openstack/openstack-ansible-ops
Code Issues Proposed changes

Added leap upgrade tooling

Browse Source 
This change adds upgrade tooling that will take a Juno based
OpenStack-Ansible cloud and upgrade it to Newton. The tooling
will run a deployment through all of the needed steps upgrading
the environment and skipping all of the OpenStack releases in
between.

**This tooling should be considered experimental at this time**

Change-Id: I1880794717b9e47786ae255ea1afa57d805cde8e
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
This commit is contained in:
Kevin Carter 2017-01-31 14:39:17 -06:00 committed by Kevin Carter (cloudnull)
parent e96b57d8d6
commit 2438ad03ab
78 changed files with 4492 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

145
leap-upgrades/README.md Normal file
View File

@ -0,0 +1,145 @@
# OpenStack-Ansible leap upgrade
## Jump upgrade from OpenStack Juno to Newton using OpenStack-Ansible
==**This currently a POC**==
### Uses
This utility can be used to upgrade any OpenStack-Ansible deployment running
Juno to the latest Newton release. The process will upgrade the OSA system
components, sync the database through the various releases, and then deploy
OSA using the Newton release. While this method will help a deployment skip
several releases deployers should be aware that skipping releases is not
something OpenStack supports. To make this possible the active cloud will
have the OpenStack services stopped. Active workloads "*should*" remain online
for the most part though at this stage no effort is being put into maximizing
uptime as the tool set is being developed to easy multi-release upgrades in
the shortest possible time while maintaining data-integrity.
#### Requirements
* **You must** have a Juno based OpenStack cloud as deployed by
OpenStack-Ansible.
* If you are running cinder-volume with LVM in an LXC container **you must**
migrate the cinder-volume service to the physical host.
* **You must** have the Ubuntu Trusty Backports repo enabled on all hosts before you start.
#### Limitations
* Upgrading old versions of "libvirt-bin<=1.1" to newer versions of
"libvirt-bin>=1.3" in a single step can cause VM downtime.
* L3 networks may experience an outage as routers and networks are
rebalanced throughout the environment.
#### Recommendations
* It is recommended all physical hosts be updated to the latest patch release.
This can be done using standard package manager tooling.
#### Process
If you need to run everything the script ``run-stages.sh`` will execute
everything needed to migrate the environment.
``` bash
bash ./run-stages.sh
```
If you want to pre-load the stages you can do so by running the various scripts
independently.
``` bash
bash ./prep.sh
bash ./upgrade.sh
bash ./migrations.sh
bash ./re-deploy.sh
```
Once all of the stages are complete the cloud will be running OpenStack
Newton.
----
### Setting up a Test environment.
Testing on a multi-node environment can be accomplished using the
https://github.com/openstack/openstack-ansible-ops/tree/master/multi-node-aio
repo. To create this environment for testing a single physical host can be
used; Rackspace OnMetal V1 deployed Ubuntu 14.04 on an IO flavor has worked
very well for development. To run the deployment execute the following commands
#### Requirements
* When testing, the host will need to start with Kernel less than or equal to "3.13". Later
kernels will cause neutron to fail to run under the Juno code base.
* Start the deployment w/ ubuntu 14.04.2 to ensure the deployment version is
limited in terms of package availability.
#### Process
Clone the ops tooling and change directory to the multi-node-aio tooling
``` bash
git clone https://github.com/openstack/openstack-ansible-ops /opt/openstack-ansible-ops
```
Run the following commands to prep the environment.
``` bash
cd /opt/openstack-ansible-ops/multi-node-aio
setup-host.sh
setup-cobbler.sh
setup-virsh-net.sh
deploy-vms.sh
```
After the environment has been deployed clone the RPC configurations which support Juno
based clouds.
``` bash
git clone https://github.com/os-cloud/leapfrog-juno-config /etc/rpc_deploy
```
Now clone the Juno playbooks into place.
``` bash
git clone --branch leapfrog https://github.com/os-cloud/leapfrog-juno-playbooks /opt/openstack-ansible
```
Finally, run the bootstrap script and the haproxy and setup playbooks to deploy the cloud environment.
``` bash
cd /opt/openstack-ansible
./scripts/bootstrap-ansible.sh
cd rpc_deployment
openstack-ansible playbooks/haproxy-install.yml
openstack-ansible playbooks/setup-everything.yml
```
To test the cloud's functionality you can execute the OpenStack resource test script located in the scripts directory
of the playbooks cloned earlier.
``` bash
cd /opt/openstack-ansible/rpc_deployment
ansible -m script -a /opt/openstack-ansible/scripts/setup-openstack-for-test.sh 'utility_all[0]'
```
The previous script will create the following:
* New flavors
* Neutron L2 and L3 networks
* Neutron routers
* Setup security groups
* Create test images
* 2 L2 network test VMs
* 2 L3 network test VMs w/ floating IPs
* 2 Cinder-volume test VMs
* 2 new cinder volumes which will be attached to the Cinder-volume test VMs
* Upload an assortment of files into a Test-Swift container
Once the cloud is operational it's recommended that images be created so that the environment can be
reverted to a previous state should there ever be a need. See
https://github.com/openstack/openstack-ansible-ops/tree/master/multi-node-aio#snapshotting-an-environment-before-major-testing
for more on creating snapshots.

