Drop ovn migration for TripleO deployments
TripleO project has been retired[1]. Remove the migration tool implemented specifically for TripleO deployments. Change-Id: I32775a0aa963b65a3900a87f28a88ab63901a8a0
This commit is contained in:
parent
3997367300
commit
2eba495e22
@ -8,7 +8,6 @@ OVN Driver
|
||||
.. toctree::
|
||||
:maxdepth: 1
|
||||
|
||||
migration.rst
|
||||
gaps.rst
|
||||
dhcp_opts.rst
|
||||
ml2ovn_trace.rst
|
||||
|
@ -1,388 +0,0 @@
|
||||
.. _ovn_migration:
|
||||
|
||||
Migration Strategy
|
||||
==================
|
||||
|
||||
This document details an in-place migration strategy from ML2/OVS to ML2/OVN
|
||||
in either ovs-firewall or ovs-hybrid mode for a TripleO OpenStack deployment.
|
||||
|
||||
For non TripleO deployments, please refer to the file ``migration/README.rst``
|
||||
and the ansible playbook ``migration/migrate-to-ovn.yml``.
|
||||
|
||||
Overview
|
||||
--------
|
||||
The migration process is orchestrated through the shell script
|
||||
ovn_migration.sh, which is provided with the OVN driver.
|
||||
|
||||
The administrator uses ovn_migration.sh to perform readiness steps
|
||||
and migration from the undercloud node.
|
||||
The readiness steps, such as host inventory production, DHCP and MTU
|
||||
adjustments, prepare the environment for the procedure.
|
||||
|
||||
Subsequent steps start the migration via Ansible.
|
||||
|
||||
Plan for a 24-hour wait after the reduce-dhcp-t1 step to allow VMs to catch up
|
||||
with the new MTU size from the DHCP server. The default neutron ML2/OVS
|
||||
configuration has a dhcp_lease_duration of 86400 seconds (24h).
|
||||
|
||||
Also, if there are instances using static IP assignment, the administrator
|
||||
should be ready to update the MTU of those instances to the new value of 8
|
||||
bytes less than the ML2/OVS (VXLAN) MTU value. For example, the typical
|
||||
1500 MTU network value that makes VXLAN tenant networks use 1450 bytes of MTU
|
||||
will need to change to 1442 under Geneve. Or under the same overlay network,
|
||||
a GRE encapsulated tenant network would use a 1458 MTU, but again a 1442 MTU
|
||||
for Geneve.
|
||||
|
||||
If there are instances which use DHCP but don't support lease update during
|
||||
the T1 period the administrator will need to reboot them to ensure that MTU
|
||||
is updated inside those instances.
|
||||
|
||||
|
||||
Steps for migration
|
||||
-------------------
|
||||
|
||||
Perform the following steps in the overcloud/undercloud
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
1. Ensure that you have updated to the latest openstack/neutron version.
|
||||
|
||||
Perform the following steps in the undercloud
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
1. Install openstack-neutron-ovn-migration-tool.
|
||||
|
||||
.. code-block:: console
|
||||
|
||||
# yum install openstack-neutron-ovn-migration-tool
|
||||
|
||||
2. Create a working directory on the undercloud, and copy the ansible playbooks
|
||||
|
||||
.. code-block:: console
|
||||
|
||||
$ mkdir ~/ovn_migration
|
||||
$ cd ~/ovn_migration
|
||||
$ cp -rfp /usr/share/ansible/neutron-ovn-migration/playbooks .
|
||||
|
||||
3. Create ``~/overcloud-deploy-ovn.sh`` script in your ``$HOME``.
|
||||
This script must source your stackrc file, and then execute an ``openstack
|
||||
overcloud deploy`` with your original deployment parameters, plus
|
||||
the following environment files, added to the end of the command
|
||||
in the following order:
|
||||
|
||||
When your network topology is DVR and your compute nodes have connectivity
|
||||
to the external network:
|
||||
|
||||
.. code-block:: none
|
||||
|
||||
-e /usr/share/openstack-tripleo-heat-templates/environments/services/neutron-ovn-dvr-ha.yaml \
|
||||
-e $HOME/ovn-extras.yaml
|
||||
|
||||
When your compute nodes don't have external connectivity and you don't use
|
||||
DVR:
|
||||
|
||||
.. code-block:: none
|
||||
|
||||
-e /usr/share/openstack-tripleo-heat-templates/environments/services/neutron-ovn-ha.yaml \
|
||||
-e $HOME/ovn-extras.yaml
|
||||
|
||||
Make sure that all users have execution privileges on the script, because it
|
||||
will be called by ovn_migration.sh/ansible during the migration process.
|
||||
|
||||
.. code-block:: console
|
||||
|
||||
$ chmod a+x ~/overcloud-deploy-ovn.sh
|
||||
|
||||
4. To configure the parameters of your migration you can set the environment
|
||||
variables that will be used by ``ovn_migration.sh``. You can skip setting
|
||||
any values matching the defaults.
|
||||
|
||||
* STACKRC_FILE - must point to your stackrc file in your undercloud.
|
||||
Default: ~/stackrc
|
||||
|
||||
* OVERCLOUDRC_FILE - must point to your overcloudrc file in your
|
||||
undercloud.
|
||||
Default: ~/overcloudrc
|
||||
|
||||
* OVERCLOUD_OVN_DEPLOY_SCRIPT - must point to the script described in
|
||||
step 1.
|
||||
Default: ~/overcloud-deploy-ovn.sh
|
||||
|
||||
* UNDERCLOUD_NODE_USER - user used on the undercloud nodes
|
||||
Default: heat-admin
|
||||
|
||||
* STACK_NAME - Name or ID of the heat stack
|
||||
Default: 'overcloud'
|
||||
If the stack that is migrated differs from the default, please set this
|
||||
environment variable to the stack name or ID.
|
||||
|
||||
* PUBLIC_NETWORK_NAME - Name of your public network.
|
||||
Default: 'public'.
|
||||
To support migration validation, this network must have available
|
||||
floating IPs, and those floating IPs must be pingable from the
|
||||
undercloud. If that's not possible please configure VALIDATE_MIGRATION
|
||||
to False.
|
||||
|
||||
* OOO_WORKDIR - Name of TripleO working directory
|
||||
Default: '$HOME/overcloud-deploy'
|
||||
This directory contains different stacks in TripleO and its files. It
|
||||
should be configured if TripleO commands were invoked with --work-dir
|
||||
option.
|
||||
|
||||
* IMAGE_NAME - Name/ID of the glance image to us for booting a test server.
|
||||
Default:'cirros'.
|
||||
If the image does not exist it will automatically download and use
|
||||
cirros during the pre-validation / post-validation process.
|
||||
|
||||
* VALIDATE_MIGRATION - Create migration resources to validate the
|
||||
migration. The migration script, before starting the migration, boot a
|
||||
server and validates that the server is reachable after the migration.
|
||||
Default: False
|
||||
|
||||
* SERVER_USER_NAME - User name to use for logging into the migration
|
||||
instances.
|
||||
Default: 'cirros'.
|
||||
|
||||
* DHCP_RENEWAL_TIME - DHCP renewal time in seconds to configure in DHCP
|
||||
agent configuration file. This renewal time is used only temporarily
|
||||
during migration to ensure a synchronized MTU switch across the networks.
|
||||
Default: 30
|
||||
|
||||
* CREATE_BACKUP - Flag to create a backup of the controllers that can be
|
||||
used as a revert mechanism.
|
||||
Default: True
|
||||
|
||||
* BACKUP_MIGRATION_IP - Only used if CREATE_BACKUP is enabled, IP of the
|
||||
server that will be used as a NFS server to store the backup.
|
||||
Default: 192.168.24.1
|
||||
|
||||
* BACKUP_MIGRATION_CTL_PLANE_CIDRS - Only used if CREATE_BACKUP is enabled.
|
||||
A comma separated string of control plane subnets in CIDR notation for the
|
||||
controllers being backed up. The specified subnets will be used to enable
|
||||
NFS remote clients connections.
|
||||
Default: 192.168.24.0/24
|
||||
|
||||
.. warning::
|
||||
|
||||
Please note that VALIDATE_MIGRATION requires enough quota (2
|
||||
available floating ips, 2 networks, 2 subnets, 2 instances,
|
||||
and 2 routers as admin).
|
||||
|
||||
For example:
|
||||
|
||||
.. code-block:: console
|
||||
|
||||
$ export PUBLIC_NETWORK_NAME=my-public-network
|
||||
$ ovn_migration.sh .........
|
||||
|
||||
5. Run ``ovn_migration.sh generate-inventory`` to generate the inventory
|
||||
file - ``hosts_for_migration`` and ``ansible.cfg``. Please review
|
||||
``hosts_for_migration`` for correctness.
|
||||
|
||||
.. code-block:: console
|
||||
|
||||
$ ovn_migration.sh generate-inventory
|
||||
|
||||
|
||||
At this step the script will inspect the TripleO ansible inventory
|
||||
and generate an inventory of hosts, specifically tagged to work
|
||||
with the migration playbooks.
|
||||
|
||||
|
||||
6. Run ``ovn_migration.sh reduce-dhcp-t1``
|
||||
|
||||
.. code-block:: console
|
||||
|
||||
$ ovn_migration.sh reduce-dhcp-t1
|
||||
|
||||
|
||||
This lowers the T1 parameter
|
||||
of the internal neutron DHCP servers configuring the ``dhcp_renewal_time``
|
||||
in /var/lib/config-data/puppet-generated/neutron/etc/neutron/dhcp_agent.ini
|
||||
in all the nodes where DHCP agent is running.
|
||||
|
||||
We lower the T1 parameter to make sure that the instances start refreshing
|
||||
the DHCP lease quicker (every 30 seconds by default) during the migration
|
||||
proccess. The reason why we force this is to make sure that the MTU update
|
||||
happens quickly across the network during step 8, this is very important
|
||||
because during those 30 seconds there will be connectivity issues with
|
||||
bigger packets (MTU missmatchess across the network), this is also why
|
||||
step 7 is very important, even though we reduce T1, the previous T1 value
|
||||
the instances leased from the DHCP server will be much higher
|
||||
(24h by default) and we need to wait those 24h to make sure they have
|
||||
updated T1. After migration the DHCP T1 parameter returns to normal values.
|
||||
|
||||
7. If you are using VXLAN or GRE tenant networking, ``wait at least 24 hours``
|
||||
before continuing. This will allow VMs to catch up with the new MTU size
|
||||
of the next step.
|
||||
|
||||
.. warning::
|
||||
|
||||
If you are using VXLAN or GRE networks, this 24-hour wait step is critical.
|
||||
If you are using VLAN tenant networks you can proceed to the next step without delay.
|
||||
|
||||
.. warning::
|
||||
|
||||
If you have any instance with static IP assignment on VXLAN or
|
||||
GRE tenant networks, you must manually modify the configuration of those instances.
|
||||
If your instances don't honor the T1 parameter of DHCP they will need
|
||||
to be rebooted.
|
||||
to configure the new geneve MTU, which is the current VXLAN MTU minus 8 bytes.
|
||||
For instance, if the VXLAN-based MTU was 1450, change it to 1442.
|
||||
|
||||
.. note::
|
||||
|
||||
24 hours is the time based on default configuration. It actually depends on
|
||||
/var/lib/config-data/puppet-generated/neutron/etc/neutron/dhcp_agent.ini
|
||||
dhcp_renewal_time and
|
||||
/var/lib/config-data/puppet-generated/neutron/etc/neutron/neutron.conf
|
||||
dhcp_lease_duration parameters. (defaults to 86400 seconds)
|
||||
|
||||
.. note::
|
||||
|
||||
Please note that migrating a deployment which uses VLAN for tenant/project
|
||||
networks is not recommended at this time because of a bug in core ovn,
|
||||
full support is being worked out here:
|
||||
https://mail.openvswitch.org/pipermail/ovs-dev/2018-May/347594.html
|
||||
|
||||
|
||||
One way to verify that the T1 parameter has propagated to existing VMs
|
||||
is to connect to one of the compute nodes, and run ``tcpdump`` over one
|
||||
of the VM taps attached to a tenant network. If T1 propegation was a success,
|
||||
you should see that requests happen on an interval of approximately 30 seconds.
|
||||
|
||||
.. code-block:: shell
|
||||
|
||||
[heat-admin@overcloud-novacompute-0 ~]$ sudo tcpdump -i tap52e872c2-e6 port 67 or port 68 -n
|
||||
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
|
||||
listening on tap52e872c2-e6, link-type EN10MB (Ethernet), capture size 262144 bytes
|
||||
13:17:28.954675 IP 192.168.99.5.bootpc > 192.168.99.3.bootps: BOOTP/DHCP, Request from fa:16:3e:6b:41:3d, length 300
|
||||
13:17:28.961321 IP 192.168.99.3.bootps > 192.168.99.5.bootpc: BOOTP/DHCP, Reply, length 355
|
||||
13:17:56.241156 IP 192.168.99.5.bootpc > 192.168.99.3.bootps: BOOTP/DHCP, Request from fa:16:3e:6b:41:3d, length 300
|
||||
13:17:56.249899 IP 192.168.99.3.bootps > 192.168.99.5.bootpc: BOOTP/DHCP, Reply, length 355
|
||||
|
||||
.. note::
|
||||
|
||||
This verification is not possible with cirros VMs. The cirros
|
||||
udhcpc implementation does not obey DHCP option 58 (T1). Please
|
||||
try this verification on a port that belongs to a full linux VM.
|
||||
We recommend you to check all the different types of workloads your
|
||||
system runs (Windows, different flavors of linux, etc..).
|
||||
|
||||
8. Run ``ovn_migration.sh reduce-mtu``.
|
||||
|
||||
This lowers the MTU of the pre migration VXLAN and GRE networks. The
|
||||
tool will ignore non-VXLAN/GRE networks, so if you use VLAN for tenant
|
||||
networks it will be fine if you find this step not doing anything.
|
||||
|
||||
.. code-block:: console
|
||||
|
||||
$ ovn_migration.sh reduce-mtu
|
||||
|
||||
This step will go network by network reducing the MTU, and tagging with
|
||||
``adapted_mtu`` the networks which have been already handled.
|
||||
|
||||
Every time a network is updated all the existing L3/DHCP agents
|
||||
connected to such network will update their internal leg MTU, instances
|
||||
will start fetching the new MTU as the DHCP T1 timer expires. As explained
|
||||
before, instances not obeying the DHCP T1 parameter will need to be
|
||||
restarted, and instances with static IP assignment will need to be manually
|
||||
updated.
