Recommended update for ardana-ansible

Announcement ID: SUSE-RU-2018:3638-1
Rating: moderate
References:
Cross-References:
CVSS scores:
  • CVE-2016-8611 ( NVD ): 4.3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Affected Products:
  • HPE Helion OpenStack 8
  • SUSE Linux Enterprise High Performance Computing 12 SP3
  • SUSE Linux Enterprise Server 12 SP3
  • SUSE OpenStack Cloud 8

An update that solves one vulnerability and has 22 fixes can now be installed.

Description:

This update for ardana-ansible fixes the following issues:

ardana-ansible:

  • Initial checkin of info capture tool
  • Rename dayzero-site.yml (bsc#1111886)
  • Switch to non-legacy media layout by default.
  • Add Keystone Fernet master node monitoring. (bsc#1097241)
  • Add restart verb for maintenance updates.
  • Remove tasks to in-place modify systemd files.
  • Don't install systemd service file when SUSEified. (bsc#1082708)
  • Use sosreport for RHEL and supportutils for SLES nodes (bsc#1100688)
  • Obtain notification URL from environment
  • Add support for callback plugin post initial install
  • Added start and stop tracking events
  • New Service Manila Integration in Ardana
  • Make changes to return both openstack and cloud pkgs
  • Added a new playbook to generate hosts file
  • Make get_ts_pkgs more robust
  • Add Ansible play and library tool to gather package data
  • Adding sosreport upgrade to be included in update path (bsc#1105141)
  • Remove obsolete config.json file (bsc#1104047)

ardana-barbican:

  • Switch to stable/pike branch

ardana-cinder:

  • Updating swift backup url to check non-empty value (bsc#1099412)

ardana-cluster:

  • Fix haproxy not being able to log using journald (bsc#1005886)

ardana-cobbler:

  • Updating failure behavior on power down step in reimage (bsc#1089243)

ardana-freezer:

  • Freezer: Restoring control node fails (bsc#1099741)

ardana-glance:

  • Fix security audit. (bsc#1109445)
  • Filter out API health checks from logs (bsc#1049737, bsc#1096798)

ardana-input-model:

  • Relicense manila to Apache-2.0.
  • Remove manila-share dependency to keystone-client (bsc#1109264)
  • New Service Manila Integration in Ardana
  • CVE-2016-8611: Add glance-api rate limit to address (bsc#1005886)

ardana-keystone:

  • Updates keystone user if it exists (bsc#1102662)
  • Reruns of keystone credentials change (bsc#1102662)

ardana-mq:

  • Add rabbitmq-server-plugins (bsc#1103903)

ardana-neutron:

  • Make ovsvapp_agent.log logging consistent with other agents (bsc#1105420)
  • Allow 3rd-party drivers to pass in dhcp_driver option value
  • Allow SDNs to replace neutron's policy.json file

ardana-nova:

  • Fixes cell0 map updates (bsc#1091490)

ardana-octavia:

  • Set the correct systemd_service_dir for octavia (bsc#1094847)

ardana-osconfig:

  • Restart dpdk network after restarting openvswitch (bsc#1104407)
  • Allow passwordless root logins
  • Added start and stop tracking events

ardana-service:

  • Pass notify_url in extra-vars to playbook
  • add monasca support
  • filter out the item where ardana_ansible_host empty
  • Pass encrypt and rekey parms when running config-processor (bsc#1102789)
  • Support legacy playbook names for dev env for day2
  • Replace dayzero playbook reference with installui
  • Added mocks for running ardana-start.yml
  • merge changes up to Sept 17 2018 to stable/pike
  • Support legacy playbook names for dev env for day2
  • Updated REST packages call to handle all packages
  • handle run playbooks for adding compute nodes
  • Add DELETE service file method
  • Added deployed_servers endpoint in ardana-service
  • Add mock for keystone endpoints
  • add mocking, robustness, pep8 fix
  • Gracefully handle missing service description
  • Add fake playbook, log for running keystone-status
  • Support insecure mode for keystone
  • Add caching for internal cp files
  • Allow insecure mode for keystone sessions
  • Make packages changes Python 3 compatible
  • Add ability to get remote host package data
  • Add endpoint for getting internal cp files
  • add python-monascaclient dependency
  • Make packages changes Python 3 compatible
  • Add ability to get remote host package data

ardana-service-ansible:

