aboutsummaryrefslogtreecommitdiffstats
path: root/releasenotes/notes
AgeCommit message (Collapse)AuthorFilesLines
2017-06-16Merge "Make fernet max active keys configurable"Jenkins1-0/+5
2017-06-16Merge "Add templates to configure Ironic inspector"Jenkins1-0/+5
2017-06-16Merge "Pacemaker HA suport for OVN DB servers"Jenkins1-0/+3
2017-06-16Make fernet max active keys configurableJuan Antonio Osorio Robles1-0/+5
This will set the max_active_keys setting in keystone.conf, and furtherly we'll read this value from tripleo-common to do purging of keys if necessary. bp keystone-fernet-rotation Change-Id: I9c6b0708c2c03ad9918222599f8b6aad397d8089
2017-06-15Merge "Modify PreNetworkConfig config inline with role-specific parameters"Jenkins1-0/+11
2017-06-14Merge "Update Panko api port"Jenkins1-0/+4
2017-06-14Update Panko api portPradeep Kilambi1-0/+4
The current port conflicts with trove. This is updated in puppet module. See related change: https://review.openstack.org/#/c/471551/ Change-Id: Iefacb98320eef0bca782055e3da5d243993828d7
2017-06-14Enable heat/puppet to manage the fernet keys and make it configurableJuan Antonio Osorio Robles1-0/+6
With the addition of the KeystoneFernetKeys parameter, it's now possible to do fernet key rotations using mistral, by modifying the KeystoneFernetKeys variable in mistral; subsequently a rotation could happen when doing a stack update. So this re-enables the managing of the key files by puppet. However, this is left configurable, as folks might want to manage those files out-of-band. bp keystone-fernet-rotation Change-Id: Ic82fb8b8a76481a6e588047acf33a036cf444d7d
2017-06-14Use KeystoneFernetKeys instead of individual parametersJuan Antonio Osorio Robles1-0/+10
This uses the newly introduced dict with the keys and paths instead of the individual keys. Having the advantage that rotation will be possible on stack update, as we no longer have a limit on how many keys we can pass (as we did with the individual parameters). bp keystone-fernet-rotation Change-Id: I7d224595b731d9f3390fce5a9d002282b2b4b8f2 Depends-On: I63ae158fa8cb33ac857dcf9434e9fbef07ecb68d
2017-06-14Merge "Add support for Cinder "NAS secure" driver params"Jenkins1-0/+5
2017-06-13Merge "Add support to configure Num of Storage sacks"Jenkins1-0/+3
2017-06-13Modify PreNetworkConfig config inline with role-specific parametersSaravanan KR1-0/+11
Existing host_config_and_reboot.role.j2.yaml is done in ocata to configure kernel args. This can be enhanced with use of role-specific parameters, which is done in the current patch. The earlier method is deprecated and will be removed in Q releae. Implements: blueprint ovs-2-6-dpdk Change-Id: Ib864f065527167a49a0f60812d7ad4ad12c836d1
2017-06-12Add support to configure Num of Storage sacksPradeep Kilambi1-0/+3
Gnocchi 4 supports storage sacks during upgrade. lets make this configurable if we want to use more metricd workers. Change-Id: Ibb2ee885e59d43c1ae20887ec1026786d58c6b9e
2017-06-12Add support for Cinder "NAS secure" driver paramsAlan Bishop1-0/+5
Add new parameters that control the NAS security settings in Cinder's NFS and NetApp back end drivers. The settings are disabled by default. Partial-Bug: #1688332 Depends-On: I76e2ce10acf7b671be6a2785829ebb3012b79308 Change-Id: I306a8378dc1685132f7ea3ed91d345eaae70046f
2017-06-12Pacemaker HA suport for OVN DB serversNuman Siddique1-0/+3
This patch adds the templates required to enable the OVN DB servers to be started in master/slave mode in the pacemaker cluster. For the OVN DBs base profile, ::tripleo::haproxy expects the parameter 'ovn_dbs_manage_lb' set to true in order for it to configure OVN DBs for load balancing (please see this commit [1]). So this patch sets 'ovn_dbs_manage_lb' to true. [1] - I9dc366002ef5919339961e5deebbf8aa815c73db Co-authored-by: Babu Shanmugam (babu.shanmugam@gmail.com) Depends-on: I94d3960e6c5406e3af309cc8c787ac0a6c9b1756 Change-Id: I60c55abfc523973aa926d8a12ec77f198d885916 Closes-bug: #1670564
2017-06-12Providing parameters specific to a workflow via plan-environmentSaravanan KR1-0/+4
Parameters which are not part of the heat environment template are required by the worflows like derive parameters. In order to seprate from the heat environment parameters, the workflow only parameters will be provided via plan-environement section, workflow_parameters. Implements: blueprint tripleo-derive-parameters Change-Id: I36d295223c28afff1e0996b4885b8a81c00842f0
