aboutsummaryrefslogtreecommitdiffstats
path: root/releasenotes
AgeCommit message (Collapse)AuthorFilesLines
2017-05-25Enable arp_accept for all interfacesIhar Hrachyshka1-0/+9
OpenStack heavily relies on gratuitous ARP updates when moving floating IP addresses between devices. When a floating IP moves, Neutron L3 agent issues a burst of gratuitous ARP packets that should update any existing ARP table entries on all nodes that belong to the same network segment. Due to locktime kernel behavior, some gratuitous ARP packets may be ignored [1], rendering ARP table entries broken for some time. Due to a kernel bug [2], the time may be as long as hours, depending on other traffic flowing to the node. With the current EL7 kernel, the only way to make sure that nodes honor all sent gratuitous ARP updates is to set arp_accept to 1; this will disable locktime mechanism for the packets sent by Neutron L3 agent, and will make sure ARP tables are always updated. [1] https://patchwork.ozlabs.org/patch/762732/ [2] https://bugzilla.redhat.com/show_bug.cgi?id=1450203 Related-Bug: #1690165 Change-Id: I863b240e0ab4c4d5bb844f91b607fd0937d5cedf
2017-05-25Merge "Enable mistral to run under mod_wsgi"Jenkins1-0/+7
2017-05-23Merge "Remove osd_pool_default_min_size to allow Ceph cluster to do the ↵Jenkins1-0/+12
right thing by default"
2017-05-22Remove osd_pool_default_min_size to allow Ceph cluster to do the right thing ↵Keith Schincke1-0/+12
by default The default value is 0 which has the minimum number be caluclated based on the replica count from osd_pool_defaut_size. The default replica count is 3 and the calculated min_size is 2. If the replica count is 1 then the min_size is 1. ie: min_size = replica - (replica/2) Add CephPoolDefaultSize parameter to ceph-mon.yaml. This parameter defaults to 3 but can be overriden. See puppet-ceph-devel.yaml for an example Change-Id: Ie9bdd9b16bcb9f11107ece614b010e87d3ae98a9
2017-05-22Disable mongodb by defaultJuan Antonio Osorio Robles1-0/+8
It's not used by any service that we enable by default. So instead, I added it to the environment that enables the services that use it. Change-Id: Id2e6550fb7c319fc52469644ea022cf35757e0ce
2017-05-22Modify vhost user socket directory's default value in environment fileSaravanan KR1-0/+6
From ocata, the vhost socket directory requires a different set of permissions from the default directory (/var/run/openvswitch). Modifying the directory to a new agreed directory which will be created in puppet. Closes-Bug: #1687993 Depends-On: I255f98c40869e7508ed01a03a96294284ecdc6a8 Change-Id: I77250ca84c9da2fb5a8381e6f60234f8a05cbf12
2017-05-21Change database sync timeout from 300 to 900 in low-memory-usage environment ↵Or Idgar1-0/+6
file. During a deployment on lower spec systems, the "db sync" can take longer than five minutes. The solution is to increase the default value of DatabaseSyncTimeout from 300 to 900 by using the environment file "low-memory-usage.yaml". Change-Id: I6463dbdd4dfe1d6f2dd283211cc496fe3a628fb0 Closes-bug: #1689318
2017-05-20Merge "Support Redfish hardware in the overcloud Ironic"Jenkins1-0/+8
2017-05-20Merge "Add missing release note for cadf environment"Jenkins1-0/+7
2017-05-19Merge "Add l2gw neutron agent support"Jenkins1-0/+3
2017-05-18neutron: set enable_dvr = False if NeutronEnableDVR is falseIhar Hrachyshka1-0/+6
This will make neutron-server stop advertising dvr extension if the cloud is not configured to support this flavor of Neutron routers. Change-Id: I38c8208edff07f7887887918729beb7710068078 Related-Bug: #1450067
2017-05-18Add l2gw neutron agent supportPeng Liu1-0/+3
L2 Gateway (L2GW) is an API framework for OpenStack that offers bridging two or more networks together to make them look at a single broadcast domain. This patch implements the l2gw agent which is one of the backend of the l2 gateway service plugin. Change-Id: I1ae8132ceff9410be7bd82caddf0d14251e720bf Depends-On: If1501c153b1b170b9550cb7e5a23be463fba1fe9 Partially-Implements: blueprint l2gw-service-integration Signed-off-by: Peng Liu <pliu@redhat.com>
2017-05-15Default snmp to less verbose loggingMichele Baldessari1-0/+6