|
||||
|
||||
|
||||
9. Make TripleO ``prepare the new container images`` for OVN.
|
||||
|
||||
If your deployment didn't have a containers-prepare-parameter.yaml, you can
|
||||
create one with:
|
||||
|
||||
.. code-block:: console
|
||||
|
||||
$ test -f $HOME/containers-prepare-parameter.yaml || \
|
||||
openstack tripleo container image prepare default \
|
||||
--output-env-file $HOME/containers-prepare-parameter.yaml
|
||||
|
||||
|
||||
If you had to create the file, please make sure it's included at the end of
|
||||
your $HOME/overcloud-deploy-ovn.sh and $HOME/overcloud-deploy.sh
|
||||
|
||||
Change the neutron_driver in the containers-prepare-parameter.yaml file to
|
||||
ovn:
|
||||
|
||||
.. code-block:: console
|
||||
|
||||
$ sed -i -E 's/neutron_driver:([ ]\w+)/neutron_driver: ovn/' $HOME/containers-prepare-parameter.yaml
|
||||
|
||||
You can verify with:
|
||||
|
||||
.. code-block:: shell
|
||||
|
||||
$ grep neutron_driver $HOME/containers-prepare-parameter.yaml
|
||||
neutron_driver: ovn
|
||||
|
||||
|
||||
Then update the images:
|
||||
|
||||
.. code-block:: console
|
||||
|
||||
$ openstack tripleo container image prepare \
|
||||
--environment-file $HOME/containers-prepare-parameter.yaml
|
||||
|
||||
.. note::
|
||||
|
||||
It's important to provide the full path to your containers-prepare-parameter.yaml
|
||||
otherwise the command will finish very quickly and won't work (current
|
||||
version doesn't seem to output any error).
|
||||
|
||||
|
||||
During this step TripleO will build a list of containers, pull them from
|
||||
the remote registry and push them to your deployment local registry.
|
||||
|
||||
|
||||
10. Run ``ovn_migration.sh start-migration`` to kick start the migration
|
||||
process.
|
||||
|
||||
.. code-block:: console
|
||||
|
||||
$ ovn_migration.sh start-migration
|
||||
|
||||
|
||||
During this step, this is what will happen:
|
||||
|
||||
* Create pre-migration resources (network and VM) to validate existing
|
||||
deployment and final migration.
|
||||
|
||||
* Update the overcloud stack to deploy OVN alongside reference
|
||||
implementation services using a temporary bridge "br-migration" instead
|
||||
of br-int.
|
||||
|
||||
* Start the migration process:
|
||||
|
||||
1. generate the OVN north db by running neutron-ovn-db-sync util
|
||||
2. clone the existing resources from br-int to br-migration, so OVN
|
||||
can find the same resources UUIDS over br-migration
|
||||
3. re-assign ovn-controller to br-int instead of br-migration
|
||||
4. cleanup network namespaces (fip, snat, qrouter, qdhcp),
|
||||
5. remove any unnecessary patch ports on br-int
|
||||
6. remove br-tun and br-migration ovs bridges
|
||||
7. delete qr-*, ha-* and qg-* ports from br-int (via neutron netns
|
||||
cleanup)
|
||||
|
||||
* Delete neutron agents and neutron HA internal networks from the database
|
||||
via API.
|
||||
|
||||
* Validate connectivity on pre-migration resources.
|
||||
|
||||
* Delete pre-migration resources.
|
||||
|
||||
* Create post-migration resources.
|
||||
|
||||
* Validate connectivity on post-migration resources.
|
||||
|
||||
* Cleanup post-migration resources.
|
||||
|
||||
* Re-run deployment tool to update OVN on br-int, this step ensures
|
||||
that the TripleO database is updated with the final integration bridge.
|
||||
|
||||
* Run an extra validation round to ensure the final state of the system is
|
||||
fully operational.
|
||||
|
||||
Migration is complete !!!
|
83
plugin.spec
83
plugin.spec
@ -1,83 +0,0 @@
|
||||
---
|
||||
config:
|
||||
entry_point: ./tools/ovn_migration/infrared/tripleo-ovn-migration/main.yml
|
||||
plugin_type: install
|
||||
subparsers:
|
||||
tripleo-ovn-migration:
|
||||
description: Migrate an existing TripleO overcloud from Neutron ML2OVS plugin to OVN
|
||||
include_groups: ["Ansible options", "Inventory", "Common options", "Answers file"]
|
||||
groups:
|
||||
- title: Containers
|
||||
options:
|
||||
registry-namespace:
|
||||
type: Value
|
||||
help: The alternative docker registry namespace to use for deployment.
|
||||
|
||||
registry-prefix:
|
||||
type: Value
|
||||
help: The images prefix
|
||||
|
||||
registry-tag:
|
||||
type: Value
|
||||
help: The images tag
|
||||
|
||||
registry-mirror:
|
||||
type: Value
|
||||
help: The alternative docker registry to use for deployment.
|
||||
|
||||
- title: Deployment Description
|
||||
options:
|
||||
version:
|
||||
type: Value
|
||||
help: |
|
||||
The product version
|
||||
Numbers are for OSP releases
|
||||
Names are for RDO releases
|
||||
If not given, same version of the undercloud will be used
|
||||
choices:
|
||||
- "7"
|
||||
- "8"
|
||||
- "9"
|
||||
- "10"
|
||||
- "11"
|
||||
- "12"
|
||||
- "13"
|
||||
- "14"
|
||||
- "15"
|
||||
- "16"
|
||||
- "16.1"
|
||||
- "16.2"
|
||||
- kilo
|
||||
- liberty
|
||||
- mitaka
|
||||
- newton
|
||||
- ocata
|
||||
- pike
|
||||
- queens
|
||||
- rocky
|
||||
- stein
|
||||
- train
|
||||
install_from_package:
|
||||
type: Bool
|
||||
help: Install openstack-neutron-ovn-migration-tool rpm
|
||||
default: True
|
||||
|
||||
dvr:
|
||||
type: Bool
|
||||
help: If the deployment is to be dvr or not
|
||||
default: False
|
||||
|
||||
create_resources:
|
||||
type: Bool
|
||||
help: Create resources to measure downtime
|
||||
default: True
|
||||
|
||||
external_network:
|
||||
type: Value
|
||||
help: External network name to use
|
||||
default: public
|
||||
|
||||
image_name:
|
||||
type: Value
|
||||
help: Image name to use
|
||||
default: cirros-0.3.5-x86_64-disk.img
|
@ -0,0 +1,5 @@
|
||||
---
|
||||
upgrade:
|
||||
- |
|
||||
The migration tool for TripleO deployments has been removed, because
|
||||
TripleO project has been retired.
|
@ -28,9 +28,6 @@ data_files =
|
||||
etc/api-paste.ini
|
||||
etc/rootwrap.conf
|
||||
etc/neutron/rootwrap.d = etc/neutron/rootwrap.d/*
|
||||
share/ansible/neutron-ovn-migration/playbooks = tools/ovn_migration/tripleo_environment/playbooks/*
|
||||
scripts =
|
||||
tools/ovn_migration/tripleo_environment/ovn_migration.sh
|
||||
|
||||
[entry_points]
|
||||
wsgi_scripts =
|
||||
|
@ -4,9 +4,6 @@ Migration from ML2/OVS to ML2/OVN
|
||||
Proof-of-concept ansible script for migrating an OpenStack deployment
|
||||
that uses ML2/OVS to OVN.
|
||||
|
||||
If you have a tripleo ML2/OVS deployment then please see the folder
|
||||
``tripleo_environment``
|
||||
|
||||
Prerequisites:
|
||||
|
||||
1. Ansible 2.2 or greater.
|
||||
|
@ -1,37 +0,0 @@
|
||||
# All controller nodes running OpenStack control services, particularly
|
||||
# neutron-api. Also indicate which controller you'd like to have run
|
||||
# the OVN central control services.
|
||||
[controller]
|
||||
overcloud-controller-0 ovn_central=true
|
||||
overcloud-controller-1
|
||||
overcloud-controller-2
|
||||
|
||||
# All compute nodes. We will replace the openvswitch agent
|
||||
# with ovn-controller on these nodes.
|
||||
#
|
||||
# The ovn_encap_ip variable should be filled in with the IP
|
||||
# address that other compute hosts should use as the tunnel
|
||||
# endpoint for tunnels to that host.
|
||||
[compute]
|
||||
overcloud-novacompute-0 ovn_encap_ip=192.0.2.10
|
||||
overcloud-novacompute-1 ovn_encap_ip=192.0.2.11
|
||||
overcloud-novacompute-2 ovn_encap_ip=192.0.2.12
|
||||
overcloud-novacompute-3 ovn_encap_ip=192.0.2.13
|
||||
overcloud-novacompute-4 ovn_encap_ip=192.0.2.14
|
||||
overcloud-novacompute-5 ovn_encap_ip=192.0.2.15
|
||||
|
||||
# Configure bridge mappings to be used on compute hosts.
|
||||
[compute:vars]
|
||||
ovn_bridge_mappings=net1:br-em1
|
||||
is_compute_node=true
|
||||
|
||||
[overcloud:children]
|
||||
controller
|
||||
compute
|
||||
|
||||
# Fill in "ovn_db_ip" with an IP address on a management network
|
||||
# that the controller and compute nodes should reach. This address
|
||||
# should not be reachable otherwise.
|
||||
[overcloud:vars]
|
||||
ovn_db_ip=192.0.2.50
|
||||
remote_user=heat-admin
|
@ -1,33 +0,0 @@
|
||||
Infrared plugin to carry out migration from ML2/OVS to OVN
|
||||
==========================================================
|
||||
|
||||
This is an infrared plugin which can be used to carry out the migration
|
||||
from ML2/OVS to OVN if the tripleo was deployed using infrared.
|
||||
See http://infrared.readthedocs.io/en/stable/index.html for more information.
|
||||
|
||||
Before using this plugin, first deploy an ML2/OVS overcloud and then:
|
||||
|
||||
1. On your undercloud, install openstack-neutron-ovn-migration-tool package (https://trunk.rdoproject.org/centos9-master/component/network/current/)
|
||||
You also need to install python3-neutron and python3-openvswitch packages.
|
||||
|
||||
2. Run ::
|
||||
$infrared plugin add "https://opendev.org/openstack/neutron.git"
|
||||
|
||||
3. Start migration by running::
|
||||
|
||||
$infrared tripleo-ovn-migration --version 13|14 \
|
||||
--registry-namespace <REGISTRY_NAMESPACE> \
|
||||
--registry-tag <TAG> \
|
||||
--registry-prefix <PREFIX>
|
||||
|
||||
Using this as a standalone playbook for tripleo deployments
|
||||
===========================================================
|
||||
It is also possible to use the playbook main.yml with tripleo deployments.
|
||||
In order to use this:
|
||||
|
||||
1. Create hosts inventory file like below
|
||||
[undercloud]
|
||||
undercloud_ip ansible_ssh_user=stack
|
||||
|
||||
2. Run the playbook as:
|
||||
ansible-playbook main.yml -i hosts -e install_from_package=True -e registry_prefix=centos-binary -e registry_namespace=docker.io/tripleomaster -e registry_localnamespace=192.168.24.1:8787/tripleomaster -e registry_tag=current-tripleo-rdo