2017-06-09Merge "Revert "Add support to configure Num of Storage sacks""Jenkins1-3/+0
2017-06-09Add templates to configure Ironic inspectorDan Prince1-0/+5
Implements: blueprint ironic-inspector-composable-service Co-Authored-By: Dmitry Tantsur <dtantsur@redhat.com> Change-Id: I825516f9f5c2b0c03a3f497d6954022714aab988
2017-06-09Revert "Add support to configure Num of Storage sacks"Pradeep Kilambi1-3/+0
This reverts commit a915b150018bf306a5942782bf93c5faadcd7cde. The argument is renamed and causing promotions to fail. Change-Id: I7e1674cff75b606c20956edddf70eee2990fca78
2017-06-08Merge "Standardize example role definitions"Jenkins1-0/+6
2017-06-08Merge "Add support to configure Num of Storage sacks"Jenkins1-0/+3
2017-06-07Standardize example role definitionsAlex Schultz1-0/+6
As we create new standard roles, we should include them from a single location for ease of use and to reduce the duplication of the role definitions elsewhere. This change adds a roles folder to the THT that can be used with the new roles commands in python-tripleoclient by the end user to generate a roles_data.yaml from a standard set of roles. Depends-On: I326bae5bdee088e03aa89128d253612ef89e5c0c Change-Id: Iad3e9b215c6f21ba761c8360bb7ed531e34520e6 Related-Blueprint: example-custom-role-environments
2017-06-07Fix the disable expirer to remove crontabPradeep Kilambi1-0/+5
Instead of doing this via puppet which has the consequence of including the step_config and getting included on the host manifest. Lets disable via ansible upgrade task instead. Change-Id: I5f1a4019dd635dea67db4313bd06a228ae7bacd4
2017-06-07Add support to configure Num of Storage sacksPradeep Kilambi1-0/+3
Gnocchi 4 supports storage sacks during upgrade. lets make this configurable if we want to use more metricd workers. Change-Id: I27390b8babf8c4ef35f4c9b8a2e5be69fb9a54ee
2017-06-07Ability to enable/disable debug mode per OpenStack serviceEmilien Macchi1-0/+9
Add ServiceDebug parameters for each services that will allow operators to enable/disable Debug for specific services. We keep the Debug parameters for backward compatibility. Operators want to enable Debug everywhere: Debug: true Operators want to disable Debug everywhere: Debug: false Operators want to disable Debug everywhere except Glance: GlanceDebug: true Operators want to enable Debug everywhere except Glance: Debug: true GlanceDebug: false New parameters: AodhDebug, BarbicanDebug, CeilometerDebug, CinderDebug, CongressDebug, GlanceDebug, GnocchiDebug, HeatDebug, HorizonDebug, IronicDebug, KeystoneDebug, ManilaDebug, MistralDebug, NeutronDebug, NovaDebug, OctaviaDebug, PankoDebug, SaharaDebug, TackerDebug, ZaqarDebug. Note: for backward compatibility in Horizon, HorizonDebug is set to false, so we maintain previous behavior. Change-Id: Icbf4a38afcdbd8471d1afc11743df9705451db52 Implement-blueprint: composable-debug Closes-Bug: #1634567
2017-06-04Update metric processing delay defaultPradeep Kilambi1-0/+4
This helps with processing the backlog, so lets update the default out of the box. Change-Id: I06d4ca95f4a1da2864f4845ef3e7a74a1bce9e41
2017-06-03Merge "Modify vhost user socket directory's default value in environment file"Jenkins1-0/+6
2017-06-02Merge "Server blacklist support"Jenkins1-0/+6
2017-06-01Increase default for NovaReservedHostMemory to 4096Sven Anderson1-0/+4
Idle compute nodes are found to already consume ~1.5GB of memory, so 2GB is a bit tight. Increasing to 4GB to be on the safe side. Also see https://bugzilla.redhat.com/show_bug.cgi?id=1341178 Change-Id: Ic95984b62a748593992446271b197439fa12b376
2017-05-31Server blacklist supportJames Slagle1-0/+6
Adds the ability to blacklist servers from all SoftwareDeployment resources. The servers are specified in a new list parameter, DeploymentServerBlacklist by the Heat assigned name (overcloud-compute-0, etc). implements blueprint disable-deployments Change-Id: I46941e54a476c7cc8645cd1aff391c9c6c5434de
2017-05-30Merge "Enable arp_accept for all interfaces"Jenkins1-0/+9
2017-05-30Merge "Change database sync timeout from 300 to 900 in low-memory-usage ↵Jenkins1-0/+6
environment file."
