From 5759211e3035444a74b90f7bf69074c2ff2feff4 Mon Sep 17 00:00:00 2001
From: Matt Crees <mattc@stackhpc.com>
Date: Tue, 16 Jan 2024 14:43:54 +0000
Subject: [PATCH 1/4] Add new known issues and workarounds/fixes

---
 doc/source/operations/upgrading.rst | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/doc/source/operations/upgrading.rst b/doc/source/operations/upgrading.rst
index bb7096fe2..b32d0964b 100644
--- a/doc/source/operations/upgrading.rst
+++ b/doc/source/operations/upgrading.rst
@@ -68,6 +68,14 @@ Some things to watch out for:
   will not be granted those roles. This may include the ``reader`` role, which
   is referenced in some of the new secure RBAC policies.  See `Keystone bug
   2030061 <https://bugs.launchpad.net/keystone/+bug/2030061>`_.
+* If you have overwritten ``[auth] tempest_roles`` in your Tempest config, such
+  as to add the ``creator`` role for Barbican, you will need to also add the
+  ``member role``. eg:
+
+  .. code-block:: console
+
+     [auth]
+     tempest_roles = creator,member
 
 OVN enabled by default
 ----------------------
@@ -107,6 +115,20 @@ Known issues
 * The OVN sync repair tool removes metadata ports, breaking OVN load balancers.
   See `LP#2038091 <https://bugs.launchpad.net/neutron/+bug/2038091>`__.
 
+* When you try to generate config before the 2023.1 upgrade (i.e. using 2023.1
+  Kolla-Ansible but still running Zed kolla-toolbox), it will fail on Octavia.
+  This patch is needed to fix this:
+  https://review.opendev.org/c/openstack/kolla-ansible/+/905500
+
+* If you run ``kayobe overcloud service upgrade`` twice, it will cause shard
+  allocation to be disabled in OpenSearch. See `LP#2049512
+  <https://bugs.launchpad.net/kolla-ansible/+bug/2049512>`__ for details. For
+  now, the easiest way to fix this is to turn allocation back on:
+
+   .. code-block:: console
+
+      curl -X PUT http://<controller-ip>:9200/_cluster/settings -H 'Content-Type:application/json' -d '{"transient":{"cluster":{"routing":{"allocation":{"enable":"all"}}}}}'
+
 Security baseline
 =================
 

From b05b41bcc248aa96b1383c2e13dc6bb3efde9935 Mon Sep 17 00:00:00 2001
From: Matt Crees <mattc@stackhpc.com>
Date: Tue, 16 Jan 2024 14:50:53 +0000
Subject: [PATCH 2/4] Add info to find if OpenSearch is broken

---
 doc/source/operations/upgrading.rst | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/doc/source/operations/upgrading.rst b/doc/source/operations/upgrading.rst
index b32d0964b..08eeae53f 100644
--- a/doc/source/operations/upgrading.rst
+++ b/doc/source/operations/upgrading.rst
@@ -122,8 +122,17 @@ Known issues
 
 * If you run ``kayobe overcloud service upgrade`` twice, it will cause shard
   allocation to be disabled in OpenSearch. See `LP#2049512
-  <https://bugs.launchpad.net/kolla-ansible/+bug/2049512>`__ for details. For
-  now, the easiest way to fix this is to turn allocation back on:
+  <https://bugs.launchpad.net/kolla-ansible/+bug/2049512>`__ for details.
+
+  You can check if this is affecting your system with the following command. If
+  ``transient.cluster.routing.allocation.enable=none`` is present, shard
+  allocation is disabled.
+
+  .. code-block:: console
+
+      curl http://<controller-ip>:9200/_cluster/settings
+
+  For now, the easiest way to fix this is to turn allocation back on:
 
    .. code-block:: console
 

From a1500bb359396a413ab0e4fc83864258803fcffc Mon Sep 17 00:00:00 2001
From: Matt Crees <mattc@stackhpc.com>
Date: Tue, 16 Jan 2024 14:53:29 +0000
Subject: [PATCH 3/4] Use ini for config code block

---
 doc/source/operations/upgrading.rst | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/source/operations/upgrading.rst b/doc/source/operations/upgrading.rst
index 08eeae53f..11020cc6d 100644
--- a/doc/source/operations/upgrading.rst
+++ b/doc/source/operations/upgrading.rst
@@ -72,7 +72,7 @@ Some things to watch out for:
   as to add the ``creator`` role for Barbican, you will need to also add the
   ``member role``. eg:
 
-  .. code-block:: console
+  .. code-block:: ini
 
      [auth]
      tempest_roles = creator,member

From 0859d57a912e0af915f4fce707ef2538155427f6 Mon Sep 17 00:00:00 2001
From: Matt Crees <mattc@stackhpc.com>
Date: Tue, 16 Jan 2024 14:54:48 +0000
Subject: [PATCH 4/4] Correct indentation

---
 doc/source/operations/upgrading.rst | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/doc/source/operations/upgrading.rst b/doc/source/operations/upgrading.rst
index 11020cc6d..c5215a4df 100644
--- a/doc/source/operations/upgrading.rst
+++ b/doc/source/operations/upgrading.rst
@@ -130,13 +130,13 @@ Known issues
 
   .. code-block:: console
 
-      curl http://<controller-ip>:9200/_cluster/settings
+     curl http://<controller-ip>:9200/_cluster/settings
 
   For now, the easiest way to fix this is to turn allocation back on:
 
-   .. code-block:: console
+  .. code-block:: console
 
-      curl -X PUT http://<controller-ip>:9200/_cluster/settings -H 'Content-Type:application/json' -d '{"transient":{"cluster":{"routing":{"allocation":{"enable":"all"}}}}}'
+     curl -X PUT http://<controller-ip>:9200/_cluster/settings -H 'Content-Type:application/json' -d '{"transient":{"cluster":{"routing":{"allocation":{"enable":"all"}}}}}'
 
 Security baseline
 =================