|
@ -1,194 +0,0 @@
|
||||
# Playbook which preps migration and then invokes the migration script.
|
||||
- name: Install migration tool
|
||||
hosts: undercloud
|
||||
become: true
|
||||
tasks:
|
||||
- name: Install python 3 virtualenv and neutron ovn migration tool
|
||||
yum:
|
||||
name:
|
||||
- python3-virtualenv
|
||||
- openstack-neutron-ovn-migration-tool
|
||||
state: present
|
||||
|
||||
- name: Set host_key_checking to False in ansible.cfg
|
||||
ini_file:
|
||||
path=/etc/ansible/ansible.cfg
|
||||
section=defaults
|
||||
option=host_key_checking
|
||||
value=False
|
||||
ignore_errors: yes
|
||||
|
||||
- name: Prepare for migration
|
||||
hosts: undercloud
|
||||
tasks:
|
||||
- name: Set ovn migration working dir
|
||||
set_fact:
|
||||
ovn_migration_working_dir: /home/stack/ovn_migration
|
||||
|
||||
- name: Delete temp file directory if present
|
||||
file:
|
||||
state: absent
|
||||
path: "{{ ovn_migration_working_dir }}"
|
||||
|
||||
- name : Create temp file directory if not present
|
||||
file:
|
||||
state: directory
|
||||
path: "{{ ovn_migration_working_dir }}"
|
||||
|
||||
- name: Set the image registry information
|
||||
block:
|
||||
- name: Get the image registry info (infrared deployment)
|
||||
block:
|
||||
- name: Set is_infrard deployment
|
||||
set_fact:
|
||||
is_infrared: True
|
||||
|
||||
- name: Save the image reg
|
||||
set_fact:
|
||||
container_image_prepare:
|
||||
namespace: "{{ install.get('registry', {}).namespace|default(False)|ternary(install.get('registry', {}).namespace, install.get('registry', {}).mirror + '/' + 'rhosp' + install.version) }}"
|
||||
prefix: "{{ install.registry.prefix|default('openstack') }}"
|
||||
tag: "{{ install.registry.tag|default('') }}"
|
||||
local_namespace: "{{ install.registry.local|default('') }}"
|
||||
is_dvr: "{{ install.dvr }}"
|
||||
when:
|
||||
- install is defined
|
||||
|
||||
- name: Get the image registry info (tripleo deployment)
|
||||
block:
|
||||
- name: Set is_infrard deployment
|
||||
set_fact:
|
||||
is_infrared: False
|
||||
|
||||
- name: Save the image reg
|
||||
set_fact:
|
||||
container_image_prepare:
|
||||
namespace: "{{ registry_namespace }}"
|
||||
local_namespace: "{{ registry_localnamespace }}"
|
||||
prefix: "{{ registry_prefix }}"
|
||||
tag: "{{ registry_tag }}"
|
||||
is_dvr: "{{ dvr }}"
|
||||
when:
|
||||
- install is not defined
|
||||
|
||||
- name: Prepare for migration
|
||||
include_role:
|
||||
name: prepare-migration
|
||||
vars:
|
||||
infrared_deployment: "{{ is_infrared }}"
|
||||
registry_namespace: "{{ container_image_prepare['namespace'] }}"
|
||||
image_prefix: "{{ container_image_prepare['prefix'] }}"
|
||||
image_tag: "{{ container_image_prepare['tag'] }}"
|
||||
local_namespace: "{{ container_image_prepare['local_namespace'] }}"
|
||||
is_dvr: "{{ container_image_prepare['is_dvr'] }}"
|
||||
|
||||
- name: Boot few VMs to measure downtime
|
||||
hosts: undercloud
|
||||
tasks:
|
||||
- name: Check if need to create resources
|
||||
block:
|
||||
- name: Set create_vms (infrared)
|
||||
set_fact:
|
||||
create_vms: "{{ install.create_resources }}"
|
||||
when:
|
||||
- install is defined
|
||||
|
||||
- name: Set create_vms (tripleo deployment)
|
||||
set_fact:
|
||||
create_vms: "{{ create_resources }}"
|
||||
when:
|
||||
- install is not defined
|
||||
|
||||
- name: Create few resources
|
||||
block:
|
||||
- name: Set the public network name (infrared deployment)
|
||||
set_fact:
|
||||
public_net: "{{ install.external_network }}"
|
||||
when: install is defined
|
||||
|
||||
- name: Set the public network name (Tripleo deployment)
|
||||
set_fact:
|
||||
public_net: "{{ external_network }}"
|
||||
when: install is not defined
|
||||
|
||||
- name: Set the image name (infrared deployment)
|
||||
set_fact:
|
||||
image_to_boot: "{{ install.image_name }}"
|
||||
when: install is defined
|
||||
|
||||
- name: Set the image name(Tripleo deployment)
|
||||
set_fact:
|
||||
image_to_boot: "{{ image_name }}"
|
||||
when: install is not defined
|
||||
|
||||
- name: Create resources
|
||||
include_role:
|
||||
name: create-resources
|
||||
vars:
|
||||
public_network_name: "{{ public_net }}"
|
||||
image_name: "{{ image_to_boot }}"
|
||||
ovn_migration_temp_dir: /home/stack/ovn_migration
|
||||
overcloudrc: /home/stack/overcloudrc
|
||||
when:
|
||||
- create_vms|bool
|
||||
|
||||
- name: Kick start the migration
|
||||
hosts: undercloud
|
||||
tasks:
|
||||
#TODO: Get the working dir from the param
|
||||
- name: Starting migration block
|
||||
block:
|
||||
- name: Set ovn migration working dir
|
||||
set_fact:
|
||||
ovn_migration_working_dir: /home/stack/ovn_migration
|
||||
|
||||
- name: Copy the playbook files into ovn_migration working dir
|
||||
command: cp -rf /usr/share/ansible/neutron-ovn-migration/playbooks {{ ovn_migration_working_dir }}
|
||||
|
||||
- name: Set the public network name (infrared deployment)
|
||||
set_fact:
|
||||
public_network: "{{ install.external_network }}"
|
||||
when: install is defined
|
||||
|
||||
- name: Set the public network name (Tripleo deployment)
|
||||
set_fact:
|
||||
public_network: "{{ external_network }}"
|
||||
when: install is not defined
|
||||
|
||||
- name: Create ovn migration script
|
||||
template:
|
||||
src: templates/start-ovn-migration.sh.j2
|
||||
dest: "{{ ovn_migration_working_dir }}/start-ovn-migration.sh"
|
||||
mode: 0755
|
||||
|
||||
- name: Generate inventory file for ovn migration
|
||||
shell:
|
||||
set -o pipefail &&
|
||||
{{ ovn_migration_working_dir }}/start-ovn-migration.sh generate-inventory 2>&1 > {{ ovn_migration_working_dir}}/generate-inventory.log
|
||||
|
||||
- name: Set DHCP T1 timer
|
||||
shell:
|
||||
set -o pipefail &&
|
||||
{{ ovn_migration_working_dir }}/start-ovn-migration.sh reduce-dhcp-t1 2>&1 > {{ ovn_migration_working_dir}}/reduce-dhcp-t1.log
|
||||
|
||||
- name: Reduce mtu of the pre migration networks
|
||||
shell:
|
||||
set -o pipefail &&
|
||||
{{ ovn_migration_working_dir }}/start-ovn-migration.sh reduce-mtu 2>&1 > {{ ovn_migration_working_dir}}/reduce-mtu.log
|
||||
|
||||
- name: Start the migration process
|
||||
shell:
|
||||
set -o pipefail &&
|
||||
{{ ovn_migration_working_dir }}/start-ovn-migration.sh start-migration 2>&1
|
||||
> {{ ovn_migration_working_dir}}/start-ovn-migration.sh.log
|
||||
|
||||
- name: Stop pinger if started
|
||||
shell:
|
||||
echo "exit" > {{ ovn_migration_working_dir}}/_pinger_cmd.txt
|
||||
always:
|
||||
- name: Fetch ovn_migration log directory
|
||||
synchronize:
|
||||
src: "{{ ovn_migration_working_dir }}"
|
||||
dest: "{{ inventory_dir }}"
|
||||
mode: pull
|
||||
when: install is defined
|
@ -1,9 +0,0 @@
|
||||
---
|
||||
|
||||
public_network_name: "{{ public_network_name }}"
|
||||
create_resource_script: create-resources.sh.j2
|
||||
ovn_migration_temp_dir: "{{ ovn_migration_temp_dir }}"
|
||||
image_name: "{{ image_name }}"
|
||||
server_user_name: "{{ server_user_name }}"
|
||||
overcloudrc: "{{ overcloudrc }}"
|
||||
resource_suffix: pinger
|
@ -1,33 +0,0 @@
|
||||
- name: Delete temp file directory if present
|
||||
file:
|
||||
state: absent
|
||||
path: "{{ ovn_migration_temp_dir }}"
|
||||
|
||||
- name : Create temp file directory if not present
|
||||
file:
|
||||
state: directory
|
||||
path: "{{ ovn_migration_temp_dir }}"
|
||||
|
||||
- name: Generate resource creation script
|
||||
template:
|
||||
src: create-resources.sh.j2
|
||||
dest: "{{ ovn_migration_temp_dir }}/create-resources.sh"
|
||||
mode: 0744
|
||||
|
||||
- name: Creating pre pre migration resources
|
||||
shell: >
|
||||
set -o pipefail &&
|
||||
{{ ovn_migration_temp_dir }}/create-resources.sh 2>&1 >
|
||||
{{ ovn_migration_temp_dir }}/create-resources.sh.log
|
||||
changed_when: true
|
||||
|
||||
- name: Generate pinger script
|
||||
template:
|
||||
src: start-pinger.sh.j2
|
||||
dest: "{{ ovn_migration_temp_dir }}/start-pinger.sh"
|
||||
mode: 0744
|
||||
|
||||
- name: Start pinger in background
|
||||
shell: >
|
||||
nohup {{ ovn_migration_temp_dir }}/start-pinger.sh </dev/null >/dev/null 2>&1 &
|
||||
changed_when: False
|
@ -1,170 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
set -x
|
||||
|
||||
source {{ overcloudrc }}
|
||||
|
||||
image_name={{ image_name }}
|
||||
openstack image show $image_name
|
||||
if [ "$?" != "0" ]
|
||||
then
|
||||
if [ ! -f cirros-0.5.2-x86_64-disk.img ]
|
||||
then
|
||||
curl -Lo cirros-0.5.2-x86_64-disk.img https://github.com/cirros-dev/cirros/releases/download/0.5.2/cirros-0.5.2-x86_64-disk.img
|
||||
fi
|
||||
|
||||
openstack image create "cirros-ovn-migration-{{ resource_suffix }}" --file cirros-0.5.2-x86_64-disk.img \
|
||||
--disk-format qcow2 --container-format bare --public
|
||||
image_name="cirros-ovn-migration-{{ resource_suffix }}"
|
||||
fi
|
||||
|
||||
|
||||
openstack flavor create ovn-migration-{{ resource_suffix }} --ram 1024 --disk 1 --vcpus 1
|
||||
|
||||
openstack keypair create ovn-migration-{{ resource_suffix }} --private-key {{ ovn_migration_temp_dir }}/ovn_migration_ssh_key
|
||||
|
||||
openstack security group create ovn-migration-sg-{{ resource_suffix }}
|
||||
|
||||
openstack security group rule create --ingress --protocol icmp ovn-migration-sg-{{ resource_suffix }}
|
||||
|
||||
openstack security group rule create --ingress --protocol tcp --dst-port 22 ovn-migration-sg-{{ resource_suffix }}
|
||||
|
||||
openstack network create ovn-migration-net-{{ resource_suffix }}
|
||||
|
||||
neutron net-update ovn-migration-net-{{ resource_suffix }} --mtu 1442
|
||||
|
||||
openstack subnet create --network ovn-migration-net-{{ resource_suffix }} --subnet-range 172.168.168.0/24 ovn-migration-subnet-{{ resource_suffix }}
|
||||
|
||||
num_hypervisors=`openstack hypervisor stats show | grep count | awk '{print $4}'`
|
||||
|
||||
openstack server create --flavor ovn-migration-{{ resource_suffix }} --image $image_name \
|
||||
--key-name ovn-migration-{{ resource_suffix }} \
|
||||
--nic net-id=ovn-migration-net-{{ resource_suffix }} \
|
||||
--security-group ovn-migration-sg-{{ resource_suffix }} \
|
||||
--min $num_hypervisors --max $num_hypervisors \
|
||||
ovn-migration-server-{{ resource_suffix }}
|
||||
|
||||
|
||||
openstack router create ovn-migration-router-{{ resource_suffix }}
|
||||
|
||||
openstack router set --external-gateway {{ public_network_name }} ovn-migration-router-{{ resource_suffix }}
|
||||
|
||||
openstack router add subnet ovn-migration-router-{{ resource_suffix }} ovn-migration-subnet-{{ resource_suffix }}
|
||||
|
||||
for i in $(seq 1 $num_hypervisors)
|
||||
do
|
||||
num_attempts=0
|
||||
while true
|
||||
do
|
||||
openstack server show ovn-migration-server-{{ resource_suffix }}-$i -c status | grep ACTIVE
|
||||
if [ "$?" == "0" ]; then
|
||||
break
|
||||
fi
|
||||
sleep 5
|
||||
num_attempts=$((num_attempts+1))
|
||||
if [ $num_attempts -gt 24 ]
|
||||
then
|
||||
echo "VM is not up even after 2 minutes. Something is wrong"
|
||||
# printing server information for debugging
|
||||
openstack server show ovn-migration-server-{{ resource_suffix }}-$i
|
||||
exit 1
|
||||
fi
|
||||
done
|
||||
|
||||
vm_ip=`openstack server show ovn-migration-server-{{ resource_suffix }}-$i -c addresses | grep addresses | awk '{ split($4, ip, "="); print ip[2]}'`
|
||||
port_id=`openstack port list | grep $vm_ip | awk '{print $2}'`
|
||||
|
||||
# Wait till the port is ACTIVE
|
||||
echo "Wait till the port is ACTIVE"
|
||||
port_status=`openstack port show $port_id -c status | grep status | awk '{print $4}'`
|
||||
|
||||
num_attempts=0
|
||||
while [ "$port_status" != "ACTIVE" ]
|
||||
do
|
||||
num_attempts=$((num_attempts+1))
|
||||
sleep 5
|
||||
port_status=`openstack port show $port_id -c status | grep status | awk '{print $4}'`
|
||||
echo "Port status = $port_status"
|
||||
if [ $num_attempts -gt 24 ]
|
||||
then
|
||||
echo "Port is not up even after 2 minutes. Something is wrong"
|
||||
# printing port information for debugging
|
||||
openstack port show $port_id
|
||||
exit 1
|
||||
fi
|
||||
done
|
||||
|
||||
echo "VM is up and the port is ACTIVE"
|
||||
|
||||
server_ip=`openstack floating ip create --port $port_id \
|
||||
{{ public_network_name }} -c floating_ip_address | grep floating_ip_address \
|
||||
| awk '{print $4'}`
|
||||
|
||||
echo $server_ip >> {{ ovn_migration_temp_dir }}/server_fips
|
||||
|
||||
# Wait till the VM allows ssh connections
|
||||
|
||||
vm_status="down"
|
||||
num_attempts=0
|
||||
while [ "$vm_status" != "up" ]
|
||||
do
|
||||
num_attempts=$((num_attempts+1))
|
||||
sleep 5
|
||||
openstack console log show ovn-migration-server-{{ resource_suffix }}-$i | grep "login:"
|
||||
if [ "$?" == "0" ]
|
||||
then
|
||||
vm_status="up"
|
||||
else
|
||||
if [ $num_attempts -gt 60 ]
|
||||
then
|
||||
echo "VM is not up with login prompt even after 5 minutes. Something is wrong."
|
||||
# Even though something seems wrong, lets try and ping.
|
||||
break
|
||||
fi
|
||||
fi
|
||||
done
|
||||
done
|
||||
|
||||
chmod 0600 {{ ovn_migration_temp_dir }}/ovn_migration_ssh_key
|
||||
|
||||
|
||||
for server_ip in `cat {{ ovn_migration_temp_dir }}/server_fips`
|
||||
do
|
||||
num_attempts=0
|
||||
vm_reachable="false"
|
||||
while [ "$vm_reachable" != "true" ]
|
||||
do
|
||||
num_attempts=$((num_attempts+1))
|
||||
sleep 1
|
||||
ping -c 3 $server_ip
|
||||
if [ "$?" == "0" ]
|
||||
then
|
||||
vm_reachable="true"
|
||||
else
|
||||
if [ $num_attempts -gt 60 ]
|
||||
then
|
||||
echo "VM is not pingable. Something is wrong."
|
||||
# printing server information for debugging
|
||||
server_id=$(openstack server list -f value | grep $server_ip | awk '{print $1}')
|
||||
openstack console log show $server_id
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
done
|
||||
|
||||
ssh -i {{ ovn_migration_temp_dir }}/ovn_migration_ssh_key -o StrictHostKeyChecking=no \
|
||||
-o UserKnownHostsFile=/dev/null cirros@$server_ip date
|
||||
rc=$?
|
||||
if [ "$rc" != "0" ]
|
||||
then
|
||||
echo "VM not accessible via ssh. Something went wrong. Exiting with rc=$rc"
|
||||
# printing server information for debugging purposes
|
||||
server_id=$(openstack server list -f value | grep $server_ip | awk '{print $1}')
|
||||
openstack console log show $server_id
|
||||
exit $rc
|
||||
fi
|
||||
|
||||
done
|
||||
|
||||
echo "Done with the resource creation : exiting"
|
||||
exit 0
|
@ -1,58 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
set -x
|
||||
|
||||
echo "creating virtualenv in {{ ovn_migration_temp_dir }}/pinger_venv"
|
||||
virtualenv {{ ovn_migration_temp_dir }}/pinger_venv
|
||||
source {{ ovn_migration_temp_dir }}/pinger_venv/bin/activate
|
||||
pip install --upgrade pip
|
||||
pip install sh
|
||||
|
||||
cat > {{ ovn_migration_temp_dir }}/pinger.py <<-EOF
|
||||
import sh
|
||||
import sys
|
||||
import time
|
||||
|
||||
|
||||
def main(ips):
|
||||
run_cmds = []
|
||||
for ip in ips:
|
||||
ip_out_file = "{{ ovn_migration_temp_dir }}/" + ip.replace('.', '_') + '_ping.out'
|
||||
run_cmds.append(sh.ping('-i', '1', ip, _out=ip_out_file, _bg=True))
|
||||
|
||||
if not run_cmds:
|
||||
return
|
||||
|
||||
while True:
|
||||
try:
|
||||
cmd_file = open("{{ ovn_migration_temp_dir }}/_pinger_cmd.txt", "r")
|
||||
cmd = cmd_file.readline()
|
||||
if cmd.startswith("exit"):
|
||||
break
|
||||
cmd_file.close()
|
||||
except IOError:
|
||||
time.sleep(3)
|
||||
continue
|
||||
|
||||
for p in run_cmds:
|
||||
p.signal(2)
|
||||
p.wait()
|
||||
|
||||
|
||||
if __name__ == '__main__':
|
||||
main(sys.argv[1:])
|
||||
|
||||
EOF
|
||||
|
||||
pinger_ips=""
|
||||
for ip in `cat {{ ovn_migration_temp_dir }}/server_fips`
|
||||
do
|
||||
pinger_ips="$pinger_ips $ip"
|
||||
done
|
||||
|
||||
echo "pinger ips = $pinger_ips"
|
||||
|
||||
echo "calling pinger.py"
|
||||
python {{ ovn_migration_temp_dir }}/pinger.py $pinger_ips
|
||||
|
||||
echo "Exiting..."
