Train Series Release Notes

Train Series Release Notes¶

15.4.0-9¶

New Features¶

Adds interface parameter to keystone::resource::authtoken allow services to configure the interface to use for the Identity API endpoint. Valid values are “public”, “internal” or “admin”.

Bug Fixes¶

Workers are raised to 2 x os_workers, so that we have as many workers as the one we had before we merged 2 keystone services(public and admin).

Fixed a bug where the keystone::resource::authtoken resource would not install the proper python memcache bindings when using python3.

15.4.0¶

Deprecation Notes¶

keystone::public_bind_host and keystone::public_port are now fully deprecated, and don’t affect the correspoiding parameters under eventlet section. These parameters are currently used to generate public_host only if keystone::public_endpoint is not set. However, users should use public_endpoint instead because this generation will be removed in a future release.

15.2.0¶

New Features¶

Allow users to run the RabbitMQ heartbeat over a native python thread in the oslo.messaging RabbitMQ driver, by using the rabbit_heartbeat_in_pthread option in configuration.

Deprecation Notes¶

keystone::admin_bind_host and keystone::admin_port are deprecated and ignored as the correspoding options in keystone were already deprecated.

Now keystone::admin_endpoint does not affect keystone configuration, as the corresponding parameter in keystone was already removed.

keystone::public_bind_host and keystone::public_port are deprecated. They still works as valid hieradata to generate endpoint information used in keystone resource creation, but will be ignored in future. Use keystone::public_endpoint instead, which will be necessory option in the future to define public endpoint.

keystone::admin_workers and keystone::public_workers are deprecated, and now are ignored.

15.1.0¶

New Features¶

Add support to configure [oslo_middleware]/max_request_body_size with $max_request_body_size in the keystone:: class.

memcache_socket_timeout is changed to float value.

New resource, keystone::resource::service_user, is available to configure Keystone authentication parameters to use service token feature.

15.0.0¶

New Features¶

Add support to configure [keystone_authtoken]/service_token_roles with $service_token_roles in the keystone::resource::authtoken resource.

Upgrade Notes¶

The deprecated parameters main_port and admin_port in keystone::federation::openidc is now removed.

The keystone::federation::openidc::keystone_url parameter is now mandatory and does not fallback on the keystone::public_endpoint value.

The deprecated parameters in keystone::wsgi::apache is removed, see below for what parameters you should use instead.
- Removed servername_admin please use servername
- Removed public_port and admin_port please use api_port
- Removed admin_bind_host please use bind_host
- Removed public_path and admin_path please use path
- Removed ssl_cert_admin and ssl_key_admin please use ssl_cert and ssl_key
- Removed wsgi_admin_script_source and wsgi_public_script_source please use wsgi_script_source
- Removed custom_wsgi_process_options_main and custom_wsgi_process_options_admin please use custom_wsgi_process_options

The deprecated resources keystone_paste_ini, keystone::config::keystone_paste_config, keystone::disable_admin_token_auth, keystone::disable_v2_api and keystone::paste_config is removed.

Deprecation Notes¶

database_idle_timeout is deprecated and will be removed in a future release. Please use database_connection_recycle_time instead.

this page last updated: 2020-06-01 17:32:30

Creative Commons Attribution 3.0 License

Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.