Current Series Release Notes

New Features

  • Added new parameter tempest_services for setting tempest_service_available_{service_name} var automatically.
  • The ansible version used by OSA is updated from the 2.7 to the 2.8 series. This requires an upgrade of ceph-ansible to 4.0 and this in turn requires an upgrade of ceph from Mimic to Nautilus. This version dependancy applies where OSA uses ceph-ansible directly to deploy the ceph infrastructure, but not when OSA is integrated with an externally provisioned ceph cluster.
  • Cinder is deployed with Active-Active enabled by default if you are using Ceph as a backend storage.
  • The ceph_client role will now look for and configure manila services to work with ceph and cephfs.
  • The os_masakari role now covers the monitors installation and configuration, completing the full service configuration.
  • The override rabbitmq_memory_high_watermark can be used to set the maximum size of the erlang Virtual Machine before the garbage collection is triggered. The default is lowered to 0.2, from 0.4 as the garbage collection can require 2x of allocated amount during its operation. This can result in a equivalent use of 0.4, resulting in 40% of memory usage, visible to the rabbitMQ container. The original default setting of 0.4 can lead to 80% memory allocation of rabbitMQ, potentially leading to a scenario where the underlying Linux kernel is killing the process due to shortage of virtual memory.
  • The role now supports using the distribution packages for the OpenStack services instead of the pip ones. This feature is disabled by default and can be enabled by simply setting the octavia_install_method variable to distro.
  • Added 2 new varibles for all groups - oslomsg_notify_policies and oslomsg_rpc_policies. These variables contain default rabbitmq policies, which will be applied for every rabbitmq vhost. As for now they will enable [HA mode]( for all vhosts. If you would like to disable HA mode just set these variables to empty lists inside your user_config.yml
  • The galera_server role now uses mariabackup in order to complete SST operations due to the fact that this is the recommended choice from MariaDB.
  • The galera_server role now ships with the latest MariaDB release of 10.3.13.
  • All roles are migrated from usage of regular log files to systemd-journald
  • Deployers may require custom CA certificates installing on their openstack hosts or service containers. A new variable openstack_host_ca_certificates is added which is a list of certificates that should be copied from the deploy host to the target hosts. Certificates may be selectively deployed by defining the variable either in user_variables.yml or via host/group vars.
  • A new optional file /etc/openstack_deploy/user-role-requirements.yml is now available for a deployer to override individual entries in the upstream ansible-role-requirements file. This can be used to point to alternative repos containing local fixes, or to add supplementary ansible roles that are not specified in the standard ansible-role-requirements.

Known Issues

  • Due to a change in how backend_host is defined when using Ceph, all the Cinder volumes will restart under the same backend name. This will mean that any volumes which previously were assigned to the host or container that hosted the volume will no longer be managable. The workaround for this is to use the cinder-manage volume update_host command to move those volumes to the new backend host. This known issue will be resolved soon with an upgrade playbook.
  • The previous way of using a common backend_host across all deployments was not recommended by the Cinder team and it will cause duplicate messages that cause problems in the environment.

Upgrade Notes

  • Any ceph infrastructure components (OSDs, MONs etc) deployed using the OSA/ceph-ansible tooling will be upgraded to the Ceph Nautilus release. Deployers should verify that this upgrade is suitable for their environment before commencing a major upgrade to Train, and consult the ceph-ansible and ceph release notes for Nautilus. For integration with external ceph clusters where OSA does not deploy any of the ceph cluster infrastructure, overrides can be used to select the specific version of ceph repositories used by the OSA ceph_client ansible role.
  • It is possible that you may need to use the cinder-manage command to migrate volumes to a specific host. In addition, you will have to remove the old rbd:volumes service which will be stale.
  • The rabbitMQ high watermark is set to 0.2 rather than 0.4 to prevent possible OOM situations, which limits the maximum memory usage by rabbitMQ to 40% rather than 80% of the memory visible to the rabbitMQ container. The override rabbitmq_memory_high_watermark can be used to alter the limit.
  • The default nova console type has been changed to novnc. Spice is still supported however due to novnc being more actively maintained it is now a better default option.
  • The default Mnesia dump_log_write_threshold value has changed to 300 instead of 100 for efficiency. dump_log_write_threshold specifies the maximum number of writes allowed to the transaction log before a new dump of the log is performed. Increasing this value can increase the performances during the queues/exchanges/bindings creation/destroying. The values should be between 100 and 1000. More detail [1].


