Rocky Series Release Notes¶
18.0.0.0b1-76¶
New Features¶
The service updates for keystone will now be executed through delegation to the
keystone_service_setup_host
which, by default, islocalhost
(the deploy host). Deployers can opt to rather change this to the utility container by implementing the following override inuser_variables.yml
.keystone_service_setup_host: "{{ groups['utility_all'][0] }}"
The role now supports using the distribution packages for the OpenStack services instead of the pip ones. This feature is disabled by default and can be enabled by simply setting the
keystone_install_method
variable todistro
.
Support separate oslo.messaging services for RPC and Notifications to enable operation of separate and different messaging backend servers in keystone.
Deprecation Notes¶
The log path,
/var/log/keystone
is no longer used to capture service logs. All logging for the Keystone service will now be sent directly to the systemd journal.
The variable
keystone_requires_pip_packages
is no longer required and has therefore been removed.
The rabbitmq server parameters have been replaced by corresponding oslo.messaging RPC and Notify parameters in order to abstract the messaging service from the actual backend server deployment. - keystone_oslomsg_rpc_servers replaces keystone_rabbitmq_servers - keystone_oslomsg_rpc_port replaces keystone_rabbitmq_port - keystone_oslomsg_rpc_use_ssl replaces keystone_rabbitmq_use_ssl - keystone_oslomsg_rpc_userid replaces keystone_rabbitmq_userid - keystone_oslomsg_rpc_vhost replaces keystone_rabbitmq_vhost - keystone_oslomsg_notify_servers replaces keystone_rabbitmq_telemetry_servers - keystone_oslomsg_notify_port replaces keystone_rabbitmq_telemetry_port - keystone_oslomsg_notify_use_ssl replaces keystone_rabbitmq_telemetry_use_ssl - keystone_oslomsg_notify_userid replaces keystone_rabbitmq_telemetry_userid - keystone_oslomsg_notify_vhost replaces keystone_rabbitmq_telemetry_vhost
Bug Fixes¶
The conditional that determines whether the
sso_callback_template.html
file is deployed for federated deployments has been fixed.
Other Notes¶
When running keystone with apache(httpd) all apache logs will be stored in the standard apache log directory which is controlled by the distro specific variable
keystone_apache_default_log_folder
.
18.0.0.0b1¶
Upgrade Notes¶
In order to collect the default files used for various templates, the implementation has been changed from using a git source to rather using the built-in templates from the venv build based on the setup.cfg file. As such, the following variables have been removed.
keystone_git_config_lookup_location
keystone_paste_git_file_path
keystone_sso_callback_git_file_path
Instead, a location on the deployment host where the venv defaults are stored is now configurable using the variable
keystone_config_cache_path
which defaults tocache/keystone
in the deploy user home directory. This location is used as a template source when deploying the file to the target host.