c2b6b3b9de
For more information about this automatic import see: https://docs.openstack.org/i18n/latest/reviewing-translation-import.html Change-Id: I9c1bbd5ed75b558e183604289e1c133319a2a733
1089 lines
51 KiB
Plaintext
1089 lines
51 KiB
Plaintext
# Andi Chandler <andi@gowling.com>, 2018. #zanata
|
|
msgid ""
|
|
msgstr ""
|
|
"Project-Id-Version: magnum\n"
|
|
"Report-Msgid-Bugs-To: \n"
|
|
"POT-Creation-Date: 2018-08-16 12:45+0000\n"
|
|
"MIME-Version: 1.0\n"
|
|
"Content-Type: text/plain; charset=UTF-8\n"
|
|
"Content-Transfer-Encoding: 8bit\n"
|
|
"PO-Revision-Date: 2018-08-08 09:28+0000\n"
|
|
"Last-Translator: Andi Chandler <andi@gowling.com>\n"
|
|
"Language-Team: English (United Kingdom)\n"
|
|
"Language: en_GB\n"
|
|
"X-Generator: Zanata 4.3.3\n"
|
|
"Plural-Forms: nplurals=2; plural=(n != 1)\n"
|
|
|
|
msgid ""
|
|
"--keypair-id parameter in magnum CLI cluster-template-create has been "
|
|
"renamed to --keypair."
|
|
msgstr ""
|
|
"--keypair-id parameter in Magnum CLI cluster-template-create has been "
|
|
"renamed to --keypair."
|
|
|
|
msgid "3.0.0"
|
|
msgstr "3.0.0"
|
|
|
|
msgid "3.1.0"
|
|
msgstr "3.1.0"
|
|
|
|
msgid "3.2.0"
|
|
msgstr "3.2.0"
|
|
|
|
msgid "4.0.0"
|
|
msgstr "4.0.0"
|
|
|
|
msgid "4.1.0"
|
|
msgstr "4.1.0"
|
|
|
|
msgid "4.1.1"
|
|
msgstr "4.1.1"
|
|
|
|
msgid "4.1.2"
|
|
msgstr "4.1.2"
|
|
|
|
msgid "5.0.0"
|
|
msgstr "5.0.0"
|
|
|
|
msgid "5.0.1"
|
|
msgstr "5.0.1"
|
|
|
|
msgid "5.0.1-20"
|
|
msgstr "5.0.1-20"
|
|
|
|
msgid "6.0.1"
|
|
msgstr "6.0.1"
|
|
|
|
msgid "6.1.0"
|
|
msgstr "6.1.0"
|
|
|
|
msgid "6.1.1"
|
|
msgstr "6.1.1"
|
|
|
|
msgid ":ref:`genindex`"
|
|
msgstr ":ref:`genindex`"
|
|
|
|
msgid ":ref:`search`"
|
|
msgstr ":ref:`search`"
|
|
|
|
msgid ""
|
|
"A new section is created in magnum.conf named cinder. In this cinder "
|
|
"section, you need to set a value for the key default_docker_volume_type, "
|
|
"which should be a valid type for cinder volumes in your cinder deployment. "
|
|
"This default value will be used if no volume_type is provided by the user "
|
|
"when using a cinder volume for container storage. The suggested default "
|
|
"value the one set in cinder.conf of your cinder deployment."
|
|
msgstr ""
|
|
"A new section is created in magnum.conf named Cinder. In this Cinder "
|
|
"section, you need to set a value for the key default_docker_volume_type, "
|
|
"which should be a valid type for Cinder volumes in your Cinder deployment. "
|
|
"This default value will be used if no volume_type is provided by the user "
|
|
"when using a Cinder volume for container storage. The suggested default "
|
|
"value the one set in cinder.conf of your Cinder deployment."
|
|
|
|
msgid ""
|
|
"Add 'cloud_provider_enabled' label for the k8s_fedora_atomic driver. "
|
|
"Defaults to true. For specific kubernetes versions if 'cinder' is selected "
|
|
"as a 'volume_driver', it is implied that the cloud provider will be enabled "
|
|
"since they are combined."
|
|
msgstr ""
|
|
"Add 'cloud_provider_enabled' label for the k8s_fedora_atomic driver. "
|
|
"Defaults to true. For specific Kubernetes versions if 'Cinder' is selected "
|
|
"as a 'volume_driver', it is implied that the cloud provider will be enabled "
|
|
"since they are combined."
|
|
|
|
msgid ""
|
|
"Add Microversion 1.3 to support Magnum bay rollback, user can enable "
|
|
"rollback on bay update failure by setting 'OpenStack-API-Version' to "
|
|
"'container-infra 1.3' in request header and passing 'rollback=True' param in "
|
|
"bay update request."
|
|
msgstr ""
|
|
"Add Microversion 1.3 to support Magnum bay rollback, user can enable "
|
|
"rollback on bay update failure by setting 'OpenStack-API-Version' to "
|
|
"'container-infra 1.3' in request header and passing 'rollback=True' param in "
|
|
"bay update request."
|
|
|
|
msgid ""
|
|
"Add Support of LBaaS v2, LBaaS v1 is removed by neutron community in Newton "
|
|
"release. Until now, LBaaS v1 was used by all clusters created using magnum. "
|
|
"This release adds support of LBaaS v2 for all supported drivers."
|
|
msgstr ""
|
|
"Add Support of LBaaS v2, LBaaS v1 is removed by Neutron community in Newton "
|
|
"release. Until now, LBaaS v1 was used by all clusters created using Magnum. "
|
|
"This release adds support of LBaaS v2 for all supported drivers."
|
|
|
|
msgid ""
|
|
"Add `region` parameter to the Global configuration section of the Kubernetes "
|
|
"configuration file. Setting this parameter will allow Magnum cluster to be "
|
|
"created in the multi-regional OpenStack installation."
|
|
msgstr ""
|
|
"Add `region` parameter to the Global configuration section of the Kubernetes "
|
|
"configuration file. Setting this parameter will allow Magnum cluster to be "
|
|
"created in the multi-regional OpenStack installation."
|
|
|
|
msgid ""
|
|
"Add configuration for overlay networks for the docker network driver in "
|
|
"swarm. To use this feature, users need to create a swarm cluster with "
|
|
"network_driver set to 'docker'. After the cluster is created, users can "
|
|
"create an overlay network (docker network create -d overlay mynetwork) and "
|
|
"use it when launching a new container (docker run --net=mynetwork ...)."
|
|
msgstr ""
|
|
"Add configuration for overlay networks for the docker network driver in "
|
|
"Swarm. To use this feature, users need to create a Swarm cluster with "
|
|
"network_driver set to 'docker'. After the cluster is created, users can "
|
|
"create an overlay network (docker network create -d overlay mynetwork) and "
|
|
"use it when launching a new container (docker run --net=mynetwork ...)."
|
|
|
|
msgid ""
|
|
"Add docker-storage-driver parameter to baymodel to allow user select from "
|
|
"the supported drivers. Until now, only devicemapper was supported. This "
|
|
"release adds support for OverlayFS on Fedora Atomic hosts with kernel "
|
|
"version >= 3.18 (Fedora 22 or higher) resulting significant performance "
|
|
"improvement. To use OverlayFS, SELinux must be enabled and in enforcing mode "
|
|
"on the physical machine, but must be disabled in the container. Thus, if you "
|
|
"select overlay for docker-storage-driver SELinux will be disable inside the "
|
|
"containers."