|
@ -1,7 +0,0 @@
|
||||
---
|
||||
|
||||
infrared_deployment: False
|
||||
registry_namespace: docker.io/tripleomaster
|
||||
local_namespace: 192.168.24.1:8787/tripleomaster
|
||||
image_tag: current-tripleo-rdo
|
||||
image_prefix: centos-binary-
|
@ -1,191 +0,0 @@
|
||||
- name: Copy overcloud deploy script to overcloud-deploy-ovn.sh
|
||||
block:
|
||||
- name: Check if overcloud_deploy.sh is present or not
|
||||
stat:
|
||||
path: ~/overcloud_deploy.sh
|
||||
register: deploy_file
|
||||
|
||||
- name: Set the ml2ovs overcloud deploy script file name
|
||||
set_fact:
|
||||
overcloud_deploy_script: '~/overcloud_deploy.sh'
|
||||
when: deploy_file.stat.exists|bool
|
||||
|
||||
- name: Check if overcloud-deploy.sh is present
|
||||
stat:
|
||||
path: ~/overcloud-deploy.sh
|
||||
register: deploy_file_2
|
||||
when: not deploy_file.stat.exists|bool
|
||||
|
||||
- name: Set the ml2ovs overcloud deploy script file name
|
||||
set_fact:
|
||||
overcloud_deploy_script: '~/overcloud-deploy.sh'
|
||||
when:
|
||||
- not deploy_file.stat.exists|bool
|
||||
- deploy_file_2.stat.exists|bool
|
||||
|
||||
- name: Copy overcloud deploy script to overcloud-deploy-ovn.sh
|
||||
command: cp -f {{ overcloud_deploy_script }} ~/overcloud-deploy-ovn.sh
|
||||
when: infrared_deployment|bool
|
||||
|
||||
- name: set overcloud deploy ovn script
|
||||
set_fact:
|
||||
overcloud_deploy_ovn_script: '~/overcloud-deploy-ovn.sh'
|
||||
|
||||
- name: Remove ml2ovs-specific environment files from overcloud deploy ovn script
|
||||
lineinfile:
|
||||
dest: "{{ overcloud_deploy_ovn_script }}"
|
||||
state: absent
|
||||
regexp: "{{ item }}"
|
||||
with_items:
|
||||
- "^.*openstack-tripleo-heat-templates.*ovs.*yaml"
|
||||
- ".*neutron-sriov.yaml.*"
|
||||
when: infrared_deployment|bool
|
||||
|
||||
- name: Set container images environment file
|
||||
set_fact:
|
||||
output_env_file: /home/stack/container-images-ovn.yaml
|
||||
|
||||
- name: Get the proper neutron-ovn-ha.yaml path
|
||||
stat:
|
||||
path: /usr/share/openstack-tripleo-heat-templates/environments/services/neutron-ovn-ha.yaml
|
||||
register: ovn_env_path
|
||||
|
||||
- name: Set the neutron-ovn-dvr-ha.yaml file path if dvr
|
||||
set_fact:
|
||||
neutron_ovn_env_path: /usr/share/openstack-tripleo-heat-templates/environments/services/neutron-ovn-dvr-ha.yaml
|
||||
when: is_dvr|bool
|
||||
|
||||
- name: Set the neutron-ovn-ha.yaml file path if not dvr
|
||||
set_fact:
|
||||
neutron_ovn_env_path: /usr/share/openstack-tripleo-heat-templates/environments/services/neutron-ovn-ha.yaml
|
||||
when: not is_dvr|bool
|
||||
|
||||
- name: Construct overcloud-deploy-ovn.sh script for infrared deployments
|
||||
lineinfile:
|
||||
dest: "{{ overcloud_deploy_ovn_script }}"
|
||||
line: "{{ item }} \\"
|
||||
insertbefore: "^--log-file.*"
|
||||
with_items:
|
||||
- "-e {{ neutron_ovn_env_path }}"
|
||||
- "-e /home/stack/ovn-extras.yaml"
|
||||
- "-e {{ output_env_file }}"
|
||||
when:
|
||||
- infrared_deployment|bool
|
||||
|
||||
- name: Construct overcloud-deploy-ovn.sh script for tripleo deployments
|
||||
template:
|
||||
src: templates/overcloud-deploy-ovn.sh.j2
|
||||
dest: ~/overcloud-deploy-ovn.sh
|
||||
mode: 0744
|
||||
when:
|
||||
- not infrared_deployment|bool
|
||||
|
||||
- name: Set image tag (infrared deployment)
|
||||
block:
|
||||
- name: Get puddle version
|
||||
shell: cat containers-prepare-parameter.yaml | grep -v _tag | grep tag | awk '{print $2}'
|
||||
ignore_errors: True
|
||||
register: core_puddle_version
|
||||
|
||||
- name: Set image tag from puddle version
|
||||
set_fact:
|
||||
container_image_tag: "{{ core_puddle_version.stdout }}"
|
||||
|
||||
- name: Get registry namespace
|
||||
shell: cat containers-prepare-parameter.yaml | grep -v _namespace | grep namespace | awk '{print $2}'
|
||||
ignore_errors: True
|
||||
register: reg_ns
|
||||
|
||||
- name: Set registry namespace
|
||||
set_fact:
|
||||
reg_namespace: "{{ reg_ns.stdout }}"
|
||||
|
||||
- debug:
|
||||
msg: "{{ core_puddle_version.stdout }}"
|
||||
|
||||
- debug:
|
||||
msg: "{{ container_image_tag }}"
|
||||
|
||||
- debug:
|
||||
msg: "{{ reg_namespace }}"
|
||||
when: infrared_deployment|bool
|
||||
|
||||
- name: Set image tag (tripleo deployment)
|
||||
set_fact:
|
||||
container_image_tag: "{{ image_tag }}"
|
||||
when:
|
||||
- not infrared_deployment|bool
|
||||
|
||||
|
||||
- name: Generate ovn container images
|
||||
shell: |
|
||||
echo "container_images:" > ~/ovn_container_images.yaml
|
||||
args:
|
||||
creates: ~/ovn_container_images.yaml
|
||||
|
||||
- name: Add ovn container images to ovn_container_images.yaml
|
||||
lineinfile:
|
||||
dest: ~/ovn_container_images.yaml
|
||||
line: "- imagename: {{ reg_namespace }}/{{ image_prefix }}-{{ item }}:{{ container_image_tag }}"
|
||||
with_items:
|
||||
- "ovn-northd"
|
||||
- "ovn-controller"
|
||||
- "neutron-server-ovn"
|
||||
- "neutron-metadata-agent-ovn"
|
||||
|
||||
- name: Generate container images environment file
|
||||
shell: |
|
||||
echo "parameter_defaults:" > ~/container-images-ovn.yaml
|
||||
changed_when: False
|
||||
|
||||
- name: Set the local namespace
|
||||
block:
|
||||
- name: Extract the local namespace
|
||||
shell: |
|
||||
set -exo pipefail
|
||||
source ~/stackrc
|
||||
openstack overcloud plan export overcloud
|
||||
mkdir -p /tmp/oc_plan
|
||||
mv overcloud.tar.gz /tmp/oc_plan/
|
||||
cd /tmp/oc_plan
|
||||
tar xvf overcloud.tar.gz
|
||||
reg=`cat /tmp/oc_plan/environments/containers-default-parameters.yaml | grep ContainerNeutronApiImage | awk '{ split($2, image , "/"); print image[1] }'`
|
||||
namespace=`cat /tmp/oc_plan/environments/containers-default-parameters.yaml | grep ContainerNeutronApiImage | awk '{ split($2, image , "/"); print image[2] }'`
|
||||
echo $reg/$namespace > /tmp/_reg_namespace
|
||||
rm -rf /tmp/oc_plan
|
||||
|
||||
- name: Get the local namespace
|
||||
command: cat /tmp/_reg_namespace
|
||||
register: local_ns
|
||||
|
||||
- name: Set the local registry
|
||||
set_fact:
|
||||
local_registry: "{{ local_ns.stdout }}"
|
||||
when:
|
||||
- local_namespace == ''
|
||||
|
||||
- name: Set the local namespace
|
||||
set_fact:
|
||||
local_registry: "{{ local_namespace }}"
|
||||
when:
|
||||
- local_namespace != ''
|
||||
|
||||
- name: Add ovn container images to container images environment file
|
||||
lineinfile:
|
||||
dest: ~/container-images-ovn.yaml
|
||||
line: " {{ item.name }}: {{ local_registry }}/{{ image_prefix }}-{{ item.image_name }}:{{ container_image_tag }}"
|
||||
with_items:
|
||||
- { name: ContainerNeutronApiImage, image_name: neutron-server-ovn}
|
||||
- { name: ContainerNeutronConfigImage, image_name: neutron-server-ovn}
|
||||
- { name: ContainerOvnMetadataImage, image_name: neutron-metadata-agent-ovn}
|
||||
- { name: ContainerOvnControllerImage, image_name: ovn-controller}
|
||||
- { name: ContainerOvnControllerConfigImage, image_name: ovn-controller}
|
||||
- { name: ContainerOvnDbsImage, image_name: ovn-northd}
|
||||
- { name: ContainerOvnDbsConfigImage, image_name: ovn-northd}
|
||||
|
||||
- name: Upload the ovn container images to the local registry
|
||||
shell: |
|
||||
source /home/stack/stackrc
|
||||
openstack tripleo container image prepare --environment-file /home/stack/containers-prepare-parameter.yaml
|
||||
become: yes
|
||||
changed_when: False
|
@ -1,7 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
export PUBLIC_NETWORK_NAME={{ public_network }}
|
||||
# TODO: Get this from the var
|
||||
export OPT_WORKDIR=/home/stack/ovn_migration
|
||||
|
||||
/usr/bin/ovn_migration.sh $1
|
@ -1,417 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
# Copyright 2018 Red Hat, Inc.
|
||||
# All Rights Reserved.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
# With LANG set to everything else than C completely undercipherable errors
|
||||
# like "file not found" and decoding errors will start to appear during scripts
|
||||
# or even ansible modules
|
||||
LANG=C
|
||||
|
||||
# Complete stackrc file path.
|
||||
: ${STACKRC_FILE:=~/stackrc}
|
||||
|
||||
# Complete overcloudrc file path.
|
||||
: ${OVERCLOUDRC_FILE:=~/overcloudrc}
|
||||
|
||||
# overcloud deploy script for OVN migration.
|
||||
: ${OVERCLOUD_OVN_DEPLOY_SCRIPT:=~/overcloud-deploy-ovn.sh}
|
||||
|
||||
# user on the nodes in the undercloud
|
||||
: ${UNDERCLOUD_NODE_USER:=heat-admin}
|
||||
|
||||
: ${OPT_WORKDIR:=$PWD}
|
||||
: ${STACK_NAME:=overcloud}
|
||||
: ${OOO_WORKDIR:=$HOME/overcloud-deploy}
|
||||
: ${PUBLIC_NETWORK_NAME:=public}
|
||||
: ${IMAGE_NAME:=cirros}
|
||||
: ${FLAVOR_NAME:=ovn-migration}
|
||||
: ${SERVER_USER_NAME:=cirros}
|
||||
: ${VALIDATE_MIGRATION:=False}
|
||||
: ${DHCP_RENEWAL_TIME:=30}
|
||||
: ${CREATE_BACKUP:=True}
|
||||
: ${BACKUP_MIGRATION_IP:=192.168.24.1}
|
||||
: ${BACKUP_MIGRATION_CTL_PLANE_CIDRS:=192.168.24.0/24}
|
||||
|
||||
|
||||
check_for_necessary_files() {
|
||||
if [ ! -e hosts_for_migration ]; then
|
||||
echo "hosts_for_migration ansible inventory file not present"
|
||||
echo "Please run ./ovn_migration.sh generate-inventory"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Check if the user has generated overcloud-deploy-ovn.sh file
|
||||
# With correct permissions
|
||||
# If it is not generated. Exit
|
||||
if [ ! -x $OVERCLOUD_OVN_DEPLOY_SCRIPT ]; then
|
||||
echo "overcloud deploy migration script :" \
|
||||
"$OVERCLOUD_OVN_DEPLOY_SCRIPT is not present" \
|
||||
"or execution permission is missing. Please" \
|
||||
"make sure you create that file with correct" \
|
||||
"permissions before running this script."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
grep -q -- '--answers-file' $OVERCLOUD_OVN_DEPLOY_SCRIPT || grep -q -- '--environment-directory' $OVERCLOUD_OVN_DEPLOY_SCRIPT
|
||||
answers_templates_check=$?
|
||||
|
||||
grep -q -- 'neutron-ovn' $OVERCLOUD_OVN_DEPLOY_SCRIPT
|
||||
if [[ $? -eq 1 ]]; then
|
||||
if [[ $answers_templates_check -eq 0 ]]; then
|
||||
echo -e "\nWARNING!!! You are using an answers-file or a templates directory" \
|
||||
" ( --answers-file/--environment-directory) " \
|
||||
"\nYou MUST make sure the proper OVN files are included in the templates called by your deploy script"
|
||||
else
|
||||
echo -e "OVN t-h-t environment file(s) seems to be missing in " \
|
||||
"$OVERCLOUD_OVN_DEPLOY_SCRIPT. Please check the $OVERCLOUD_OVN_DEPLOY_SCRIPT" \
|
||||
"file again."