302
leap-upgrades/lib/functions.sh Normal file
View File

@ -0,0 +1,302 @@
#!/usr/bin/env bash
# Copyright 2017, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
## Functions -----------------------------------------------------------------
function notice {
echo -e "[+]\t\033[1;32m${1}\033[0m"
}
function warning {
echo -e "[-]\t\033[1;33m${1}\033[0m"
}
function failure {
echo -e '[!]'"\t\033[1;31m${1}\033[0m"
}
function tag_leap_success {
notice "LEAP ${1} success"
touch "/opt/leap42/openstack-ansible-${1}.leap"
}
function run_lock {
set +e
run_item="${RUN_TASKS[$1]}"
file_part="$(echo ${run_item} | sed 's/\s/-/g')"
if [ ! -d "/etc/openstack_deploy/upgrade-leap" ]; then
mkdir -p "/etc/openstack_deploy/upgrade-leap"
fi
upgrade_marker_file=$(basename "${file_part}")
upgrade_marker="/etc/openstack_deploy/upgrade-leap/$upgrade_marker_file.complete"
if [ ! -f "$upgrade_marker" ];then
# note(sigmavirus24): use eval so that we properly turn strings like
# "/tmp/fix_container_interfaces.yml || true"
# into a command, otherwise we'll get an error that there's no playbook
# named ||
eval "openstack-ansible $2"
playbook_status="$?"
notice "Ran: $run_item"
if [ "$playbook_status" == "0" ];then
RUN_TASKS=("${RUN_TASKS[@]/$run_item}")
touch "${upgrade_marker}"
notice "$run_item has been marked as success at ${upgrade_marker}"
else
FAILURES_LIST=$(seq $1 $((${#RUN_TASKS[@]} - 1)))
failure "******************** failure ********************"
failure "The upgrade script has encountered a failure."
failure "Failed on task \"$run_item\""
failure "Execute the remaining tasks manually:"
# NOTE:
# List the remaining, in-completed tasks from the tasks array.
# Using seq to generate a sequence which starts from the spot
# where previous exception or failures happened.
# run the tasks in order.
for item in ${FAILURES_LIST}; do
if [ -n "${RUN_TASKS[$item]}" ]; then
warning "openstack-ansible ${RUN_TASKS[$item]}"
fi
done
failure "******************** failure ********************"
exit 99
fi
else
RUN_TASKS=("${RUN_TASKS[@]/$run_item.*}")
fi
set -e
}
function system_bootstrap {
if [[ -d "/opt/ansible-runtime" ]]; then
rm -rf "/opt/ansible-runtime"
else
# There are several points in time where pip may have been busted or creating dist-info
# directories incorrectly. This command simply mops those bits up when the
# ansible-runtime venv does not exist.
find /usr/local/lib/python2.7/dist-packages -name '*.dist-info' -exec rm -rf {} \; || true
fi
# If there's a pip.conf file, move it out of the way
if [[ -f "${HOME}/.pip/pip.conf" ]]; then
mv "${HOME}/.pip/pip.conf" "${HOME}/.pip/pip.conf.original"
fi
# If ansible is already installed, uninstall it.
while pip uninstall -y ansible > /dev/null; do
notice "Removed System installed Ansible"
done
pushd "$1"
# Install the releases global requirements
if [[ -f "global-requirement-pins.txt" ]]; then
pip install --upgrade --isolated --force-reinstall --requirement global-requirement-pins.txt
fi
# Install ansible for system migrations
scripts/bootstrap-ansible.sh
popd
}
function pre_flight {
## Pre-flight Check ----------------------------------------------------------
# Clear the screen and make sure the user understands whats happening.
clear
# Notify the user.
warning "This script will perform a LEAP upgrade from Juno to Newton."
warning "Once you start the upgrade there's no going back."