|
|
msgstr ""
|
|
"Add docker-storage-driver parameter to baymodel to allow user select from "
|
|
"the supported drivers. Until now, only devicemapper was supported. This "
|
|
"release adds support for OverlayFS on Fedora Atomic hosts with kernel "
|
|
"version >= 3.18 (Fedora 22 or higher) resulting significant performance "
|
|
"improvement. To use OverlayFS, SELinux must be enabled and in enforcing mode "
|
|
"on the physical machine, but must be disabled in the container. Thus, if you "
|
|
"select overlay for docker-storage-driver SELinux will be disable inside the "
|
|
"containers."
|
|
|
|
msgid ""
|
|
"Add flannel's host-gw backend option. Magnum deploys cluster over a "
|
|
"dedicated neutron private network by using flannel. Flannel's host-gw "
|
|
"backend gives the best performance in this topopolgy (private layer2) since "
|
|
"there is no packet processing overhead, no reduction to MTU, scales to many "
|
|
"hosts as well as the alternatives. The label \"flannel_use_vxlan\" was "
|
|
"repurposed when the network driver is flannel. First, rename the label "
|
|
"flannel_use_vxlan to flannel_backend. Second, redefine the value of this "
|
|
"label from \"yes/no\" to \"udp/vxlan/host-gw\"."
|
|
msgstr ""
|
|
"Add flannel's host-gw backend option. Magnum deploys a cluster over a "
|
|
"dedicated neutron private network by using flannel. Flannel's host-gw "
|
|
"backend gives the best performance in this topopolgy (private layer2) since "
|
|
"there is no packet processing overhead, no reduction to MTU, scales to many "
|
|
"hosts as well as the alternatives. The label \"flannel_use_vxlan\" was "
|
|
"repurposed when the network driver is flannel. First, rename the label "
|
|
"flannel_use_vxlan to flannel_backend. Second, redefine the value of this "
|
|
"label from \"yes/no\" to \"udp/vxlan/host-gw\"."
|
|
|
|
msgid ""
|
|
"Add microversion 1.5 to support rotation of a cluster's CA certificate. "
|
|
"This gives admins a way to restrict/deny access to an existing cluster once "
|
|
"a user has been granted access."
|
|
msgstr ""
|
|
"Add microversion 1.5 to support rotation of a cluster's CA certificate. "
|
|
"This gives admins a way to restrict/deny access to an existing cluster once "
|
|
"a user has been granted access."
|
|
|
|
msgid ""
|
|
"Add new configuration option `openstack_ca_file` in the `drivers` section to "
|
|
"pass the CA bundle used for the OpenStack API. Setting this file and setting "
|
|
"`verify_ca` to `true` will result to all requests from the cluster nodes to "
|
|
"the OpenStack APIs to be verified."
|
|
msgstr ""
|
|
"Add new configuration option `openstack_ca_file` in the `drivers` section to "
|
|
"pass the CA bundle used for the OpenStack API. Setting this file and setting "
|
|
"`verify_ca` to `true` will result to all requests from the cluster nodes to "
|
|
"the OpenStack APIs to be verified."
|
|
|
|
msgid ""
|
|
"Add new label 'cert_manager_api' enabling the kubernetes certificate manager "
|
|
"api."
|
|
msgstr ""
|
|
"Add new label 'cert_manager_api' enabling the Kubernetes certificate manager "
|
|
"API."
|
|
|
|
msgid ""
|
|
"Add new labels 'ingress_controller' and 'ingress_controller_role' enabling "
|
|
"the deployment of a Kubernetes Ingress Controller backend for clusters. "
|
|
"Default for 'ingress_controller' is '' (meaning no controller deployed), "
|
|
"with possible values being 'traefik'. Default for 'ingress_controller_role' "
|
|
"is 'ingress'."
|
|
msgstr ""
|
|
"Add new labels 'ingress_controller' and 'ingress_controller_role' enabling "
|
|
"the deployment of a Kubernetes Ingress Controller backend for clusters. "
|
|
"Default for 'ingress_controller' is '' (meaning no controller deployed), "
|
|
"with possible values being 'traefik'. Default for 'ingress_controller_role' "
|
|
"is 'ingress'."
|
|
|
|
msgid ""
|
|
"Add support for a new OpenSUSE driver for running k8s cluster on OpenSUSE. "
|
|
"This driver is experimental for now, and operators need to get it from /"
|
|
"contrib folder."
|
|
msgstr ""
|
|
"Add support for a new OpenSUSE driver for running k8s cluster on OpenSUSE. "
|
|
"This driver is experimental for now, and operators need to get it from /"
|
|
"contrib folder."
|
|
|
|
msgid ""
|
|
"Add support to store the etcd configuration in a cinder volume. "
|
|
"k8s_fedora_atomic accepts a new label etcd_volume_size defining the size of "
|
|
"the volume. A value of 0 or leaving the label unset means no volume should "
|
|
"be used, and the data will go to the instance local storage."
|
|
msgstr ""
|
|
"Add support to store the etcd configuration in a cinder volume. "
|
|
"k8s_fedora_atomic accepts a new label etcd_volume_size defining the size of "
|
|
"the volume. A value of 0 or leaving the label unset means no volume should "
|
|
"be used, and the data will go to the instance local storage."
|
|
|
|
msgid ""
|
|
"Add swarm-mode driver based on fedora-atomic. Users can select the swarm-"
|
|
"mode COE by using the `coe` field in cluster-template. This is a new driver, "
|
|
"it is recommended to let magnum create a private-network and security groups "
|
|
"per cluster."
|
|
msgstr ""
|
|
"Add swarm-mode driver based on fedora-atomic. Users can select the swarm-"
|
|
"mode COE by using the `coe` field in cluster-template. This is a new driver, "
|
|
"it is recommended to let magnum create a private-network and security groups "
|
|
"per cluster."
|
|
|
|
msgid ""
|
|
"Added parameter in cluster-create to specify the keypair. If keypair is not "
|
|
"provided, the default value from the matching ClusterTemplate will be used."
|
|
msgstr ""
|
|
"Added parameter in cluster-create to specify the keypair. If keypair is not "
|
|
"provided, the default value from the matching ClusterTemplate will be used."
|
|
|
|
msgid ""
|
|
"Adding 'calico' as network driver for Kubernetes so as to support network "
|
|
"isolation between namespace with k8s network policy."
|
|
msgstr ""
|
|
"Adding 'calico' as network driver for Kubernetes so as to support network "
|
|
"isolation between namespace with k8s network policy."
|
|
|
|
msgid ""
|
|
"All container/pod/service/replication controller operations were removed. "
|
|
"Users are recommended to use the COE's native tool (i.e. docker, kubectl) to "
|
|
"do the equivalent of the removed operations."
|
|
msgstr ""
|
|
"All container/pod/service/replication controller operations were removed. "
|
|
"Users are recommended to use the COE's native tool (i.e. docker, kubectl) to "
|
|
"do the equivalent of the removed operations."
|
|
|
|
msgid ""
|
|
"Allow any value to be passed on the docker_storage_driver field by turning "
|
|
"it into a StringField (was EnumField), and remove the constraints limiting "
|
|
"the values to 'devicemapper' and 'overlay'."
|
|
msgstr ""
|
|
"Allow any value to be passed on the docker_storage_driver field by turning "
|
|
"it into a StringField (was EnumField), and remove the constraints limiting "
|
|
"the values to 'devicemapper' and 'overlay'."
|
|
|
|
msgid ""
|
|
"Auto generate name for cluster and cluster-template. If users create a "
|
|
"cluster/cluster-template without specifying a name, the name will be auto-"
|
|
"generated."
|
|
msgstr ""
|
|
"Auto generate name for cluster and cluster-template. If users create a "
|
|
"cluster/cluster-template without specifying a name, the name will be auto-"
|
|
"generated."
