Queens Series Release Notes¶
Erroneously, availability_zone for host aggregate resource types was considered mandatory in heat templates.
Behaviour has been adjusted to bring this in line with the CLI and GUI, in which it is optional.
Previously, when deleting a convergence stack, the API call would return immediately, so that it was possible for a client immediately querying the status of the stack to see the state of the previous operation in progress or having failed, and confuse that with a current status. (This included Heat itself when acting as a client for a nested stack.) Convergence stacks are now guaranteed to have moved to the
DELETE_IN_PROGRESSstate before the delete API call returns, so any subsequent polling will reflect up-to-date information.
Previously, the suspend, resume, and check API calls for all stacks, and the update, restore, and delete API calls for non-convergence stacks, returned immediately after starting the stack operation. This meant that for a client reading the state immediately when performing the same operation twice in a row, it could have misinterpreted a previous state as the latest unless careful reference were made to the updated_at timestamp. Stacks are now guaranteed to have moved to the
IN_PROGRESSstate before any of these APIs return (except in the case of deleting a non-convergence stack where another operation was already in progress).
Passwords generated by the OS::Heat::RandomString resource may have had less entropy than expected, depending on what is specified in the
character_sequenceproperties. This has been corrected so that each character present in any of the specified classes or sequences now has an equal probability of appearing at each point in the generated random string.
Note that Heat is compatible with OpenStack Identity federation, even when using Keystone trusts. It should work after you enable Federation and build the auto-provisioning map with the heat service user in Keystone. Auto-provisioning has been available in Keystone since the Ocata release.
mountsproperties to Zun Container resources.
Adds REST api support to cancel a stack create/update without rollback.
All developer, contributor, and user content from various guides in openstack-manuals has been moved in-tree and are published at https://docs.openstack.org/heat/pike/.
The template validate API call now returns the Environment calculated by heat - this enables preview of the merged environment when using parameter_merge_strategy prior to creating the stack
Adds new resources for octavia lbaas service.
OS::Octavia::LoadBalanceris added to create and manage Load Balancers which allow traffic to be directed between servers.
OS::Octavia::Listeneris added to create and manage Listeners which represent a listening endpoint for the Load Balancer.
OS::Octavia::Poolis added to create and manage Pools which represent a group of nodes. Pools define the subnet where nodes reside, the balancing algorithm, and the nodes themselves.
OS::Octavia::PoolMemberis added to create and manage Pool members which represent a single backend node.
OS::Octavia::HealthMonitoris added to create and manage Health Monitors which watch status of the Load Balanced servers.
OS::Octavia::L7Policyis added to create and manage L7 Policies.
OS::Octavia::L7Ruleis added to create and manage L7 Rules.
Added a new schema property tags, to parameters, to categorize parameters based on features.
Heat now support policy in code, which means if you didn’t modify any of policy rules, you won’t need to add rules in the policy.yaml or policy.json file. Because from now, heat keeps all default policies under heat/policies. You can still generate and modify a policy.yaml file which will override policy rules in code if those rules appear in the policy.yaml file.
Add tags parameter for create and update keystone projects. Defined comma deliniated list will insert tags into newly created or updated projects.
OS::Heat::ResourceGroup now supports a removal_policies_mode property. This can be used to optionally select different behavior on update where you may wish to overwrite vs append to the current policy.
Allow to set networks of instances for OS::Trove::Cluster resource.
Heat does not work with keystone identity federation. This is a known limitation as heat uses keystone trusts for deferred authentication and trusts don’t work with federated keystone. For more details check https://etherpad.openstack.org/p/pike-ptg-cross-project-federation.
OS::Heat::HARestarterresource type is no longer supported. This resource type is now hidden from the documentation. HARestarter resources in stacks, including pre-existing ones, are now only placeholders and will no longer do anything. The recommended alternative is to mark a resource unhealthy and then do a stack update to replace it. This still correctly manages dependencies but, unlike HARestarter, also avoid replacing dependent resources unnecessarily. An example of this technique can be seen in the autohealing sample templates at https://git.openstack.org/cgit/openstack/heat-templates/tree/hot/autohealing
Default policy.json file is now removed as we now generate the default policies in code. Please be aware that when using that file in your environment. You still can generate a policy.yaml file if that’s required in your environment.
The AWS compatible CloudWatch API, deprecated since long has been finally removed. OpenStack deployments, packagers, and deployment projects which deploy/package CloudWatch should take appropriate action to remove support.
Threshold alarm which uses ceilometer API is deprecated in aodh since Ocata. Please use
OS::Aodh::GnocchiAggregationByResourcesAlarmin place of
Hidden Designate resource plugins
OS::Designate::Record. To use
The SSL middleware
heat.api.middleware.ssl:SSLMiddlewarethat has been deprecated since 6.0.0 has now been removed, check your paste config and ensure it has been replaced by
The heat.resource_type custom constraint has been removed. This constraint never actually worked.
Heat no longer uses standard Python RNG when generating values for OS::Heat::RandomString resource, and instead relies on system’s RNG for that.
Force delete the nova instance. If a resource is related with a nova instance which is in ‘SOFT_DELETED’ status, the resource can’t be deleted, when nova config ‘reclaim_instance_interval’. so, force-delete the nova instance, and then all the resources are related with the instance would be processed properly.
Add attribute schema to OS::Keystone::Project. This allow get_attr function can work with project resource.
Intrinsic function plugins will now be passed a StackDefinition object instead of a Stack object. When accessing resources, the StackDefinition will return ResourceProxy objects instead of Resource objects. These classes replicate the parts of the Stack and Resource APIs that are used by the built-in Function plugins, but authors of custom third-party Template/Function plugins should audit them to ensure they do not depend on unstable parts of the API that are no longer accessible. The StackDefinition and ResourceProxy APIs are considered stable and any future changes to them will go through the standard deprecation process.
The Heat plugin in Horizon has been replaced with a new stand-alone Horizon plugin, heat-dashboard. You can see more detail in the heat-dashboard repository (https://git.openstack.org/cgit/openstack/heat-dashboard).
The old Heat Tempest plugin
heat_testshas been removed and replaced by a separate Tempest plugin named
heat, in the heat-tempest-plugin repository (https://git.openstack.org/cgit/openstack/heat-tempest-plugin). Functional tests that are appropriate for the Tempest environment have been migrated to the new plugin. Other functional tests remain behind in the heat repository.