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
||||
grep -q \$HOME/ovn-extras.yaml $OVERCLOUD_OVN_DEPLOY_SCRIPT
|
||||
check1=$?
|
||||
grep -q $HOME/ovn-extras.yaml $OVERCLOUD_OVN_DEPLOY_SCRIPT
|
||||
check2=$?
|
||||
|
||||
if [[ $check1 -eq 1 && $check2 -eq 1 ]]; then
|
||||
# specific case of --answers-file/--environment-directory
|
||||
if [[ $answers_templates_check -eq 0 ]]; then
|
||||
echo -e "\nWARNING!!! You are using an answers-file or a templates directory" \
|
||||
" ( --answers-file/--environment-directory) " \
|
||||
"\nYou MUST add ovn-extras.yaml to your new set of templates for OVN-based deploys." \
|
||||
"\n e.g: add \" -e \$HOME/ovn-extras.yaml \" to the deploy command in $OVERCLOUD_OVN_DEPLOY_SCRIPT" \
|
||||
"\nOnce OVN migration is finished, ovn-extras.yaml can then be safely removed from your OVN templates."
|
||||
else
|
||||
echo "ovn-extras.yaml file is missing in "\
|
||||
"$OVERCLOUD_OVN_DEPLOY_SCRIPT. Please add it "\
|
||||
"as \" -e \$HOME/ovn-extras.yaml\""
|
||||
fi
|
||||
exit 1
|
||||
fi
|
||||
# Check if backup is enabled
|
||||
if [[ $CREATE_BACKUP = True ]]; then
|
||||
# Check if backup server is reachable
|
||||
ping -c4 $BACKUP_MIGRATION_IP
|
||||
if [[ $? -eq 1 ]]; then
|
||||
echo -e "It is not possible to reach the backup migration server IP" \
|
||||
"($BACKUP_MIGRATION_IP). Make sure this IP is accessible before" \
|
||||
"starting the migration." \
|
||||
"Change this value by doing: export BACKUP_MIGRATION_IP=x.x.x.x"
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
get_host_ip() {
|
||||
inventory_file=$1
|
||||
host_name=$2
|
||||
host_vars=$(ansible-inventory -i "$inventory_file" --host "$host_name" 2>/dev/null)
|
||||
if [[ $? -eq 0 ]]; then
|
||||
echo "$host_vars" | jq -r \.ansible_host
|
||||
else
|
||||
echo $host_name
|
||||
fi
|
||||
}
|
||||
|
||||
get_group_hosts() {
|
||||
inventory_file=$1
|
||||
group_name=$2
|
||||
group_graph=$(ansible-inventory -i "$inventory_file" --graph "$group_name" 2>/dev/null)
|
||||
if [[ $? -eq 0 ]]; then
|
||||
echo "$group_graph" | sed -ne 's/^[ \t|]\+--\([a-z0-9\-]\+\)$/\1/p'
|
||||
else
|
||||
echo ""
|
||||
fi
|
||||
}
|
||||
|
||||
# Generate the ansible.cfg file
|
||||
generate_ansible_config_file() {
|
||||
|
||||
cat > ansible.cfg <<-EOF
|
||||
[defaults]
|
||||
forks=50
|
||||
become=True
|
||||
callback_whitelist = profile_tasks
|
||||
host_key_checking = False
|
||||
gathering = smart
|
||||
fact_caching = jsonfile
|
||||
fact_caching_connection = ./ansible_facts_cache
|
||||
fact_caching_timeout = 0
|
||||
log_path = $HOME/ovn_migration_ansible.log
|
||||
|
||||
#roles_path = roles:...
|
||||
|
||||
[ssh_connection]
|
||||
control_path = %(directory)s/%%h-%%r
|
||||
ssh_args = -o ControlMaster=auto -o ControlPersist=270s -o ServerAliveInterval=30 -o GSSAPIAuthentication=no
|
||||
retries = 3
|
||||
|
||||
EOF
|
||||
}
|
||||
|
||||
# Generate the inventory file for ansible migration playbook.
|
||||
# It uses tripleo-ansible-inventory.yaml which was used during deployment as source inventory
|
||||
generate_ansible_inventory_file() {
|
||||
local dhcp_nodes
|
||||
local inventory_file="$OOO_WORKDIR/$STACK_NAME/config-download/$STACK_NAME/tripleo-ansible-inventory.yaml"
|
||||
|
||||
echo "Generating the inventory file for ansible-playbook"
|
||||
echo "[ovn-dbs]" > hosts_for_migration
|
||||
ovn_central=True
|
||||
# We want to run ovn_dbs where neutron_api is running
|
||||
OVN_DBS=$(get_group_hosts "$inventory_file" neutron_api)
|
||||
for node_name in $OVN_DBS; do
|
||||
node_ip=$(get_host_ip "$inventory_file" $node_name)
|
||||
node="$node_name ansible_host=$node_ip"
|
||||
if [ "$ovn_central" == "True" ]; then
|
||||
ovn_central=False
|
||||
node="$node_name ansible_host=$node_ip ovn_central=true"
|
||||
fi
|
||||
echo $node ansible_ssh_user=$UNDERCLOUD_NODE_USER ansible_become=true >> hosts_for_migration
|
||||
done
|
||||
|
||||
echo "" >> hosts_for_migration
|
||||
echo "[ovn-controllers]" >> hosts_for_migration
|
||||
|
||||
# We want to run ovn-controller where OVS agent was running before the migration
|
||||
OVN_CONTROLLERS=$(get_group_hosts "$inventory_file" neutron_ovs_agent; get_group_hosts "$inventory_file" neutron_ovs_dpdk_agent)
|
||||
for node_name in $OVN_CONTROLLERS; do
|
||||
node_ip=$(get_host_ip "$inventory_file" $node_name)
|
||||
echo $node_name ansible_host=$node_ip ansible_ssh_user=$UNDERCLOUD_NODE_USER ansible_become=true ovn_controller=true >> hosts_for_migration
|
||||
done
|
||||
|
||||
echo "" >> hosts_for_migration
|
||||
echo "[dhcp]" >> hosts_for_migration
|
||||
dhcp_nodes=$(get_group_hosts "$inventory_file" neutron_dhcp)
|
||||
for node_name in $dhcp_nodes; do
|
||||
node_ip=$(get_host_ip "$inventory_file" $node_name)
|
||||
echo $node_name ansible_host=$node_ip ansible_ssh_user=$UNDERCLOUD_NODE_USER ansible_become=true >> hosts_for_migration
|
||||
done
|
||||
|
||||
echo "" >> hosts_for_migration
|
||||
|
||||
cat >> hosts_for_migration << EOF
|
||||
|
||||
[overcloud-controllers:children]
|
||||
dhcp
|
||||
|
||||
[overcloud:children]
|
||||
ovn-controllers
|
||||
ovn-dbs
|
||||
|
||||
EOF
|
||||
add_group_vars() {
|
||||
|
||||
cat >> hosts_for_migration << EOF
|
||||
|
||||
[$1:vars]
|
||||
remote_user=$UNDERCLOUD_NODE_USER
|
||||
public_network_name=$PUBLIC_NETWORK_NAME
|
||||
image_name=$IMAGE_NAME
|
||||
flavor_name=$FLAVOR_NAME
|
||||
working_dir=$OPT_WORKDIR
|
||||
server_user_name=$SERVER_USER_NAME
|
||||
validate_migration=$VALIDATE_MIGRATION
|
||||
overcloud_ovn_deploy_script=$OVERCLOUD_OVN_DEPLOY_SCRIPT
|
||||
overcloudrc=$OVERCLOUDRC_FILE
|
||||
ovn_migration_backups=/var/lib/ovn-migration-backup
|
||||
EOF
|
||||
}
|
||||
|
||||
add_group_vars overcloud
|
||||
add_group_vars overcloud-controllers
|
||||
|
||||
|
||||
echo "***************************************"
|
||||
cat hosts_for_migration
|
||||
echo "***************************************"
|
||||
echo "Generated the inventory file - hosts_for_migration"
|
||||
echo "Please review the file before running the next command - reduce-dhcp-t1"
|
||||
}
|
||||
|
||||
# Check if source inventory exists
|
||||
function check_source_inventory {
|
||||
local inventory_file="$OOO_WORKDIR/$STACK_NAME/config-download/$STACK_NAME/tripleo-ansible-inventory.yaml"
|
||||
if [ ! -f $inventory_file ]; then
|
||||
echo "ERROR: Source Inventory File ${inventory_file} does not exist. Please provide the Stack Name and TripleO Workdir"
|
||||
echo " via STACK_NAME and OOO_WORKDIR environment variables."
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
# Check if the public network exists, and if it has floating ips available
|
||||
|
||||
oc_check_public_network() {
|
||||
|
||||
[ "$VALIDATE_MIGRATION" != "True" ] && return 0
|
||||
source $OVERCLOUDRC_FILE
|
||||
openstack network show $PUBLIC_NETWORK_NAME 1>/dev/null || {
|
||||
echo "ERROR: PUBLIC_NETWORK_NAME=${PUBLIC_NETWORK_NAME} can't be accessed by the"
|
||||
echo " admin user, please fix that before continuing."
|
||||
exit 1
|
||||
}
|
||||
|
||||
ID=$(openstack floating ip create $PUBLIC_NETWORK_NAME -c id -f value) || {
|
||||
echo "ERROR: PUBLIC_NETWORK_NAME=${PUBLIC_NETWORK_NAME} doesn't have available"
|
||||
echo " floating ips. Make sure that your public network has at least one"
|
||||
echo " floating ip available for the admin user."
|
||||
exit 1
|
||||
}
|
||||
|
||||
openstack floating ip delete $ID 2>/dev/null 1>/dev/null
|
||||
return $?
|
||||
}
|
||||
|
||||
|
||||
# Check if the neutron networks MTU has been updated to geneve MTU size or not.
|
||||
# We donot want to proceed if the MTUs are not updated.
|
||||
oc_check_network_mtu() {
|
||||
source $OVERCLOUDRC_FILE
|
||||
neutron-ovn-migration-mtu verify mtu
|
||||
return $?
|
||||
}
|
||||
|
||||
reduce_dhcp_t1() {
|
||||
# Run the ansible playbook to reduce the DHCP T1 parameter in
|
||||
# dhcp_agent.ini in all the overcloud nodes where dhcp agent is running.
|
||||
ansible-playbook -vv $OPT_WORKDIR/playbooks/reduce-dhcp-renewal-time.yml \
|
||||
-i hosts_for_migration -e working_dir=$OPT_WORKDIR \
|
||||
-e renewal_time=$DHCP_RENEWAL_TIME
|
||||
rc=$?
|
||||
return $rc
|
||||
}
|
||||
|
||||
reduce_network_mtu () {
|
||||
source $OVERCLOUDRC_FILE
|
||||
oc_check_network_mtu
|
||||
if [ "$?" != "0" ]; then
|
||||
# Reduce the network mtu
|
||||
neutron-ovn-migration-mtu update mtu
|
||||
rc=$?
|
||||
|
||||
if [ "$rc" != "0" ]; then
|
||||
echo "Reducing the network mtu's failed. Exiting."
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
||||
return $rc
|
||||
}
|
||||
|
||||
start_migration() {
|
||||
source $STACKRC_FILE
|
||||
echo "Starting the Migration"
|
||||
local inventory_file="$OOO_WORKDIR/$STACK_NAME/config-download/$STACK_NAME/tripleo-ansible-inventory.yaml"
|
||||
if ! test -f $inventory_file; then
|
||||
inventory_file=''
|
||||
fi
|
||||
ansible-playbook -vv $OPT_WORKDIR/playbooks/ovn-migration.yml \
|
||||
-i hosts_for_migration -e working_dir=$OPT_WORKDIR \
|
||||
-e public_network_name=$PUBLIC_NETWORK_NAME \
|
||||
-e image_name=$IMAGE_NAME \
|
||||
-e flavor_name=$FLAVOR_NAME \
|
||||
-e undercloud_node_user=$UNDERCLOUD_NODE_USER \
|
||||
-e overcloud_ovn_deploy_script=$OVERCLOUD_OVN_DEPLOY_SCRIPT \
|
||||
-e server_user_name=$SERVER_USER_NAME \
|
||||
-e overcloudrc=$OVERCLOUDRC_FILE \
|
||||
-e stackrc=$STACKRC_FILE \
|
||||
-e backup_migration_ip=$BACKUP_MIGRATION_IP \
|
||||
-e backup_migration_ctl_plane_cidrs=$BACKUP_MIGRATION_CTL_PLANE_CIDRS \
|
||||
-e create_backup=$CREATE_BACKUP \
|
||||
-e ansible_inventory=$inventory_file \
|
||||
-e validate_migration=$VALIDATE_MIGRATION $*
|
||||
|
||||
rc=$?
|
||||
return $rc
|
||||
}
|
||||
|
||||
print_usage() {
|
||||
|
||||
cat << EOF
|
||||
|
||||
Usage:
|
||||
|
||||
Before running this script, please refer to the migration guide for
|
||||
complete details. This script needs to be run in 5 steps.
|
||||
|
||||
Step 1 -> ovn_migration.sh generate-inventory
|
||||
|
||||
Generates the inventory file
|
||||
|
||||
Step 2 -> ovn_migration.sh reduce-dhcp-t1 (deprecated name setup-mtu-t1)
|
||||
|
||||
Sets the DHCP renewal T1 to 30 seconds. After this step you will
|
||||
need to wait at least 24h for the change to be propagated to all
|
||||
VMs. This step is only necessary for VXLAN or GRE based tenant
|
||||
networking.
|
||||
|
||||
Step 3 -> You need to wait at least 24h based on the default configuration
|
||||
of neutron for the DHCP T1 parameter to be propagated, please
|
||||
refer to documentation. WARNING: this is very important if you
|
||||
are using VXLAN or GRE tenant networks.
|
||||
|
||||
Step 4 -> ovn_migration.sh reduce-mtu
|
||||
|
||||
Reduces the MTU of the neutron tenant networks networks. This
|
||||
step is only necessary for VXLAN or GRE based tenant networking.
|
||||
|
||||
Step 5 -> ovn_migration.sh start-migration
|
||||
|
||||
Starts the migration to OVN.
|
||||
|
||||
EOF
|
||||
|
||||
}
|
||||
|
||||
command=$1
|
||||
|
||||
ret_val=0
|
||||
case $command in
|
||||
generate-inventory)
|
||||
check_source_inventory
|
||||
oc_check_public_network
|
||||
generate_ansible_inventory_file
|
||||
generate_ansible_config_file
|
||||
ret_val=$?
|
||||
;;
|
||||
|
||||
reduce-dhcp-t1 | setup-mtu-t1)
|
||||
if [[ $command = 'setup-mtu-t1' ]]; then
|
||||
echo -e "Warning: setup-mtu-t1 argument was renamed."\
|
||||
"Use reduce-dhcp-t1 argument instead."
|
||||
fi
|
||||
check_for_necessary_files
|
||||
reduce_dhcp_t1
|
||||
ret_val=$?;;
|
||||
|
||||
reduce-mtu)
|
||||
check_for_necessary_files
|
||||
reduce_network_mtu
|
||||
ret_val=$?;;
|
||||
|
||||
start-migration)
|
||||
oc_check_public_network
|
||||
check_for_necessary_files
|
||||
shift
|
||||
start_migration $*
|
||||
ret_val=$?