2017-05-25Enable arp_accept for all interfacesIhar Hrachyshka1-0/+9
OpenStack heavily relies on gratuitous ARP updates when moving floating IP addresses between devices. When a floating IP moves, Neutron L3 agent issues a burst of gratuitous ARP packets that should update any existing ARP table entries on all nodes that belong to the same network segment. Due to locktime kernel behavior, some gratuitous ARP packets may be ignored [1], rendering ARP table entries broken for some time. Due to a kernel bug [2], the time may be as long as hours, depending on other traffic flowing to the node. With the current EL7 kernel, the only way to make sure that nodes honor all sent gratuitous ARP updates is to set arp_accept to 1; this will disable locktime mechanism for the packets sent by Neutron L3 agent, and will make sure ARP tables are always updated. [1] https://patchwork.ozlabs.org/patch/762732/ [2] https://bugzilla.redhat.com/show_bug.cgi?id=1450203 Related-Bug: #1690165 Change-Id: I863b240e0ab4c4d5bb844f91b607fd0937d5cedf
2017-05-25Merge "Enable mistral to run under mod_wsgi"Jenkins1-0/+7
2017-05-23Merge "Remove osd_pool_default_min_size to allow Ceph cluster to do the ↵Jenkins1-0/+12
right thing by default"
2017-05-22Remove osd_pool_default_min_size to allow Ceph cluster to do the right thing ↵Keith Schincke1-0/+12
by default The default value is 0 which has the minimum number be caluclated based on the replica count from osd_pool_defaut_size. The default replica count is 3 and the calculated min_size is 2. If the replica count is 1 then the min_size is 1. ie: min_size = replica - (replica/2) Add CephPoolDefaultSize parameter to ceph-mon.yaml. This parameter defaults to 3 but can be overriden. See puppet-ceph-devel.yaml for an example Change-Id: Ie9bdd9b16bcb9f11107ece614b010e87d3ae98a9
2017-05-22Disable mongodb by defaultJuan Antonio Osorio Robles1-0/+8
It's not used by any service that we enable by default. So instead, I added it to the environment that enables the services that use it. Change-Id: Id2e6550fb7c319fc52469644ea022cf35757e0ce
2017-05-22Modify vhost user socket directory's default value in environment fileSaravanan KR1-0/+6
From ocata, the vhost socket directory requires a different set of permissions from the default directory (/var/run/openvswitch). Modifying the directory to a new agreed directory which will be created in puppet. Closes-Bug: #1687993 Depends-On: I255f98c40869e7508ed01a03a96294284ecdc6a8 Change-Id: I77250ca84c9da2fb5a8381e6f60234f8a05cbf12
2017-05-21Change database sync timeout from 300 to 900 in low-memory-usage environment ↵Or Idgar1-0/+6
file. During a deployment on lower spec systems, the "db sync" can take longer than five minutes. The solution is to increase the default value of DatabaseSyncTimeout from 300 to 900 by using the environment file "low-memory-usage.yaml". Change-Id: I6463dbdd4dfe1d6f2dd283211cc496fe3a628fb0 Closes-bug: #1689318
2017-05-20Merge "Support Redfish hardware in the overcloud Ironic"Jenkins1-0/+8
2017-05-20Merge "Add missing release note for cadf environment"Jenkins1-0/+7
2017-05-19Merge "Add l2gw neutron agent support"Jenkins1-0/+3
2017-05-18neutron: set enable_dvr = False if NeutronEnableDVR is falseIhar Hrachyshka1-0/+6
This will make neutron-server stop advertising dvr extension if the cloud is not configured to support this flavor of Neutron routers. Change-Id: I38c8208edff07f7887887918729beb7710068078 Related-Bug: #1450067
2017-05-18Add l2gw neutron agent supportPeng Liu1-0/+3
