84e69a9dd1
As described in the comments, there is potential for systemd to not be able to enable services after it is upgraded until it is restarted. I do not think we see this during puppet runs in the gate because we disable selinux, but it can be triggered (see I0750de9e75b63190531a3d39a5fcbb19f8e8c49e) This is a small work-around to pre-install systemd and restart it before doing the rest of the system upgrades Change-Id: Ibcb27199f0ecf3b1e3d927be42112e2ebcb5cd79
271 lines
7.9 KiB
Bash
Executable File
271 lines
7.9 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
# Copyright 2013 OpenStack Foundation.
|
|
# Copyright 2013 Hewlett-Packard Development Company, L.P.
|
|
# Copyright 2013 Red Hat, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
|
|
#
|
|
# Distro identification functions
|
|
# note, can't rely on lsb_release for these as we're bare-bones and
|
|
# it may not be installed yet)
|
|
|
|
|
|
function is_fedora {
|
|
[ -f /usr/bin/yum ] && cat /etc/*release | grep -q -e "Fedora"
|
|
}
|
|
|
|
function is_rhel6 {
|
|
[ -f /usr/bin/yum ] && \
|
|
cat /etc/*release | grep -q -e "Red Hat" -e "CentOS" -e "CloudLinux" && \
|
|
cat /etc/*release | grep -q 'release 6'
|
|
}
|
|
|
|
function is_rhel7 {
|
|
[ -f /usr/bin/yum ] && \
|
|
cat /etc/*release | grep -q -e "Red Hat" -e "CentOS" -e "CloudLinux" && \
|
|
cat /etc/*release | grep -q 'release 7'
|
|
}
|
|
|
|
function is_ubuntu {
|
|
[ -f /usr/bin/apt-get ]
|
|
}
|
|
|
|
function is_opensuse {
|
|
[ -f /usr/bin/zypper ] && \
|
|
cat /etc/os-release | grep -q -e "openSUSE"
|
|
}
|
|
|
|
#
|
|
# Distro specific puppet installs
|
|
#
|
|
|
|
function _systemd_update {
|
|
# there is a bug (rhbz#1261747) where systemd can fail to enable
|
|
# services due to selinux errors after upgrade. A work-around is
|
|
# to install the latest version here and restart the daemon after
|
|
# it is upgraded.
|
|
yum install -y systemd
|
|
systemctl daemon-reload
|
|
}
|
|
|
|
function setup_puppet_fedora {
|
|
_systemd_update
|
|
yum update -y
|
|
|
|
# NOTE: we preinstall lsb_release to ensure facter sets
|
|
# lsbdistcodename
|
|
yum install -y redhat-lsb-core git puppet
|
|
|
|
mkdir -p /etc/puppet/modules/
|
|
|
|
# Puppet expects the pip command named as pip-python on
|
|
# Fedora, as per the packaged command name. However, we're
|
|
# installing from get-pip.py so it's just 'pip'. An easy
|
|
# work-around is to just symlink pip-python to "fool" it.
|
|
# See upstream issue:
|
|
# https://tickets.puppetlabs.com/browse/PUP-1082
|
|
ln -fs /usr/bin/pip /usr/bin/pip-python
|
|
# Wipe out templatedir so we don't get warnings about it
|
|
sed -i '/templatedir/d' /etc/puppet/puppet.conf
|
|
}
|
|
|
|
function setup_puppet_rhel7 {
|
|
local puppet_pkg="https://yum.puppetlabs.com/el/7/products/x86_64/puppetlabs-release-7-10.noarch.rpm"
|
|
|
|
# install a bootstrap epel repo to install latest epel-release
|
|
# package (which provides correct gpg keys, etc); then remove
|
|
# boostrap
|
|
cat > /etc/yum.repos.d/epel-bootstrap.repo <<EOF
|
|
[epel-bootstrap]
|
|
name=Bootstrap EPEL
|
|
mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=epel-7&arch=\$basearch
|
|
failovermethod=priority
|
|
enabled=0
|
|
gpgcheck=0
|
|
EOF
|
|
yum --enablerepo=epel-bootstrap -y install epel-release
|
|
rm -f /etc/yum.repos.d/epel-bootstrap.repo
|
|
|
|
_systemd_update
|
|
yum update -y
|
|
|
|
# NOTE: we preinstall lsb_release to ensure facter sets lsbdistcodename
|
|
yum install -y redhat-lsb-core git puppet
|
|
|
|
rpm -ivh $puppet_pkg
|
|
|
|
# see comments in setup_puppet_fedora
|
|
ln -s /usr/bin/pip /usr/bin/pip-python
|
|
# Wipe out templatedir so we don't get warnings about it
|
|
sed -i '/templatedir/d' /etc/puppet/puppet.conf
|
|
}
|
|
|
|
function setup_puppet_rhel6 {
|
|
local puppet_pkg="http://yum.puppetlabs.com/el/6/products/x86_64/puppetlabs-release-6-6.noarch.rpm"
|
|
|
|
# install a bootstrap epel repo to install latest epel-release
|
|
# package (which provides correct gpg keys, etc); then remove
|
|
# boostrap
|
|
cat > /etc/yum.repos.d/epel-bootstrap.repo <<EOF
|
|
[epel-bootstrap]
|
|
name=Bootstrap EPEL
|
|
mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=epel-6&arch=\$basearch
|
|
failovermethod=priority