|
||||
;;
|
||||
|
||||
*)
|
||||
print_usage;;
|
||||
esac
|
||||
|
||||
exit $ret_val
|
@ -1,121 +0,0 @@
|
||||
# This is the playbook used by ovn-migration.sh.
|
||||
|
||||
#
|
||||
# Backup the controllers to have a backup in case the
|
||||
# migration fails leaving the testbed on a broken status.
|
||||
#
|
||||
|
||||
- name: Backup controllers pre-migration
|
||||
hosts: localhost
|
||||
roles:
|
||||
- recovery-backup
|
||||
tags:
|
||||
- recovery-backup
|
||||
|
||||
|
||||
#
|
||||
# Pre migration and validation tasks will make sure that the initial cloud
|
||||
# is functional, and will create resources which will be checked after
|
||||
# migration.
|
||||
#
|
||||
|
||||
|
||||
- name: Pre migration and validation tasks
|
||||
hosts: localhost
|
||||
roles:
|
||||
- pre-migration
|
||||
tags:
|
||||
- pre-migration
|
||||
|
||||
|
||||
#
|
||||
# This step is executed before migration, and will backup some config
|
||||
# files related to containers before those get lost.
|
||||
#
|
||||
|
||||
- name: Backup tripleo container config files on the nodes
|
||||
hosts: ovn-controllers
|
||||
roles:
|
||||
- backup
|
||||
tags:
|
||||
- setup
|
||||
|
||||
|
||||
- name: Stop ml2/ovs resources
|
||||
hosts: ovn-controllers
|
||||
roles:
|
||||
- stop-agents
|
||||
tags:
|
||||
- migration
|
||||
|
||||
|
||||
#
|
||||
# TripleO / Director is executed to deploy ovn using "br-migration" for the
|
||||
# dataplane, while br-int is left intact to avoid dataplane disruption.
|
||||
#
|
||||
|
||||
- name: Set up OVN and configure it using tripleo
|
||||
hosts: localhost
|
||||
roles:
|
||||
- tripleo-update
|
||||
tags:
|
||||
- setup
|
||||
become: false
|
||||
|
||||
|
||||
#
|
||||
# Once everything is migrated prepare everything by syncing the neutron DB
|
||||
# into the OVN NB database, and then switching the dataplane to br-int
|
||||
# letting ovn-controller take control, afterwards any remaining neutron
|
||||
# resources, namespaces or processes which are not needed anymore are
|
||||
# cleaned up.
|
||||
#
|
||||
|
||||
- name: Do the DB sync and dataplane switch
|
||||
hosts: ovn-controllers, ovn-dbs
|
||||
roles:
|
||||
- migration
|
||||
vars:
|
||||
ovn_bridge: br-int
|
||||
tags:
|
||||
- migration
|
||||
|
||||
|
||||
#
|
||||
# Verify that the initial resources are still reachable, remove them,
|
||||
# and afterwards create new resources and repeat the connectivity tests.
|
||||
#
|
||||
|
||||
- name: Post migration
|
||||
hosts: localhost
|
||||
roles:
|
||||
- delete-neutron-resources
|
||||
- post-migration
|
||||
tags:
|
||||
- post-migration
|
||||
|
||||
|
||||
#
|
||||
# Final validation after tripleo update to br-int
|
||||
#
|
||||
|
||||
- name: Final validation
|
||||
hosts: localhost
|
||||
vars:
|
||||
validate_premigration_resources: false
|
||||
roles:
|
||||
- post-migration
|
||||
tags:
|
||||
- final-validation
|
||||
|
||||
|
||||
#
|
||||
# Announce that it's done and ready.
|
||||
#
|
||||
|
||||
- hosts: localhost
|
||||
tasks:
|
||||
- name: Migration successful.
|
||||
debug:
|
||||
msg: Migration from ML2OVS to OVN is now complete.
|
||||
|
@ -1,19 +0,0 @@
|
||||
---
|
||||
|
||||
- hosts: overcloud-controllers
|
||||
tasks:
|
||||
- name: Update dhcp_agent configuration file option 'dhcp_renewal_time'
|
||||
ini_file:
|
||||
path=/var/lib/config-data/puppet-generated/neutron/etc/neutron/dhcp_agent.ini
|
||||
section=DEFAULT
|
||||
backup=yes
|
||||
option=dhcp_renewal_time
|
||||
value={{ renewal_time }}
|
||||
create=no
|
||||
ignore_errors: yes
|
||||
|
||||
- block:
|
||||
- name: Restart neutron dhcp agent
|
||||
shell:
|
||||
podman restart $(podman ps --filter "name=neutron_dhcp" --format {% raw %}"{{.ID}}"{% endraw %})
|
||||
ignore_errors: yes
|
@ -1,4 +0,0 @@
|
||||
- name: Clean computes
|
||||
hosts: ovn-controllers
|
||||
roles:
|
||||
- revert
|
@ -1,19 +0,0 @@
|
||||
# The following tasks ensure that we have backup data which is
|
||||
# necessary later for cleanup (like l3/dhcp/metadata agent definitions)
|
||||
|
||||
- name: "Ensure the ovn backup directory"
|
||||
file: path="{{ ovn_migration_backups }}" state=directory
|
||||
|
||||
- name: "Save the tripleo container definitions"
|
||||
shell: |
|
||||
# only copy them the first time, otherwise, on a later run when
|
||||
# it has been already migrated to OVN we would miss the data
|
||||
if [ ! -d {{ ovn_migration_backups }}/tripleo-config ]; then
|
||||
cp -rfp /var/lib/tripleo-config {{ ovn_migration_backups }}
|
||||
echo "Backed up"
|
||||
fi
|
||||
register: command_result
|
||||
changed_when: "'Backed up' in command_result.stdout"
|
||||
|
||||
# TODO(majopela): Include steps for backing up the mysql database on the
|
||||
# controllers and the undercloud before continuing
|
@ -1,3 +0,0 @@
|
||||
---
|
||||
|
||||
ovn_migration_temp_dir_del: "{{ working_dir }}/delete_neutron_resources"
|
@ -1,21 +0,0 @@
|
||||
---
|
||||
- name: Delete temp file directory if present
|
||||
file:
|
||||
state: absent
|
||||
path: "{{ ovn_migration_temp_dir_del }}"
|
||||
|
||||
- name : Create temp file directory if not present
|
||||
file:
|
||||
state: directory
|
||||
path: "{{ ovn_migration_temp_dir_del }}"
|
||||
|
||||
- name: Generate neutron resources cleanup script
|
||||
template:
|
||||
src: "delete-neutron-resources.sh.j2"
|
||||
dest: "{{ ovn_migration_temp_dir_del }}/delete-neutron-resources.sh"
|
||||
mode: 0744
|
||||
|
||||
- name: Deleting the neutron agents
|
||||
shell: >
|
||||
{{ ovn_migration_temp_dir_del }}/delete-neutron-resources.sh 2>&1 >
|
||||
{{ ovn_migration_temp_dir_del }}/delete-neutron-resources.sh.log
|
@ -1,32 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
set -x
|
||||
|
||||
source {{ overcloudrc }}
|
||||
|
||||
# Delete non alive neutron agents
|
||||
for i in `openstack network agent list | grep neutron- | grep -v ':-)' | awk {'print $2'}`
|
||||
do
|
||||
openstack network agent delete $i
|
||||
done
|
||||
|
||||
|
||||
delete_network_ports() {
|
||||
net_id=$1
|
||||
for p in `openstack port list --network $net_id | grep -v ID | awk '{print $2}'`
|
||||
do
|
||||
openstack port delete $p
|
||||
done
|
||||
}
|
||||
|
||||
# Delete HA networks
|
||||
for i in `openstack network list | grep "HA network tenant" | awk '{print $2}'`
|
||||
do
|
||||
delete_network_ports $i
|
||||
openstack network delete $i
|
||||
done
|
||||
|
||||
# Delete DVR gateway ports
|
||||
openstack port delete $(openstack port list --device-owner "network:floatingip_agent_gateway" -c id -f value)
|
||||
|
||||
exit 0
|
@ -1,5 +0,0 @@
|
||||
---
|
||||
|
||||
tunnel_bridge: "br-tun"
|
||||
ovn_bridge: "br-int"
|
||||
ovn_db_sync_container: "neutron-ovn-db-sync"
|
@ -1,15 +0,0 @@
|
||||
---
|
||||
- name: Generate OVN activation script
|
||||
template:
|
||||
src: "activate-ovn.sh.j2"
|
||||
dest: "/tmp/activate-ovn.sh"
|
||||
mode: 0644
|
||||
|
||||
- name: Run OVN activation script
|
||||
shell: >
|
||||
sh /tmp/activate-ovn.sh 2>&1 > /tmp/activate-ovn.sh.log
|
||||
|
||||
- name: Delete OVN activate script
|
||||
file:
|
||||
state: absent
|
||||
path: /tmp/activate-ovn.sh
|
@ -1,75 +0,0 @@
|
||||
---
|
||||
- name: Cleanup neutron router and dhcp interfaces
|
||||
shell: |
|
||||
ovs-vsctl list interface | awk '/name[ ]*: qr-|ha-|qg-|rfp-|sg-|fg-/ { print $3 }' | xargs -n1 ovs-vsctl del-port
|
||||
|
||||
# dhcp tap ports cannot be easily distinguished from ovsfw ports, so we
|
||||
# list them from within the qdhcp namespaces
|
||||
for netns in `ip netns | awk '{ print $1 }' | grep qdhcp-`; do
|
||||
for dhcp_port in `ip netns exec $netns ip -o link show | awk -F': ' '{print $2}' | grep tap`; do
|
||||
ovs-vsctl del-port $dhcp_port
|
||||
done
|
||||
done
|
||||
register: router_dhcp_error
|
||||
ignore_errors: True
|
||||
|
||||
- name: Cleanup neutron router and dhcp interfaces finished
|
||||
debug:
|
||||
msg: WARNING error while cleaning ovs interface with msg {{ router_dhcp_error.msg }}
|
||||
when:
|
||||
- router_dhcp_error.changed
|
||||
- router_dhcp_error.rc != 0
|
||||
|
||||
- name: Check if neutron trunk subports need cleanup
|
||||
shell: |
|
||||
ovs-vsctl list interface | awk '/name[ ]*: sp[it]-/ { print $3 }' | grep 'spi-\|spt-'
|
||||
register: do_cleanup
|
||||
ignore_errors: True
|
||||
|
||||
- name: Cleanup neutron trunk subports
|
||||
when: do_cleanup.rc == 0
|
||||
shell: |
|
||||
ovs-vsctl list interface | awk '/name[ ]*: sp[it]-/ { print $3 }' | xargs -n1 ovs-vsctl del-port
|
||||
register: trunk_error
|
||||
ignore_errors: True
|
||||
|
||||
- name: Cleanup trunk ports finished
|
||||
debug:
|
||||
msg: WARNING error while cleaning ovs interface with msg {{ trunk_error.msg }}
|
||||
when:
|
||||
- trunk_error.changed
|
||||
- trunk_error.rc != 0
|
||||
|
||||
- name: Clean neutron datapath security groups from iptables
|
||||
shell: |
|
||||
{{ iptables_exec }}-save > /tmp/iptables-before-cleanup
|
||||
cat /tmp/iptables-before-cleanup | grep -v neutron-openvswi | \
|
||||
grep -v neutron-filter > /tmp/iptables-after-cleanup
|
||||
|
||||
if ! cmp /tmp/iptables-before-cleanup /tmp/iptables-after-cleanup
|
||||
then
|
||||
cat /tmp/iptables-after-cleanup | {{ iptables_exec }}-restore
|
||||
echo "Security groups cleaned"
|
||||
fi
|
||||
register: out
|
||||
with_items:
|
||||
- iptables
|
||||
- ip6tables
|
||||
loop_control:
|
||||
loop_var: iptables_exec
|
||||
changed_when: "'Security groups cleaned' in out.stdout"
|
||||
|
||||
- name: Cleanup neutron datapath resources
|
||||
become: yes
|
||||
shell: |
|
||||
for container in $(podman ps -a --format {% raw %}"{{.ID}}"{% endraw %} --filter "name=(neutron-(dibbler|dnsmasq|haproxy|keepalived)-.*|dhcp_dnsmasq|dhcp_haproxy|l3_keepalived|l3_haproxy|l3_dibbler|l3_radvd)"); do
|
||||
echo "Cleaning up side-car container $container"
|
||||
podman stop $container
|
||||
podman rm -f $container
|
||||
done
|
||||
|
||||
# cleanup Neutron ml2/ovs namespaces
|
||||
for netns in $(ip netns | awk '/^(snat|fip|qdhcp|qrouter)-/{ print $1 }'); do
|
||||
echo "Cleaning up namespace $netns"
|
||||
ip netns delete $netns
|
||||
done
|
@ -1,15 +0,0 @@
|
||||
# we use this instead of a big shell entry because some versions of
|
||||
# ansible-playbook choke on our script syntax + yaml parsing
|
||||
- name: Generate script to clone br-int and provider bridges
|
||||
template:
|
||||
src: "clone-br-int.sh.j2"
|
||||
dest: "/tmp/clone-br-int.sh"
|
||||
mode: 0644
|
||||
|
||||
- name: Run clone script for dataplane
|
||||
shell: sh /tmp/clone-br-int.sh
|
||||
|
||||
- name: Delete clone script
|
||||
file:
|
||||
state: absent
|
||||
path: /tmp/clone-br-int.sh
|
@ -1,11 +0,0 @@
|
||||
---
|
||||
- include_tasks: clone-dataplane.yml
|
||||
|
||||
- include_tasks: sync-dbs.yml
|
||||
|
||||
- include_tasks: activate-ovn.yml
|
||||
|
||||
- include_tasks: cleanup-dataplane.yml
|
||||
when: ovn_controller is defined
|
||||
tags:
|
||||
- cleanup-dataplane
|
@ -1,34 +0,0 @@
|
||||
---
|
||||
- name: stop neutron_api containers
|
||||
ansible.builtin.systemd:
|
||||
name: tripleo_neutron_api
|
||||
state: stopped
|
||||
|
||||
- name: get neutron_server image url
|
||||
command: podman ps -a --filter "name=neutron_api" --format {% raw %}"{{.Image}}"{% endraw %}
|
||||
register: neutron_server_image
|
||||
|
||||
- name: sync neutron db with OVN db
|
||||
command: podman run --name {{ ovn_db_sync_container }}
|
||||
-v /var/log/containers/neutron:/var/log/neutron:Z
|
||||
-v /var/lib/config-data/puppet-generated/neutron/etc/neutron:/etc/neutron:Z
|
||||
--privileged=True --network host --user root
|
||||
{{ neutron_server_image.stdout }}
|
||||
neutron-ovn-db-sync-util --config-file /etc/neutron/neutron.conf
|
||||
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini
|
||||
--log-file /var/log/neutron/neutron-db-sync.log
|
||||
--ovn-neutron_sync_mode migrate
|
||||
--debug
|
||||
when: ovn_central is defined
|
||||
|
||||
- name: remove db-sync container
|
||||
command: podman rm -f {{ ovn_db_sync_container }}
|
||||
when: ovn_central is defined
|
||||
|
||||
- name: start neutron_api containers
|
||||
ansible.builtin.systemd:
|
||||
name: tripleo_neutron_api
|
||||
state: started
|
||||
|
||||
- name: Pause and let ovn-controllers settle before doing the final activation (5 minute)
|
||||
pause: minutes=5
|
@ -1,42 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
set -x
|
||||
|
||||
podman stop ovn_controller
|
||||
|
||||
# restore bridge mappings
|
||||
ovn_orig_bm=$(ovs-vsctl get open . external_ids:ovn-bridge-mappings-back)
|
||||
ovs-vsctl set open . external_ids:ovn-bridge-mappings="$ovn_orig_bm"
|
||||
ovs-vsctl remove open . external_ids ovn-bridge-mappings-back
|
||||
|
||||
ovn_bms=$(echo $ovn_orig_bm | sed 's/\"//g' | sed 's/,/ /g')
|
||||
|
||||
# Reset OpenFlow protocol version before ovn-controller takes over
|
||||
ovs-vsctl set Bridge {{ ovn_bridge }} protocols=[]
|
||||
|
||||
for bm in $ovn_bms; do
|
||||
parts=($(echo $bm | sed 's/:/ /g'))
|
||||
bridge=${parts[1]}
|
||||
ovs-vsctl set-fail-mode $bridge standalone
|
||||
ovs-vsctl set Bridge $bridge protocols=[]
