ansible-lintto all of the playbooks and roles.
AvailabilityZoneFilterfor the OpenStack Nova service.
ceph_configmodule to allow tweaking Ceph configuration via IaC.
Added commit message checks. Starting now, commits must include
Sem-Vertags in the commit message as well as a release note in the
Added native deployment of CoreDNS dedicated for forwarding and caching DNS requests for the cloud. By default, it’s enabled to use DNS over TLS using both CloudFlare and Google DNS.
Added CoreDNS metrics for the Neutron service.
Added documentation to using DNS01 challenges for certificates.
Added mirroring for GitHub
Added support to migrating IP from interface when adding to bridge
Added the ability to customize the Heat stack properties
Added ability to create overrides for Prometheus monitoring.
Add support for multiple CSIs including PowerStore
Add jobs to promote the generated artifact to the tarballs server in order to make it easy to pull in latest version.
Added a playbook to automatically generate all secrets for all roles for those which are not already defined.
Added automatic SSH key generation for workspace, as well as cold & live migration support by enabling SSH keys.
Added tempest images built from the master branch.
Added Zuul jobs for building wheels and publishing them
Added playbook to allow for generating workspace for deployment and integrate it into Molecule in order to make sure we always test it.
Added Zuul artifacts with built collections for all commits.
Load the kubectl & helm auto complete in the .bashrc file
Allow disabling of the keepalived service.
Add ability to use an externally deployed Ceph cluster.
Add ability for a user to avoid using Keepalived for Kubernetes in cases where the API is behind an external load balancer.
Support new environment variable
ATMOSPHERE_BOOT_FROM_VOLUME, When this boolean variable is set (like
yes, or anytihng can be accpeted by Ansible
boolfilter), you can change OpenStack instances to boot from volume, and allow image not specify local disk.
Add barbican role
Bump Horizon chart to version 0.2.24 to include fixes for logo ConfigMap.
Bump Nova helm chart version to 0.2.32. To interdice fix for ironic.
Distribute self-signed certificate on the controller node
Add self-signed issuer and CA certificate
Create cloud resources such as networks and flavors
Add ability to include custom node labels for scenarios where you might want to distribute workloads across different nodes.
Disable oslo_messaging_notifications by default. From now, [oslo_messaging_notifications]/driver will be default to noop. operators can enable them base on real needs.
Added support for additional Neutron service plugins.
generate_secretsplaybook can now be used to generate secrets that are encrypted using
Change the DNS suffix and ACME server. Both with the goal to get in this ansible-collection-atmosphere running in internal environments.
Provision images inside Openstack
Update horizon chart version from 0.2.16 to 0.2.20 - 0.2.17 Add custom logo - 0.2.18 Enable taint toleration for Openstack services - 0.2.19 Remove unsupported value overrides - 0.2.20 Add SHOW_OPENRC_FILE value
Add ansible variables for ingress annotations for roles consuming openstack_helm_ingress role
Add role for keepalived in openstack namespace
Add sysctl gc_thresh tuning in kubernetes role
Set containerd as container runtime
Add the ability to lookup for the ip address of the ceph public network. This is useful when the ceph public network is differnet from the default network on the system.
Introduce usage of RabbitMQ operator, remove usage of old RabbitMQ charts and start to run a single replica of RabbitMQ for each OpenStack service.
Use designate as external dns driver and enable dns_domain_ports
Set allow_resize_to_same_host as true in Default
Add openstacksdk role which installs openstacksdk py package and configures clouds.yaml.
Added additional monitoring to RabbitMQ in order to detect and alert on alarms raised by it such as memory, etc.
Set custom resource requirements
Simplified the structure of the required inventory to 3 groups only which are
FluxCD is now used to deploy the Helm charts which will result in speedier deployments and eventually dropping the client-side Helm CLI.
Added ansible role to deploy tempest
Collect tempest log after tempest run
The Ironic deployment is not functional at the moment, therefore, the manifest has been disabled until the Ironic API endpoint is completed.