|
|
|
|
msgid "Bug Fixes"
|
|
msgstr "Bug Fixes"
|
|
|
|
msgid ""
|
|
"Change default API development service from wsgiref simple_server to "
|
|
"werkzeug for better supporting SSL."
|
|
msgstr ""
|
|
"Change default API development service from wsgiref simple_server to "
|
|
"werkzeug for better supporting SSL."
|
|
|
|
msgid ""
|
|
"Change service type from \"Container service\" to \"Container Infrastructure "
|
|
"Management service\". In addition, the mission statement is changed to \"To "
|
|
"provide a set of services for provisioning, scaling, and managing container "
|
|
"orchestration engines.\""
|
|
msgstr ""
|
|
"Change service type from \"Container service\" to \"Container Infrastructure "
|
|
"Management service\". In addition, the mission statement is changed to \"To "
|
|
"provide a set of services for provisioning, scaling, and managing container "
|
|
"orchestration engines.\""
|
|
|
|
msgid "Contents:"
|
|
msgstr "Contents:"
|
|
|
|
msgid ""
|
|
"Create admin cluster role for k8s_fedora_atomic, it is defined in the "
|
|
"configuration but it wasn't applied."
|
|
msgstr ""
|
|
"Create admin cluster role for k8s_fedora_atomic, it is defined in the "
|
|
"configuration but it wasn't applied."
|
|
|
|
msgid "Current Series Release Notes"
|
|
msgstr "Current Series Release Notes"
|
|
|
|
msgid ""
|
|
"Current implementation of magnum bay operations are synchronous and as a "
|
|
"result API requests are blocked until response from HEAT service is "
|
|
"received. This release adds support for asynchronous bay operations (bay-"
|
|
"create, bay-update, and bay-delete). Please note that with this change, bay-"
|
|
"create, bay-update API calls will return bay uuid instead of bay object and "
|
|
"also return HTTP status code 202 instead of 201. Microversion 1.2 is added "
|
|
"for new behavior."
|
|
msgstr ""
|
|
"Current implementation of Magnum bay operations are synchronous and as a "
|
|
"result API requests are blocked until response from Heat service is "
|
|
"received. This release adds support for asynchronous bay operations (bay-"
|
|
"create, bay-update, and bay-delete). Please note that with this change, bay-"
|
|
"create, bay-update API calls will return bay UUID instead of bay object and "
|
|
"also return HTTP status code 202 instead of 201. Microversion 1.2 is added "
|
|
"for new behaviour."
|
|
|
|
msgid ""
|
|
"Currently, the replicas of coreDNS pod is hardcoded as 1. It's not a "
|
|
"reasonable number for such a critical service. Without DNS, probably all "
|
|
"workloads running on the k8s cluster will be broken. Now Magnum is making "
|
|
"the coreDNS pod autoscaling based on the nodes and cores number."
|
|
msgstr ""
|
|
"Currently, the replicas of coreDNS pod is hardcoded as 1. It's not a "
|
|
"reasonable number for such a critical service. Without DNS, probably all "
|
|
"workloads running on the k8s cluster will be broken. Now Magnum is making "
|
|
"the coreDNS pod autoscaling based on the nodes and cores number."
|
|
|
|
msgid ""
|
|
"Currently, the swarm and the kubernetes drivers use a dedicated cinder "
|
|
"volume to store the container images. It was been observed that one cinder "
|
|
"volume per node is a bottleneck for large clusters."
|
|
msgstr ""
|
|
"Currently, the Swarm and the Kubernetes drivers use a dedicated Cinder "
|
|
"volume to store the container images. It was been observed that one cinder "
|
|
"volume per node is a bottleneck for large clusters."
|
|
|
|
msgid ""
|
|
"Decouple the hard requirement on barbican. Introduce a new certificate store "
|
|
"called x509keypair. If x509keypair is used, TLS certificates will be stored "
|
|
"at magnum's database instead of barbican. To do that, set the value of the "
|
|
"config ``cert_manager_type`` as ``x509keypair``."
|
|
msgstr ""
|
|
"Decouple the hard requirement on Barbican. Introduce a new certificate store "
|
|
"called x509keypair. If x509keypair is used, TLS certificates will be stored "
|
|
"at magnum's database instead of Barbican. To do that, set the value of the "
|
|
"config ``cert_manager_type`` as ``x509keypair``."
|
|
|
|
msgid ""
|
|
"Decouple the hard requirement on neutron-lbaas. Introduce a new property "
|
|
"master_lb_enabled in cluster template. This property will determines if a "
|
|
"cluster's master nodes should be load balanced. Set the value to false if "
|
|
"neutron-lbaas is not installed."
|
|
msgstr ""
|
|
"Decouple the hard requirement on Neutron-LBaaS. Introduce a new property "
|
|
"master_lb_enabled in cluster template. This property will determines if a "
|
|
"cluster's master nodes should be load balanced. Set the value to false if "
|
|
"Neutron-LBaaS is not installed."
|
|
|
|
msgid ""
|
|
"Default `policy.json` file is now removed as Magnum now generate the default "
|
|
"policies in code. Please be aware that when using that file in your "
|
|
"environment."
|
|
msgstr ""
|
|
"Default `policy.json` file is now removed as Magnum now generates the "
|
|
"default policies in code. Please be aware that when using that file in your "
|
|
"environment."
|
|
|
|
msgid "Deprecation Notes"
|
|
msgstr "Deprecation Notes"
|
|
|
|
msgid ""
|
|
"Emit notifications when there is an event on a cluster. An event could be a "
|
|
"status change of the cluster due to an operation issued by end-users (i.e. "
|
|
"users create, update or delete the cluster). Notifications are sent by using "
|
|
"oslo.notify and PyCADF. Ceilometer can capture the events and generate "
|
|
"samples for auditing, billing, monitoring, or quota purposes."
|
|
msgstr ""
|
|
"Emit notifications when there is an event on a cluster. An event could be a "
|
|
"status change of the cluster due to an operation issued by end-users (i.e. "
|
|
"users create, update or delete the cluster). Notifications are sent by using "
|
|
"oslo.notify and PyCADF. Ceilometer can capture the events and generate "
|
|
"samples for auditing, billing, monitoring, or quota purposes."
|
|
|
|
msgid ""
|
|
"Enable Mesos cluster to export more slave flags via labels in cluster "
|
|
"template. Add the following labels: mesos_slave_isolation, "
|
|
"mesos_slave_image_providers, mesos_slave_work_dir, and "
|
|
"mesos_slave_executor_environment_variables."
|
|
msgstr ""
|
|
"Enable Mesos cluster to export more slave flags via labels in cluster "
|
|
"template. Add the following labels: mesos_slave_isolation, "
|
|
"mesos_slave_image_providers, mesos_slave_work_dir, and "
|
|
"mesos_slave_executor_environment_variables."
|
|
|
|
msgid ""
|
|
"Enhancement to support anfinity policy for cluster nodes. Before this patch, "
|
|
"There is no way to gurantee all nodes of a cluster created on different "
|
|
"compute hosts to get high availbility."
|
|
msgstr ""
|
|
"Enhancement to support affinity policy for cluster nodes. Before this patch, "
|
|
"There is no way to guarantee all nodes of a cluster created on different "
|
|
"compute hosts to get high availability."
|
|
|
|
msgid ""
|
|
"Every magnum cluster is assigned a trustee user and a trustID. This user is "
|
|
"used to allow clusters communicate with the key-manager service (Barbican) "
|
|
"and get the certificate authority of the cluster. This trust user can be "
|
|
"used by other services too. It can be used to let the cluster authenticate "
|
|
"with other OpenStack services like the Block Storage service, Object Storage "
|
|
"service, Load Balancing etc. The cluster with this user and the trustID has "
|
|
"full access to the trustor's OpenStack project. A new configuration "
|
|
"parameter has been added to restrict the access to other services than "
|
|
"Magnum."
|
|
msgstr ""
|
|
"Every Magnum cluster is assigned a trustee user and a trustID. This user is "
|
|
"used to allow clusters communicate with the key-manager service (Barbican) "
|
|
"and get the certificate authority of the cluster. This trust user can be "
|
|
"used by other services too. It can be used to let the cluster authenticate "
|
|
"with other OpenStack services like the Block Storage service, Object Storage "
|
|
"service, Load Balancing etc. The cluster with this user and the trustID has "
|
|
"full access to the trustor's OpenStack project. A new configuration "
|
|
"parameter has been added to restrict the access to other services than "
|
|
"Magnum."
|
|
|
|
msgid ""
|
|
"Fix bug #1758672 [1] to protect kubelet in the k8s_fedora_atomic driver. "
|
|
"Before this patch kubelet was listening to 0.0.0.0 and for clusters with "
|
|
"floating IPs the kubelet was exposed. Also, even on clusters without fips "
|
|
"the kubelet was exposed inside the cluster. This patch allows access to the "
|
|
"kubelet only over https and with the appropriate roles. The apiserver and "
|
|
"heapster have the appropriate roles to access it. Finally, all read-only "
|
|
"ports have been closed to not expose any cluster data. The only remaining "
|
|
"open ports without authentication are for healthz. [1] https://bugs."
|
|
"launchpad.net/magnum/+bug/1758672"
|
|
msgstr ""
|
|
"Fix bug #1758672 [1] to protect kubelet in the k8s_fedora_atomic driver. "
|
|
"Before this patch kubelet was listening to 0.0.0.0 and for clusters with "
|
|
"floating IPs the kubelet was exposed. Also, even on clusters without fips "
|
|
"the kubelet was exposed inside the cluster. This patch allows access to the "
|
|
"kubelet only over HTTPS and with the appropriate roles. The apiserver and "
|
|
"heapster have the appropriate roles to access it. Finally, all read-only "
|
|
"ports have been closed to not expose any cluster data. The only remaining "
|
|
"open ports without authentication are for healthz. [1] https://bugs."
|
|
"launchpad.net/magnum/+bug/1758672"
|
|
|
|
msgid ""
|
|
"Fix etcd configuration in k8s_fedora_atomic driver. Explicitly enable client "
|
|
"and peer authentication and set trusted CA (ETCD_TRUSTED_CA_FILE, "
|
|
"ETCD_PEER_TRUSTED_CA_FILE, ETCD_CLIENT_CERT_AUTH, "
|
|
"ETCD_PEER_CLIENT_CERT_AUTH). Only new clusters will benefit from the fix."
|
|
msgstr ""
|
|
"Fix etcd configuration in k8s_fedora_atomic driver. Explicitly enable client "
|
|
"and peer authentication and set trusted CA (ETCD_TRUSTED_CA_FILE, "
|
|
"ETCD_PEER_TRUSTED_CA_FILE, ETCD_CLIENT_CERT_AUTH, "
|
|
"ETCD_PEER_CLIENT_CERT_AUTH). Only new clusters will benefit from the fix."
|
|
|
|
msgid ""
|
|
"Fix global stack list in periodic task. In before, magnum's periodic task "
|
|
"performs a `stack-list` operation across all tenants. This is disabled by "
|
|
"Heat by default since it causes a security issue. At this release, magnum "
|
|
"performs a `stack-get` operation on each Heat stack by default. This might "
|
|
"not be scalable and operators have an option to fall back to `stack-list` by "
|
|
"setting the config `periodic_global_stack_list` to `True` (`False` by "
|
|
"default) and updating the heat policy file (usually /etc/heat/policy.json) "
|
|
"to allow magnum list stacks."
|
|
msgstr ""
|
|
"Fix global stack list in periodic task. In before, magnum's periodic task "
|
|
"performs a `stack-list` operation across all tenants. This is disabled by "
|
|
"Heat by default since it causes a security issue. At this release, magnum "
|
|
"performs a `stack-get` operation on each Heat stack by default. This might "
|
|
"not be scalable and operators have an option to fall back to `stack-list` by "
|
|
"setting the config `periodic_global_stack_list` to `True` (`False` by "
|
|
"default) and updating the heat policy file (usually /etc/heat/policy.json) "
|
|
"to allow Magnum list stacks."
|
|
|
|
msgid ""
|
|
"Fixes CVE-2016-7404 for newly created clusters. Existing clusters will have "
|
|
"to be re-created to benefit from this fix. Part of this fix is the newly "
|
|
"introduced setting `cluster_user_trust` in the `trust` section of magnum."
|
|
"conf. This setting defaults to False. `cluster_user_trust` dictates whether "
|
|
"to allow passing a trust ID into a cluster's instances. For most clusters "
|
|
"this capability is not needed. Clusters with `registry_enabled=True` or "
|
|
"`volume_driver=rexray` will need this capability. Other features that "
|
|
"require this capability may be introduced in the future. To be able to "
|
|
"create such clusters you will need to set `cluster_user_trust` to True."
|
|
msgstr ""
|
|
"Fixes CVE-2016-7404 for newly created clusters. Existing clusters will have "
|
|
"to be re-created to benefit from this fix. Part of this fix is the newly "
|
|
"introduced setting `cluster_user_trust` in the `trust` section of magnum."
|
|
"conf. This setting defaults to False. `cluster_user_trust` dictates whether "
|
|
"to allow passing a trust ID into a cluster's instances. For most clusters "
|
|
"this capability is not needed. Clusters with `registry_enabled=True` or "
|
|
"`volume_driver=rexray` will need this capability. Other features that "
|
|
"require this capability may be introduced in the future. To be able to "
|
|
"create such clusters you will need to set `cluster_user_trust` to True."
|
|
|
|
msgid ""
|
|
"From now on, server names are prefixed with the cluster name. The cluster "
|
|
"name is truncated to 30 characters, ('_', '.') are mapped to '-' and non "
|
|
"alpha-numeric characters are removed to ensure FQDN compatibility."
|
|
msgstr ""
|
|
"From now on, server names are prefixed with the cluster name. The cluster "
|
|
"name is truncated to 30 characters, ('_', '.') are mapped to '-' and non "
|
|
"alpha-numeric characters are removed to ensure FQDN compatibility."
|
|
|
|
msgid ""
|
|
"In magnum configuration, in [drivers] set send_cluster_metrics = False to to "
|
|
"avoid collecting metrics using the kubernetes client which crashes the "
|
|
"periodic tasks."
|
|
msgstr ""
|
|
"In Magnum configuration, in [drivers] set send_cluster_metrics = False to to "
|
|
"avoid collecting metrics using the Kubernetes client which crashes the "
|
|
"periodic tasks."
|
|
|
|
msgid ""
|
|
"In the OpenStack deployment with Octavia service enabled, the Octavia "
|
|
"service should be used not only for master nodes high availability, but also "
|
|
"for k8s LoadBalancer type service implementation as well."
|
|
msgstr ""
|
|
"In the OpenStack deployment with Octavia service enabled, the Octavia "
|
|
"service should be used not only for master nodes high availability, but also "
|
|
"for k8s LoadBalancer type service implementation as well."
|
|
|
|
msgid ""
|
|
"Include kubernetes dashboard in kubernetes cluster by default. Users can use "
|
|
"this kubernetes dashboard to manage the kubernetes cluster. Dashboard can be "
|
|
"disabled by setting the label 'kube_dashboard_enabled' to false."
|
|
msgstr ""
|
|
"Include Kubernetes dashboard in Kubernetes cluster by default. Users can use "
|
|
"this Kubernetes dashboard to manage the Kubernetes cluster. Dashboard can be "
|
|
"disabled by setting the label 'kube_dashboard_enabled' to false."
|
|
|
|
msgid ""
|
|
"Includes a monitoring stack based on cAdvisor, node-exporter, Prometheus and "
|
|
"Grafana. Users can enable this stack through the label "
|
|
"prometheus_monitoring. Prometheus scrapes metrics from the Kubernetes "
|
|
"cluster and then serves them to Grafana through Grafana's Prometheus data "
|
|
"source. Upon completion, a default Grafana dashboard is provided."
|
|
msgstr ""
|
|
"Includes a monitoring stack based on cAdvisor, node-exporter, Prometheus and "
|
|
"Grafana. Users can enable this stack through the label "
|
|
"prometheus_monitoring. Prometheus scrapes metrics from the Kubernetes "
|
|
"cluster and then serves them to Grafana through Grafana's Prometheus data "
|
|
"source. Upon completion, a default Grafana dashboard is provided."
|
|
|
|
msgid "Indices and tables"
|
|
msgstr "Indices and tables"
|
|
|
|
msgid ""
|
|
"Integrate Docker Swarm Fedora Atomic driver with the Block Storage Service "
|
|
"(cinder). The rexray volume driver was added based on rexray v0.4. Users can "
|
|
"create and attach volumes using docker's navive client and they will "
|
|
"authenticate using the per cluster trustee user. Rexray can be either added "
|
|
"in the Fedora Atomic image or can be used running in a container."
|
|
msgstr ""
|
|
"Integrate Docker Swarm Fedora Atomic driver with the Block Storage Service "
|
|
"(cinder). The rexray volume driver was added based on rexray v0.4. Users can "
|
|
"create and attach volumes using docker's native client and they will "
|
|
"authenticate using the per cluster trustee user. Rexray can be either added "
|
|
"in the Fedora Atomic image or can be used running in a container."
|
|
|
|
msgid ""
|
|
"Keypair is now optional for ClusterTemplate, in order to allow Clusters to "
|
|
"use keypairs separate from their parent ClusterTemplate."
|
|
msgstr ""
|
|
"Keypair is now optional for ClusterTemplate, in order to allow Clusters to "
|
|
"use keypairs separate from their parent ClusterTemplate."
|
|
|
|
msgid ""
|
|
"Keystone URL used by Cluster Templates instances to authenticate is now "
|
|
"configurable with the ``trustee_keystone_interface`` parameter which default "
|
|
"to ``public``."
|
|
msgstr ""
|
|
"Keystone URL used by Cluster Templates instances to authenticate is now "
|
|
"configurable with the ``trustee_keystone_interface`` parameter which default "
|
|
"to ``public``."
|
|
|
|
msgid "Known Issues"
|
|
msgstr "Known Issues"
|
|
|
|
msgid ""
|
|
"Kubernetes client is incompatible with evenlet and breaks the periodic "
|
|
"tasks. After kubernetes client 4.0.0 magnum is affected by the bug below. "
|
|
"https://github.com/eventlet/eventlet/issues/147 Magnum has three periodic "
|
|
"tasks, one to sync the magnum service, one to update the cluster status and "
|
|
"one send cluster metrics The send_metrics task uses the kubernetes client "
|
|
"for kubernetes clusters and it crashes the sync_cluster_status and "
|
|
"send_cluster_metrics tasks. https://bugs.launchpad.net/magnum/+bug/1746510 "
|
|
"Additionally, the kubernetes scale manager needs to be disabled to not break "
|
|
"the scale down command completely. Note, that when magnum scales down the "
|
|
"cluster will pick the nodes to scale randomly."
|
|
msgstr ""
|
|
"Kubernetes client is incompatible with evenlet and breaks the periodic "
|
|
"tasks. After Kubernetes client 4.0.0 magnum is affected by the bug below. "
|
|
"https://github.com/eventlet/eventlet/issues/147 Magnum has three periodic "
|
|
"tasks, one to sync the magnum service, one to update the cluster status and "
|
|
"one send cluster metrics The send_metrics task uses the Kubernetes client "
|
|
"for Kubernetes clusters and it crashes the sync_cluster_status and "
|
|
"send_cluster_metrics tasks. https://bugs.launchpad.net/magnum/+bug/1746510 "
|
|
"Additionally, the Kubernetes scale manager needs to be disabled to not break "
|
|
"the scale down command completely. Note, that when magnum scales down the "
|
|
"cluster will pick the nodes to scale randomly."
|
|
|
|
msgid ""
|
|
"Kubernetes for fedora-atomic runs in system containers [1]. These containers "
|
|
"are stored in ostree in the fedora-atomic hosts and they don't require "
|
|
"docker to be running. Pulling and storing them in ostree is very fast and "
|
|
"they can easily be managed as systemd services. Since these containers are "
|
|
"based on fedora packages, they are working as drop in replacements of the "
|
|
"binaries in the fedora atomic host. The ProjectAtomic hasn't found a "
|
|
"solution yet [3] on tagging the images, so the magnum team builds and "
|
|
"publishes images in this [2] account in dockerhub. Users can select the tag "
|
|
"they want using the `kube_tag` label."
|
|
msgstr ""
|
|
"Kubernetes for fedora-atomic runs in system containers [1]. These containers "
|
|
"are stored in ostree in the fedora-atomic hosts and they don't require "
|
|
"Docker to be running. Pulling and storing them in ostree is very fast and "
|
|
"they can easily be managed as systemd services. Since these containers are "
|
|
"based on Fedora packages, they are working as drop in replacements of the "
|
|
"binaries in the fedora atomic host. The ProjectAtomic hasn't found a "
|
|
"solution yet [3] on tagging the images, so the Magnum team builds and "
|
|
"publishes images in this [2] account in dockerhub. Users can select the tag "
|
|
"they want using the `kube_tag` label."
|
|
|
|
msgid "Liberty Series Release Notes"
|
|
msgstr "Liberty Series Release Notes"
|
|
|
|
msgid ""
|
|
"Magnum bay operations API default behavior changed from synchronous to "
|
|
"asynchronous. User can specify OpenStack-API-Version 1.1 in request header "
|
|
"for synchronous bay operations."
|
|
msgstr ""
|
|
"Magnum bay operations API default behaviour changed from synchronous to "
|
|
"asynchronous. User can specify OpenStack-API-Version 1.1 in request header "
|
|
"for synchronous bay operations."
|
|
|
|
msgid ""
|
|
"Magnum default service type changed from \"container\" to \"container-infra"
|
|
"\". It is recommended to update the service type at Keystone service catalog "
|
|
"accordingly."
|
|
msgstr ""
|
|
"Magnum default service type changed from \"container\" to \"container-infra"
|
|
"\". It is recommended to update the service type at Keystone service "
|
|
"catalogue accordingly."
|
|
|
|
msgid ""
|
|
"Magnum now support OSProfiler for HTTP, RPC and DB request tracing. User can "
|
|
"enable OSProfiler via Magnum configuration file in 'profiler' section."
|
|
msgstr ""
|
|
"Magnum now support OSProfiler for HTTP, RPC and DB request tracing. User can "
|
|
"enable OSProfiler via Magnum configuration file in 'profiler' section."
|
|
|
|
msgid ""
|
|
"Magnum now support SSL for API service. User can enable SSL for API via new "
|
|
"3 config options 'enabled_ssl', 'ssl_cert_file' and 'ssl_key_file'."
|
|
msgstr ""
|
|
"Magnum now support SSL for API service. User can enable SSL for API via new "
|
|
"3 config options 'enabled_ssl', 'ssl_cert_file' and 'ssl_key_file'."
|
|
|
|
msgid ""
|
|
"Magnum now support policy in code [1], which means if users didn't modify "
|
|
"any of policy rules, they can leave policy file (in `json` or `yaml` format) "
|
|
"empty or just remove it all together. Because from now, Magnum keeps all "
|
|
"default policies under `magnum/common/policies` module. Users can still "
|
|
"modify/generate the policy rules they want in the `policy.yaml` or `policy."
|
|
"json` file which will override the default policy rules in code only if "
|
|
"those rules show in the policy file."
|
|
msgstr ""
|
|
"Magnum now support policy in code [1], which means if users didn't modify "
|
|
"any of policy rules, they can leave policy file (in `json` or `yaml` format) "
|
|
"empty or just remove it all together. Because from now, Magnum keeps all "
|
|
"default policies under `magnum/common/policies` module. Users can still "
|
|
"modify/generate the policy rules they want in the `policy.yaml` or `policy."
|
|
"json` file which will override the default policy rules in code only if "
|
|
"those rules show in the policy file."
|
|
|
|
msgid ""
|
|
"Magnum now supports policy in code, please refer to the relevant features in "
|
|
"the release notes for more information."
|
|
msgstr ""
|
|
"Magnum now supports policy in code, please refer to the relevant features in "
|
|
"the release notes for more information."
|
|
|
|
msgid "Magnum service type and mission statement was changed [1]."
|
|
msgstr "Magnum service type and mission statement was changed [1]."
|
|
|
|
msgid ""
|
|
"Magnum's bay-to-cluster blueprint [1] required changes across much of its "
|
|
"codebase to align to industry standards. To support this blueprint, certain "
|
|
"group and option names were changed in configuration files [2]. See the "
|
|
"deprecations section for more details. [1] https://review.openstack.org/#/q/"
|
|
"topic:bp/rename-bay-to-cluster [2] https://review.openstack.org/#/c/362660/"
|
|
msgstr ""
|
|
"Magnum's bay-to-cluster blueprint [1] required changes across much of its "
|
|
"codebase to align to industry standards. To support this blueprint, certain "
|
|
"group and option names were changed in configuration files [2]. See the "
|
|
"deprecations section for more details. [1] https://review.openstack.org/#/q/"
|
|
"topic:bp/rename-bay-to-cluster [2] https://review.openstack.org/#/c/362660/"
|
|
|
|
msgid ""
|
|
"Magnum's keypair-override-on-create blueprint [1] allows for optional "
|
|
"keypair value in ClusterTemplates and the ability to specify a keypair value "
|
|
"during cluster creation."
|
|
msgstr ""
|
|
"Magnum's keypair-override-on-create blueprint [1] allows for optional "
|
|
"keypair value in ClusterTemplates and the ability to specify a keypair value "
|
|
"during cluster creation."
|
|
|
|
msgid ""
|
|
"Make the dedicated cinder volume per node an opt-in option. By default, no "
|
|
"cinder volumes will be created unless the user passes the docker-volume-size "
|
|
"argument."
|
|
msgstr ""
|
|
"Make the dedicated cinder volume per node an opt-in option. By default, no "
|
|
"cinder volumes will be created unless the user passes the docker-volume-size "
|
|
"argument."
|
|
|
|
msgid "Mitaka Series Release Notes"
|
|
msgstr "Mitaka Series Release Notes"
|
|
|
|
msgid ""
|
|
"Multi master deployments for k8s driver use different service account keys "
|
|
"for each api/controller manager server which leads to 401 errors for service "
|
|
"accounts. This patch will create a signed cert and private key for k8s "
|
|
"service account keys explicitly, dedicatedly for the k8s cluster to avoid "
|
|
"the inconsistent keys issue."
|
|
msgstr ""
|
|
"Multi master deployments for k8s driver use different service account keys "
|
|
"for each API/controller manager server which leads to 401 errors for service "
|
|
"accounts. This patch will create a signed cert and private key for k8s "
|
|
"service account keys explicitly, dedicatedly for the k8s cluster to avoid "
|
|
"the inconsistent keys issue."
|
|
|
|
msgid "New Features"
|
|
msgstr "New Features"
|
|
|
|
msgid ""
|
|
"New clusters should be created with kube_tag=v1.9.3 or later. v1.9.3 is the "
|
|
"default version in the queens release."
|
|
msgstr ""
|
|
"New clusters should be created with kube_tag=v1.9.3 or later. v1.9.3 is the "
|
|
"default version in the Queens release."
|
|
|
|
msgid "Newton Series Release Notes"
|
|
msgstr "Newton Series Release Notes"
|
|
|
|
msgid "Now admin user can access all clusters across projects."
|
|
msgstr "Now admin user can access all clusters across projects."
|
|
|
|
msgid ""
|
|
"Now user can update labels in cluster-template. Previously string is passed "
|
|
"as a value to labels, but we know that labels can only hold dictionary "
|
|
"values. Now we are parsing the string and storing it as dictionary for "
|
|
"labels in cluster-template."
|
|
msgstr ""
|
|
"Now user can update labels in cluster-template. Previously string is passed "
|
|
"as a value to labels, but we know that labels can only hold dictionary "
|
|
"values. Now we are parsing the string and storing it as dictionary for "
|
|
"labels in cluster-template."
|
|
|
|
msgid "Ocata Series Release Notes"
|
|
msgstr "Ocata Series Release Notes"
|
|
|
|
msgid "Other Notes"
|
|
msgstr "Other Notes"
|
|
|
|
msgid "Pike Series Release Notes"
|
|
msgstr "Pike Series Release Notes"
|
|
|
|
msgid ""
|
|
"Prefix of all container images used in the cluster (kubernetes components, "
|
|
"coredns, kubernetes-dashboard, node-exporter). For example, kubernetes-"
|
|
"apiserver is pulled from docker.io/openstackmagnum/kubernetes-apiserver, "
|
|
"with this label it can be changed to myregistry.example.com/mycloud/"
|
|
"kubernetes-apiserver. Similarly, all other components used in the cluster "
|
|
"will be prefixed with this label, which assumes an operator has cloned all "
|
|
"expected images in myregistry.example.com/mycloud."
|
|
msgstr ""
|
|
"Prefix of all container images used in the cluster (Kubernetes components, "
|
|
"coredns, kubernetes-dashboard, node-exporter). For example, kubernetes-"
|
|
"apiserver is pulled from docker.io/openstackmagnum/kubernetes-apiserver, "
|
|
"with this label it can be changed to myregistry.example.com/mycloud/"
|
|
"kubernetes-apiserver. Similarly, all other components used in the cluster "
|
|
"will be prefixed with this label, which assumes an operator has cloned all "
|
|
"expected images in myregistry.example.com/mycloud."
|
|
|
|
msgid "Prelude"
|
|
msgstr "Prelude"
|
|
|
|
msgid "Queens Series Release Notes"
|
|
msgstr "Queens Series Release Notes"
|
|
|
|
msgid ""
|
|
"Requires a db upgrade to change the docker_storage_driver field to be a "
|
|
"string instead of an enum."
|
|
msgstr ""
|
|
"Requires a db upgrade to change the docker_storage_driver field to be a "
|
|
"string instead of an enum."
|
|
|
|
msgid ""
|
|
"Secure etcd cluster for swarm and k8s. Etcd cluster is secured using TLS by "
|
|
"default. TLS can be disabled by passing --tls-disabled during cluster "
|
|
"template creation."