warning "**Note, this is an OFFLINE upgrade**"
notice "If you want to run the upgrade in parts please exit this script to do so."
warning "Are you ready to perform this upgrade now?"
# Confirm the user is ready to upgrade.
read -p 'Enter "YES" to continue or anything else to quit: ' UPGRADE
if [ "${UPGRADE}" == "YES" ]; then
notice "Running LEAP Upgrade"
else
exit 99
fi
mkdir -p /opt/leap42/venvs
pushd /opt/leap42
# Using this lookup plugin because it allows us to compile exact service releaes and build a complete venv from it
wget https://raw.githubusercontent.com/openstack/openstack-ansible-plugins/e069d558b3d6ae8fc505d406b13a3fb66201a9c7/lookup/py_pkgs.py -O py_pkgs.py
chmod +x py_pkgs.py
popd
# If the lxc backend store was not set halt and instruct the user to set it. In Juno we did more to detect the backend storage
# size than we do in later releases. While the auto-detection should still work it's best to have the deployer set the value
# desired before moving forward.
if ! grep -qwrn "^lxc_container_backing_store" /etc/{rpc,openstack}_deploy; then
failure "ERROR: 'lxc_container_backing_store' is unset leading to an ambiguous container backend store."
failure "Before continuing please set the 'lxc_container_backing_store' in your user_variables.yml file."
failure "Valid options are 'dir', 'lvm', and 'overlayfs'".
exit 99
fi
# Install liberasurecode-dev which will be used in the venv creation process
if ! grep -n ^ /etc/apt/sources.list /etc/apt/sources.list.d/* | grep -qw "backports"; then
failure "The trusty backports repo has not been enabled on this host."
exit 99
fi
apt-get update > /dev/null
apt-get -y install liberasurecode-dev > /dev/null
# Upgrade pip if it's needed. This will re-install pip using the constraints and then
# re-install all of the remaining requirements as needed.
if dpkg --compare-versions "$(pip --version | awk '{print $2}')" "lt" "9.0.1"; then
wget https://raw.githubusercontent.com/pypa/get-pip/430ba37776ae2ad89f794c7a43b90dc23bac334c/get-pip.py -O /opt/get-pip.py
rm -rf /usr/local/lib/python2.7/dist-packages/{setuptools,wheel,pip,distutils,packaging}*
python /opt/get-pip.py --constraint "${SYSTEM_PATH}/upgrade-requirements.txt" --force-reinstall --upgrade --isolated
python /opt/get-pip.py --requirement "${SYSTEM_PATH}/upgrade-requirements.txt" --upgrade --isolated
fi
if [[ -d "/opt/ansible-runtime" ]]; then
rm -rf "/opt/ansible-runtime"
fi
virtualenv /opt/ansible-runtime
PS1="\\u@\h \\W]\\$" . "/opt/ansible-runtime/bin/activate"
pip install "ansible==1.9.3" "netaddr>=0.7.12,<=0.7.13" --force-reinstall --upgrade --isolated
deactivate
}
function run_items {
### Run system upgrade processes
pushd "$1"
if [[ -e "playbooks" ]]; then
PB_DIR="playbooks"
elif [[ -e "rpc_deployment" ]]; then
PB_DIR="rpc_deployment"
else
failure "No known playbook directory found"
exit 99
fi
# Before running anything execute inventory to ensure functionality
if [[ -f "${PB_DIR}/inventory/dynamic_inventory.py" ]]; then
python "${PB_DIR}/inventory/dynamic_inventory.py" > /dev/null
fi
pushd ${PB_DIR}
# Run the tasks in order
for item in ${!RUN_TASKS[@]}; do
run_lock $item "${RUN_TASKS[$item]}"
done
popd
popd
}
function clone_release {
# If the git directory is not present clone the source into place at the given directory
if [[ ! -d "/opt/leap42/openstack-ansible-base/.git" ]]; then
git clone https://git.openstack.org/openstack/openstack-ansible "/opt/leap42/openstack-ansible-base"
