Zed Series Release Notes¶
18.0.0.0b1-146¶
New Features¶
If defined in applicable host or group vars the variable
container_extra_networks
will be merged with the existingcontainer_networks
from the dynamic inventory. This allows a deployer to specify special interfaces which may be unique to an indivdual container. An example use for this feature would be applying known fixed IP addresses to public interfaces on BIND servers for designate.
Upgrade Notes¶
As support for Centos-7 is removed from openstack-ansible in the Victoria release it is no longer necessary to support LXC2 configuration syntax in the lxc_container_create ansible role. The version of LXC is now assumed to be 3 or greater, and any LXC configuration keys that are being overriden by the deployer in the variable lxc_container_config_list should be updated to be LXC3 syntax as these will no longer be be converted by ansible code..
Deprecation Notes¶
The following variable name changes have been implemented in order to better reflect their purpose.
lxc_host_machine_quota_disabled
->lxc_host_btrfs_quota_disabled
lxc_host_machine_qgroup_space_limit
->lxc_host_btrfs_qgroup_space_limit
lxc_host_machine_qgroup_compression_limit
->lxc_host_btrfs_qgroup_compression_limit
Bug Fixes¶
When using LXC containers with a copy-on-write back-end, the
lxc_hosts
role execution would fail due to undefined variables with thenspawn_host_
prefix. This issue has now been fixed.
18.0.0.0b1¶
New Features¶
In a greenfield deployment containers will now bind link their journals to the physical host machine in the
/var/log/journal/{{ machine_id }}
location. During an upgrade this change will be added to the container config but will not go into effect until the container is restarted. Because the restart is not forced the operator can perform restarts to best suit the needs of their environment. Journal linking provides operators the ability to log stream and health check containerized systems without having to attach or otherwise login. If this feature is not needed or desired it can be disabled by setting the optionlxc_container_journal_link
to false.
Within the lxc-container-create role the legacy networking scripts have been converted to use systemd-networkd for ubuntu and centos. This gives us a single, common, networking functionality to across multiple distros.
All of the pre/post up, and pre/post down adhoc command options have been converted to using systemd “oneshot” services. This conversion allows all supported distros to benefit from the ability to run adhoc commands before and after networking is available on both start-up and shut-down.
The variable
lxc_user_defined_container
has been added to the lxc_container_create role allowing deployers to define the variable file loaded when creating a container. This option defaults to null which will instruct the role to create a container using the OS most closely assosiated with the underlying OS. This option can be set to either one of the roles built-in container types or use any variable file local to the deployment host.
Deprecation Notes¶
The lxc_container_fixed_mac option has been removed and containers will be created with static mac addresses.
17.0.0.0b1¶
New Features¶
The tag options when creating an LXC container have been simplified. The two tags now supported by the lxc_container_create role are lxc-{create,config}.
Upgrade Notes¶
The LXC container create option lxc_container_backing_store is now defined by default and has a value of “dir”. Prior to this release the backend store option was using several auto-detection methods to try and guess the store type based on facts fed into the role and derived from the physical host. While the auto-detection methods worked, they created a cumbersome set of conditionals and limited our ability to leverage additional container stores. Having this option be a default allows deployers to mix and match container stores to suit the needs of the deployment. Existing deployments should set this option within group or user variables to ensure there’s no change in the backend store when new container be provisioned.
Other Notes¶
The LXC container create role will now check for the LXC volume group if the option lxc_container_backing_store is set to “lvm”. If this volume group is not found, the role will halt and instruct the deployer to update their configuration options and inspect their host setup.
16.0.0.0b3¶
New Features¶
Added the
lxc_container_recreate
option, which will destroy then recreate LXC containers. The container names and IP addresses will remain the same, as will the MAC addresses of any containers using thelxc_container_fixed_mac
setting.
MAC addresses for containers with a fixed MAC (lxc_container_fixed_mac variable) are now saved to the
/etc/ansible/facts.d/mac.fact
file. Should such a container be destroyed but not removed from inventory, the interfaces will be recreated with the same MAC address when the container is recreated.
Add support for Ubuntu on IBM z Systems (s390x).
16.0.0.0b2¶
Upgrade Notes¶
The var
lxc_container_ssh_delay
along with SSH specific ping checks have been removed in favor of using Ansible’s wait_for_connection module, which will not rely on SSH to the container to verify connectivity. A new variable calledlxc_container_wait_params
has been added to allow configuration of the parameters passed to thewait_for_connection
module.
Deprecation Notes¶
The var
lxc_container_ssh_delay
along with SSH specific ping checks have been removed in favor of using Ansible’s wait_for_connection module, which will not rely on SSH to the container.
