Recommended update for crowbar-core, crowbar-ha, crowbar-init, crowbar-openstack
Announcement ID: | SUSE-RU-2017:3083-1 |
---|---|
Rating: | moderate |
References: | |
Affected Products: |
|
An update that has 18 fixes can now be installed.
Description:
This update for crowbar-core, crowbar-ha, crowbar-init, crowbar-openstack fixes the following issues:
- crowbar-core:
- ohai: don't up interfaces
- crowbar_framework:fix filtered nodes in apply_role
- ohai: Remove useless assignment
- ohai: Coding style fixes
- ohai: Code cleanup for static variables
- provisioner: Use also permanent addresses for dhcp
- ohai: Collect permanent address of NICs
- Show IPMI links earlier
- crowbar_framework: fix skip_unchanged_nodes
- ohai: Do not fail dealing with UEFI config with invalid CurrentBoot
- crowbar: Add ability to skip chef run on node when applying
- crowbar_framework: add experimental option for skip_unchanged_nodes
- Allow setting NVMe drive in ceph (bsc#1051298)
- crowbar: Don't store invalid locks (bsc#1055669)
- Increase default chef_splay
- Prefetch all roles during node listing
- network: keep ovs secure fail-mode (bsc#1063772)
- Get role data directly from CouchDB
- utils: Add systemd override LWRP
- schema_migration: Provide a hook into ServiceObject (bsc#1058876)
- Get 'all' nodes directly from CouchDB
- crowbar: Forward protocol to rails (bsc#1059733)
- utils: Fix restart flag removal
- crowbar: use pre_cached_nodes on the deployment queue
- crowbar: remove unready nodes from deployment
- crowbar: Add skip_unready_nodes experimental option
- Add experimental.yml file as %config(noreplace)
- utils: fix data bag loading on RestartManager
- crowbar: Do not save applied proposal as role too early in apply_role
- utils: override the service provider to allow for no-restart of services
- crowbar: Introduce a config for experimental options
- crowbar_framework: Add the RestartManagementController
- network: Partly revert 3d24a0f4cb - do not add Restart= for ovs
- upgrade: Don't fail without openstack db (bsc#1061777)
- nfs-server: Revert systemd Restart= bits for nfs services
- Mark crowbar_framework/config/database.yml as config (bsc#1056750)
- all: Make systemd restart services on failures
- Add chef_splay to allowed time without update
- provisioner: Make chef splay configurable
- Add json version of /clusters endpoint
- utils: Add utils_systemd_service_restart LWRP
- apache2: Use new utils_systemd_service_restart LWRP
- ipmi: Read-only mode
- ipmi: Option to disable BMC NAT
- Disable upgrade API in Cloud7
-
Switch to admin-server-upgrading for apache config check
-
crowbar-ha:
- corosync: remove nonsensical ring default
- crowbar-pacemaker: Reset sync-marks for all nodes
- Fix for pacemaker proposal migration failure
- crowbar-pacemaker:fix migration number
- Add support for multiple Corosync rings
- pacemaker: provide a option to configure migrate-threshold
- crowbar-framework: fix is_pacemaker flag for RestartManager
- crowbar-pacemaker: allow to skip restart if disallow_restart flag is set
- crowbar-pacemaker: hide output for #cib_up_for_node?
- crowbar-pacemaker: Update apache override for systemd restart LWRP
- hawk: Make systemd restart hawk service on failures
- pacemaker: Add option to stop managing stateless active/active services
- Fix the translation label for the clone_stateless_services hint
- crowbar: Save founder name in the proposal role
- crowbar-pacemaker: Reimplement sync marks with pacemaker attributes
- crowbar-pacemaker: Deprecate usage of revisions in sync marks
- pacemaker: Add missing operations to the parser
- ipmi: Use discovered IP in read-only mode
- haproxy: Add location contraint to VIP directly
- haproxy: provide a option to ratelimit frontends
- pacemaker: Use --wait with crm configure command
- haproxy: Fix VIP creation for haproxy
-
haproxy: Make sure that systemd kills haproxy service on restart
-
crowbar-init:
-
Fix endless loop when waiting for crowbar (bsc#1059790)
-
crowbar-openstack:
- Hide MySQL SSL options from the UI
- neutron: Fixes for ACI integration - updates for Newton
- Revert "rabbitmq: Fix HA service management"
- Revert "database: Fix HA service management"
- mariadb: Make HA op timeouts configurable
- neutron: use service account for neutron-l3-ha service
- mariadb: Drop unneeded root users (bsc#1060628)
- ceilometer: add configurable API timeout attribute (bsc#1064060)
- crowbar: add timeout parameter to wsgi resource
- database: Add resource limit control (bsc#1020922)
- rabbitmq: Add resource_limits option (bsc#1020922)
- apache: Add resource_limits controls (bsc#1020922)
- cinder: Add resource limit controls (bsc#1020922)
- neutron: fix fwaas_v1 configuration (bsc#1064057)
- nova: get pub key from file instead of stdin
- barbican: reorder config creation and initial db sync
- database: Fix schema migrations for backend specific attributes (bsc#1058876)
- neutron: add HA rate limiting options to raw template
- cinder: add HA rate limiting options to raw template
- memcached: increase max connections limit
- mariadb: Add expire_logs_days config option
- mysql: Use increased timeout for promote operation
- mariadb: Move pacemaker op arguments to chef attributes
- neutron: Wait longer for database sync to complete (bsc#1060421)
- nova: Raise timeouts for nova db sync to complete (bsc#1060421)
- neutron-l3-ha-service: Introduce log_file
- neutron-l3-ha-service: Enable log to file
- neutron-l3-ha-service: Set default log path
- neutron-l3-ha-service: fixed hound issues
- neutron: fix HA neutron-agents_before_ha timeout
- neutron: fix neutron_default_networks HA timeout error
- neutron, nova: Revert use of Restart= for ovs and nfs
- nova: respect image_cache_manager_interval set in proposal (bsc#1057233)
- nova: enable cache manager by default (bsc#1057233)
- keystone: Fix updated password check (bsc#1060687)
- mysql: tune innodb log size / writeback
- mysql: Use fqdn for database hostname when using SSL
- nova: reduce excessive node searches on compute role nodes
- database: Let MariaDB search for user's presence.
