Current Series Release Notes

New Features

  • Implemented openstack_hosts_package_manager_extra_conf variable. It allows to add extra content into package manager’s configuration (works with apt,yum and dnf).

  • In deployments where a separate host is used to manage the OpenStack Ansible configuration, the ‘/etc/hosts’ file on that host will now include a section adding hostname to IP resolution for all hosts in the inventory. This can be enabled/disabled via ‘openstack_host_manage_deploy_hosts_file’.

  • New variable openstack_ca_bundle_path has been added which defines the path to the ca-bundle certificate which contains all system-trusted CA and will be used by the Python Requests module.

  • Added variable openstack_systemd_global_overrides that defines some defaults for all systemd services. It will be deployed to all hosts and containers, but can be controlled with group_vars or host_vars as well if needed.

  • Added variable keepalived_sysctl_tcp_retries that allows to control number of retries kernel will make to give up on connection. It controls net.ipv4.tcp_retries2 sysctl setting which default value of which is 15. Default value of keepalived_sysctl_tcp_retries is 8, so VIP failover time will be ~1min. Setting keepalived_sysctl_tcp_retries to 0 will remove mentioned sysctl setting.

  • Deployers may require custom CA certificates installing on their openstack hosts or service containers. A new variable openstack_host_ca_certificates is added which is a list of certificates that should be copied from the deploy host to the target hosts. Certificates may be selectively deployed by defining the variable either in user_variables.yml or via host/group vars.

Known Issues

  • Where a single OSA deploy host is used to manage multiple deployments, some delegated Ansible tasks are performed using hostnames rather than IP addresses due to Ansible issue 72776. Hostnames such as ‘infra1’ will be ambiguous, so use of separate hosts for each deployment is recommended.

  • Ubuntu Cloud Archive (UCA) does not contain Ubuntu Bionic distro packages for Victoria, so only source install/upgrade path (default) will work correctly for Ubuntu 18.04.

Upgrade Notes

  • Variable uca_repo has been removed. Deployers are appreciated to use user_external_repos_list instead if they want to define extra repository Variable uca_apt_repo_url was renamed to apt_repo_url in order to correspond it’s usage as it also affect Debian deployments now.

  • Generation of records for /etc/hosts is now made with blockinfile ansible module. During upgrade you will have records doubled in yours /etc/hosts as we don’t drop previously created records for safety reasons if openstack_host_manage_hosts_file is set to true.

  • In order to accomodate Centos-8 Stream support, it is necessary require the minimum version of Centos-8 Classic to be 8.3. There are breaking changes between Stream and Classic versions prior to 8.3 which break ansible code that detects major/minor versions of Centos. Before upgrading to Wallaby, deployers should ensure that their Centos hosts are updated to 8.3.

  • Deployments which follows distro path (services are installed from distro packages rather then in virtualenvs) should upgrade Ubuntu 18.04 -> 20.04 before performing OpenStack Ussuri -> Victoria upgrade, since Ubuntu Cloud Archive does not provide Victoria system packages for 18.04.

Deprecation Notes

  • Since certificates and CA distribution are now handled with PKI role, variable openstack_host_ca_location has been deprecated and removed.

Other Notes

  • Code which added ‘Acquire::http:No-Cache true’ to the host and container apt preferences when http proxy environment variables were set has been removed. This setting is only required when working around issues introduced by badly configured http proxies. In some cases proxies can improperly cache the apt Releases and Packages files leading to package installation errors. If a deployment is behind a badly configured proxy, the deployer can add the necessary apt config fragment as part of host provisioning. OSA will replicate that config into any containers that are created. This setting can be removed from existing deployments if required by manually deleting the file /etc/apt/apt.conf.d/00apt-no-cache from all host and containers.