L2 Gateway (L2GW) is an API framework for OpenStack that offers bridging two or more networks together to make them look at a single broadcast domain. This patch implements the l2gw agent which is one of the backend of the l2 gateway service plugin. Change-Id: I1ae8132ceff9410be7bd82caddf0d14251e720bf Depends-On: If1501c153b1b170b9550cb7e5a23be463fba1fe9 Partially-Implements: blueprint l2gw-service-integration Signed-off-by: Peng Liu <pliu@redhat.com>
2017-05-15Default snmp to less verbose loggingMichele Baldessari1-0/+6
Currently we just use what puppet-snmp provides in terms of defaults. This means that currently every single snmp query gets logged with the following: May 15 10:51:30 centos.localdomain snmpd[5159]: Connection from UDP: [127.0.0.1]:57799->[127.0.0.1]:161 May 15 10:51:30 centos.localdomain snmpd[5159]: Connection from UDP: [127.0.0.1]:57799->[127.0.0.1]:161 May 15 10:51:32 centos.localdomain snmpd[5159]: Connection from UDP: [127.0.0.1]:50566->[127.0.0.1]:161 The reason is that we use '-LS0-6d' as the default content for /etc/sysconfig/snmpd: https://github.com/razorsedge/puppet-snmp/blob/master/manifests/params.pp#L322 This default means that we are logging from 0 (LOG_EMERG) to 6 (LOG_INFO). The above messages bring nothing in a default installation and only spam the log files, so let's lower the upper log level to 5 (LOG_NOTICE) by default, so we properly do not see every single query in the logs. We add an option so the operator can still configure the desired log level via a Heat parameter. Change-Id: I8d3dfdb4d549cd27131346fc477755ad72313449
2017-05-15Add role specific information to the service templateSaravanan KR1-0/+4
When a service is enabled on multiple roles, the parameters for the service will be global. This change enables an option to provide role specific parameter to services and other templates. Two new parameters - RoleName and RoleParameters, are added to the service template. RoleName provides the role name of on which the current instance of the service is being applied on. RoleParameters provides the list of parameters which are configured specific to the role in the environment file, like below: parameters_default: # Default value for applied to all roles NovaReservedHostMemory: 2048 ComputeDpdkParameters: # Applied only to ComputeDpdk role NovaReservedHostMemory: 4096 In above sample, the cluster contains 2 roles - Compute, ComputeDpdk. The values of ComputeDpdkParameters will be passed on to the templates as RoleParameters while creating the stack for ComputeDpdk role. The parameter which supports role specific configuration, should find the parameter first in in the RoleParameters list, if not found, then the default (for all roles) should be used. Implements: blueprint tripleo-derive-parameters Change-Id: I72376a803ec6b2ed93903cc0c95a6ffce718b6dc
2017-05-11Deprecate Ceilometer ExpirerPradeep Kilambi1-0/+11
We dont need expirer unless we have collector and standard storage enabled. Lets turn it off by default and make it an optional service. In upgrade scenario, we will kill the process and stop the expirer, unless explicitly enabled. Change-Id: Icffb7d1bb2cf7bd61026be7d2dcfbd70cd3bcbda
2017-05-10Merge "Add networking-vpp ML2 mechanism driver support"Jenkins1-0/+3
2017-05-10Add missing release note for cadf environmentYolanda Robla1-0/+7
A previous change was enabling cadf environment on TripleO, but missed release notes. Adding that as a follow up. Change-Id: I5e5a5267707537ae7c78685dc3d371ae5f80f4aa
2017-05-06Enable mistral to run under mod_wsgiBrad P. Crochet1-0/+7
Mistral should run under mod_wsgi. Let's do that. Change-Id: Ie98dd5061d92dbc3c15bdd8926b0e3d62cc471f6 Depends-On: I99f83c35eaa892c10deb63e199d22a43f06f5dcc