Wait longer till instances are ready
When upgrading to this version, you’ll need to make sure that you destroy your existing Molecule testing environment before convering again since it is now using automatically generated secrets instead of hard-coded secrets. The secrets are stored inside the
The playbooks must all be ran in order, and once done make sure to have the
cleanupplaybook run to clean up the old cluster.
AlertManager did not have any persistence which meant that any silences would not last through a restart of the pod. This patch adds persistence so that silences would last survive a restart of the pod.
add barbican role to deployment
Fix issues around upgrading existing releases around waiting for deploys for larger environments.
Added wheels for master branches to allow for building Tempest images.
Added notes on working around Molecule bug.
Live migrations will take longer than expected because the default value of the option
falsesince the addition of this value was forgotten. They should now complete on time with no network outages.
node-exporterwhich are used by trunk interfaces with Neutron.
Added “provides” to wheels jobs in order to allow passing the artifact to image build jobs.
Added “upper-constraints.txt” to wheels archive.
Allow using an older version of JoinConfiguration to support older clusters.
CephNodeDiskspaceWarningalerts since they already have better coverage through other alerts.
Remove stale old Terraform content from the Keystone side of things.
Drops symbolic link in pre-run and replaces it with an
ansible-galaxyinstallation of the collection.
Set consecutive_build_service_disable_threshold to 0 as it was observed that some nodes on a cluster were disabled after a certain amount of build failures, overloading the other healthy nodes in the cluster causing a bunch of issues.
Correct the Nova timeout
The commit checks had hard-coded values for debugging that were accidentally added into the code.
Stop alerts from firing about
etcdthat are mostly invalid.
Fix gc_thres tuning values for both IPv4 and IPv6.
The GitHub mirroring job was not included to run so this patch fixes that.
The IPMI exporter depended on the ipmi module being loaded, however, it is the case that the module could be loaded on a virtual machine. This patch instead only runs it on systems that don’t expose the
Resolve issues with
nodeSelectorfor IPMI exporter.
Fix the image used for the Keystone domain management
Since we’re not waiting for the monitoring to fully go up, we have issues with later tasks that run way too fast and the operator is not ready, this will make sure it’s all good to go before moving forward.
Fix services which are running on nodes other than the control plane.
Fixed RabbitMQ memory alerts using watermark instead of actual limit for the container.
Add missing job for promotion of branch-tip tarballs.
pbrversion os the
.devNpart to be
-Ninstead to have proper semantic versioning.
Fixes senlin username which was wrongly pointing to cinder, causing authentication issues to volume service.
Percona XtraDB clusters would fail to bootstrap due to an upstream bug in the images with a too old version of socat (https://jira.percona.com/browse/PXC-3914).
Since we define the monmap based on the ceph public network, we should build ceph.conf for osd with the correct ip addresses.
Remove grafana path from horizon ingress till monasca realized
gre_sys interfaces is now ignored inside node-exporter.
Install iputils-ping dist package in tempest image
Bump CI timeout to 2 hours from 1 hour to prevent job timeouts.
Add default backend in ingress nginx controller
Include more IPMI sensors which are generally not reporting clean results for Dell systems.
openstacksdkto 0.61.0 to avoid breaking the
Switch RabbitmqConnections to a more reliable solution that can avoid alerting on larger scale clouds.
Fix documentation for avoiding workaround involving manual symbolic links for the Ansible collection.
Add missing packages for install on Debian 11 cloud image environment.
Switch Cilium to use Geneve tunnels instead of VXLAN.
Lock ansible-lint package version in tox
Skip variables of keepalived vip and interface from secret generating and use br-ex for keepalived_interface.
36.2.0and add Ceph monitoring.
Use symbolic link for kube admin config, instead of copy and maintain two identical file. /root/.kube/config is now a symbolic link of file /etc/kubernetes/admin.conf. This will prevent any unsync file issue.
Fix image manifest creation in zuul CI
Added basic documentation infrastructure.