aboutsummaryrefslogtreecommitdiffstats
path: root/releasenotes
AgeCommit message (Collapse)AuthorFilesLines
2017-03-30Merge "Adds service for managing securetty"Jenkins1-0/+6
2017-03-29Adds service for managing securettylhinds1-0/+6
This adds the ability to manage the securetty file. By allowing management of securetty, operators can limit root console access and improve security through hardening. Change-Id: Ic4647fb823bd112648c5b8d102913baa8b4dac1c Closes-Bug: #1665042
2017-03-29Fix reno for rabbitmq-user-checkEmilien Macchi1-0/+6
Change-Id: I5eed22ab0230a477d1629545b8ab1aeff33f4a35
2017-03-28Merge "Re-run gnocchi and ceilometer upgrade in step 5"Jenkins1-0/+5
2017-03-28Merge "Include oslo.messaging amqp support for rpc and notifications"Jenkins1-0/+4
2017-03-27Re-run gnocchi and ceilometer upgrade in step 5Pradeep Kilambi1-0/+5
Without this gnocchi resources types are not created as they are skipped initially and the resources from ceilometer wont make it to gnocchi. Closes-bug: #1674421 Depends-On: I753f37e121b95813e345f200ad3f3e75ec4bd7e1 Change-Id: Ib45bf1b3e526a58f675d7555fe7bb5038dadeede
2017-03-27Add l2 gateway Neutron service plugin profilePeng Liu1-0/+3
Introduce profile to configure l2 gateway Neutron service plugin. Implements: blueprint l2gw-service-integration Change-Id: I01a8afdc51b2a077be1bbc7855892f68756e1fd3 Signed-off-by: Peng Liu <pliu@redhat.com>
2017-03-21Include oslo.messaging amqp support for rpc and notificationsAndrew Smith1-0/+4
This commit conditionally includes messaging amqp class for the oslo.messaging AMQP 1.0 driver to support notifications. This patch: * include keystone::messaging::amqp class for oslo_messaging_amqp opts Change-Id: I8eb23a21d2499795c3a76ae3197bda7773165a8c
2017-03-16Enables OpenDaylight Clustering in HA deploymentsTim Rozet1-0/+5
Previously ODL was restricted to only running on the first node in an tripleO HA deployment. This patches enables clustering for ODL and allows multiple ODL instances (minimum 3 for HA). Partially-implements: blueprint opendaylight-ha Change-Id: Ic9a955a1c2afc040b2f9c6fb86573c04a60f9f31 Signed-off-by: Tim Rozet <trozet@redhat.com>
2017-03-11Merge "Add support for BGPVPN service plugin"Jenkins1-0/+3
2017-03-11Add support for BGPVPN service pluginRicardo Noriega1-0/+3
Introduce profile to configure networking-bgpvpn service Implements: blueprint bgpvpn-service-integration Change-Id: I7c1686693a29cc1985f009bd7a3c268c0e211876 Signed-off-by: Ricardo Noriega <rnoriega@redhat.com>
2017-03-11Merge "httpd: Clean up heat API profiles and add release note"Jenkins1-0/+3
2017-03-07sahara: include authtoken classEmilien Macchi1-0/+4
authtoken class configures the keystone_authtoken parameters, required to move to Keystone V3 auth. Change-Id: Ibfd761fef813faa7bf13881c52c34e20d3eac9e5
2017-03-07Update version for PikeAlex Schultz1-6/+6
The current version information is behind that of stable/ocata. In order to address some version generation issues in packaging, we need to bump the version numbers for in preparation for the next version. Change-Id: I586811d9623c4bb03b1b234eaed2b3b365ba6e3e Releated-Bug: #1669462
2017-03-07httpd: Clean up heat API profiles and add release noteJuan Antonio Osorio Robles1-0/+3
There were some values that were passed to the classes manually, and this takes the parameters from t-h-t instead. Also, the release note was added. bp tls-via-certmonger Change-Id: I17c4b7041e16da6489f4b713fdeb28a6e1c5563c Depends-On: I88e5ea7b9bbf35ae03f84fdc3ec76ae09f11a1b6
2017-03-07Merge "fix typo in release note"Jenkins1-1/+1
2017-03-06fix typo in release noteEmilien Macchi1-1/+1
Change-Id: I89e544474b3f73a9e00d37dcddb605d5fe979ca8
2017-03-06Add docker profileSteven Hardy1-0/+4
This configures the docker service on the host, as an alternative to the firstboot script in docker/firstboot/setup_docker_host.sh Doing this via puppet will enable easier integration with e.g the multinode jobs where no firstboot scripts run, and also enables a better error path in the event the service fails to start Co-Authored-By: Alex Schultz <aschultz@redhat.com> Change-Id: Id8add1e8a0ecaedb7d8a7dc9ba3747c1ac3b8eea
