galera""Alex Schultz1-0/+20
This reverts commit 3f7e74ab24bb43f9ad7e24e0efd4206ac6a3dd4e. After identifying how to workaround the performance issues on the undercloud, let's put this back in. Enabling innodb_file_per_table is important for operators to be able to better manage their databases. Change-Id: I435de381a0f0e3ef221e498f442335cdce3fb818 Depends-On: I77507c638237072e38d9888aff3da884aeff0b59 Closes-Bug: #1660722
2017-02-03Add support to changing the Rabbitmq password on updateSaravanan KR1-0/+4
Rabbitmq Password is set on the fresh deployment, but during update, if the password is changed, it is modified in all config files including rabbitmq config. But the rabbitmq connection fails because the new password is not successful applied to rabbitmq. Setting the rabbitmq_user will invoke 'rabbitmqctl change_password'. Scenario: The password change is applied on Step1 when configuring Rabbitmq. Other services may be updated on different Steps. Till other services config is updated with new rabbitmq password, and restarted, the connections will get Access Denied response. It has cyclic dependency. So the passwords will be changes at Step1 and once all services are updated, the connections will work as is. Partial-Bug: #1611704 Change-Id: I44865af3d5eb2d37eb648ac7227277e86c8fbc54
2017-02-03Merge "Add initial profiles for rest of Octavia services"Jenkins1-0/+4
2017-02-02Revert "set innodb_file_per_table to ON for MySQL / Galera"Alex Schultz1-20/+0
This reverts commit 621ea892a299d2029348db2b56fea1338bd41c48. We're getting performance problems on SATA disks. Change-Id: I30312fd5ca3405694d57e6a4ff98b490de388b92 Closes-Bug: #1661396 Related-Bug: #1660722