Current Series Release Notes¶
30.0.0.0b1-17¶
New Features¶
Added a bash auto-completion script which will assist with running openstack-ansible commands. It is placed as
/etc/bash_completion.d/openstack-ansible
, so please make sure your .bashrc is configured to load completion scripts from there. As of today it can help with completing playbook names, which are part of collections, Ansible native flags and hosts in case of--limit
flag is used.
A mapping
<service>_haproxy_services
now can contain a keyhaproxy_limit_hosts
, which can be used to filter out haproxy nodes to which this config should be applied. This behaviour might be useful in case you want to apply a different service configuration to haproxy hosts.
Upgrade Notes¶
As RabbitMQ HA (mirrored) queues are no longer supported with current version of RabbitMQ, please make sure a migration to Quorum Queues was performed before proceeding with the upgrade. Please check the Migrate between HA and Quorum Queues documentation for more details on the migration path.
Deprecation Notes¶
RabbitMQ HA (mirrored) queues are no longer supported by RabbitMQ, so respective policy was deprecated and removed in favor of quorum queues. Migration to Quorum Queues is expected to be performed on 2024.1 (Caracal) release. Please check the Migrate between HA and Quorum Queues documentation for more details on the migration path.
Bug Fixes¶
Functionality of providing different haproxy service settings per haproxy host has been restored through
haproxy_limit_hosts
key which provides filtering of target HAProxy hosts, to which this configuration should be applied. Before moving<service>_haproxy_services
from haproxy_all group_vars it was possible to supply a completely independent set of backends that will be configured on the HAProxy server. With moving backend defenition to specific service group_vars, this ability was lost, as there was no way to tell what config to apply to which HAProxy server.
30.0.0.0b1¶
Prelude¶
All playbooks for OpenStack-Ansible were moved under openstack.osa collection, which is being installed as a part of bootstrap-ansible.sh process. We left playbooks under their original names and locations for backwards compatability, though they are just importing corresponsive playbooks from the collection.
New Features¶
Added a new variable
octavia_security_group_additional_rules
that allows configuration of additional security group rules for Amphora.
Add support for ceilometer consumption of magnum notifications. Notifications will be consumed automatically when magnum_ceilometer_enabled is True.
Added variables
octavia_gigabytes
andoctavia_num_volumes
to control quota defenitions for the project where Octavia Amphorae is being spawned.
Added variable
openstack_apache_mpm_backend
which is used as a default value by service-specific variables to define used Apache MPM across the deployment. Defaults MPMevent
will be used if not overriden.
Added a variable
cloudkitty_storage
that allows to easily define storage configuration options for Cloudkitty.
Added variable
nova_ssh_custom_config
which allows to apply extra configuration for SSH connection established by Nova Compute while perfroming offline migrations or resizes. Can be leveraged to define a custom SSH port or ProxyJump.
Implemented variable
horizon_extra_local_settings
that allows to insert arbitrary parameters defined as a regular mapping inside local_settings.py of Horizon. Parameters will be inserted at the end of the config file.
Implemented variable neutron_l3_agent_extensions to control list of enabled L3 agent extensions.
Added variables to better control SSH keypair generation for Octavia:
octavia_ssh_key_manage
(True): Enables an Octavia role to generate and manage SSH keypair to be used for Amphoras.octavia_resources_deploy_host
(localhost): The host on which SSH key will be created.octavia_ssh_key_dir
(${HOME}/.ssh): Directory under which keypair will be created on theoctavia_resources_deploy_host
octavia_ssh_key_comment
(Generated-by-Nova): Comment for the keypair.octavia_ssh_key_format
(ssh): Format for the stored private keyoctavia_ssh_key_type
(rsa): Type of the SSH keypair generatedoctavia_ssh_key_size
(2048): Private key length.
Functional code for playbooks were moved from playbooks/ folder of the OpenStack-Ansible repository to a openstack.osa collection.
This means, you can control versions of playbooks separately from the OpenStack-Ansible repository itself. This also enables to call playbooks without providing explicit path to them, but through FQCN, for example:
openstack-ansible openstack.osa.setup_openstack
We also have renamed some playbooks to better reflect their purpose. For instance
playbooks/os-nova-install.yml
becomeopenstack.osa.nova
For backwards compatability we left old playbooks names/paths, though they contain simple import of corresponsive playbook from the collection.
The apt repository setup for the rabbitmq_server role is migrated to use the deb822_repository ansible module rather than the legacy apt_key and apt_repository modules. The format of the rabbitmq_repo and rabbitmq_erlang_repo ole default variables are changed to match the requirements of the new module, and are now lists allowing multiple repositories to be configured if required.
The previously used apt/yum package repositories for rabbitmq located at novemberain.com are have been replaced with those found at rabbitmq.com, in accordance with changes to the rabbitmq installation guide.
Added a support for deployment on Ubuntu 24.04 LTS (Noble Numbat).