2017-02-28Merge "Default neutron dhcp_agents_per_network to number of agents"Jenkins1-0/+5
2017-02-27Merge "Add ceilometer polling agent profile"Jenkins1-0/+6
2017-02-27Add release note for httpchkAlex Schultz1-0/+6
Adding release note for Ie72b96c76d7513f84003bc15b6527c97df7ba92f Change-Id: Ie3dd31519a4a2cc7aa94a5fc7cd7e906482668f3 Related-Bug: #1629052
2017-02-27Default neutron dhcp_agents_per_network to number of agentsBrent Eagles1-0/+5
This patch will set neutron's dhcp_agents_per_network equal to the number of deployed neutron DHCP agents unless otherwise explicitly set. Partial-bug: #1632721 Change-Id: I5533e42c5ba9f72cc70d80489a07e30ee2341198
2017-02-25Add ceilometer polling agent profilePradeep Kilambi1-0/+6
Ceilometer central, compute and ipmi agent classes are deprecated. Instead we should be using polling agent with relevant namespace. Closes-bug: #1662685 Change-Id: I1ee50124bf8936e12414f984e1bcd4545d92e953
2017-02-25Merge "Remove the string cast for using transport_url"Jenkins1-0/+4
2017-02-22Remove the string cast for using transport_urlCarlos Camacho1-0/+4
os_transport_url was updated to allow receiving a string or an integer as parameter. Fixes the workarounds in puppet-tripleo Change-Id: I50993514048bf96b5a42b3425a7d6f98778fe694 Depends-On: I9e56f8e2de542b20fe9e6995506cff5bb435e220
2017-02-21Merge "Add VPP service"Jenkins1-0/+7
2017-02-18Merge "Enable languages in UI config"Jenkins1-0/+5
2017-02-17Add VPP serviceFeng Pan1-0/+7
Vector Packet Processing (VPP) is a high performance packet processing stack that runs in user space in Linux. VPP is used as an alternative to kernel networking stack for accelerated network data path. Implements: blueprint fdio-integration-tripleo Change-Id: I70a68a204a8b9d533fc2fa4fc33c39c3b1c366bf Signed-off-by: Feng Pan <fpan@redhat.com>
2017-02-17Enable languages in UI configJulie Pichon1-0/+5
Which language options to offer to the UI users is determined in the configuration file. Let's show all possible languages by default, unless specified otherwise. Change-Id: I513303bf82dca53e2291ab66f2385a2985a1846e Related-Bug: #1663279
2017-02-16Update reno for stable/ocataOpenStack Release Bot2-0/+7
Change-Id: I2e67879bb790d4e2d11ed39cdde0fb402453ecda
2017-02-15Add missing release notes for Ocata RC1Emilien Macchi1-0/+64
Change-Id: I95f7b57a6cb0811af324996bd00580732503ed28
2017-02-12Merge "Add support to changing the Rabbitmq password on update"Jenkins1-0/+4
2017-02-07Merge "Proxy API endpoints that UI uses"Jenkins2-0/+18
2017-02-06nova/libvirt: switch vnc server bindingEmilien Macchi1-0/+7
On compute nodes, instead of binding vnc server on 0.0.0.0, use the IP address provided by libvirt's t-h-t profile (hiera). Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com> Depends-On: Ie377c09734e9f6170daa519aed69c53fc67c366b Change-Id: If6b116b238a52144aad5e76c9edc7df6aa15313c Closes-Bug: #1660099
2017-02-06Merge "Revert "Revert "set innodb_file_per_table to ON for MySQL / Galera"""Jenkins1-0/+20
2017-02-03Proxy API endpoints that UI usesDan Trainor2-0/+18
Add support to enable the UI to use paths via mod_proxy to access API endpoints instead of connecting to each endpoint directly on a port other than where the UI is served from. This is necessary to prevent certificate acceptance errors from non-Chrome browsers which take exception to connections made to other ports on the same hostname, using one SSL certificate. This change extends the UI's Apache configuration to create one mod_proxy location for each of the API endpoints that UI calls upon. These mod_proxy (using ProxyPass, ProxyPassReverse) endpoints are configured using new heira variables provided in the dependent commit. Additionally, this change modifies the default UI configuration file to include endpoint URLs formatted to use the new endpoint paths that are created. Removed puppet variables which were previously used to generate the contents of the tripleo_ui_config.js template, since they are no longer used to generate this file, replaced with the new endpoint URLs formatted to use the new endpoint paths that are created. Change-Id: I55e375ad462fa98e181277ec0bd88658e620e8ad Implements: blueprint proxy-undercloud-api-services Depends-On: Ib20f4b0891563ae90ec80675635a64c39bd2fdb7