fi
# The clone release function clones everything from upstream into the leap42 directory as needed.
if [[ ! -d "/opt/leap42/openstack-ansible-$1" ]]; then
cp -R "/opt/leap42/openstack-ansible-base" "/opt/leap42/openstack-ansible-$1"
fi
# Once cloned the method will perform a checkout of the branch, tag, or commit.
# Enter the clone directory and checkout the given branch, If the given checkout has an
# "ignore-changes.marker" file present the checkout will be skipped.
pushd "/opt/leap42/openstack-ansible-$1"
if [[ -f "ignore-changes.marker" ]]; then
git clean -qfdx
git fetch --all
git checkout "$1"
fi
popd
}
function link_release {
### Because there are multiple releases that we'll need to run through to get the system up-to-date
### and because the "/opt/openstack-ansible" dir must exist, this function will move any existing
### "/opt/openstack-ansible" dir to a backup dir and then link our multiple releases into the
### standard repository dir as needed.
if [[ -d "/opt/openstack-ansible" ]]; then
mv "/opt/openstack-ansible" "/opt/openstack-ansible.bak"
fi
ln -sf "$1" "/opt/openstack-ansible"
}
function run_venv_prep {
# If the ansible-playbook command is not found this will bootstrap the system
if ! which ansible-playbook; then
pushd "/opt/leap42/openstack-ansible-$1"
bash scripts/bootstrap-ansible.sh # install ansible because it's not currently ready
popd
fi
if [[ -e "/etc/rpc_deploy" ]]; then
PB_DIR="/opt/leap42/openstack-ansible-${JUNO_RELEASE}/rpc_deployment"
else
PB_DIR="/opt/leap42/openstack-ansible-${KILO_RELEASE}/playbooks"
fi
pushd "${PB_DIR}"
openstack-ansible "${UPGRADE_UTILS}/venv-prep.yml" -e "venv_tar_location=/opt/leap42/venvs/openstack-ansible-$1.tgz"
popd
}
function build_venv {
### The venv build is done using a modern version of the py_pkgs plugin which collects all versions of
### the OpenStack components from a given release. This creates 1 large venv per migratory release.
# If the venv archive exists delete it.
if [[ ! -f "/opt/leap42/venvs/openstack-ansible-$1.tgz" ]]; then
# Create venv
virtualenv --never-download --always-copy "/opt/leap42/venvs/openstack-ansible-$1"
PS1="\\u@\h \\W]\\$" . "/opt/leap42/venvs/openstack-ansible-$1/bin/activate"
pip install --upgrade --isolated --force-reinstall
# Modern Ansible is needed to run the package lookups
pip install --isolated "ansible==2.1.1.0" "mysql-python" "vine" "pymysql"
# Get package dump from the OSA release
PKG_DUMP=$(python /opt/leap42/py_pkgs.py /opt/leap42/openstack-ansible-$1/playbooks/defaults/repo_packages)
PACKAGES=$(python <<EOC
import json
packages = json.loads("""$PKG_DUMP""")
remote_packages = packages[0]['remote_packages']
print(' '.join([i for i in remote_packages if 'openstack' in i]))
EOC)
pip install --isolated $PACKAGES
deactivate
# Create venv archive
pushd /opt/leap42/venvs
find "openstack-ansible-$1" -name '*.pyc' -exec rm {} \;
tar -czf "openstack-ansible-$1.tgz" "openstack-ansible-$1"
popd
else
notice "The venv \"/opt/leap42/venvs/openstack-ansible-$1.tgz\" already exists. If you need to recreate this venv, delete it."
fi
run_venv_prep "$1"
}
function get_venv {
# Attempt to prefetch a venv archive before building it.
if ! wget "${VENV_URL}/openstack-ansible-$1.tgz" "/opt/leap42/venvs/openstack-ansible-$1.tgz" > /dev/null; then
build_venv "$1"
else
run_venv_prep "$1"
fi
}

