Queens Series Release Notes


New Features

  • Added build_active_retries and port_detach_timeout parameters.

  • Added the “connection_logging” parameter.

  • Adds connection_max_retries and connection_retry_interval to control retry behavior when the contacting the amphora.

  • Added octavia::controller::controller_ip_port_list which can be used to configure the [health_manager]/controller_ip_port_list configuration option.

  • Add new parameter, “workers” to health_manager which defaults to $::os_workers

  • Add a new class octavia::quota to manage the quota settings in Octavia.

  • Added octavia::roles::role_names parameter to enable creation of the keystone roles supported by the Octavia API.

  • Added Keepalived VRRP parameters.

  • Added new parameter octavia::api::allow_tls_terminated_listeners which can be used to set the allow_tls_terminated_listeners config option.

  • Added new parameters octavia::api::api_v1_enabled and api_v2_enabled that can be used for enable/disable the API versions.

  • Added new parameter cert_generator, cert_manager, region_name and endpoint_type to the octavia::certificates class that configures the certificates section in the octavia.conf file.

  • Added new parameter client_ca and client_data_data to octavia::certificates. These can be used to separate the ca_certificate/server_ca and client_ca used which is something you want to do in production environment to avoid a compromised Amphora being able to connect to the other running amphoras.

  • Added new parameter octavia::worker::workers that can be used to set the number of worker processes.

  • The passphrase for config option ‘server_certs_key_passphrase’, that was recently added to Octavia, will now be auto-generated.

  • Added new class octavia::wsgi::apache, you can now run the API under Apache with mod_wsgi.

  • Added new octavia::glance class that can be used to configure the glance section in octavia.conf

  • Added new octavia::neutron class that can be used to configure the neutron section in octavia.conf

  • Added new octavia::nova class that can be used to configure the nova section in octavia.conf

  • Add openstack-db tag to Exec that run db-sync.

Upgrade Notes

  • Octavia option [haproxy_amphora]/key_path will no longer be set. None of the maintained Octavia releases support it (removed in Mitaka).

  • If you want to use the new octavia::controller class you must define it before the octavia::worker class.

Deprecation Notes

  • octavia::housekeeping::spare_amphorae_pool_size is deprecated and will be removed in the future release. Please use octavia::housekeeping::spare_amphora_pool_size instead.

  • The following octavia::worker parameters are deprecated and have been moved to octavia::controller class. When you start using octavia::controller make sure it’s defined before octavia::worker.

    • amp_flavor_id

    • amp_image_tag

    • amp_secgroup_list

    • amp_boot_network_list

    • loadbalancer_topology

    • amphora_driver

    • compute_driver

    • network_driver

    • amp_ssh_key_name

    • enable_ssh_access

    • timeout_member_connect

    • timeout_member_data

    • timeout_tcp_inspect

Bug Fixes

  • The passphrase for config option ‘server_certs_key_passphrase’, is used as a Fernet key in Octavia and thus must be 32 chars long.

  • There are a couple of configuration options that need to be set not only for the worker but also for other Octavia services. For example, on a composable node deployment where the API runs on a separate node than the rest of the Octavia services, the network driver was not being set (hence defaulting to noop driver) while for the worker the driver was allowed_address_pairs_driver. Another example is the database that was only being set for the API service. Such configuration misalignment and omissions lead to operate Octavia services and its resources.


New Features

  • Defined Octavia client package name for Red Hat family. python-octaviaclient is being packaged starting in RHOSP 13, RDO Queens and Fedora 28.

  • Adds the kombu_failover_strategy option for configuring oslo.messaging.rabbit. This will determines how the next RabbitMQ node is chosen in case the one we are currently connected to becomes unavailable.


New Features

  • Adds ‘amp_project_name’ to configure project access to the nova flavor for creating amphorae.

  • Added ‘octavia::worker::enable_ssh_access’ parameter to enable configuring without an OpenStack SSH key. Note that when set to false, configuration of SSH key related properties is disabled.

  • Add support for configuring ‘service_auth’ section parameters in octavia.

  • Adds the use_journal option for configuring oslo.log. This will enable passing the logs to journald.

  • Adds parameters to ‘octavia::certificates’ to support populating certificate and key files with data provided.


New Features

  • Add support of configuring octavia client.

  • Support for configuring ssh key pair generation for amphora to use.

  • Expose use_json logging parameter, which enables JSON formatted logging.

Bug Fixes

  • Change amphora flavor is_public property from true to false.


New Features

  • Add new parameter “api_handler”, the handler that the API communicates with.

  • Adds amp_ssh_key_name, key_path configuration options for configuring secure communications with amphorae.

Known Issues

  • Keystone v2.0 API was removed so we need to set a default value for user_domain_name and project_domain name, which will be Default as it is already in some other classes in modules.

Deprecation Notes

  • revocation_cache_time option is now deprecated for removal, the parameter has no effect.