2017-02-03Revert "Revert "set innodb_file_per_table to ON for MySQL / Galera""Alex Schultz1-0/+20
This reverts commit 3f7e74ab24bb43f9ad7e24e0efd4206ac6a3dd4e. After identifying how to workaround the performance issues on the undercloud, let's put this back in. Enabling innodb_file_per_table is important for operators to be able to better manage their databases. Change-Id: I435de381a0f0e3ef221e498f442335cdce3fb818 Depends-On: I77507c638237072e38d9888aff3da884aeff0b59 Closes-Bug: #1660722
2017-02-03Add support to changing the Rabbitmq password on updateSaravanan KR1-0/+4
Rabbitmq Password is set on the fresh deployment, but during update, if the password is changed, it is modified in all config files including rabbitmq config. But the rabbitmq connection fails because the new password is not successful applied to rabbitmq. Setting the rabbitmq_user will invoke 'rabbitmqctl change_password'. Scenario: The password change is applied on Step1 when configuring Rabbitmq. Other services may be updated on different Steps. Till other services config is updated with new rabbitmq password, and restarted, the connections will get Access Denied response. It has cyclic dependency. So the passwords will be changes at Step1 and once all services are updated, the connections will work as is. Partial-Bug: #1611704 Change-Id: I44865af3d5eb2d37eb648ac7227277e86c8fbc54
2017-02-03Merge "Add initial profiles for rest of Octavia services"Jenkins1-0/+4
2017-02-02Revert "set innodb_file_per_table to ON for MySQL / Galera"Alex Schultz1-20/+0
This reverts commit 621ea892a299d2029348db2b56fea1338bd41c48. We're getting performance problems on SATA disks. Change-Id: I30312fd5ca3405694d57e6a4ff98b490de388b92 Closes-Bug: #1661396 Related-Bug: #1660722
2017-02-02Prepare 6.2.0 releaseEmilien Macchi1-2/+2
6.2.0 will be Ocata RC1. Change-Id: Ie26ab89ea9c90f6c5d01697459855fd8c32b075f
2017-02-01set innodb_file_per_table to ON for MySQL / GaleraMike Bayer1-0/+20
InnoDB uses a single file by default which can grow to be tens/hundreds of gigabytes, and is not shrinkable even if data is deleted from the database. Best practices are that innodb_file_per_table is set to ON which instead stores each database table in its own file, each of which is also shrinkable by the InnoDB engine. Closes-Bug: #1660722 Change-Id: I59ee53f6462a2eeddad72b1d75c77a69322d5de4
2017-01-27Merge "Add AuditD Profile"Jenkins1-0/+4
2017-01-27nova: deploy basic setup for cellsEmilien Macchi1-0/+3
it's not required in Ocata, let's configure the basic setup for cells. note: it also cleanup old code that is not valid anymore. Change-Id: Iac5b2fbe1b03ec7ad4cb8cab2c7694547be6957d
2017-01-27Add AuditD ProfileSteven Hardy1-0/+4
This patch allows the management of the AuditD service and its associated files (such as `audit.rules`) This is achieved by means of the `puppet-auditd` puppet module. Closes-Bug: #1640302 Co-Authored-By: Luke Hinds (lhinds@redhat.com) Change-Id: Ie31c063b674075e35e1bfa28d1fc07f3f897407b
2017-01-25Add initial profiles for rest of Octavia servicesBrent Eagles1-0/+4
Initial profile files for Octavia services. Partially-implements: blueprint octavia-service-integration Change-Id: Ic6f945cdf36744382a4a63fcc374d5562964ca68
2017-01-09Add support for not using admin_token in Ceph/RGWKeith Schincke1-0/+5
This patch add the option for using Keyston V3 authention with the Ceph/RGW service instead of using the admin_token Change-Id: I42861afcac221478dcb68be13b6dbc2533a7f158
2017-01-04Merge "Adds ability to populate SSH Banner text"Jenkins1-0/+3
2016-12-23Merge "Add basic structure for ReNo"Jenkins5-0/+281
2016-12-21Adds ability to populate SSH Banner textLuke Hinds1-0/+3
A puppet manifest to allow the toggle of 'Banner' in sshd_config and enable population of an SSH login banner needed for security compliance such as DISA STIG If `Bannertext` is set as a parameter, the `Banner` key within sshd_config is toggled to `/etc/issue` and the content is copied into the `/etc/issue` file Change-Id: Ie9f8afdfa9930428f06c9669fedb460dc1064d5e Closes-Bug: #1640306