9
leap-upgrades/lib/upgrade-requirements.txt Normal file
View File

@ -0,0 +1,9 @@
###
### These are pinned to ensure upgrades happen from a known good place ###
###
cryptography==1.7.2
packaging==16.8
pip==9.0.1
setuptools==34.0.1
virtualenv==15.1.0
wheel==0.29.0

33
leap-upgrades/lib/vars.sh Normal file
View File

@ -0,0 +1,33 @@
#!/usr/bin/env bash
# Copyright 2017, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
## Script Vars ---------------------------------------------------------------
export JUNO_RELEASE="${JUNO_RELEASE:-10.1.14}"
export KILO_RELEASE="${KILO_RELEASE:-11.2.17}"
export LIBERTY_RELEASE="${LIBERTY_RELEASE:-12.2.8}"
export MITAKA_RELEASE="${MITAKA_RELEASE:-13.3.11}"
export NEWTON_RELEASE="${NEWTON_RELEASE:-d47e29b7d8a385773acadb825e37c82d42b3ec27}" # commit used due to packaging bug caused by setuptools
## Environment Vars ------------------------------------------------------------------
export MAIN_PATH="${MAIN_PATH:-/opt/openstack-ansible}"
export SYSTEM_PATH="$(dirname $(readlink -f $0))"
export UPGRADE_UTILS="${UPGRADE_UTILS:-${SYSTEM_PATH}/upgrade-utilities}"
# If the the OpenStack-Ansible system venvs have already been built elsewhere and can be downloaded
# set the "VENV_URL" environment variable to the path where the venvs are kept. When running stage1
# this URL will be used to download the release built VENVS in the following format.
# ${VENV_URL}/openstack-ansible-RELEASE_VERSION.tgz
export VENV_URL="${VENV_URL:-https://mirror.rackspace.com/rackspaceprivatecloud}"

81
leap-upgrades/migrations.sh Executable file
View File

@ -0,0 +1,81 @@
#!/usr/bin/env bash
# Copyright 2017, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# NOTICE: To run this in an automated fashion run the script via
# root@HOSTNAME:/opt/openstack-ansible# echo "YES" | bash scripts/run-upgrade.sh
## Shell Opts ----------------------------------------------------------------
set -e -u -v
## Main ----------------------------------------------------------------------
source lib/vars.sh
source lib/functions.sh
### Run the DB migrations
# Stop the services to ensure DB and application consistency
if [[ ! -f "/opt/leap42/openstack-ansible-poweroff.leap" ]]; then
if [ -e "/opt/openstack-ansible" ]; then
link_release "/opt/leap42/openstack-ansible-${KILO_RELEASE}"
fi
RUN_TASKS=()
RUN_TASKS+=("${UPGRADE_UTILS}/power-down.yml")
run_items "/opt/openstack-ansible"
tag_leap_success "poweroff"
fi
# Kilo migrations
if [[ ! -f "/opt/leap42/openstack-ansible-${KILO_RELEASE}-db.leap" ]]; then
notice "Running Kilo DB Migrations"
link_release "/opt/leap42/openstack-ansible-${KILO_RELEASE}"
RUN_TASKS=()
RUN_TASKS+=("${UPGRADE_UTILS}/db-migrations-kilo.yml -e 'venv_tar_location=/opt/leap42/venvs/openstack-ansible-${KILO_RELEASE}.tgz'")
run_items "/opt/leap42/openstack-ansible-${KILO_RELEASE}"
tag_leap_success "${KILO_RELEASE}-db"
fi
# Liberty migrations
if [[ ! -f "/opt/leap42/openstack-ansible-${LIBERTY_RELEASE}-db.leap" ]]; then
notice "Running Liberty DB Migrations"
link_release "/opt/leap42/openstack-ansible-${LIBERTY_RELEASE}"
RUN_TASKS=()
RUN_TASKS+=("${UPGRADE_UTILS}/db-migrations-liberty.yml -e 'venv_tar_location=/opt/leap42/venvs/openstack-ansible-${LIBERTY_RELEASE}.tgz'")
RUN_TASKS+=("${UPGRADE_UTILS}/glance-db-storage-url-fix.yml")
run_items "/opt/leap42/openstack-ansible-${LIBERTY_RELEASE}"
tag_leap_success "${LIBERTY_RELEASE}-db"
fi
# Mitaka migrations
if [[ ! -f "/opt/leap42/openstack-ansible-${MITAKA_RELEASE}-db.leap" ]]; then
notice "Running Mitaka DB Migrations"
link_release "/opt/leap42/openstack-ansible-${MITAKA_RELEASE}"
RUN_TASKS=()
RUN_TASKS+=("${UPGRADE_UTILS}/db-migrations-mitaka.yml -e 'venv_tar_location=/opt/leap42/venvs/openstack-ansible-${MITAKA_RELEASE}.tgz'")
RUN_TASKS+=("${UPGRADE_UTILS}/neutron-mtu-migration.yml")
run_items "/opt/leap42/openstack-ansible-${MITAKA_RELEASE}"
tag_leap_success "${MITAKA_RELEASE}-db"
fi
# Newton migrations
if [[ ! -f "/opt/leap42/openstack-ansible-${NEWTON_RELEASE}-db.leap" ]]; then
notice "Running Newton DB Migrations"
link_release "/opt/leap42/openstack-ansible-${NEWTON_RELEASE}"
RUN_TASKS=()
RUN_TASKS+=("${UPGRADE_UTILS}/db-collation-alter.yml")
RUN_TASKS+=("${UPGRADE_UTILS}/db-migrations-newton.yml -e 'venv_tar_location=/opt/leap42/venvs/openstack-ansible-${NEWTON_RELEASE}.tgz'")
run_items "/opt/leap42/openstack-ansible-${NEWTON_RELEASE}"
tag_leap_success "${NEWTON_RELEASE}-db"
fi
### Run the DB migrations

