Zed Series Release Notes

18.0.0.0b1-146

New Features

  • If defined in applicable host or group vars the variable container_extra_networks will be merged with the existing container_networks from the dynamic inventory. This allows a deployer to specify special interfaces which may be unique to an indivdual container. An example use for this feature would be applying known fixed IP addresses to public interfaces on BIND servers for designate.

Upgrade Notes

  • As support for Centos-7 is removed from openstack-ansible in the Victoria release it is no longer necessary to support LXC2 configuration syntax in the lxc_container_create ansible role. The version of LXC is now assumed to be 3 or greater, and any LXC configuration keys that are being overriden by the deployer in the variable lxc_container_config_list should be updated to be LXC3 syntax as these will no longer be be converted by ansible code..

Deprecation Notes

  • The following variable name changes have been implemented in order to better reflect their purpose.

    • lxc_host_machine_quota_disabled -> lxc_host_btrfs_quota_disabled

    • lxc_host_machine_qgroup_space_limit -> lxc_host_btrfs_qgroup_space_limit

    • lxc_host_machine_qgroup_compression_limit -> lxc_host_btrfs_qgroup_compression_limit

Bug Fixes

  • When using LXC containers with a copy-on-write back-end, the lxc_hosts role execution would fail due to undefined variables with the nspawn_host_ prefix. This issue has now been fixed.

18.0.0.0b1

New Features

  • In a greenfield deployment containers will now bind link their journals to the physical host machine in the /var/log/journal/{{ machine_id }} location. During an upgrade this change will be added to the container config but will not go into effect until the container is restarted. Because the restart is not forced the operator can perform restarts to best suit the needs of their environment. Journal linking provides operators the ability to log stream and health check containerized systems without having to attach or otherwise login. If this feature is not needed or desired it can be disabled by setting the option lxc_container_journal_link to false.

  • Within the lxc-container-create role the legacy networking scripts have been converted to use systemd-networkd for ubuntu and centos. This gives us a single, common, networking functionality to across multiple distros.

  • All of the pre/post up, and pre/post down adhoc command options have been converted to using systemd “oneshot” services. This conversion allows all supported distros to benefit from the ability to run adhoc commands before and after networking is available on both start-up and shut-down.

  • The variable lxc_user_defined_container has been added to the lxc_container_create role allowing deployers to define the variable file loaded when creating a container. This option defaults to null which will instruct the role to create a container using the OS most closely assosiated with the underlying OS. This option can be set to either one of the roles built-in container types or use any variable file local to the deployment host.

Deprecation Notes

  • The lxc_container_fixed_mac option has been removed and containers will be created with static mac addresses.

17.0.0.0b1

New Features

  • The tag options when creating an LXC container have been simplified. The two tags now supported by the lxc_container_create role are lxc-{create,config}.

Upgrade Notes

  • The LXC container create option lxc_container_backing_store is now defined by default and has a value of “dir”. Prior to this release the backend store option was using several auto-detection methods to try and guess the store type based on facts fed into the role and derived from the physical host. While the auto-detection methods worked, they created a cumbersome set of conditionals and limited our ability to leverage additional container stores. Having this option be a default allows deployers to mix and match container stores to suit the needs of the deployment. Existing deployments should set this option within group or user variables to ensure there’s no change in the backend store when new container be provisioned.

Other Notes

  • The LXC container create role will now check for the LXC volume group if the option lxc_container_backing_store is set to “lvm”. If this volume group is not found, the role will halt and instruct the deployer to update their configuration options and inspect their host setup.

16.0.0.0b3

New Features

  • Added the lxc_container_recreate option, which will destroy then recreate LXC containers. The container names and IP addresses will remain the same, as will the MAC addresses of any containers using the lxc_container_fixed_mac setting.

  • MAC addresses for containers with a fixed MAC (lxc_container_fixed_mac variable) are now saved to the /etc/ansible/facts.d/mac.fact file. Should such a container be destroyed but not removed from inventory, the interfaces will be recreated with the same MAC address when the container is recreated.

  • Add support for Ubuntu on IBM z Systems (s390x).

16.0.0.0b2

Upgrade Notes

  • The var lxc_container_ssh_delay along with SSH specific ping checks have been removed in favor of using Ansible’s wait_for_connection module, which will not rely on SSH to the container to verify connectivity. A new variable called lxc_container_wait_params has been added to allow configuration of the parameters passed to the wait_for_connection module.

Deprecation Notes

  • The var lxc_container_ssh_delay along with SSH specific ping checks have been removed in favor of using Ansible’s wait_for_connection module, which will not rely on SSH to the container.