16.0.0.0b1¶
New Features¶
In the lxc_container_create role, the keys
preup
,postup
,predown
, andpostdown
are now supported in thecontainer_networks
dict for Ubuntu systems. This allows operators to configure custom scripts to be run by Ubuntu’s ifupdown system when network interface states are changed.
15.0.0.0b1¶
New Features¶
LXC containers will now generate a fixed mac address on all network interfaces when the option lxc_container_fixed_mac is set to true. This feature was implemented to resolve issues with dynamic mac addresses in containers generally experienced at scale with network intensive services.
When using a copy-on-write backing store, the lxc_container_base_name can now include a prefix defined by
lxc_container_base_name_prefix
.
Bug Fixes¶
LXC containers will now have the ability to use a fixed mac address on all network interfaces when the option lxc_container_fixed_mac is set true. This change will assist in resolving a long standing issue where network intensive services, such as neutron and rabbitmq, can enter a confused state for long periods of time and require rolling restarts or internal system resets to recover.
14.0.0.0b3¶
New Features¶
The
lxc-container-create
role now consumes the variablelxc_container_bind_mounts
which should contain a list of bind mounts to apply to a newly created container. The appropriate host and container directory will be created and the configuration applied to the container config. This feature is designed to be used in group_vars to ensure that containers are fully prepared at the time they are created, thus cutting down the number of times containers are restarted during deployments and upgrades.
The container creation process now allows
copy-on-write
to be set as thelxc_container_backing_method
when thelxc_container_backing_store
is set tolvm
. When this is set it will use a snapshot of the base container to build the containers.
The LXC container creation process now has a configurable delay for the task which waits for the container to start. The variable
lxc_container_ssh_delay
can be set to change the default delay of five seconds.
The LXC container creation and modification process now supports online network additions. This ensures a container remains online when additional networks are added to a system.
14.0.0.0b2¶
New Features¶
A new variable has been added to allow a deployer to control the restart of containers via the handler. This new option is
lxc_container_allow_restarts
and has a default ofyes
. If a deployer wishes to disable the auto-restart functionality they can set this value tono
and automatic container restarts that are not absolutely required will be disabled.
The
lxc-container-create
role now consumes the variablelxc_container_config_list
which should contain a list of the entries which should be added to the LXC container config file when the container is created. This feature is designed to be used in group_vars to ensure that containers are fully prepared at the time they are created, thus cutting down the number of times containers are restarted during deployments and upgrades.
The
lxc-container-create
role now consumes the variablelxc_container_commands
which should contain any shell commands that should be executed in a newly created container. This feature is designed to be used in group_vars to ensure that containers are fully prepared at the time they are created, thus cutting down the number of times containers are restarted during deployments and upgrades.
The container creation process now allows
overlayfs
to be set as thelxc_container_backing_store
. When this is set it will use a snapshot of the base container to build the containers. Theoverlayfs
backing store is not recommended to be used for production unless the host kernel version is 3.18 or higher.
Support added to allow deploying on ppc64le architecture using the Ubuntu distributions.
14.0.0.0b1¶
New Features¶
LXC containers will now have a proper RFC1034/5 hostname set during post build tasks. A localhost entry for 127.0.1.1 will be created by converting all of the “_” in the
inventory_hostname
to “-”. Containers will be created with a default domain of openstack.local. This domain name can be customized to meet your deployment needs by setting the optionlxc_container_domain
.
The
lxc_container_create
role will now build a container based on the distro of the host OS.
The
lxc_container_create
role now supports Ubuntu 14.04, 16.04, and RHEL/CentOS 7
Upgrade Notes¶
LXC containers will now have a proper RFC1034/5 hostname set during post build tasks. A localhost entry for 127.0.1.1 will be created by converting all of the “_” in the
inventory_hostname
to “-”. Containers will be created with a default domain of openstack.local. This domain name can be customized to meet your deployment needs by setting the optionlxc_container_domain
.
The
lxc_container_create
role no longer uses the distro specific lxc container create template.
The following variable changes have been made in the
lxc_host
role:lxc_container_template: Removed because the template option is now contained within the operating system specific variable file loaded at runtime.
lxc_container_template_options: This option was renamed to lxc_container_download_template_options. The deprecation filter was not used because the values provided from this option have been fundamentally changed and old overrides will cause problems.
lxc_container_release: Removed because image is now tied with the host operating system.
lxc_container_user_name: Removed because the default users are no longer created when the cached image is created.
lxc_container_user_password: Removed because the default users are no longer created when the cached image is created.
lxc_container_template_main_apt_repo: Removed because this option is now being set within the cache creation process and is no longer needed here.
lxc_container_template_security_apt_repo: Removed because this option is now being set within the cache creation process and is no longer needed here.