81
leap-upgrades/prep.sh Executable file
View File

@ -0,0 +1,81 @@
#!/usr/bin/env bash
# Copyright 2017, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# NOTICE: To run this in an automated fashion run the script via
# root@HOSTNAME:/opt/openstack-ansible# echo "YES" | bash scripts/run-upgrade.sh
## Shell Opts ----------------------------------------------------------------
set -e -u -v
## Main ----------------------------------------------------------------------
source lib/vars.sh
source lib/functions.sh
# Execute a preflight check
pre_flight
# Clone the Juno release so we have a clean copy of the source code.
if [[ ! -f "/opt/leap42/openstack-ansible-${JUNO_RELEASE}-prep.leap" ]]; then
clone_release ${JUNO_RELEASE}
touch "/opt/leap42/openstack-ansible-${JUNO_RELEASE}-prep.leap"
fi
# Build the releases. This will clone all of the releases and check them out
# separately in addition to creating all of the venvs needed for a successful migration.
if [[ ! -f "/opt/leap42/openstack-ansible-${KILO_RELEASE}-prep.leap" ]]; then
clone_release ${KILO_RELEASE}
get_venv ${KILO_RELEASE}
touch "/opt/leap42/openstack-ansible-${KILO_RELEASE}-prep.leap"
fi
if [[ ! -f "/opt/leap42/openstack-ansible-${LIBERTY_RELEASE}-prep.leap" ]]; then
clone_release ${LIBERTY_RELEASE}
get_venv ${LIBERTY_RELEASE}
touch "/opt/leap42/openstack-ansible-${LIBERTY_RELEASE}-prep.leap"
fi
if [[ ! -f "/opt/leap42/openstack-ansible-${MITAKA_RELEASE}-prep.leap" ]]; then
clone_release ${MITAKA_RELEASE}
get_venv ${MITAKA_RELEASE}
touch "/opt/leap42/openstack-ansible-${MITAKA_RELEASE}-prep.leap"
fi
if [[ ! -f "/opt/leap42/openstack-ansible-${NEWTON_RELEASE}-prep.leap" ]]; then
clone_release ${NEWTON_RELEASE}
get_venv ${NEWTON_RELEASE}
touch "/opt/leap42/openstack-ansible-${NEWTON_RELEASE}-prep.leap"
fi
RUN_TASKS=()
RUN_TASKS+=("${UPGRADE_UTILS}/cinder-volume-container-lvm-check.yml")
RUN_TASKS+=("${UPGRADE_UTILS}/db-backup.yml")
if [[ -d "/etc/rpc_deploy" ]]; then
RELEASE="${JUNO_RELEASE}"
export ANSIBLE_INVENTORY="/opt/leap42/openstack-ansible-${RELEASE}/rpc_deployment/inventory"
else
RELEASE="${NEWTON_RELEASE}"
export ANSIBLE_INVENTORY="/opt/leap42/openstack-ansible-${RELEASE}/playbooks/inventory"
fi
# temp upgrade ansible is used to ensure 1.9.x compat.
PS1="\\u@\h \\W]\\$" . "/opt/ansible-runtime/bin/activate"
run_items "/opt/leap42/openstack-ansible-${RELEASE}"
deactivate
unset ANSIBLE_INVENTORY
link_release "/opt/leap42/openstack-ansible-${NEWTON_RELEASE}"
system_bootstrap "/opt/openstack-ansible"

