Queens Series Release Notes

Queens Series Release Notes

6.1.0-23

New Features

  • Add support of custom configuration files for grafana.

Upgrade Notes

  • The neutron-vpnaas-agent has been loaded just inside of the existing l3 agent rather than requiring operators to run a completely different binary with a subclass of the existing L3 agent.

Deprecation Notes

  • As neutron-vpnaas-agent can be loaded by the neutron l3 agent, neutron-vpnaas standalone mode is not supported. We have already removed the neutron-vpnaas-agent container, currently, there is no need to keep this role.

6.1.0

New Features

  • Adds support for installing python dependencies into a virtualenv on remote hosts.

    Installing python packages directly to the system site-packages can cause various problems, in particular when pip overwrites a system package. Python virtualenvs are one solution to this issue, as they allow python packages to be installed in an isolated environment. Typically we will need to enable use of system site-packages from within this virtualenv, to support the use of modules such as yum, apt, and selinux, which are not available on PyPI.

    The path to the virtualenv is configured via the virtualenv variable, and access to site-packages is controlled via virtualenv_site_packages. The default value for virtualenv is None, in which case the old behaviour of installing packages directly to the system site-packages is maintained.

    When executing other kolla-ansible commands, the variable ansible_python_interpreter should be set to the python interpreter installed in virtualenv. Note that this variable cannot be templated.

6.0.0

Prelude

Specify Ansible “become” for only necessary tasks.

New Features

  • Add designate-producer ansible role. Orchestrates periodic tasks that are run by designate.
  • Allow use of separate backends for oslo.messaging rpc and notification.
  • Add CephFS driver support to manila
  • Add dvr_no_external l3 dvr agent mode. Introduce inner-compute and external-compute nodes group in inventory file to distinguish compute nodes which do not have external reachability from compute nodes which can reach outside.
  • Add Neutron SRIOV agent container The Neutron SRIOV agent changed from optional to required in the Mitaka release. This container runs on compute nodes to enable the use of Neutron SRIOV.
  • Add a new parameter for changing selinux state. The default value is “permissive”. Update a parameter named “disable_selinux”, use “change_selinux” instead of it.
  • Add vitrage ansible role
  • Allow cinder-volume to use Oracle ZFS Storage Appliance iSCSI backend.
  • Implemented support for using ansible-vault passwords in kolla-ansible command to decrypt /etc/kolla/passwords.yml.
  • Adds Docker volumes for storing persistent data in the bifrost_deploy container on the deployment host.
  • Adds a kolla_logs Docker volume for storing logs generated by services running in the bifrost_deploy container on the deployment host. These logs are not currently processed by fluentd.
  • Blazar services deployment method is implemented
  • Kolla-Ansible now supports creating a monitoring user for RabbitMQ. As an operator I want to be able to monitor the status of RabbitMQ by collecting metrics such as queue length, message rates (globally and per channel), and information about resource usage on the host, such as memory use, open file descriptors and the state of the cluster. Whilst it is possible to gather all of this information using the OpenStack RabbitMQ user configured by Kolla Ansible, this user has write access to the OpenStack vhost. This feature adds a monitoring user which has access to all of the information described above, but does not have write access. An example of a service which may use the monitoring user is the RabbitMQ plugin for the Monasca Agent. As not all users will configure monitoring, by default the monitoring user is disabled. To create it, the user should override the rabbitmq_monitoring_user variable.
  • Update container_proxy with configurable proxy settings Added three new properties:

    • container_http_proxy

      This defaults to an empty string. To set a proxy adjust this property to something like “http://proxy-server.organization.com:port

    • container_https_proxy

      This defaults to an empty string. To set a proxy adjust this property to something like “https://proxy-server.organization.com:port

    • container_no_proxy

      This defaults to some preconfigured settings which should suit. If needed this can also be adjusted.

  • Update designate to allow use of external bind9 dns servers. Added two new properties:

    • designate_backend_external

      This defaults to ‘no’, and can be enabled by setting it to ‘bind9’

    • designate_backend_external_bind9_nameservers

      This defaults to an empty string, and should be populated with a csv list of external bind9 dns server addresses.

    • Configuration override files to align with external bind9 dns servers must be supplied manually,

      • /etc/kolla/config/designate/rndc.key
      • /etc/kolla/config/designate/rndc.conf
  • This feature enables volume snapshots for NFS Cinder driver. NFS volume snapshots appeared in Ocata release and require libvirt >= 1.2.7
  • Added enable_external_mariadb_load_balancer flag
  • Added use_preconfigured_databases flag in order to add support for previously created databases / users
  • Added use_common_mariadb_user in order to allow the use of a common database user across all databases
  • Adds ability to configure custom fluentd filters.

    In some scenarios it may be useful to apply custom filters to logs before forwarding them. This may be useful to add additional tags to the messages or to modify the tags to conform to a log format that differs from the one defined by kolla-ansible.

    Configuration of custom fluentd filters is possible by placing filter configuration files in /etc/kolla/config/fluentd/filter/*.conf on the control host.

  • Adds ability to configure custom fluentd outputs.

    In some scenarios it may be useful to configure custom fluentd outputs to forward logs to a logging service other than elasticsearch.

    Configuration of custom fluentd outputs is possible by placing output configuration files in /etc/kolla/config/fluentd/output/*.conf.

  • Glance can now be developed on using Kolla ‘dev mode’.
  • Added horizon_keystone_multidomain flag for horizon multidomain support. This flag can be overriden in globals.yml. Default value: False
  • Implement ceph-mgr service
  • Implement ceph-nfs service, Nfs-ganesha can be used as a proxy when mounting ceph file shares.
  • Cephfs is implemented
  • Implement Cinder minimal downtime upgrade procedure.
  • Implement keystone zero-downtime upgrade procedure
  • Move storage backend passwords from main.yml to /etc/kolla/passwords.yml
  • Adds a new argument to the kolla-ansible command, --skip-tags TAGS. This argument is passed through directly to ansible-playbook.
  • Add “become” to necessary tasks of general roles.
  • Add “become” to necessary tasks of default roles.

Upgrade Notes

  • On upgrade NFS Cinder snapshots will be activated. One can prohibit this by setting nfs_snapshot_support = False in /etc/kolla/config/cinder/cinder-volume.conf, section ‘[nfs-1]’.
  • Before upgrading one needs to set Hitachi NAS and Oracle ZFSSA passwors in /etc/kolla/passwords.yml file.
  • The vmware_dvs_host_password, vmware_nsxv_password, and vmware_vcenter_host_password parameters moved to the passwords.yml file.
  • The following files /etc/kolla/config/database.conf and /etc/kolla/config/messaging.conf used to generate Openstack services config files are redundant with /etc/kolla/config/global.conf. They have been removed in order to simplify codebase.

Bug Fixes

  • Change the service listening port of MDNS by dns_interface.
  • Fixes an issue where the Bare Metal Inspection service was configured to communicate with the Bare Metal service via the public API interface. Communication is now via the internal API interface.
  • Fixes a bug where the Baremetal Introspection service’s public endpoint registered in the Identity service referenced the internal API endpoint.
Creative Commons Attribution 3.0 License

Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.