- Issued:
- 2016-02-18
- Updated:
- 2016-02-18
RHBA-2016:0265 - Bug Fix Advisory
Synopsis
openstack-packstack and openstack-puppet-modules bug fix advisory
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
Updated Installation utility packages that resolve various issues are now
available for Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for
RHEL 7.
Description
Red Hat Enterprise Linux OpenStack Platform provides the facilities for
building a private or public infrastructure-as-a-service (IaaS) cloud
running on commonly available physical hardware. This advisory includes
packages for:
- Installation utility ("PackStack").
PackStack is a command-line utility for deploying OpenStack on existing
servers over an SSH connection. Deployment options are provided either
interactively, using the command line, or non-interactively by means of a
text file containing a set of preconfigured values for OpenStack
parameters.
PackStack is suitable for deploying the following types of configurations:
- Single-node proof-of-concept installations, where all controller services
and your virtual machines run on a single physical host. This is referred
to as an all-in-one install.
- Proof-of-concept installations, where there is a single controller node
and multiple compute nodes. This is similar to the all-in-one install
above, except you may use one or more additional hardware nodes for running
virtual machines.
This update addresses the following issues:
- Hiera<3.0 used the defaults.yaml file for default parameters. The new
version of Hiera uses common.yaml configuration file for the default
parameters, resulting in a failed installation.
Packstack is now modified to support both defaults.yaml and the common.yaml
configuration files for the default parameters in Hiera. As the result,
the installation in successful. (BZ#1288806)
- Previously, Ceph was inappropriately configured when using IPv6. As a
result, the setup of Ceph in the overcloud failed, causing the deployment
to timeout, if the storage network used IPv6 addresses.
With this update, the relevant Ceph configuration option, 'ms_bind_ipv6',
based on the 'CephIPv6' parameter is now used. As a result, Ceph is
functional and the overcloud deployment is completed when using IPv6 for
the storage network if the appropriate input parameters are provided to
the Orchestration service. (BZ#1301629)
- In mixed environments where some networks use IPv4 addresses
and others use IPv6 addresses, the IPv6 CIDR was incorrectly used for the
IPv4 virtual IP addresses too. As a result, the deployment of the overcloud
failed with Pacemaker refusing to start the IPv4 virtual IP addresses.
A new functionality which identifies the type of virtual
IP (whether IPv4 or IPv6) is now added, adapting the CIDR accordingly. As a
result, each virtual IP address is configured with the appropriate CIDR,
of the IPv4 or IPv6 class. (BZ#1301046)
- By default, the HAProxy did not listen on IPv6 virtual IP addresses. As
a result, OpenStack services that used the 'bind' statement were not available.
As a workaround, HAProxy now requires you to set up 'transparent' on the
'bind' statements that use the IPv6 virtual IP addresses. For example,
listen ceilometer
bind fc00::eeee:8777 transparent
Note: The 'transparent' option must never be used with "wildcard" 'bind'
statements, as follows:
listen wildcardservice
bind 0.0.0.0:8000
As a result, HAProxy now listens to IPv6 virtual IP addresses.(BZ#1295986)
- Certain Packstack parameters (for example, passwords) were not updated
in the answer file when they automatically changed internally. As a result,
the answer file did not reflect what was actually set up.
Packstack now makes sure all the automatic changes are saved
back to the answer file, so the runs are reproducible. As a result, the
installed state matches the values stored in the answer file. (BZ1270243)
Solution
Before applying this update, ensure all previously released errata relevant
to your system have been applied.
Red Hat Enterprise Linux OpenStack Platform 7 runs on Red Hat Enterprise
Linux 7.2.
The Red Hat Enterprise Linux OpenStack Platform 7 Release Notes contain the
following:
- An explanation of the way in which the provided components interact to
form a working cloud computing environment.
- Technology Previews, Recommended Practices, and Known Issues.
- The channels required for Red Hat Enterprise Linux OpenStack Platform 7,
including which channels need to be enabled and disabled.