Currently we just use what puppet-snmp provides in terms of defaults. This means that currently every single snmp query gets logged with the following: May 15 10:51:30 centos.localdomain snmpd[5159]: Connection from UDP: [127.0.0.1]:57799->[127.0.0.1]:161 May 15 10:51:30 centos.localdomain snmpd[5159]: Connection from UDP: [127.0.0.1]:57799->[127.0.0.1]:161 May 15 10:51:32 centos.localdomain snmpd[5159]: Connection from UDP: [127.0.0.1]:50566->[127.0.0.1]:161 The reason is that we use '-LS0-6d' as the default content for /etc/sysconfig/snmpd: https://github.com/razorsedge/puppet-snmp/blob/master/manifests/params.pp#L322 This default means that we are logging from 0 (LOG_EMERG) to 6 (LOG_INFO). The above messages bring nothing in a default installation and only spam the log files, so let's lower the upper log level to 5 (LOG_NOTICE) by default, so we properly do not see every single query in the logs. We add an option so the operator can still configure the desired log level via a Heat parameter. Change-Id: I8d3dfdb4d549cd27131346fc477755ad72313449
2017-05-15Add role specific information to the service templateSaravanan KR1-0/+4
When a service is enabled on multiple roles, the parameters for the service will be global. This change enables an option to provide role specific parameter to services and other templates. Two new parameters - RoleName and RoleParameters, are added to the service template. RoleName provides the role name of on which the current instance of the service is being applied on. RoleParameters provides the list of parameters which are configured specific to the role in the environment file, like below: parameters_default: # Default value for applied to all roles NovaReservedHostMemory: 2048 ComputeDpdkParameters: # Applied only to ComputeDpdk role NovaReservedHostMemory: 4096 In above sample, the cluster contains 2 roles - Compute, ComputeDpdk. The values of ComputeDpdkParameters will be passed on to the templates as RoleParameters while creating the stack for ComputeDpdk role. The parameter which supports role specific configuration, should find the parameter first in in the RoleParameters list, if not found, then the default (for all roles) should be used. Implements: blueprint tripleo-derive-parameters Change-Id: I72376a803ec6b2ed93903cc0c95a6ffce718b6dc
2017-05-11Deprecate Ceilometer ExpirerPradeep Kilambi1-0/+11
We dont need expirer unless we have collector and standard storage enabled. Lets turn it off by default and make it an optional service. In upgrade scenario, we will kill the process and stop the expirer, unless explicitly enabled. Change-Id: Icffb7d1bb2cf7bd61026be7d2dcfbd70cd3bcbda
2017-05-10Merge "Add networking-vpp ML2 mechanism driver support"Jenkins1-0/+3
2017-05-10Add missing release note for cadf environmentYolanda Robla1-0/+7
A previous change was enabling cadf environment on TripleO, but missed release notes. Adding that as a follow up. Change-Id: I5e5a5267707537ae7c78685dc3d371ae5f80f4aa
2017-05-06Enable mistral to run under mod_wsgiBrad P. Crochet1-0/+7
Mistral should run under mod_wsgi. Let's do that. Change-Id: Ie98dd5061d92dbc3c15bdd8926b0e3d62cc471f6 Depends-On: I99f83c35eaa892c10deb63e199d22a43f06f5dcc
2017-05-05Merge "Add StackUpdateType to set hiera on upgrade"Jenkins1-0/+9
2017-05-04Add StackUpdateType to set hiera on upgradeSteven Hardy1-0/+9
This will enable those consuming the stack_update_type hieradata set by this parameter to differentiate an update from a major upgrade Change-Id: I38469f4b7d04165ea5371aeb0cbd2e9349d70c79
2017-05-03Merge "snmp: add SnmpdBindHost parameter"Jenkins1-0/+7
2017-05-03Expose metric delay processing metricPradeep Kilambi1-0/+3
For performance reasons we might want to tweak this param lets expose this via tripleo. The puppet changes were added in this patch I5de5283d1b14e0bba63d6d9a440611914ba86ca4 Change-Id: I72f1fe3a47060fe37602a70b8a74fba72209127c
2017-05-03Internal TLS: Use specific CA file for haproxyJuan Antonio Osorio Robles1-0/+6
Instead of using the CA bundle, this sets HAProxy to use a specific file for validating the certificates of the services it's proxying. This helps in two ways: * Improves performance since validation will check only one certificate. * Improves security since we're only the certificates signed by one CA are valid, instead of any certificate that the system trusts (which could include potentially compromised public certs). Change-Id: Id6de045b3c93c82d37e0b0657c17a3108516016a
2017-05-02Add deprecation notes for panko servicePradeep Kilambi1-0/+5
Change-Id: Ic218a753e0cede2ba3951bcaec843f487dce0c71
2017-05-02Merge "Deprecate ceilometer collector"Jenkins1-0/+14
2017-05-02snmp: add SnmpdBindHost parameterEmilien Macchi1-0/+7
SnmpdBindHost will be useful for users who want to change the binding options for SNMP daemon. It has to be an array, and by the default the value is ['udp:161','udp6:[::1]:161'] like it was in puppet-tripleo profile. Change-Id: Iccf0a8d35cc05d34272c078c97a5dddfb8e7d614 Closes-Bug: #1687628