|
|
enabled=0
|
|
gpgcheck=0
|
|
EOF
|
|
yum --enablerepo=epel-bootstrap -y install epel-release
|
|
rm -f /etc/yum.repos.d/epel-bootstrap.repo
|
|
|
|
# This git package includes a small work-around for slow https
|
|
# cloning performance, as discussed in redhat bz#1237395. Should
|
|
# be fixed in 6.8
|
|
curl -o /etc/yum.repos.d/git-1237395.repo \
|
|
https://copr.fedoraproject.org/coprs/iwienand/git-1237395/repo/epel-6/iwienand-git-1237395-epel-6.repo
|
|
|
|
# NOTE: we preinstall lsb_release to ensure facter sets lsbdistcodename
|
|
yum install -y redhat-lsb-core git puppet
|
|
|
|
rpm -ivh $puppet_pkg
|
|
|
|
# ensure we stick to supported puppet 2 versions
|
|
cat > /etc/yum.repos.d/puppetlabs.repo <<"EOF"
|
|
[puppetlabs-products]
|
|
name=Puppet Labs Products El 6 - $basearch
|
|
baseurl=http://yum.puppetlabs.com/el/6/products/$basearch
|
|
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-puppetlabs
|
|
enabled=1
|
|
gpgcheck=1
|
|
EOF
|
|
|
|
yum update -y
|
|
|
|
# see comments in setup_puppet_fedora
|
|
ln -s /usr/bin/pip /usr/bin/pip-python
|
|
# Wipe out templatedir so we don't get warnings about it
|
|
sed -i '/templatedir/d' /etc/puppet/puppet.conf
|
|
}
|
|
|
|
function setup_puppet_ubuntu {
|
|
if ! which lsb_release > /dev/null 2<&1 ; then
|
|
DEBIAN_FRONTEND=noninteractive apt-get --option 'Dpkg::Options::=--force-confold' \
|
|
--assume-yes install -y --force-yes lsb-release
|
|
fi
|
|
|
|
lsbdistcodename=`lsb_release -c -s`
|
|
if [ $lsbdistcodename != 'trusty' ] ; then
|
|
rubypkg=rubygems
|
|
else
|
|
rubypkg=ruby
|
|
fi
|
|
|
|
|
|
PUPPET_VERSION=3.*
|
|
PUPPETDB_VERSION=2.*
|
|
FACTER_VERSION=2.*
|
|
|
|
cat > /etc/apt/preferences.d/00-puppet.pref <<EOF
|
|
Package: puppet puppet-common puppetmaster puppetmaster-common puppetmaster-passenger
|
|
Pin: version $PUPPET_VERSION
|
|
Pin-Priority: 501
|
|
|
|
Package: puppetdb puppetdb-terminus
|
|
Pin: version $PUPPETDB_VERSION
|
|
Pin-Priority: 501
|
|
|
|
Package: facter
|
|
Pin: version $FACTER_VERSION
|
|
Pin-Priority: 501
|
|
EOF
|
|
|
|
puppet_deb=puppetlabs-release-${lsbdistcodename}.deb
|
|
wget http://apt.puppetlabs.com/$puppet_deb -O $puppet_deb
|
|
dpkg -i $puppet_deb
|
|
rm $puppet_deb
|
|
|
|
apt-get update
|
|
DEBIAN_FRONTEND=noninteractive apt-get --option 'Dpkg::Options::=--force-confold' \
|
|
--assume-yes dist-upgrade
|
|
DEBIAN_FRONTEND=noninteractive apt-get --option 'Dpkg::Options::=--force-confold' \
|
|
--assume-yes install -y --force-yes puppet git $rubypkg
|
|
# Wipe out templatedir so we don't get warnings about it
|
|
sed -i '/templatedir/d' /etc/puppet/puppet.conf
|
|
}
|
|
|
|
function setup_puppet_opensuse {
|
|
local version=`grep -e "VERSION_ID" /etc/os-release | tr -d "\"" | cut -d "=" -f2`
|
|
zypper ar http://download.opensuse.org/repositories/systemsmanagement:/puppet/openSUSE_${version}/systemsmanagement:puppet.repo
|
|
zypper -v --gpg-auto-import-keys --no-gpg-checks -n ref
|
|
zypper --non-interactive in --force-resolution puppet
|
|
# Wipe out templatedir so we don't get warnings about it
|
|
sed -i '/templatedir/d' /etc/puppet/puppet.conf
|
|
}
|
|
|
|
#
|
|
# pip setup
|
|
#
|
|
|
|
function setup_pip {
|
|
# Install pip using get-pip
|
|
local get_pip_url=https://bootstrap.pypa.io/get-pip.py
|
|
local ret=1
|
|
|
|
if [ -f ./get-pip.py ]; then
|
|
ret=0
|
|
elif type curl >/dev/null 2>&1; then
|
|
curl -O $get_pip_url
|
|
ret=$?
|
|
elif type wget >/dev/null 2>&1; then
|
|
wget $get_pip_url
|
|
ret=$?
|
|
fi
|
|
|
|
if [ $ret -ne 0 ]; then
|
|
echo "Failed to get get-pip.py"
|
|
exit 1
|
|
fi
|
|
|
|
if is_rhel6; then
|
|
yum erase -y python-setuptools
|
|
rm -rf /usr/lib/python2.6/site-packages/setuptools*
|
|
fi
|
|
|
|
if is_opensuse; then
|
|
zypper --non-interactive in --force-resolution python python-xml
|
|
fi
|
|
|
|
python get-pip.py
|
|
rm get-pip.py
|
|
pip install -U setuptools
|
|
}
|
|
|
|
setup_pip
|
|
|
|
if is_fedora; then
|
|
setup_puppet_fedora
|
|
elif is_rhel6; then
|
|
setup_puppet_rhel6
|
|
elif is_rhel7; then
|
|
setup_puppet_rhel7
|
|
elif is_ubuntu; then
|
|
setup_puppet_ubuntu
|
|
elif is_opensuse; then
|
|
setup_puppet_opensuse
|
|
else
|
|
echo "*** Can not setup puppet: distribution not recognized"
|
|
exit 1
|
|
fi
|