The Release Notes are available at:
https://access.redhat.com/documentation/en/red-hat-enterprise-linux-openstack-platform/version-7/red-hat-enterprise-linux-openstack-platform-7-release-notes/release-notes
This update is available through 'yum update' on systems registered through
Red Hat Subscription Manager. For more information about Red Hat
Subscription Manager, see:
https://access.redhat.com/documentation/en-US/Red_Hat_Subscription_Management/1/html/RHSM/index.html
Affected Products
- Red Hat OpenStack 7 x86_64
Fixes
- BZ - 1136332 - Packstack should install VPNaaS service\agent on network node
- BZ - 1217089 - Dashboard's local_settings file should not be world readable
- BZ - 1236229 - Incorrect keystonerc_demo file for keystone v2 and CONFIG_PROVISION_DEMO=y
- BZ - 1270243 - Some parameters may change between two runs of packstack --answer-file
- BZ - 1288806 - packstack installation fails - Could not find data item CONFIG_USE_SUBNETS in any Hiera data file and no default supplied
- BZ - 1294659 - Packstack installation failed when using IPv6 addresses in answer file
- BZ - 1295986 - HAProxy Cannot Bind IPv6 Addresses for OpenStack VIPs
- BZ - 1296217 - [RFE]: Add support for Nuage to puppet-neutron
- BZ - 1296377 - mongodb cannot connect to replicaset when IPv6 enabled
- BZ - 1297200 - Backport IPv6 to OPM Kilo
- BZ - 1297251 - Ovecloud Deploy OSP7 y2 on RHEL 7.2 fails on Ceph Install
- BZ - 1298239 - Fix dependency issue for Nuage in puppet-neutron
- BZ - 1298391 - In ipv6 deployment pacemaker vip resources fail to create
- BZ - 1298716 - pcs create constraint failed due to wrong naming of the vip resources
- BZ - 1299144 - Upgrade OSP7 with puppet-tripleo patches
- BZ - 1299165 - Enable SSL middleware for Cinder & Nova & Horizon in puppet-tripleo
- BZ - 1301046 - IPv4 VIP resources get created with 64 cidr_netmask in mixed IPv4/IPv6 environment
- BZ - 1301126 - In IPv6 deployments the ceilometer compute agent cannot reach the public endpoint
- BZ - 1301629 - Deployment of Ceph times out in IPv6
- BZ - 1303615 - OSPd 7.3 IPV6 | HA with External LB fails to deploy because failure to parse IPv6 address.
- BZ - 1305947 - rpc_response_timeout not set in undercloud heat.conf
CVEs
(none)
Red Hat OpenStack 7
SRPM | |
---|---|
openstack-packstack-2015.1-0.16.dev1589.g1d6372f.el7ost.src.rpm | SHA-256: 7bf955fc5f2b0ce178d8aa34ff8921d50abdc6792bc8b4aad41b7a84c3902f34 |
openstack-puppet-modules-2015.1.8-51.el7ost.src.rpm | SHA-256: 911338989fc002cbf18028f04266d53e4ac985a66ff5df943928201d22863030 |
x86_64 | |
openstack-packstack-2015.1-0.16.dev1589.g1d6372f.el7ost.noarch.rpm | SHA-256: e36c9174125f5180166264f833e44e8c97b5bae4fb36fd4113c3fc28bc159802 |
openstack-packstack-doc-2015.1-0.16.dev1589.g1d6372f.el7ost.noarch.rpm | SHA-256: 797718ee416cdc0422285037a759120961d276b5518c0a7c3081c7ea6edcdefe |
openstack-packstack-puppet-2015.1-0.16.dev1589.g1d6372f.el7ost.noarch.rpm | SHA-256: 695c4718d5719bca6ff5f3b2decd6c8f889fa81b27132fedbf460ebbf350e548 |
openstack-puppet-modules-2015.1.8-51.el7ost.noarch.rpm | SHA-256: fc6d6c11e97e1234bfefb7db6c9dcca3858a2a99cae7fe615414b2be6693592e |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.