2017-04-29Allow to deploy Octavia API & Neutron Server on 2 different nodesEmilien Macchi1-0/+5
Exporting the neutron::server parameter into the neutron_api service, so Octavia API and Neutron Server can be separated. Change-Id: Iee28b0e84a00bd589d6f14a73f0c3f32d310b393 Closes-Bug: #1687026
2017-04-28Merge "Enables support for configuring Cinder with Pure Storage FlashArray ↵Jenkins1-0/+3
storage backend"
2017-04-28Merge "Add $STACK_NAME input var"Jenkins1-0/+5
2017-04-28Support Redfish hardware in the overcloud IronicDmitry Tantsur1-0/+8
Part of blueprint redfish-support Depends-On: I0bd6697a33a62d62ee94a1de768b8516bba2e2bc Depends-On: Ib14f87800ae7657cf6176a4820248a2ce048241d Change-Id: I2482d3a7549ac9ebc7c0c20626e479575aaad182
2017-04-27Merge "Disable default vhost for apache"Jenkins1-0/+6
2017-04-27Merge "Change the default for rabbitmq back to ha-mode: all"Jenkins1-0/+11
2017-04-27Add $STACK_NAME input varJames Slagle1-0/+5
The stack name can now be overridden in the get-occ-config.sh script for deployed-server's by setting the $STACK_NAME variable in the environment. Change-Id: Iecba21499b80e463b4c629be53c309996d39472d Closes-Bug: #1686719
2017-04-27Merge "[ironic] expose default boot_option in configuration and change it to ↵Jenkins1-0/+12
local"
2017-04-27Disable default vhost for apacheBogdan Dobrelya1-0/+6
It is required for a hybrid deployments when WSGI based services running both at host and in containers, without conflicting default ports. Partial-bug: #1686637 Co-authored-by: Juan Antonio Osorio Robles <jaosorior@redhat.com> Change-Id: I9d0a5bb32337a6a8f1a4036f9560df79dfe1d90a Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
2017-04-26Change the default for rabbitmq back to ha-mode: allMichele Baldessari1-0/+11
In change Ib62001c03e1e08f58cf0c6e0ba07a8879a584084 we switched the rabbitmq queues HA mode from ha-all to ha-exactly. While this gives us a nice performance boost with rabbitmq, it makes rabbit less resilient to network glitches as we painfully found out via https://bugzilla.redhat.com/show_bug.cgi?id=1441635. This is the THT part of the change that changes the default to ha-mode: all. Closes-Bug: #1686337 Co-Authored-By: Damien Ciabrini <dciabrin@redhat.com> Co-Authored-By: John Eckersberg <jeckersb@redhat.com> Change-Id: I7afcf2b3c8deb13fc2134e4cae9c06a44e775384 Depends-On: I9a90e71094b8d8d58b5be0a45a2979701b0ac21c
2017-04-25Deprecate ceilometer collectorPradeep Kilambi1-0/+14
Ceilometer collector is deprecated in Pike release. Do not deploy by default. Instead use the pipeline yaml to configure the publisher directly. Closes-bug: #1676961 Change-Id: Ic71360c6307086d5393cd37d38ab921de186a2e0
2017-04-25Merge "Disable Manila CephFS snapshots by default"Jenkins1-0/+5
2017-04-25Merge "Add initial support for NSX plugin"Jenkins1-0/+3
2017-04-24Merge "Merge pre|post puppet resources into pre|post config."Jenkins1-0/+6
2017-04-24Merge "Run Zaqar with httpd in puppet service"Jenkins1-0/+3
2017-04-24Merge pre|post puppet resources into pre|post config.Carlos Camacho1-0/+6
The [Pre|Post]Puppet resources were renamed in https://review.openstack.org/#/c/365763. This was intended for having a pre/post deployment steps using an agnostic name instead of being attached to a technology. The renaming was unintentionally reverted in https://review.openstack.org/#/c/393644/ and https://review.openstack.org/#/c/434451. This submission merge both resources into one, and remove the old pre|post hooks. Closes-bug: #1669756 Change-Id: Ic9d97f172efd2db74255363679b60f1d2dc4e064
2017-04-24Merge "Allow configuring enabled hardware types for Ironic"Jenkins1-0/+9
2017-04-21Merge "glance: deploy services with Keystone v3 endpoints"Jenkins1-0/+4
2017-04-21Merge "SSHD Service extensions"Jenkins1-0/+5
2017-04-20Merge "Add all hosts to HostsEntry output"Jenkins1-0/+9
2017-04-20Merge "TLS-everywhere: Enable for TLS libvirt live migration"Jenkins1-0/+6
2017-04-20Run Zaqar with httpd in puppet serviceThomas Herve1-0/+3
This switches Zaqar to run with httpd when configured by puppet. Change-Id: I69b923dd76a60e9ec786cae886c137ba572ec906
2017-04-20Merge "Pluggable server type per Role"Jenkins1-0/+8
2017-04-20glance: deploy services with Keystone v3 endpointsEmilien Macchi1-0/+4
* Switch auth_uri to point to Keystone versionless endpoint. * Switch Swift auth url to use Keystone versionless endpoint and Keystone v3 API. Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com> Change-Id: I78cdd2286b5a5094f36d4f3c7c58340745664449 Partial-blueprint: keystone-v3