- mysql: Correctly delete all anonymous users
- horizon: Explicit set REST_API_REQUIRED_SETTINGS (bsc#1046616)
- database: Expose max_connections and slow_query_logging in UI
- neutron: enable dns extension
- magnum: Use credential env to setup domain role
- database: Show Insecure SSL flag in the UI
- nova: stop using the passwd ohai tree
- ceilometer: fix hypervisor_inspector value for 'vmware' to be 'vsphere'
- mysql: Added SSL configuration for client-server traffic
- crowbar-openstack: Update database connection string for SSL setup
- crowbar-openstack: Add require_ssl option to database_user resource
- database: Return hostname for listen address in case of SSL setup.
- rabbitmq: Increase timeouts for start/promote actions (bsc#1059532)
- all: Make systemd restart services on failures
- postgresql, rabbitmq: Re-use existing variable for clarity
- nova: use the proper vars for serialproxy
- mysql: Set the current node as non-backup server in haproxy config
- rabbitmq: Set "clone-max" for the ms-rabbitmq resource
- barbican: Remove unused barbican_service definition
- heat: Run "heat-manage db_sync" before defining and starting services
- all: Use new pacemaker option to stop managing stateless a/a services
- heat, neutron, nova: Make hound happy
- nova: add HA rate limiting options to raw template
- keystone: Switch memcache backend to oslo_cache.memcache_pool
- neutron: Increase inotify max user instances
- mysql: Make sure galera resources are started on controller nodes only
- rabbitmq: Remove remaining references to old cluster recipe
- trove: Remove unused chef node searches
- rabbitmq: Enable deploying rabbitmq with clustering when doing HA
- rabbitmq: More robust check for rabbit
- rabbitmq: dont let the template changes restart if in cluster mode
- swift: disable ceilometer middleware when using durable queues
- rabbitmq: prevent template changes
- Always wait for the cluster to be started
- rabbitmq: sync nodes before pacemaker resources
- manila, ha: fix bind_host in HA case
- ceilometer: Allow enabling SSL with HA (bsc#1049153)
- neutron: Switch data center IDs to start at 1 for Infoblox (bsc#1047881)
- neutron: Switch to systemd for Infoblox (bsc#1047881)
- keystone: Set an origin flag on apache2 restart
- Stop exposing passwords in the process table
- openstack: Fetch HA resource name for rabbitmq from rabbitmq settings
- trove: rename template variable to rabbit_settings
- openstack: make rabbitmq durable_queues/ha_queues setting configurable
- trove: move retrieval of rabbit url to common openstack cookbook
- rabbitmq: remove unused cluster.rb recipe
- rabbitmq: prevent configuration changes for backport
- mysql: Add a timeout to galera bootstrapping
Patch Instructions:
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
-
SUSE OpenStack Cloud 7
zypper in -t patch SUSE-OpenStack-Cloud-7-2017-1915=1
-
SUSE Enterprise Storage 4
zypper in -t patch SUSE-Storage-4-2017-1915=1
Package List:
-
SUSE OpenStack Cloud 7 (x86_64)
- crowbar-core-4.0+git.1508607101.73c7a9c77-9.11.4
- crowbar-core-branding-upstream-4.0+git.1508607101.73c7a9c77-9.11.4
-
SUSE OpenStack Cloud 7 (noarch)
- crowbar-openstack-4.0+git.1508531151.8580c7e51-9.17.4
- crowbar-init-4.0+git.1507187369.c3f2348-8.9.4
- crowbar-ha-4.0+git.1508403557.f438560-4.15.4
-
SUSE Enterprise Storage 4 (aarch64 x86_64)
- crowbar-core-4.0+git.1508607101.73c7a9c77-9.11.4
-
SUSE Enterprise Storage 4 (noarch)
- crowbar-init-4.0+git.1507187369.c3f2348-8.9.4
References:
- https://bugzilla.suse.com/show_bug.cgi?id=1020922
- https://bugzilla.suse.com/show_bug.cgi?id=1046616
- https://bugzilla.suse.com/show_bug.cgi?id=1047881
- https://bugzilla.suse.com/show_bug.cgi?id=1049153
- https://bugzilla.suse.com/show_bug.cgi?id=1051298
- https://bugzilla.suse.com/show_bug.cgi?id=1055669
- https://bugzilla.suse.com/show_bug.cgi?id=1056750
- https://bugzilla.suse.com/show_bug.cgi?id=1057233
- https://bugzilla.suse.com/show_bug.cgi?id=1058876
- https://bugzilla.suse.com/show_bug.cgi?id=1059532
- https://bugzilla.suse.com/show_bug.cgi?id=1059733
- https://bugzilla.suse.com/show_bug.cgi?id=1059790
- https://bugzilla.suse.com/show_bug.cgi?id=1060421
- https://bugzilla.suse.com/show_bug.cgi?id=1060628
- https://bugzilla.suse.com/show_bug.cgi?id=1060687
- https://bugzilla.suse.com/show_bug.cgi?id=1061777
- https://bugzilla.suse.com/show_bug.cgi?id=1063772
- https://bugzilla.suse.com/show_bug.cgi?id=1064057