  • Include service URL in config file
  • Create cache directory

ardana-ses:

  • Support phase 2 SES config.
  • Add SES config yaml conversion utility.
  • Fix the cinder-backup settings (bsc#1096988, bsc#1096798)

ardana-swift:

  • Switch to stable/pike branch

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  • HPE Helion OpenStack 8
    zypper in -t patch HPE-Helion-OpenStack-8-2018-2588=1
  • SUSE OpenStack Cloud 8
    zypper in -t patch SUSE-OpenStack-Cloud-8-2018-2588=1

Package List:

  • HPE Helion OpenStack 8 (noarch)
    • ardana-service-ansible-8.0+git.1537806377.25b5d68-3.11.2
    • ardana-neutron-8.0+git.1537805998.7898f24-3.21.2
    • ardana-keystone-8.0+git.1536100286.ddd8d3e-3.15.2
    • ardana-cinder-8.0+git.1535412193.d9ad231-3.27.2
    • ardana-service-8.0+git.1537825617.23552c2-3.14.2
    • ardana-cluster-8.0+git.1534266734.ec4822f-3.30.2
    • ardana-ses-8.0+git.1539113493.6631423-1.8.2
    • ardana-swift-8.0+git.1534267211.78fb7e3-3.18.2
    • ardana-osconfig-8.0+git.1540330973.aab0174-3.27.1
    • ardana-freezer-8.0+git.1534266805.c9ea29b-3.12.2
    • ardana-glance-8.0+git.1537790499.b15fdea-3.8.2
    • ardana-mq-8.0+git.1534267034.f95e1ec-3.5.2
    • ardana-nova-8.0+git.1537895345.35a03a2-3.14.2
    • ardana-cobbler-8.0+git.1534780521.780753b-3.29.2
    • ardana-ansible-8.0+git.1539739656.0ef51c9-3.46.1
    • ardana-barbican-8.0+git.1534266594.8136db7-4.27.2
    • ardana-octavia-8.0+git.1534267086.b7dbe77-3.8.2
    • ardana-input-model-8.0+git.1539086744.5ae1d6f-3.21.2
  • SUSE OpenStack Cloud 8 (noarch)
    • ardana-service-ansible-8.0+git.1537806377.25b5d68-3.11.2
    • ardana-neutron-8.0+git.1537805998.7898f24-3.21.2
    • ardana-keystone-8.0+git.1536100286.ddd8d3e-3.15.2
    • ardana-cinder-8.0+git.1535412193.d9ad231-3.27.2
    • ardana-service-8.0+git.1537825617.23552c2-3.14.2
    • ardana-cluster-8.0+git.1534266734.ec4822f-3.30.2
    • ardana-ses-8.0+git.1539113493.6631423-1.8.2
    • ardana-swift-8.0+git.1534267211.78fb7e3-3.18.2
    • ardana-osconfig-8.0+git.1540330973.aab0174-3.27.1
    • ardana-freezer-8.0+git.1534266805.c9ea29b-3.12.2
    • ardana-glance-8.0+git.1537790499.b15fdea-3.8.2
    • ardana-mq-8.0+git.1534267034.f95e1ec-3.5.2
    • ardana-nova-8.0+git.1537895345.35a03a2-3.14.2
    • ardana-cobbler-8.0+git.1534780521.780753b-3.29.2
    • ardana-ansible-8.0+git.1539739656.0ef51c9-3.46.1
    • ardana-barbican-8.0+git.1534266594.8136db7-4.27.2
    • ardana-octavia-8.0+git.1534267086.b7dbe77-3.8.2
    • ardana-input-model-8.0+git.1539086744.5ae1d6f-3.21.2

References: