10.0 RabbitMQ Change Changelog Notice Issue

[flyersa]

I am not the popular one, but i can live with that, so here is another one ;)

So, just giving a link to

https://docs.openstack.org/kolla-ansible/latest/reference/message-queues/rabbitmq.html#high-availability

which does not apply to any osism related installation should work or what is the idea about that changelog notice?

can we fix this to something more related to osism users?

e.g basically that says "stop everything", run reset state, redeploy etc.?

providing a link to something that references to stuff like "kolla-ansible genconfig" is not really a helpfull releasenote. You did a major release here,10.0 is also 2025.1- Why is the changelog so short handed? I mean 10.0 is a major release, more pride please for the awesome job you guys do ?

Also please note you have alot of major osism users now. The release notes, docs should reflect how to properly use, update this in relation to osism instead of a kolla reference imho. Obviously we will figure this out ourself, but this should not be the goal.

Also missing in the changelog, what was fixed etc.? Do you guys need help from the osism community? I am sure there are plenty of people who will and want to help here (us included).

There are alot of bugfixes in this releases, not even mentioned, such as the ISO Problem which got fixed, the trunk port issue fixed and so on.

Imho this release note should be more proper, highlight fixed issues and also give upgrade advice to existing osism users instead of just doing a useless reference to some kolla doc which people cannot even use directly. Correct me if im wrong here.

I mean this upgrade is a major interuption change. Its not just like "yeah change the queues" in rabbitmq, this is a upgrade which will cause problems if not done properly. And there is no mention at it at all.

Imho we have a huge info gap on osism atm. As example the last security issue, who got the info? people had to ask? stil no info about patches, even CVE should be out now etc. I understand OSISM also wants to make revenue, but i am not sure this is the way to go.

Also adding again here the idea to have people pre-test the upgrades before a release, what happened with that? :(

[berendt]

The release notes are a work in progress and not yet finished.

[berendt]

Added a note to avoid further confusions.

[berendt]

Regarding "Imho we have a huge info gap on osism atm. As example the last security issue, who got the info? people had to ask? stil no info about patches, even CVE should be out now etc. I understand OSISM also wants to make revenue, but i am not sure this is the way to go."

We rebuild and publish our images every 24h hours. Since the patches were all merged upstream a few days ago, they are included in the latest images we provide. They are also available to everyone, there are no restrictions on availability here.

• https://review.opendev.org/966871 (2024.1/caracal(keystone)) (there is a backport for this one)
• https://review.opendev.org/966073 (2024.2/dalmatian(keystone))
• https://review.opendev.org/966071 (2025.1/epoxy(keystone))

[flyersa]

Regarding "Imho we have a huge info gap on osism atm. As example the last security issue, who got the info? people had to ask? stil no info about patches, even CVE should be out now etc. I understand OSISM also wants to make revenue, but i am not sure this is the way to go."

We rebuild and publish our images every 24h hours. Since the patches were all merged upstream a few days ago, they are included in the latest images we provide. They are also available to everyone, there are no restrictions on availability here.

• https://review.opendev.org/966871 (2024.1/caracal(keystone)) (there is a backport for this one)
• https://review.opendev.org/966073 (2024.2/dalmatian(keystone))
• https://review.opendev.org/966071 (2025.1/epoxy(keystone))

the images you update explicity need always to be manually tagged to the last release, the current images of a release are not updating. So people are forced to explcility set a tag to as example 2024.2. This is is another issue out of this scope- If i run a osism version i would expect to also update the images with the fixes without specifying overrides as example. But existing images do not get updates, just tagged ones.

example? existing osism install, pull new images? no fix! setting override to 2024.2 , fix included. That is a major thing. Yes you build images with fixes but they cannot be used without doing a override, they are even on a complete different path on the registry. If i deploy a specific version i want osism apply -a pull $whatever to pull a version with the fix included. But you only update the version taged ones. Once there is a release, those are not upgrading with bugfixes,

And for the CVE, only internal people got this. This should be available to all. No mentioning at all etc. except internal to "first class" customers. Maybe we use it wrong i dont know anymore.... with this i mean a "run this to fix it" note as example.

With overrides i mean to explicitly set those in images.yml to make use of them

[flyersa]

Just an idea, maybe we can do a monthly osism meeting round or something with users who want to take part? similar to what we had before with SCS? Does not need to be long. 30 minutes, BAM. I would love this as a direct channel. OUG? Osism User Group? :)

Also please excuse my hard direct comments, i value what you do and osism turned out to be great product by now. We did alot to get this adopted by alot of people too. I really love what you do and also which is not visible to anyone. So i think it would be good to just connect everyone again, or maybe im just missing out.

[fkr]

@flyersa I think, that is a very good idea. Initially it was proposed to continue with Team IaaS, Team Container and Team OPS/IAM calls like during the project phase. Team Container and Team OPS/IAM (here with very little attendance, tbh) are still holding meetings - so maybe through you raising it, this could be revived for IaaS as well.