16.0.0.0b1

New Features

  • In the lxc_container_create role, the keys preup, postup, predown, and postdown are now supported in the container_networks dict for Ubuntu systems. This allows operators to configure custom scripts to be run by Ubuntu’s ifupdown system when network interface states are changed.

15.0.0.0b1

New Features

  • LXC containers will now generate a fixed mac address on all network interfaces when the option lxc_container_fixed_mac is set to true. This feature was implemented to resolve issues with dynamic mac addresses in containers generally experienced at scale with network intensive services.

  • When using a copy-on-write backing store, the lxc_container_base_name can now include a prefix defined by lxc_container_base_name_prefix.

Bug Fixes

  • LXC containers will now have the ability to use a fixed mac address on all network interfaces when the option lxc_container_fixed_mac is set true. This change will assist in resolving a long standing issue where network intensive services, such as neutron and rabbitmq, can enter a confused state for long periods of time and require rolling restarts or internal system resets to recover.

14.0.0.0b3

New Features

  • The lxc-container-create role now consumes the variable lxc_container_bind_mounts which should contain a list of bind mounts to apply to a newly created container. The appropriate host and container directory will be created and the configuration applied to the container config. This feature is designed to be used in group_vars to ensure that containers are fully prepared at the time they are created, thus cutting down the number of times containers are restarted during deployments and upgrades.

  • The container creation process now allows copy-on-write to be set as the lxc_container_backing_method when the lxc_container_backing_store is set to lvm. When this is set it will use a snapshot of the base container to build the containers.

  • The LXC container creation process now has a configurable delay for the task which waits for the container to start. The variable lxc_container_ssh_delay can be set to change the default delay of five seconds.

  • The LXC container creation and modification process now supports online network additions. This ensures a container remains online when additional networks are added to a system.

14.0.0.0b2

New Features

  • A new variable has been added to allow a deployer to control the restart of containers via the handler. This new option is lxc_container_allow_restarts and has a default of yes. If a deployer wishes to disable the auto-restart functionality they can set this value to no and automatic container restarts that are not absolutely required will be disabled.

  • The lxc-container-create role now consumes the variable lxc_container_config_list which should contain a list of the entries which should be added to the LXC container config file when the container is created. This feature is designed to be used in group_vars to ensure that containers are fully prepared at the time they are created, thus cutting down the number of times containers are restarted during deployments and upgrades.

  • The lxc-container-create role now consumes the variable lxc_container_commands which should contain any shell commands that should be executed in a newly created container. This feature is designed to be used in group_vars to ensure that containers are fully prepared at the time they are created, thus cutting down the number of times containers are restarted during deployments and upgrades.

  • The container creation process now allows overlayfs to be set as the lxc_container_backing_store. When this is set it will use a snapshot of the base container to build the containers. The overlayfs backing store is not recommended to be used for production unless the host kernel version is 3.18 or higher.

  • Support added to allow deploying on ppc64le architecture using the Ubuntu distributions.

14.0.0.0b1

New Features

  • LXC containers will now have a proper RFC1034/5 hostname set during post build tasks. A localhost entry for 127.0.1.1 will be created by converting all of the “_” in the inventory_hostname to “-”. Containers will be created with a default domain of openstack.local. This domain name can be customized to meet your deployment needs by setting the option lxc_container_domain.

  • The lxc_container_create role will now build a container based on the distro of the host OS.

  • The lxc_container_create role now supports Ubuntu 14.04, 16.04, and RHEL/CentOS 7

Upgrade Notes

  • LXC containers will now have a proper RFC1034/5 hostname set during post build tasks. A localhost entry for 127.0.1.1 will be created by converting all of the “_” in the inventory_hostname to “-”. Containers will be created with a default domain of openstack.local. This domain name can be customized to meet your deployment needs by setting the option lxc_container_domain.

  • The lxc_container_create role no longer uses the distro specific lxc container create template.

  • The following variable changes have been made in the lxc_host role:

    • lxc_container_template: Removed because the template option is now contained within the operating system specific variable file loaded at runtime.

    • lxc_container_template_options: This option was renamed to lxc_container_download_template_options. The deprecation filter was not used because the values provided from this option have been fundamentally changed and old overrides will cause problems.

    • lxc_container_release: Removed because image is now tied with the host operating system.

    • lxc_container_user_name: Removed because the default users are no longer created when the cached image is created.

    • lxc_container_user_password: Removed because the default users are no longer created when the cached image is created.

    • lxc_container_template_main_apt_repo: Removed because this option is now being set within the cache creation process and is no longer needed here.

    • lxc_container_template_security_apt_repo: Removed because this option is now being set within the cache creation process and is no longer needed here.