  • The option rabbitmq_disable_non_tls_listeners has been removed in favor of setting the bind address and port configuration directly using a new option rabbitmq_port_bindings. This new option is a hash allowing for multiple bind addresses and port configurations.
  • The repo server no longer uses pypiserver, so it has been removed. Along with this, the following variables have also been removed.
    • repo_pypiserver_port
    • repo_pypiserver_pip_packages
    • repo_pypiserver_package_path
    • repo_pypiserver_bin
    • repo_pypiserver_working_dir
    • repo_pypiserver_start_options
    • repo_pypiserver_init_overrides
  • Tacker role now uses default systemd_service role. Due to this upstart is not supported anymore. Was added variable tacker_init_config_overrides, with wich deployer may override predifined options. Also variable program_override has no effect now, and tacker_service_names was removed in favor of tacker_service_name.
  • Gnocchi migrated from usage of Apache mod_wsgi or native daemon to uWSGI daemon. This means, that some variables are not available and has no effect anymore, specifically * gnocchi_use_mod_wsgi * gnocchi_apache_* * gnocchi_ssl* (except gnocchi_ssl_external - it’s still in place) * gnocchi_user_ssl_*

    During upgrade process role will drop gnocchi_service_port from apache listeners (ports.conf) and gnocchi virtualhost, which by default means misconfigured apache service (since it won’t have any listeners) unless it’s aio build and this apache server is in use by other role/service. Apache server won’t be dropped from gnocchi_api hosts, so deployers are encoureged to remove it manually.

  • Panko migrated from usage of Apache mod_wsgi or native daemon to uWSGI daemon. This means, that panko_apache_* variables are not available and has no effect anymore.

    During upgrade process role will drop panko_service_port from apache listeners (ports.conf) and panko virtualhost, which by default means misconfigured apache service (since it won’t have any listeners) unless it’s aio build and this apache server is in use by other role/service. Apache server won’t be dropped from panko_api hosts, so deployers are encoureged to remove it manually.

Deprecation Notes

  • In the ceph_client role, the only valid values for ceph_pkg_source are now ceph and distro. For Ubuntu, the Ubuntu Cloud Archive apt source is already setup by the openstack_hosts role, so there is no need for it to also be setup by the ceph_client role.
  • The compression option in the galera_server role has been removed due to the fact that it is not recommended by MariaDB anymore. This means that all the dependencies from Percona such as QPress are no longer necessary.
  • The following variables have been removed because they are no longer used. * galera_percona_xtrabackup_repo * use_percona_upstream * galera_xtrabackup_compression * galera_server_percona_distro_packages
  • The variable galera_xtrabackup_threads has been renamed to galera_mariabackup_threads to reflect the change in the SST provider.
  • The PowerVM driver has been removed as it is not tested and it has been broken since late 2016 due to the driver name being renamed to powervm_ext instead of powervm.
  • Support of the legacy neutron L3 tool has been dropped. Deployers are appreciated to use built-in l3-agent options for configuring HA.
  • The deprecated Neutron LBaaS v2 plugin has been removed from the Neutron role.
  • The deprecated Neutron LBaaS v2 plugin support has been removed from openstack-ansible.
  • nova-placement-api has been removed from the os_nova role, along with all nova_placement_* variables. Please review the os_placement role for information about how to configure the new placement service.
  • The nova-lxd driver is no longer supported upstream, and the git repo for it’s source code has been retired on the master branch. All code for deploying or testing nova-lxd has been removed from the os_nova ansible role. The following variables have been removed:
    • nova_supported_virt_types ‘lxd’ list entry
    • nova_compute_lxd_pip_packages
    • lxd_bind_address
    • lxd_bind_port
    • lxd_storage_backend
    • lxd_trust_password
    • lxd_storage_create_device
  • Removal of the netloc, netloc_no_port and netorigin filters. Please use the urlsplit filter instead. All usages of the deprecated filters in openstack repos have been updated.
  • The py_pkgs and packages_file Ansible lookups are no longer used in OSA and have been removed from the plugins repository.
  • Due to usage of systemd-journald mapping of /openstack/log/ to /var/log/$SERVICE is not present anymore. Also rsyslog_client role is not called for projects since logs are stored in journald. Also variables like service_log_dir are not supported anymore and have no effect.

Bug Fixes

  • ceilometer-polling services running on compute nodes did not have the polling namespace configured. Because of this they used the default value of running all pollsters from the central and compute namespaces. But the pollsters from the central namespace don’t have to run on every compute node. This is fixed by only running the compute pollsters on compute nodes.
  • The RyuBgpDriver is no longer available and replaced by the OsKenBgpDriver of the neutron_dynamic_routing project.