|
|
msgstr ""
|
|
"Secure etcd cluster for Swarm and k8s. Etcd cluster is secured using TLS by "
|
|
"default. TLS can be disabled by passing --tls-disabled during cluster "
|
|
"template creation."
|
|
|
|
msgid "Security Issues"
|
|
msgstr "Security Issues"
|
|
|
|
msgid ""
|
|
"Strip signed certificate. Certificate (ca.crt) has to be striped for some "
|
|
"application parsers as they might require pure base64 representation of the "
|
|
"certificate itself, without empty characters at the beginning nor the end of "
|
|
"file."
|
|
msgstr ""
|
|
"Strip signed certificate. Certificate (ca.crt) has to be striped for some "
|
|
"application parsers as they might require pure base64 representation of the "
|
|
"certificate itself, without empty characters at the beginning nor the end of "
|
|
"file."
|
|
|
|
msgid ""
|
|
"Support different volume types for the drivers that support docker storage "
|
|
"in cinder volumes. swarm_fedora_atomic and k8s_fedora_atomic accept a new "
|
|
"label to specify a docker_volume_type."
|
|
msgstr ""
|
|
"Support different volume types for the drivers that support Docker storage "
|
|
"in Cinder volumes. swarm_fedora_atomic and k8s_fedora_atomic accept a new "
|
|
"label to specify a docker_volume_type."
|
|
|
|
msgid ""
|
|
"Support passing an availability zone where all cluster nodes should be "
|
|
"deployed, via the new availability_zone label. Both swarm_fedora_atomic_v2 "
|
|
"and k8s_fedora_atomic_v1 support this new label."
|
|
msgstr ""
|
|
"Support passing an availability zone where all cluster nodes should be "
|
|
"deployed, via the new availability_zone label. Both swarm_fedora_atomic_v2 "
|
|
"and k8s_fedora_atomic_v1 support this new label."
|
|
|
|
msgid ""
|
|
"The 'bay' group has been renamed to 'cluster' and all options in the former "
|
|
"'bay' group have been moved to 'cluster'."
|
|
msgstr ""
|
|
"The 'bay' group has been renamed to 'cluster' and all options in the former "
|
|
"'bay' group have been moved to 'cluster'."
|
|
|
|
msgid ""
|
|
"The 'bay_create_timeout' option in the former 'bay_heat' group has been "
|
|
"renamed to 'create_timeout' inside the 'cluster_heat' group."
|
|
msgstr ""
|
|
"The 'bay_create_timeout' option in the former 'bay_heat' group has been "
|
|
"renamed to 'create_timeout' inside the 'cluster_heat' group."
|
|
|
|
msgid ""
|
|
"The 'bay_heat' group has been renamed to 'cluster_heat' and all options in "
|
|
"the former 'bay_heat' group have been moved to 'cluster_heat'."
|
|
msgstr ""
|
|
"The 'bay_heat' group has been renamed to 'cluster_heat' and all options in "
|
|
"the former 'bay_heat' group have been moved to 'cluster_heat'."
|
|
|
|
msgid ""
|
|
"The 'baymodel' group has been renamed to 'cluster_template' and all options "
|
|
"in the former 'baymodel' group have been moved to 'cluster_template'."
|
|
msgstr ""
|
|
"The 'baymodel' group has been renamed to 'cluster_template' and all options "
|
|
"in the former 'baymodel' group have been moved to 'cluster_template'."
|
|
|
|
msgid ""
|
|
"The intend is to narrow the scope of the Magnum project to focus on "
|
|
"integrating container orchestration engines (COEs) with OpenStack. API "
|
|
"features intended to uniformly create, manage, and delete individual "
|
|
"containers across any COE will be removed from Magnum's API, and will be re-"
|
|
"introduced as a separate project called Zun."
|
|
msgstr ""
|
|
"The intend is to narrow the scope of the Magnum project to focus on "
|
|
"integrating container orchestration engines (COEs) with OpenStack. API "
|
|
"features intended to uniformly create, manage, and delete individual "
|
|
"containers across any COE will be removed from Magnum's API, and will be re-"
|
|
"introduced as a separate project called Zun."
|
|
|
|
msgid ""
|
|
"This is allowing no floating IP to be usable with a multimaster "
|
|
"configuration in terms of load balancers."
|
|
msgstr ""
|
|
"This allows no Floating IP to be usable with a multimaster configuration in "
|
|
"terms of load balancers."
|
|
|
|
msgid ""
|
|
"This release introduces 'federations' endpoint to Magnum API, which allows "
|
|
"an admin to create and manage federations of clusters through Magnum. As the "
|
|
"feature is still under development, the endpoints are not bound to any "
|
|
"driver yet. For more details, please refer to bp/federation-api [1]."
|
|
msgstr ""
|
|
"This release introduces 'federations' endpoint to Magnum API, which allows "
|
|
"an admin to create and manage federations of clusters through Magnum. As the "
|
|
"feature is still under development, the endpoints are not bound to any "
|
|
"driver yet. For more details, please refer to bp/federation-api [1]."
|
|
|
|
msgid ""
|
|
"This release introduces 'quota' endpoint that enable admin users to set, "
|
|
"update and show quota for a given tenant. A non-admin user can get self "
|
|
"quota limits."
|
|
msgstr ""
|
|
"This release introduces 'quota' endpoint that enable admin users to set, "
|
|
"update and show quota for a given tenant. A non-admin user can get self "
|
|
"quota limits."
|
|
|
|
msgid ""
|
|
"This release introduces 'stats' endpoint that provide the total number of "
|
|
"clusters and the total number of nodes for the given tenant and also overall "
|
|
"stats across all the tenants."
|
|
msgstr ""
|
|
"This release introduces 'stats' endpoint that provide the total number of "
|
|
"clusters and the total number of nodes for the given tenant and also overall "
|
|
"stats across all the tenants."
|
|
|
|
msgid ""
|
|
"To let clusters communicate directly with OpenStack service other than "
|
|
"Magnum, in the `trust` section of magnum.conf, set `cluster_user_trust` to "
|
|
"True. The default value is False."
|
|
msgstr ""
|
|
"To let clusters communicate directly with OpenStack service other than "
|
|
"Magnum, in the `trust` section of magnum.conf, set `cluster_user_trust` to "
|
|
"True. The default value is False."
|
|
|
|
msgid ""
|
|
"Update Swarm default version to 1.2.5. It should be the last version since "
|
|
"Docker people are now working on the new Swarm mode integrated in Docker."
|
|
msgstr ""
|
|
"Update Swarm default version to 1.2.5. It should be the last version since "
|
|
"Docker people are now working on the new Swarm mode integrated in Docker."
|
|
|
|
msgid ""
|
|
"Update k8s_fedora_atomic driver to the latest Fedora Atomic 27 release and "
|
|
"run etcd and flanneld in system containers which are removed from the base "
|
|
"OS."
|
|
msgstr ""
|
|
"Update k8s_fedora_atomic driver to the latest Fedora Atomic 27 release and "
|
|
"run etcd and flanneld in system containers which are removed from the base "
|
|
"OS."