|
||||
ovs-vsctl del-controller $bridge
|
||||
done
|
||||
|
||||
# Delete controller from integration bridge
|
||||
ovs-vsctl del-controller {{ ovn_bridge }}
|
||||
|
||||
# Activate ovn-controller by configuring integration bridge
|
||||
ovs-vsctl set open . external_ids:ovn-bridge={{ ovn_bridge }}
|
||||
|
||||
podman start ovn_controller
|
||||
|
||||
# Delete ovs bridges - br-tun and br-migration
|
||||
ovs-vsctl --if-exists del-br {{ tunnel_bridge }}
|
||||
ovs-vsctl --if-exists del-br br-migration
|
||||
ovs-vsctl --if-exists del-port br-int patch-tun
|
||||
|
||||
for br in $(ovs-vsctl list-br | egrep 'br-mig-[0-9]+'); do
|
||||
ovs-vsctl --if-exists del-br $br
|
||||
done
|
||||
|
||||
exit 0
|
@ -1,77 +0,0 @@
|
||||
# The purpose of this script is to make a clone of the br-int content
|
||||
# into br-migration, and to create fake provider bridges.
|
||||
# This way, while we synchronize the neutron database into the OVN
|
||||
# northbound DB, and that translates into southbound content all
|
||||
# the ovn-controllers around are able to create the SBDB content
|
||||
# safely, without disrupting the existing neutron ml2/ovs dataplane.
|
||||
|
||||
OVN_MIG_PREFIX=br-mig
|
||||
OVN_BR_MIGRATION=${OVN_BR_MIGRATION:-br-migration}
|
||||
|
||||
function recreate_bridge_mappings() {
|
||||
function new_bridge_mappings() {
|
||||
orig_bms=$1
|
||||
|
||||
if echo $orig_bms | grep $OVN_MIG_PREFIX; then
|
||||
echo $orig_bms
|
||||
return
|
||||
fi
|
||||
ovn_bms=$(echo $1 | sed 's/\"//g' | sed 's/,/ /g')
|
||||
final_bm=""
|
||||
br_n=0
|
||||
|
||||
for bm in $ovn_bms; do
|
||||
parts=($(echo $bm | sed 's/:/ /g'))
|
||||
physnet=${parts[0]}
|
||||
bridge="${OVN_MIG_PREFIX}-${br_n}"
|
||||
mapping="${physnet}:${bridge}"
|
||||
if [[ -z "$final_bm" ]]; then
|
||||
final_bm=$mapping
|
||||
else
|
||||
final_bm="${final_bm},${mapping}"
|
||||
fi
|
||||
# ensure bridge
|
||||
ovs-vsctl --may-exist add-br $bridge
|
||||
br_n=$(( br_n + 1 ))
|
||||
done
|
||||
echo $final_bm
|
||||
}
|
||||
ovn_orig_bm=$(ovs-vsctl get open . external_ids:ovn-bridge-mappings)
|
||||
|
||||
# backup the original mapping if we didn't already do
|
||||
ovs-vsctl get open . external_ids:ovn-bridge-mappings-back || \
|
||||
ovs-vsctl set open . external_ids:ovn-bridge-mappings-back="$ovn_orig_bm"
|
||||
|
||||
new_mapping=$(new_bridge_mappings $ovn_orig_bm)
|
||||
|
||||
ovs-vsctl set open . external_ids:ovn-bridge-mappings="$new_mapping"
|
||||
}
|
||||
|
||||
function copy_interfaces_to_br_migration() {
|
||||
|
||||
interfaces=$(ovs-vsctl list-ifaces br-int | egrep -v 'qr-|ha-|qg-|rfp-|sg-|fg-')
|
||||
for interface in $interfaces; do
|
||||
if [[ "$interface" == "br-int" ]]; then
|
||||
continue
|
||||
fi
|
||||
ifmac=$(ovs-vsctl get Interface $interface external-ids:attached-mac)
|
||||
if [ $? -ne 0 ]; then
|
||||
echo "Can't get port details for $interface"
|
||||
continue
|
||||
fi
|
||||
ifstatus=$(ovs-vsctl get Interface $interface external-ids:iface-status)
|
||||
ifid=$(ovs-vsctl get Interface $interface external-ids:iface-id)
|
||||
ifname=x$interface
|
||||
ovs-vsctl -- --may-exist add-port $OVN_BR_MIGRATION $ifname \
|
||||
-- set Interface $ifname type=internal \
|
||||
-- set Interface $ifname external-ids:iface-status=$ifstatus \
|
||||
-- set Interface $ifname external-ids:attached-mac=$ifmac \
|
||||
-- set Interface $ifname external-ids:iface-id=$ifid
|
||||
|
||||
echo cloned port $interface from br-int as $ifname on $OVN_BR_MIGRATION
|
||||
done
|
||||
}
|
||||
|
||||
recreate_bridge_mappings
|
||||
podman restart ovn_controller
|
||||
copy_interfaces_to_br_migration
|
@ -1,4 +0,0 @@
|
||||
---
|
||||
|
||||
ovn_migration_temp_dir: "{{ working_dir }}/post_migration_resources"
|
||||
validate_premigration_resources: true
|
@ -1,59 +0,0 @@
|
||||
---
|
||||
|
||||
#
|
||||
# Validate pre-migration resources and then clean those up
|
||||
#
|
||||
|
||||
- name: Validate pre migration resources after migration
|
||||
include_role:
|
||||
name: resources/validate
|
||||
vars:
|
||||
restart_server: true
|
||||
when:
|
||||
- validate_migration|bool
|
||||
- validate_premigration_resources
|
||||
|
||||
- name: Delete the pre migration resources
|
||||
include_role:
|
||||
name: resources/cleanup
|
||||
tags:
|
||||
- post-migration
|
||||
when:
|
||||
- validate_migration|bool
|
||||
- validate_premigration_resources
|
||||
|
||||
#
|
||||
# Create post-migration resources, validate, and then clean up
|
||||
#
|
||||
|
||||
# Delete any existing resources to make sure we don't conflict on a second run
|
||||
- name: Delete any post migration resources (preventive)
|
||||
include_role:
|
||||
name: resources/cleanup
|
||||
vars:
|
||||
resource_suffix: "post"
|
||||
silent_cleanup: true
|
||||
when: validate_migration|bool
|
||||
|
||||
- name: Create post-migration resources
|
||||
include_role:
|
||||
name: resources/create
|
||||
vars:
|
||||
resource_suffix: "post"
|
||||
when: validate_migration|bool
|
||||
|
||||
- name: Validate post migration resources
|
||||
include_role:
|
||||
name: resources/validate
|
||||
vars:
|
||||
resource_suffix: "post"
|
||||
when: validate_migration|bool
|
||||
|
||||
- name: Delete the post migration resources
|
||||
include_role:
|
||||
name: resources/cleanup
|
||||
tags:
|
||||
- post-migration
|
||||
vars:
|
||||
resource_suffix: "post"
|
||||
when: validate_migration|bool
|
@ -1,17 +0,0 @@
|
||||
# Delete any existing resources to make sure we don't conflict on a second run
|
||||
- name: Delete any existing pre migration resources (preventive)
|
||||
include_role:
|
||||
name: resources/cleanup
|
||||
vars:
|
||||
silent_cleanup: true
|
||||
when: validate_migration|bool
|
||||
|
||||
- name: Create the pre migration resource stack
|
||||
include_role:
|
||||
name: resources/create
|
||||
when: validate_migration|bool
|
||||
|
||||
- name: Validate the pre migration resources
|
||||
include_role:
|
||||
name: resources/validate
|
||||
when: validate_migration|bool
|
@ -1,12 +0,0 @@
|
||||
---
|
||||
|
||||
# Name of the group hosts where the NFS instalation will take place
|
||||
# If the NFS server is the undercloud (and there is only one) will
|
||||
# not be a problem, but if multiple servers exist on the server_name group
|
||||
# it is possible that the nfs will be installed on every server, eventho the
|
||||
# storage of the backup will only be done in the backup_ip.
|
||||
#
|
||||
# This can be solved if a new tripleo-inventory is manually created specifying
|
||||
# a [BackupNode] section, with the nfs server info
|
||||
revert_preparation_server_name: "Undercloud"
|
||||
backup_and_recover_temp_folder: /tmp/backup-recover-temp
|
@ -1,69 +0,0 @@
|
||||
---
|
||||
|
||||
- name: Create controller's backup
|
||||
block:
|
||||
- name: Create temp folder related to backup
|
||||
file:
|
||||
state: directory
|
||||
path: "{{ backup_and_recover_temp_folder }}"
|
||||
|
||||
# Using this task on OSP17
|
||||
- name: Copy tripleo-inventory
|
||||
copy:
|
||||
src: "{{ ansible_inventory }}"
|
||||
dest: "{{ backup_and_recover_temp_folder }}/tripleo-inventory.yaml"
|
||||
when:
|
||||
- create_backup|bool
|
||||
- ansible_inventory is defined
|
||||
- ansible_inventory != ""
|
||||
|
||||
# Using this task in OSP16.x
|
||||
- name: Generate tripleo inventory
|
||||
shell: |
|
||||
source {{ stackrc }} &&
|
||||
tripleo-ansible-inventory \
|
||||
--ansible_ssh_user {{ undercloud_node_user }} \
|
||||
--static-yaml-inventory {{ backup_and_recover_temp_folder }}/tripleo-inventory.yaml
|
||||
when:
|
||||
- create_backup|bool
|
||||
- ansible_inventory is not defined or ansible_inventory == ""
|
||||
|
||||
- name: Setup NFS on the backup node using IP {{ backup_migration_ip }}
|
||||
shell: |
|
||||
source {{ stackrc }} &&
|
||||
openstack overcloud backup \
|
||||
--inventory {{ backup_and_recover_temp_folder }}/tripleo-inventory.yaml \
|
||||
--setup-nfs \
|
||||
--extra-vars '{
|
||||
"tripleo_backup_and_restore_server": {{ backup_migration_ip }},
|
||||
"tripleo_backup_and_restore_clients_nets": {{ backup_migration_ctl_plane_cidrs.split(',') }},
|
||||
"nfs_server_group_name": {{ revert_preparation_server_name }}
|
||||
}'
|
||||
|
||||
- name: Setup REAR on the controllers
|
||||
shell: |
|
||||
source {{ stackrc }} &&
|
||||
openstack overcloud backup \
|
||||
--inventory {{ backup_and_recover_temp_folder }}/tripleo-inventory.yaml \
|
||||
--setup-rear \
|
||||
--extra-vars '{
|
||||
"tripleo_backup_and_restore_server": {{ backup_migration_ip }}
|
||||
}'
|
||||
|
||||
- name: Backup the controllers
|
||||
shell: |
|
||||
source {{ stackrc }} &&
|
||||
openstack overcloud backup \
|
||||
--inventory {{ backup_and_recover_temp_folder }}/tripleo-inventory.yaml
|
||||
|
||||
# Ensure that after the controller backups the api responds
|
||||
- name: Ensure that the OSP api is working
|
||||
shell: >
|
||||
source {{ overcloudrc }} && openstack flavor list
|
||||
retries: 20
|
||||
register: api_rc
|
||||
delay: 5
|
||||
ignore_errors: yes
|
||||
until: api_rc.rc == "0"
|
||||
when: create_backup|bool
|
||||
|
@ -1,6 +0,0 @@
|
||||
---
|
||||
|
||||
cleanup_resource_script: cleanup-resources.sh.j2
|
||||
resource_suffix: "pre"
|
||||
ovn_migration_temp_dir: "{{ working_dir }}/{{ resource_suffix }}_migration_resources"
|
||||
silent_cleanup: false
|
@ -1,26 +0,0 @@
|
||||
---
|
||||
|
||||
- name : Create temp file directory if not present
|
||||
file:
|
||||
state: directory
|
||||
path: "{{ ovn_migration_temp_dir }}"
|
||||
|
||||
- name: Generate cleanup script
|
||||
template:
|
||||
src: "{{ cleanup_resource_script }}"
|
||||
dest: "{{ ovn_migration_temp_dir }}/cleanup-resources.sh"
|
||||
mode: 0744
|
||||
|
||||
- name: Cleaning up the migration resources (verbose)
|
||||
shell: >
|
||||
set -o pipefail &&
|
||||
{{ ovn_migration_temp_dir }}/cleanup-resources.sh 2>&1 | tee
|
||||
{{ ovn_migration_temp_dir }}/cleanup-resources.sh.log
|
||||
|
||||
when: not silent_cleanup
|
||||
|
||||
- name: Cleaning up the migration resources (silent)
|
||||
shell: >
|
||||
{{ ovn_migration_temp_dir }}/cleanup-resources.sh >/dev/null 2>&1
|
||||
when: silent_cleanup
|
||||
|
@ -1,32 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
set -x
|
||||
|
||||
source {{ overcloudrc }}
|
||||
|
||||
openstack server delete ovn-migration-server-{{ resource_suffix }}
|
||||
|
||||
openstack port delete ovn-migration-server-port-{{ resource_suffix }}
|
||||
|
||||
server_ip=`cat {{ ovn_migration_temp_dir }}/server_public_ip`
|
||||
|
||||
openstack floating ip delete $server_ip
|
||||
|
||||
openstack router remove subnet ovn-migration-router-{{ resource_suffix }} ovn-migration-subnet-{{ resource_suffix }}
|
||||
|
||||
openstack router unset --external-gateway ovn-migration-router-{{ resource_suffix }}
|
||||
|
||||
openstack router delete ovn-migration-router-{{ resource_suffix }}
|
||||
|
||||
openstack network delete ovn-migration-net-{{ resource_suffix }}
|
||||
|
||||
openstack security group delete ovn-migration-sg-{{ resource_suffix }}
|
||||
|
||||
openstack flavor delete ovn-migration-{{ resource_suffix }}
|
||||
|
||||
openstack image delete cirros-ovn-migration-{{ resource_suffix }}
|
||||
|
||||
openstack keypair delete ovn-migration-{{ resource_suffix }}
|
||||
|
||||
echo "Resource cleanup done"
|
||||
exit 0
|
@ -1,6 +0,0 @@
|
||||
---
|
||||
|
||||
create_migration_resource_script: create-resources.sh.j2
|
||||
server_user_name: "cirros"
|
||||
resource_suffix: "pre"
|
||||
ovn_migration_temp_dir: "{{ working_dir }}/{{ resource_suffix }}_migration_resources"
|
@ -1,22 +0,0 @@
|
||||
---
|
||||
- name: Delete temp file directory if present
|
||||
file:
|
||||
state: absent
|
||||
path: "{{ ovn_migration_temp_dir }}"
|
||||
|
||||
- name : Create temp file directory if not present
|
||||
file:
|
||||
state: directory
|
||||
path: "{{ ovn_migration_temp_dir }}"
|
||||
|
||||
- name: Generate resource creation script
|
||||
template:
|
||||
src: "{{ create_migration_resource_script }}"
|
||||
dest: "{{ ovn_migration_temp_dir }}/create-migration-resources.sh"
|
||||
mode: 0744
|
||||
|
||||
