Complete migration cleanup of resources

The changes in this commit make use of neutron-netns-cleanup within
the kolla containers used by tripleo to cleanup the neutron
resources as those are found in each host.

Also neutron security group filtering rules inserted in iptables
are removed.

Change-Id: I43fb721d9b73ff09e981f3c2555efa8aca067cf9
changes/46/575746/6
Miguel Angel Ajo 4 years ago committed by Miguel Angel Ajo
parent 45cddcbd02
commit bae5b92374
  1. 1
      migration/tripleo_environment/ovn_migration.sh
  2. 5
      migration/tripleo_environment/playbooks/migrate.yml
  3. 14
      migration/tripleo_environment/playbooks/roles/activate-ovn/templates/activate-ovn.sh.j2
  4. 19
      migration/tripleo_environment/playbooks/roles/backup/tasks/main.yml
  5. 12
      migration/tripleo_environment/playbooks/roles/cleanup/defaults/main.yml
  6. 67
      migration/tripleo_environment/playbooks/roles/cleanup/tasks/main.yml
  7. 4
      migration/tripleo_environment/playbooks/setup-ovn.yml

@ -131,6 +131,7 @@ container_deployment=$IS_CONTAINER_DEPLOYMENT
validate_migration=$VALIDATE_MIGRATION
overcloud_ovn_deploy_script=$OVERCLOUD_OVN_DEPLOY_SCRIPT
overcloudrc=$OVERCLOUDRC_FILE
ovn_migration_backups=/var/lib/ovn-migration-backup
EOF
}

@ -10,6 +10,11 @@
roles:
- activate-ovn
- name: Cleanup Neutron dataplane resources
hosts: ovn-controllers
roles:
- cleanup
- name: Delete Neutron resources
hosts: localhost
roles:

@ -19,18 +19,4 @@ docker restart $ovn_container_id
ovs-vsctl --if-exists del-br {{ tunnel_bridge }}
ovs-vsctl --if-exists del-br br-migration
# Delete the qr-*, qg-* and ha-* ports from integration bridge
for p in `ovs-vsctl show | egrep 'qr-|ha-|qg-' | grep Interface | awk '{print $2}'`
do
# p will be having quotes. Eg. "hr-xxxx". So strip the quotes
port=`echo "$p" | sed -e 's/^"//' -e 's/"$//'`
ovs-vsctl del-port $port
done
# Delete namespaces
for i in `ip netns | grep -v ovnmeta`
do
ip netns delete $i
done
exit 0

@ -0,0 +1,19 @@
# The following tasks ensure that we have backup data which is
# necessary later for cleanup (like l3/dhcp/metadata agent definitions)
- name: "Ensure the ovn backup directory"
file: path="{{ ovn_migration_backups }}" state=directory
- name: "Save the tripleo container definitions"
shell: |
# only copy them the first time, otherwise, on a later run when
# it has been already migrated to OVN we would miss the data
if [ ! -d {{ ovn_migration_backups }}/tripleo-config ]; then
cp -rfp /var/lib/tripleo-config {{ ovn_migration_backups }}
echo "Backed up"
fi
register: command_result
changed_when: "'Backed up' in command_result.stdout"
# TODO(majopela): Include steps for backing up the mysql database on the
# controllers and the undercloud before continuing

@ -0,0 +1,12 @@
---
agent_cleanups:
neutron_l3_agent:
config: --config-file /usr/share/neutron/neutron-dist.conf --config-dir /usr/share/neutron/l3_agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/l3_agent.ini --config-dir /etc/neutron/conf.d/common --config-dir /etc/neutron/conf.d/neutron-l3-agent --log-file=/var/log/neutron/netns-cleanup-l3.log
cleanup_type: l3
netns_regex: "fip-|snat-|qrouter-"
neutron_dhcp:
config: --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/dhcp_agent.ini --config-dir /etc/neutron/conf.d/common --config-dir /etc/neutron/conf.d/neutron-dhcp-agent --log-file=/var/log/neutron/netns-cleanup-dhcp.log
cleanup_type: dhcp
netns_regex: "qdhcp-"

@ -0,0 +1,67 @@
- name: Quickly disable neutron router and dhcp interfaces
shell: |
for p in `ovs-vsctl show | egrep 'qr-|ha-|qg-|rfp-' | grep Interface | awk '{print $2}'`
do
# p will be having quotes. Eg. "hr-xxxx". So strip the quotes
port=`echo "$p" | sed -e 's/^"//' -e 's/"$//'`
ovs-vsctl clear Interface $p external-ids
ovs-vsctl set Interface $p admin-state=down
done
# dhcp tap ports cannot be easily distinguished from ovsfw ports, so we
# list them from within the qdhcp namespaces
for netns in `ip netns | awk '{ print $1 }' | grep qdhcp-`; do
for dhcp_port in `ip netns exec $netns ip -o link show | awk -F': ' '{print $2}' | grep tap`; do
ovs-vsctl clear Interface $dhcp_port external-ids
ovs-vsctl set Interface $dhcp_port admin-state=down
done
done
- name: Clean neutron datapath security groups from iptables
shell: |
iptables-save > /tmp/iptables-before-cleanup
cat /tmp/iptables-before-cleanup | grep -v neutron-openvswi | \
grep -v neutron-filter > /tmp/iptables-after-cleanup
if ! cmp /tmp/iptables-before-cleanup /tmp/iptables-after-cleanup
then
cat /tmp/iptables-after-cleanup | iptables-restore
echo "Security groups cleaned"
fi
register: out
changed_when: "'Security groups cleaned' in out.stdout"
- name: Cleanup neutron datapath resources
shell: |
if ip netns | egrep -e "{{ item.value.netns_regex }}"
then
echo "Cleaning up"
cmd="$(paunch debug --file {{ ovn_migration_backups }}/tripleo-config/hashed-docker-container-startup-config-step_4.json \
--action print-cmd --container {{ item.key }} \
--interactive | \
sed 's/--interactive /--volume=\/tmp\/cleanup-{{ item.key }}.sh:\/cleanup.sh:ro /g ' )"
f="/tmp/cleanup-{{ item.key }}.sh"
echo "#!/bin/sh" > $f
echo "set -x" >> $f
echo "set -e" >> $f
echo "sudo -E kolla_set_configs" >> $f
echo "neutron-netns-cleanup {{ item.value.config }} --agent-type {{ item.value.cleanup_type }} --force" >> $f
chmod a+x $f
echo $cmd /cleanup.sh
$cmd /cleanup.sh
fi
with_dict: "{{ agent_cleanups }}"
register: out
changed_when: "'Cleaning up' in out.stdout"

@ -1,4 +1,8 @@
---
- name: Backup tripleo container config files on the nodes
hosts: ovn-controllers
roles:
- backup
- name: Set up OVN and configure it using tripleo
hosts: localhost

Loading…
Cancel
Save