Yoga Series Release Notes¶
20.2.0¶
New Features¶
Now this module supports CentOS 9 and Red Hat Enterprise Linux 9.
The new
openstacklib::cloudsresource type has been added, which manages theclouds.yamlfile to store credentials for theopenstackcli.
Now
Puppet::Provider::Openstack::CredentialsV3supports loading credentials from theclouds.yamlfile.
Now
Puppet::Provider::Openstack::CredentialsV3supports system scope credential and domain scope credential in addition to project scope credential.
20.1.0¶
New Features¶
The new
openstacklib::wsgi::apache::request_headersparameter has been added.
19.3.0¶
New Features¶
Now the
openstacklib::policiesresource type provides the basic set of configurations for policy settings. It provides the purge_config parameter which ensures a policy file is purged.
Upgrade Notes¶
The
openstacklib::policiesclass has been re-implemented as a defined resource type.
19.1.0¶
New Features¶
The new
openstacklib::iscsidclass has been added. This class can be used to set up basic configurations for the iscsid service.
19.0.0¶
Upgrade Notes¶
Fedora is no longer supported.
18.2.0¶
Deprecation Notes¶
Json format of policy files has been deprecated and will be removed in a future release. Use yaml format instead.
18.0.0¶
New Features¶
Added ssl_verify_client parameter to openstacklib::wsgi::apache.
17.4.0¶
New Features¶
The new
openstacklib::wsgi::apache::aliasesparameter has been added. This parameter can be used to add alias definitions to the httpd vhost.
The new
openstacklib::wsgi::apache::setenvparameter has been added. This paramaeter can be to define environment variables for vhost, passed by httpd.
17.2.0¶
Bug Fixes¶
Oslo policy is moving towards yaml as a policy file format and is deprecating json. Policy definitons now may contain a ‘file_format’ field to specify ‘yaml’ or ‘json’ as a file format.
17.1.0¶
Upgrade Notes¶
This module now requires a puppetlabs-apache version >= 5.0.0
Now this module requires puppetlabs-postgresql >= 6.4.0 .
Puppet 5 is now officially unsupported and support may be broken in any of the Puppet modules in this cycle. We recommend all deployments to start using Puppet 6 in this release.
Deprecation Notes¶
The
password_hashparameter inopenstacklib::db::mysqlandopenstacklib::db::postgresqlwere deprecated and will be removed in a future release. Use thepasswordparameter instead, so that password hash is generated from given user and password in puppet-openstacklib.
16.2.0¶
New Features¶
Puppet OpenStack now supports the 10.x release of the PuppetLabs MySQL module.
16.0.0¶
Prelude¶
Puppet OpenStack has in this release deprecated Puppet 5 support. This version of Puppet will be EOL as of May 2020 which means that you can still use it during this release but in the V release using Puppet 6 will be a requirement.
New Features¶
Add new WSGI related options that should allow faster application startup and loading.
Security Issues¶
Do not authorize directory listing
Bug Fixes¶
rhbz#1778052
LP#1854442
15.0.0¶
New Features¶
Utility to handle prefixing IPv6 address with
inet6:. This is useful for services relying on python-memcached which require theinet6:[<ip_address]:<port>format.
Upgrade Notes¶
Puppet OpenStack does not officially support Puppet 4 anymore. Deployments should use Puppet 5 or Puppet 6.
14.3.0¶
Prelude¶
In this release Ubuntu has moved all projects that supported it to python3 which means that there will be a lot of changes. The Puppet OpenStack project does not test the upgrade path from python2 to python3 packages so there might be manual steps required when moving to the python3 packages.
Upgrade Notes¶
The openstacklib module and all other OpenStack modules depending on this module now requires a puppetlabs-mysql version >= 6.0.0
The openstacklib module now provides a variable openstacklib::params::pyvers that is used by all other OpenStack modules to determine if the operating system has packages with python3 or python3. It’s very important that you have an updated openstacklib module when upgrading before using all other modules.
Ubuntu packages are now using python3, the upgrade path is not tested by Puppet OpenStack. Manual steps may be required when upgrading.
14.1.0¶
Prelude¶
Puppet OpenStack has in this release deprecated Puppet 4 support. This older version of Puppet is EOL since October 2018 and will only get security fixes. We will continue to support this Puppet version for the duration of this release with minimal testing. In the next release Puppet 4 support will be removed completely and you should move to using Puppet 5 or the newly released Puppet 6.
13.3.0¶
New Features¶
This add os_immutable fact that can be used in the puppet openstack module as value for all types that inherit openstack_config. Using ::os_immutable as a value of the configuration parameter will tell puppet to not change the current value, whatever it is.