Known Issues¶
Due to the underlying bug in Ansible collections for OpenStack,
Default
domain name can be renamed todefault
under certain conditions. One known example is havingdomain: default
defenition underkeystone_sp -> trusted_idp_list -> federated_identities
structure.
Upgrade Notes¶
The configuration of repositories for the ceph_client role through the ceph_yum_repo_url and ceph_repo_url variable is changed. These variables were replaced by unified ceph_repo_url variable. With that ceph_apt_repos has bee replaced by ceph_repos variable which should follow deb822_repository format for Debian/Ubuntu and yum_repository for CentOS Stream/Rocky Linux.
Changed default for
octavia_cinder_volume_size
to 20gb in order to align with value ofoctavia_amp_disk
Amphorae flavor will have 0 disk set (through variable
octavia_amp_disk
), whenoctavia_cinder_enabled: True
.
Default for Neutron API has been switched from using uWSGI to old eventlet due to found compatability issues for the current OpenStack release. You can find more infromation in Neutron bug report You can preserve current behaviour by setting
neutron_use_uwsgi: True
Please, make sure that in case of federation usage you define domain name instead of it’s ID (ie.
Default
instead ofdefault
) underkeystone_sp -> trusted_idp_list -> federated_identities
Group name for HAProxy destination hosts in openstack_user_config.yml` was renamed from
haproxy_hosts
toload_balancer_hosts
. While backwards compatability is kept, it is recommended to replace defenition with the new group during the upgrade.
In order to align used Apache MPM across the board, Horizon default MPM is switched from
worker
toevent
. A variablehorizon_apache_mpm_backend
was introduced to define the MPM in use.
Service type in catalog has been changed from
ha
toinstance-ha
in order to align service types with service deployment guide
Changed a default value for a
neutron_default_availability_zones
variable. From now on role will gather definedneutron_availability_zone
across all hosts (which defaults to nova) and attempt to schedule on all available Availability Zones by default. Change of the default should not alter behaviour for single-AZ setups.
The configuration of apt repositories for the rabbitmq_server role through the rabbitmq_repo variable is changed to match the deb822_repository ansible module. Any deployments that customise the repository configuration should adjust their rabbitmq_repo and rabbitmq_erlang_repo overrides to suit.
A web server for repo containers/hosts has been changed from Nginx to Apache. This was made to reduce amount of services we manage with roles and to better align approaches and development vectors.
The previously used apt/yum package repositories for rabbitmq located at novemberain.com are have been replaced with those found at rabbitmq.com, in accordance with changes to the rabbitmq installation guide. Any local mirrors should be adjusted to use the recommended upstream sources.
Default value of
gnocchi_policy_default_file_path
has changed to search forpolicy.yaml
file under/etc/openstack_deploy/gnocchi/
folder. Please ensure, that you use YAML format instead of JSON for the file.
Deprecation Notes¶
In order to unify Ceph client installation approaches for EL and Debian platforms following variables were deprecated and are silently ignored:
ceph_yum_repo_url
ceph_apt_repo_url
ceph_apt_repos
Support of Debian 11 (Bullseye) has been removed.
Usage of
haproxy_hosts
in openstack_user_config.yml` has been deprecated in favor ofload_balancer_hosts
.
The variable
keystone_external_ssl
was deprecated and is no longer used. You still can control if communication between HAProxy and Keystone should be covered with TLS throughkeystone_backend_ssl
orhaproxy_ssl
/haproxy_ssl_all_vips
for communication between clients and HAProxy on frontend.
Bug Fixes¶
Octavia role now handles quota defenition properly when BFV is set for Amphorae by defining
octavia_cinder_enabled: True
Used Apache MPMs are aligned across services and will not conflict with each other on metal deployments. Apache MPM event is being used by default.
In case of switching Neutron from uWSGI to old eventlet, neutron-rpc-server service will be disabled and stopped by the role.
haproxy_all
group is no longer populated with bare metal hosts in case of installing haproxy/keepalived inside LXC containers.
An Octavia
amphora
provider was returned back to the list of supported providers to satisfy Magnumoctavia_provider
default label.
Skyline is not getting installed anymore by default as part of
os-infra_hosts
, which might result in unwanted dashboard changes during OpenStack upgrade process.
Python wheels build no longer fails in case of issues with a repo host and should succeed as long as there at least one reachable repo host with matching Distro/Version/Architecture.
Other Notes¶
In order to align with oslo.messaging reverted default of
heartbeat_in_pthread
value we remove own logic of handling the value based on host groups. You still can useoslomsg_heartbeat_in_pthread
or specific role variables to alter the behaviour.
Default value for
octavia_management_net_dhcp
was set to False. It means that Octavia management network will not have DHCP enabled by default if os_octavia role is responsible for managaing it.
Skyline was removed from being assigned to
os-infra_hosts
. If you want to install Skyline as your dashboard, you need to defineskyline_dashboard_hosts
explicitly.