- name: Creating migration resources
|
||||
shell: >
|
||||
set -o pipefail &&
|
||||
{{ ovn_migration_temp_dir }}/create-migration-resources.sh 2>&1 | tee
|
||||
{{ ovn_migration_temp_dir }}/create-migration-resources.sh.log
|
@ -1,144 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
set -x
|
||||
|
||||
source {{ overcloudrc }}
|
||||
|
||||
server_user_name={{ server_user_name }}
|
||||
flavor_name={{ flavor_name }}
|
||||
image_name={{ image_name }}
|
||||
|
||||
openstack image show $image_name
|
||||
if [ "$?" != "0" ]
|
||||
then
|
||||
if [ ! -f cirros-0.5.2-x86_64-disk.img ]
|
||||
then
|
||||
curl -Lo cirros-0.5.2-x86_64-disk.img https://github.com/cirros-dev/cirros/releases/download/0.5.2/cirros-0.5.2-x86_64-disk.img
|
||||
fi
|
||||
|
||||
openstack image create "cirros-ovn-migration-{{ resource_suffix }}" --file cirros-0.5.2-x86_64-disk.img \
|
||||
--disk-format qcow2 --container-format bare --public
|
||||
image_name="cirros-ovn-migration-{{ resource_suffix }}"
|
||||
fi
|
||||
|
||||
openstack flavor show $flavor_name
|
||||
if [ "$?" != "0" ]
|
||||
then
|
||||
openstack flavor create ovn-migration-{{ resource_suffix }} --ram 1024 --disk 1 --vcpus 1
|
||||
flavor_name="ovn-migration-{{ resource_suffix }}"
|
||||
fi
|
||||
|
||||
# Cirros doesn't support RSA key (Default on rhel 9) ecsda should be used
|
||||
ssh-keygen -t ecdsa {{ ovn_migration_temp_dir }}/ovn_migration_ssh_key -q -N ""
|
||||
|
||||
openstack keypair create ovn-migration-{{ resource_suffix }} --public-key {{ ovn_migration_temp_dir }}/ovn_migration_ssh_key.pub
|
||||
|
||||
openstack security group create ovn-migration-sg-{{ resource_suffix }}
|
||||
|
||||
openstack security group rule create --ingress --protocol icmp ovn-migration-sg-{{ resource_suffix }}
|
||||
|
||||
openstack security group rule create --ingress --protocol tcp --dst-port 22 ovn-migration-sg-{{ resource_suffix }}
|
||||
|
||||
openstack network create ovn-migration-net-{{ resource_suffix }}
|
||||
|
||||
neutron net-update ovn-migration-net-{{ resource_suffix }} --mtu 1442
|
||||
|
||||
openstack subnet create --network ovn-migration-net-{{ resource_suffix }} --subnet-range 172.168.199.0/24 ovn-migration-subnet-{{ resource_suffix }}
|
||||
|
||||
openstack router create ovn-migration-router-{{ resource_suffix }}
|
||||
|
||||
openstack router set --external-gateway {{ public_network_name }} ovn-migration-router-{{ resource_suffix }}
|
||||
|
||||
openstack router add subnet ovn-migration-router-{{ resource_suffix }} ovn-migration-subnet-{{ resource_suffix }}
|
||||
|
||||
openstack port create --network ovn-migration-net-{{ resource_suffix }} --security-group ovn-migration-sg-{{ resource_suffix }} ovn-migration-server-port-{{ resource_suffix }}
|
||||
|
||||
openstack server create --flavor $flavor_name --image $image_name \
|
||||
--key-name ovn-migration-{{ resource_suffix }} \
|
||||
--nic port-id=ovn-migration-server-port-{{ resource_suffix }} ovn-migration-server-{{ resource_suffix }}
|
||||
|
||||
server_ip=`openstack floating ip create --port ovn-migration-server-port-{{ resource_suffix }} \
|
||||
{{ public_network_name }} -c floating_ip_address | grep floating_ip_address \
|
||||
| awk '{print $4'}`
|
||||
|
||||
echo $server_ip > {{ ovn_migration_temp_dir }}/server_public_ip
|
||||
|
||||
chmod 0600 {{ ovn_migration_temp_dir }}/ovn_migration_ssh_key
|
||||
|
||||
# Wait till the port is ACTIVE
|
||||
|
||||
echo "Wait till the port is ACTIVE"
|
||||
port_status=`openstack port show ovn-migration-server-port-{{ resource_suffix }} -c status | grep status | awk '{print $4}'`
|
||||
|
||||
num_attempts=0
|
||||
while [ "$port_status" != "ACTIVE" ]
|
||||
do
|
||||
num_attempts=$((num_attempts+1))
|
||||
sleep 5
|
||||
port_status=`openstack port show ovn-migration-server-port-{{ resource_suffix }} -c status | grep status | awk '{print $4}'`
|
||||
echo "Port status = $port_status"
|
||||
|
||||
if [ $num_attempts -gt 24 ]
|
||||
then
|
||||
echo "Port is not up even after 2 minutes. Something is wrong"
|
||||
# printing port information for debugging
|
||||
openstack port show ovn-migration-server-port-{{ resource_suffix }}
|
||||
exit 1
|
||||
fi
|
||||
done
|
||||
|
||||
echo "VM is up and the port is ACTIVE"
|
||||
|
||||
# Wait till the VM allows ssh connections
|
||||
|
||||
vm_status="down"
|
||||
num_attempts=0
|
||||
while [ "$vm_status" != "up" ]
|
||||
do
|
||||
num_attempts=$((num_attempts+1))
|
||||
sleep 5
|
||||
openstack console log show ovn-migration-server-{{ resource_suffix }} | grep "login:"
|
||||
if [ "$?" == "0" ]
|
||||
then
|
||||
vm_status="up"
|
||||
else
|
||||
if [ $num_attempts -gt 60 ]
|
||||
then
|
||||
echo "Port is not up even after 5 minutes. Something is wrong."
|
||||
# Even though something seems wrong, lets try and ping.
|
||||
break
|
||||
fi
|
||||
fi
|
||||
done
|
||||
|
||||
num_attempts=0
|
||||
vm_reachable="false"
|
||||
while [ "$vm_reachable" != "true" ]
|
||||
do
|
||||
num_attempts=$((num_attempts+1))
|
||||
sleep 1
|
||||
ping -c 3 $server_ip
|
||||
if [ "$?" == "0" ]
|
||||
then
|
||||
vm_reachable="true"
|
||||
else
|
||||
if [ $num_attempts -gt 60 ]
|
||||
then
|
||||
echo "VM is not reachable. Something is wrong."
|
||||
# printing server information for debugging
|
||||
server_id=$(openstack server list -f value | grep $server_ip | awk '{print $1}')
|
||||
openstack console log show $server_id
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
done
|
||||
|
||||
ssh -i {{ ovn_migration_temp_dir }}/ovn_migration_ssh_key -o StrictHostKeyChecking=no \
|
||||
-o UserKnownHostsFile=/dev/null $server_user_name@$server_ip date
|
||||
|
||||
rc=$?
|
||||
|
||||
echo "Done with the resource creation : exiting with $rc"
|
||||
# printing server information for debugging
|
||||
[ "$rc" != "0" ] && openstack console log show $(openstack server list -f value | grep $server_ip | awk '{print $1}')
|
||||
exit $rc
|
@ -1,5 +0,0 @@
|
||||
validate_resources_script: validate-resources.sh.j2
|
||||
server_user_name: "cirros"
|
||||
restart_server: false
|
||||
resource_suffix: "pre"
|
||||
ovn_migration_temp_dir: "{{ working_dir }}/{{ resource_suffix }}_migration_resources"
|
@ -1,12 +0,0 @@
|
||||
- name: Generate resource validation script
|
||||
template:
|
||||
src: "{{ validate_resources_script }}"
|
||||
dest: "{{ ovn_migration_temp_dir }}/validate-resources.sh"
|
||||
mode: 0744
|
||||
|
||||
- name: Run the validation script
|
||||
shell: >
|
||||
set -o pipefail &&
|
||||
{{ ovn_migration_temp_dir }}/validate-resources.sh 2>&1 | tee
|
||||
{{ ovn_migration_temp_dir }}/validate-resources.sh.log
|
||||
|
@ -1,19 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
set -x
|
||||
set -e
|
||||
|
||||
source {{ overcloudrc }}
|
||||
|
||||
# This script validates the resources create by the resources/create role.
|
||||
# It pings to the floating ip of the server and ssh into the server.
|
||||
|
||||
server_ip=`cat {{ ovn_migration_temp_dir }}/server_public_ip`
|
||||
|
||||
echo "Running ping test with -c 3 to the server ip - $server_ip"
|
||||
ping -c 3 $server_ip
|
||||
|
||||
ssh -i {{ ovn_migration_temp_dir }}/ovn_migration_ssh_key -o StrictHostKeyChecking=no \
|
||||
-o UserKnownHostsFile=/dev/null {{ server_user_name }}@$server_ip date
|
||||
|
||||
echo "Done with the validation"
|
@ -1,29 +0,0 @@
|
||||
---
|
||||
- name: Stop ovn containers
|
||||
become: yes
|
||||
shell: |
|
||||
for agent in $(podman ps -a --format {% raw %}"{{.ID}}"{% endraw %} --filter "name=(ovn_.*|ovnmeta)"); do
|
||||
echo "Cleaning up agent $agent"
|
||||
podman rm -f $agent
|
||||
done
|
||||
|
||||
- name: Clean OVN netns
|
||||
become: yes
|
||||
shell: |
|
||||
for netns in $(ip netns ls | grep ovnmeta | cut -d' ' -f1); do
|
||||
echo "delete netns $netns"
|
||||
ip netns del $netns
|
||||
done
|
||||
|
||||
- name: Delete OVN ports
|
||||
become: yes
|
||||
shell: |
|
||||
for port in $(ovs-vsctl list interface | grep ^name | grep 'ovn-\|patch-provnet\|patch-br-int-to' | cut -d':' -f2); do
|
||||
echo "Removing port $port"
|
||||
ovs-vsctl del-port $port
|
||||
done
|
||||
|
||||
- name: Revert cleanup completed.
|
||||
debug:
|
||||
msg: Revert cleanup done, please run overcloud deploy with the OVS configuration.
|
||||
|
@ -1,3 +0,0 @@
|
||||
---
|
||||
# defaults file for stop-agents
|
||||
systemd_service_file_dir: /etc/systemd/system
|
@ -1,25 +0,0 @@
|
||||
---
|
||||
- name: "stop and disable {{ service.name }} services and healthchecks"
|
||||
systemd:
|
||||
name: "{{ item }}"
|
||||
state: stopped
|
||||
enabled: no
|
||||
become: yes
|
||||
when:
|
||||
- ansible_facts.services[item] is defined
|
||||
- ansible_facts.services[item]["state"] == "running"
|
||||
loop:
|
||||
- "{{ service.healthcheck_timer_file }}"
|
||||
- "{{ service.healthcheck_service_file }}"
|
||||
- "{{ service.service_file }}"
|
||||
|
||||
# If file is already deleted this won't fail
|
||||
- name: delete ml2 ovs systemd service files
|
||||
file:
|
||||
path: "{{ systemd_service_file_dir }}/{{ item }}"
|
||||
state: absent
|
||||
loop:
|
||||
- "{{ service.service_file }}"
|
||||
- "{{ service.healthcheck_service_file }}"
|
||||
- "{{ service.healthcheck_timer_file }}"
|
||||
become: yes
|
@ -1,22 +0,0 @@
|
||||
---
|
||||
- name: populate service facts
|
||||
service_facts:
|
||||
|
||||
- name: disable ml2 ovs services and healthchecks
|
||||
include_tasks: cleanup.yml
|
||||
loop: "{{ ml2_ovs_services }}"
|
||||
loop_control:
|
||||
loop_var: service
|
||||
when: ansible_facts.services[service.service_file] is defined
|
||||
|
||||
- name: Reload systemctl daemons
|
||||
systemd:
|
||||
daemon_reload: yes
|
||||
|
||||
- name: remove containers
|
||||
become: yes
|
||||
shell: |
|
||||
for agent in $(podman ps -a --format {% raw %}"{{.ID}}"{% endraw %} --filter "name=(neutron_.*_agent|neutron_dhcp)"); do
|
||||
echo "Cleaning up agent $agent"
|
||||
podman rm -f $agent
|
||||
done
|
@ -1,19 +0,0 @@
|
||||
---
|
||||
# vars file for stop-agents
|
||||
ml2_ovs_services:
|
||||
- name: dhcp
|
||||
service_file: tripleo_neutron_dhcp.service
|
||||
healthcheck_service_file: tripleo_neutron_dhcp_healthcheck.service
|
||||
healthcheck_timer_file: tripleo_neutron_dhcp_healthcheck.timer
|
||||
- name: l3
|
||||
service_file: tripleo_neutron_l3_agent.service
|
||||
healthcheck_service_file: tripleo_neutron_l3_agent_healthcheck.service
|
||||
healthcheck_timer_file: tripleo_neutron_l3_agent_healthcheck.timer
|
||||
- name: metadata
|
||||
service_file: tripleo_neutron_metadata_agent.service
|
||||
healthcheck_service_file: tripleo_neutron_metadata_agent_healthcheck.service
|
||||
healthcheck_timer_file: tripleo_neutron_metadata_agent_healthcheck.timer
|
||||
- name: ovs
|
||||
service_file: tripleo_neutron_ovs_agent.service
|
||||
healthcheck_service_file: tripleo_neutron_ovs_agent_healthcheck.service
|
||||
healthcheck_timer_file: tripleo_neutron_ovs_agent_healthcheck.timer
|
@ -1,4 +0,0 @@
|
||||
---
|
||||
|
||||
generate_ovn_extras: generate-ovn-extras.sh.j2
|
||||
ovn_migration_temp_dir: "{{ working_dir }}/temp_files"
|
@ -1,24 +0,0 @@
|
||||
---
|
||||
|
||||
- name : Create temp file directory if not present
|
||||
file:
|
||||
state: directory
|
||||
path: "{{ ovn_migration_temp_dir }}"
|
||||
|
||||
- name: Create ovn-extras generation script
|
||||
template:
|
||||
src: "{{ generate_ovn_extras }}"
|
||||
dest: "{{ ovn_migration_temp_dir }}/generate-ovn-extras.sh"
|
||||
mode: 0755
|
||||
|
||||
- name: Generate ovn-extras environment file
|
||||
shell: >
|
||||
set -o pipefail &&
|
||||
{{ ovn_migration_temp_dir }}/generate-ovn-extras.sh
|
||||
args:
|
||||
creates: $HOME/ovn-extras.yaml
|
||||
|
||||
- name: Updating the overcloud stack with OVN services
|
||||
shell: >
|
||||
set -o pipefail &&
|
||||
{{ overcloud_ovn_deploy_script }} 2>&1 > {{ overcloud_ovn_deploy_script }}.log
|
@ -1,8 +0,0 @@
|
||||
#!/bin/bash
|
||||
set -x
|
||||
|
||||
cat > $HOME/ovn-extras.yaml << EOF
|
||||
parameter_defaults:
|
||||
OVNIntegrationBridge: "br-migration"
|
||||
ForceNeutronDriverUpdate: true
|
||||
EOF
|
Loading…
Reference in New Issue
Block a user