13.1.0¶
New Features¶
openstacklib::wsgi::apache now has a parameter named custom_wsgi_script_aliases which can be used to add more WSGI script alises to the apache::vhost resource. These additional WSGI script aliases is added upon the default script alias which is $path combined with $wsgi_script_dir and $wsgi_script_file.
openstacklib::wsgi::apache now has support for headers, access_log_pipe, access_log_syslog, error_log_pipe and error_log_syslog params which will be added to the apache::vhost setup.
There’s a new environment variable for service-validation. With it, it is possible to pass in things like OS_PASWORD which should never appear in the command line.
12.2.0¶
New Features¶
Implement a new fact, $::os_workers_heat_engine that is responding to a specific need with Heat Engine service, where minimum of workers will be 4 and maximum of 24.
Bug Fixes¶
The upstream services are moving their policy files into code which means they may not exist if a user tries to customize the policies. We’ve added an file resource to openstacklib::policy::base to ensure the file exists but this means that the user/group need to be passed into the module or it will possibly lock out services from being able to read this file as the defaults limit it to just root:root.
The os_workers_large fact now returns an Integer instead of a Tuple. It will also return a minimum value of 1.
11.3.0¶
New Features¶
Add two parameters to apache wsgi to allow overwrite and/or add additional wsgi process options.
11.2.0¶
Bug Fixes¶
Improve openrc parsing to prevent issues when additional bash code is present in a user’s openrc file. LP#1699950
11.0.0¶
Bug Fixes¶
Bugfix 1664561. Allow to use Integers and Strings for the port parameter.
10.2.0¶
New Features¶
For the users that result from the usage of the mysql resource, it is now possible to specify the TLS options. This is useful if one wants to force the user to only connect using TLS, or if one wants to force the usage of client certificates for this specific user.
Moved existing $::os_workers to $::os_workers_small
Updated $::os_workers to have a value between ‘2’ and ‘12’. The value of this fact is the larger value between ‘2’ and the number of processors divided by ‘2’ but will not exceed ‘12’.
Created fact $::os_workers_large to have a value of number of processors divided by ‘2’
Bug Fixes¶
bug 1651215 The transport parameter was not being used so transport was fixed value ‘rabbit’
bug 1650424 The current calculation for os_workers negatively impacts api response times
10.1.0¶
New Features¶
Add the ability to skip the mysql user and/or grant creation as part of the openstack::db::mysql resource.
os_transport_url puppet parser function can be used to generate valid transport_url URIs from a hash of connection parameters.
Bug Fixes¶
openstack::db::mysql could not be used to create multiple databases with the same user/password for access due to a duplicate mysql_user resource declaration. Now the user and/or grant creation process can be skipped if they already exist.
10.0.0¶
Bug Fixes¶
Add support for multiple regions in base provider code used by other puppet modules.
Other Notes¶
Parameters that control the number of spawned child processes for distributing processing have had their default value changed from ::processorcount to ::os_workers.
9.4.0¶
New Features¶
Allow to give an array of IP addresses to normalize_ip_for_uri and normalize each IP in the list.
Created a new fact called $::os_workers to be used as the defaults for any of the openstack service worker configurations. This fact will have a value between ‘2’ and ‘8’. The value of this fact is the larger value between ‘2’ and the number of processors divided by ‘4’ but will not exceed ‘8’.
9.2.0¶
New Features¶
Add the ability to transform values in config files. This allows operators to configure input directly at assignment by specifying a ‘transform_to’ attribute.
9.1.0¶
New Features¶
Add a manifest which is loaded by all puppet modules in manifests/param.pp. This is described in bug 1599113
Add the possibility to exclude some exception from retry mechanism. It helps to fix bug 1597357
Added policy_rcd provider for managing policy-rc.d for Debian family.
Bug Fixes¶
The first feature would help fixing RDO package using virtual package which is a recurring problem. Example of such problem is bug 1599113
9.0.0¶
New Features¶
Utility to handle IPv6 address brackets with normalize_ip_for_uri is a function that help us to add brackets to IPv6 addresses when missing. The function moved to puppetlabs-stdlib but is not in latest release yet. Once it’s done, we’ll probably drop this function so our modules will use stdlib.
Add a class that takes an array of services that can be configured to not autostart on package install. The most notable example is keystone. The policy-rc.d file is generated to return the correct exit code to prevent the services from autostarting on package install. This change is only meant for debian based systems.
Add an “extra” hash parameter to os_database_connection that allows to extend the database uri configuration.
Release notes are no longer maintained by hand, we now use the reno tool to manage them.
Known Issues¶
ubuntu cloud archive keystone package is auto-starting the eventlet process on package install.
Bug Fixes¶
Catch HTTP 403 responses (not authorized requests) in openstack provider.
Add retries to the openstack command. Increase command timeout to 20s and request timeout to 60s and sleep 3s between retries. Do not retry non-idempotent actions. This is a more robust implementation that will prevent failures in case of Keystone API failures during a deployment.