|
|
|
|
msgid ""
|
|
"Update kubernetes dashboard to `v1.8.3` which is compatible via kubectl "
|
|
"proxy. Addionally, heapster is deployed as standalone deployemt and the user "
|
|
"can enable a grafana-influx stack with the "
|
|
"`influx_grafana_dashboard_enabled` label. See the kubernetes dashboard "
|
|
"documenation for more details. https://github.com/kubernetes/dashboard/wiki"
|
|
msgstr ""
|
|
"Update Kubernetes dashboard to `v1.8.3` which is compatible via kubectl "
|
|
"proxy. Additionally, heapster is deployed as standalone deployment and the "
|
|
"user can enable a grafana-influx stack with the "
|
|
"`influx_grafana_dashboard_enabled` label. See the Kubernetes dashboard "
|
|
"documentation for more details. https://github.com/kubernetes/dashboard/wiki"
|
|
|
|
msgid "Upgrade Notes"
|
|
msgstr "Upgrade Notes"
|
|
|
|
msgid ""
|
|
"Using the queens (>=2.9.0) python-magnumclient, when a user executes "
|
|
"openstack coe cluster config, the client certificate has admin as Common "
|
|
"Name (CN) and system:masters for Organization which are required for "
|
|
"authorization with RBAC enabled clusters. This change in the client is "
|
|
"backwards compatible, so old clusters (without RBAC enabled) can be reached "
|
|
"with certificates generated by the new client. However, old magnum clients "
|
|
"will generate certificates that will not be able to contact RBAC enabled "
|
|
"clusters. This issue affects only k8s_fedora_atomic clusters and clients "
|
|
"<=2.8.0, note that 2.8.0 is still a queens release but only 2.9.0 includes "
|
|
"the relevant patch. Finally, users can always generate and sign the "
|
|
"certificates using this [0] procedure even with old clients since only the "
|
|
"cluster config command is affected. [0] https://docs.openstack.org/magnum/"
|
|
"latest/user/index.html#interfacing-with-a-secure-cluster"
|
|
msgstr ""
|
|
"Using the queens (>=2.9.0) python-magnumclient, when a user executes "
|
|
"Openstack coe cluster config, the client certificate has admin as Common "
|
|
"Name (CN) and system:masters for Organisation which are required for "
|
|
"authorisation with RBAC enabled clusters. This change in the client is "
|
|
"backwards compatible, so old clusters (without RBAC enabled) can be reached "
|
|
"with certificates generated by the new client. However, old magnum clients "
|
|
"will generate certificates that will not be able to contact RBAC enabled "
|
|
"clusters. This issue affects only k8s_fedora_atomic clusters and clients "
|
|
"<=2.8.0, note that 2.8.0 is still a queens release but only 2.9.0 includes "
|
|
"the relevant patch. Finally, users can always generate and sign the "
|
|
"certificates using this [0] procedure even with old clients since only the "
|
|
"cluster config command is affected. [0] https://docs.openstack.org/magnum/"
|
|
"latest/user/index.html#interfacing-with-a-secure-cluster"
|
|
|
|
msgid "Welcome to Magnum Release Notes's documentation!"
|
|
msgstr "Welcome to Magnum Release Notes documentation!"
|
|
|
|
msgid ""
|
|
"When creating a multi-master cluster, all master nodes will attempt to "
|
|
"create kubernetes resources in the cluster at this same time, like coredns, "
|
|
"the dashboard, calico etc. This race conditon shouldn't be a problem when "
|
|
"doing declarative calls instead of imperative (kubectl apply instead of "
|
|
"create). However, due to [1], kubectl fails to apply the changes and the "
|
|
"deployemnt scripts fail causing cluster to creation to fail in the case of "
|
|
"Heat SoftwareDeployments. This patch passes the ResourceGroup index of every "
|
|
"master so that resource creation will be attempted only from the first "
|
|
"master node. [1] https://github.com/kubernetes/kubernetes/issues/44165"
|
|
msgstr ""
|
|
"When creating a multi-master cluster, all master nodes will attempt to "
|
|
"create Kubernetes resources in the cluster at this same time, like coredns, "
|
|
"the dashboard, calico etc. This race condition shouldn't be a problem when "
|
|
"doing declarative calls instead of imperative (kubectl apply instead of "
|
|
"create). However, due to [1], kubectl fails to apply the changes and the "
|
|
"deployment scripts fail causing cluster to creation to fail in the case of "
|
|
"Heat SoftwareDeployments. This patch passes the ResourceGroup index of every "
|
|
"master so that resource creation will be attempted only from the first "
|
|
"master node. [1] https://github.com/kubernetes/kubernetes/issues/44165"
|
|
|
|
msgid ""
|
|
"[1] https://github.com/projectatomic/atomic-system-containers [2] https://"
|
|
"hub.docker.com/r/openstackmagnum/kubernetes-kubelet/tags/ [3] https://pagure."
|
|
"io/atomic/kubernetes-sig/issue/6"
|
|
msgstr ""
|
|
"[1] https://github.com/projectatomic/atomic-system-containers [2] https://"
|
|
"hub.docker.com/r/openstackmagnum/kubernetes-kubelet/tags/ [3] https://pagure."
|
|
"io/atomic/kubernetes-sig/issue/6"
|
|
|
|
msgid "[1] https://review.openstack.org/#/c/311476/"
|
|
msgstr "[1] https://review.openstack.org/#/c/311476/"
|
|
|
|
msgid "[1] https://review.openstack.org/#/q/topic:bp/federation-api"
|
|
msgstr "[1] https://review.openstack.org/#/q/topic:bp/federation-api"
|
|
|
|
msgid "[1]. https://blueprints.launchpad.net/magnum/+spec/policy-in-code"
|
|
msgstr "[1]. https://blueprints.launchpad.net/magnum/+spec/policy-in-code"
|
|
|
|
msgid ""
|
|
"[`bug 1663757 <https://bugs.launchpad.net/magnum/+bug/1663757>`_] A "
|
|
"configuration parameter, verify_ca, was added to magnum.conf with a default "
|
|
"value of True and passed to the heat templates to indicate whether the "
|
|
"cluster nodes validate the Certificate Authority when making requests to the "
|
|
"OpenStack APIs (Keystone, Magnum, Heat). This parameter can be set to False "
|
|
"to disable CA validation if you have self-signed certificates for the "
|
|
"OpenStack APIs or you have your own Certificate Authority and you have not "
|
|
"installed the Certificate Authority to all nodes."
|
|
msgstr ""
|
|
"[`bug 1663757 <https://bugs.launchpad.net/magnum/+bug/1663757>`_] A "
|
|
"configuration parameter, verify_ca, was added to magnum.conf with a default "
|
|
"value of True and passed to the heat templates to indicate whether the "
|
|
"cluster nodes validate the Certificate Authority when making requests to the "
|
|
"OpenStack APIs (Keystone, Magnum, Heat). This parameter can be set to False "
|
|
"to disable CA validation if you have self-signed certificates for the "
|
|
"OpenStack APIs or you have your own Certificate Authority and you have not "
|
|
"installed the Certificate Authority to all nodes."
|
|
|
|
msgid ""
|
|
"k8s_fedora Remove cluster role from the kubernetes-dashboard account. When "
|
|
"accessing the dashboard and skip authentication, users login with the "
|
|
"kunernetes-dashboard service account, if that service account has the "
|
|
"cluster role, users have admin access without authentication. Create an "
|
|
"admin service account for this use case and others."
|
|
msgstr ""
|
|
"k8s_fedora Remove cluster role from the kubernetes-dashboard account. When "
|
|
"accessing the dashboard and skip authentication, users login with the "
|
|
"kunernetes-dashboard service account, if that service account has the "
|
|
"cluster role, users have admin access without authentication. Create an "
|
|
"admin service account for this use case and others."
|
|
|
|
msgid ""
|
|
"k8s_fedora_atomic clusters are deployed with RBAC support. Along with RBAC "
|
|
"Node authorization is added so the appropriate certificates are generated."
|
|
msgstr ""
|
|
"k8s_fedora_atomic clusters are deployed with RBAC support. Along with RBAC "
|
|
"Node authorization is added so the appropriate certificates are generated."
|