1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
|
---
prelude: >
6.0.0 is the final release for Ocata.
It's the first release where release notes are added.
features:
- Fujitsu Neutron plugin for FOS support. Users can deploy
Neutron with this plugin by using
environments/neutron-ml2-fujitsu-fossw.yaml environment file.
- Expose InstanceDiscoveryMethod parameter to configure Ceilometer
method used to discover instances running on compute node.
Default value to 'libvirt_metadata'. Allowed values are 'naive',
'libvirt_metadata' and 'workload_partitioning'.
- Make ServiceNetMap support custom network names.
Note that operators will still be expected to pass any ServiceNetMap
overrides with the "new" network name, e.g whatever NetName specifies,
otherwise environment files could get very confusing.
- Nova Placement API support. As this new service is required, deploy it
by default in WSGI with Apache, like other API services.
- Cinder pass-through iSER backend support.
- etcd composable services, used by networking-vpp ML2 driver as the
messaging mechanism.
- Allow to configure cron parameters for Cinder, Heat, Keystone and Nova
crontabs.
- Export NovaDefaultFloatingPool parameter to configure the default pool
of floating IP addressed available. Default to 'public' for backward
compatibility.
- Bump Heat Templates to 'ocata' version, to match Heat requirements.
- Configure OVS agent firewall driver only if NeutronOVSFirewallDriver
is set.
- Expose RbdDefaultFeatures parameter to configure the default features
enabled when creating a block device image.
Only applies to format '2' images. Set to '1' for Jewel clients using
older Ceph servers.
- Cinder HPELeftHandISCSIDriver backend support.
- Pacemaker stopped to manage Ceilometer, Cinder API,
Cinder Scheduler, MongoDB, Glance, Gnocchi, Heat, Apache, Memcached,
Neutron, Nova and Sahara.
- Ceph MDS service support. Service can be enable with
environments/services/ceph-mds.yaml environment file.
- Expose HeatConvergenceEngine and HeatMaxResourcesPerStack parameters
to configure Heat.
- Add pre-network hook and example showing config-then-reboot.
- Expose LibvirtEnabledPerfEvents parameter in Nova Compute service.
Default to an empty array.
This is a performance event list which could be used as monitor.
- Increase libvirt/qemu.conf max_files to 32768 and max_processes to
131072.
- Split OVN northd and ml2 plugin, so we can deploy OVNDBs and Northd
services on different nodes.
- Add hook to generate metadata from service profiles.
This is useful for nova vendordata plugins that can parse said metadata.
- Expose EventPipelinePublishers to Ceilometer and set the default to
'notifier://?topic=alarm.all'.
- Add Panko service support. This service is not enabled by default. Use
environments/services/enable-panko.yaml to include it in your deployment.
- Add EC2-API composable service support.
- Allow dnsmasq_dns_servers to be configured for Neutron DHCP Agent with a
new parameter (NeutronDhcpAgentDnsmasqDnsServers, default to []).
- Add support for Ceph RBD mirroring daemon managed by Pacemaker.
- Add deployed server bootstrap for RHEL.
- Configure VNC Server listen address on internal_api network by default.
- Support for Cinder Dell EMC PS Series.
- Support for Cinder Dell EMC EMC Storage Center.
- Support for Octavia composable services for LBaaS with Neutron.
- Support for Collectd composable services for performance monitoring.
- Support for Tacker composable service for VNF management.
upgrade:
- Update OpenDaylight deployment to use networking-odl v2 as a mechanism
driver.
- Update Contrail composable services.
deprecations:
- Glance Registry service has been removed and Glance API v2 is now deploy
by default. Glance API v1 is not supported anymore in TripleO.
- Remove CeilometerStoreEvents parameter, which has been removed
in Ceilometer.
- Ceilometer API service is deprecated and will be removed in a future
release. If you would like to disable it, use
environments/services/disable-ceilometer-api.yaml environment file.
- Removes deprecated OpenDaylight L2 only deployments.
Deploying ODL without L3 DVR is no longer supported.
security:
- Enable management of 'DISALLOW_IFRAME_EMBED' in Horizon configuration to
prevent dashboard being embedded within an iframe and exposed to Cross-Frame
Scripting (XFS) vulnerability on legacy browsers.
- Enable management of 'ENFORCE_PASSWORD_CHECK' in Horizons configuration to
display an Admin Password field on the Change Password form to verify that
it is indeed the admin logged-in who wants to change the password.
- Enable management of 'DISABLE_PASSWORD_REVEAL' in Horizon, to remove the
password reveal option.
- Enable 'SECURE_PROXY_SSL_HEADER' option in Horizons configuration to take
X-Forwarded-Proto header into account when forming URLs.
- Enable management of ENFORCE_PASSWORD_CHECK value. By setting
'ENFORCE_PASSWORD_CHECK' to 'True' within Horizons local_settings.py, it
displays an ‘Admin Password’ field on the “Change Password” form to verify
that it is the admin logged-in that wants to perform the password change.
- Enable management of Horizons Password Validation. Enables injection of an
operators own password validation regex via a heat template.
- Enable management of '/etc/issue Banner' whereby an operator can populate
their own Banner warning text to be displayed upon terminal login.
- Enable management of auditd system. '/etc/audit/audit.rules' can now be
populated by means of a heat template.
fixes:
- Fixes `bug 1645898
<https://bugs.launchpad.net/tripleo/+bug/1645898>`__ so epmd is binded on
the right address, where RabbitMQ is listening too.
- Fixes `bug 1652184
<https://bugs.launchpad.net/tripleo/+bug/1652184>`__ so swap partitions
can be handled from an environment file thanks to AllNodesExtraConfig.
- Add retry to RHEL registration, useful when having network outages during
registration.
- Fixes `bug 1651476
<https://bugs.launchpad.net/tripleo/+bug/1651476>`__ so firewall rules
are created for Opendaylight API service.
- Fixes `bug 1643487
<https://bugs.launchpad.net/tripleo/+bug/1643487>`__ to prevent source
address from binding to a VIP for database connection.
- Fixes `bug 1649836
<https://bugs.launchpad.net/tripleo/+bug/1649836>`__ to configure
DPDK options to isolate PMD cores and ovs process cores.
- Fixes `bug 1662344
<https://bugs.launchpad.net/tripleo/+bug/1662344>`__ by stopping
to set bind_address on nova db uri.
This reverts the changes in https://review.openstack.org/414629 for nova as
they are incompatible with cell_v2.
This is a temporary fix for HA while a long-term solution is developed.
|