83
leap-upgrades/re-deploy.sh Executable file
View File

@ -0,0 +1,83 @@
#!/usr/bin/env bash
# Copyright 2017, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# NOTICE: To run this in an automated fashion run the script via
# root@HOSTNAME:/opt/openstack-ansible# echo "YES" | bash scripts/run-upgrade.sh
## Shell Opts ----------------------------------------------------------------
set -e -u -v
## Main ----------------------------------------------------------------------
source lib/vars.sh
source lib/functions.sh
### Run the redeploy tasks
# Forget about the old Juno neutron agent container in inventory.
# This is done to maximize uptime by leaving the old systems in
# place while the redeployment work is going on.
SCRIPTS_PATH="/opt/leap42/openstack-ansible-${NEWTON_RELEASE}/scripts" \
MAIN_PATH="/opt/leap42/openstack-ansible-${NEWTON_RELEASE}" \
${UPGRADE_UTILS}/neutron-container-forget.sh
link_release "/opt/leap42/openstack-ansible-${NEWTON_RELEASE}"
RUN_TASKS=()
RUN_TASKS+=("${UPGRADE_UTILS}/pip-unify.yml -e release_version=\"${NEWTON_RELEASE}\"")
RUN_TASKS+=("${UPGRADE_UTILS}/db-stop.yml")
RUN_TASKS+=("${UPGRADE_UTILS}/ansible_fact_cleanup.yml")
RUN_TASKS+=("${UPGRADE_UTILS}/destroy-old-containers.yml")
RUN_TASKS+=("${UPGRADE_UTILS}/nova-libvirt-fix.yml")
RUN_TASKS+=("lxc-hosts-setup.yml")
RUN_TASKS+=("lxc-containers-create.yml")
RUN_TASKS+=("setup-infrastructure.yml")
RUN_TASKS+=("${UPGRADE_UTILS}/db-force-upgrade.yml")
RUN_TASKS+=("os-keystone-install.yml")
RUN_TASKS+=("os-glance-install.yml")
RUN_TASKS+=("os-cinder-install.yml")
# The first run will install everything everywhere and restart the nova services
RUN_TASKS+=("os-nova-install.yml")
# This is being run before hand to ensure a speedy service upgrade to maintain running VMs.
# this also works around an issue where very early versions of libvirt may not be fully
# replaced on the first run.
RUN_TASKS+=("os-nova-install.yml --limit nova_compute")
RUN_TASKS+=("os-neutron-install.yml")
RUN_TASKS+=("${UPGRADE_UTILS}/neutron-remove-old-containers.yml")
RUN_TASKS+=("os-heat-install.yml")
RUN_TASKS+=("os-horizon-install.yml")
RUN_TASKS+=("os-ceilometer-install.yml")
RUN_TASKS+=("os-aodh-install.yml")
if grep -rni "^gnocchi_storage_driver" /etc/openstack_deploy/*.{yaml,yml} | grep -qw "swift"; then
RUN_TASKS+=("os-gnocchi-install.yml -e gnocchi_identity_only=true")
fi
RUN_TASKS+=("os-swift-install.yml")
RUN_TASKS+=("os-gnocchi-install.yml")
RUN_TASKS+=("os-ironic-install.yml")
RUN_TASKS+=("os-magnum-install.yml")
RUN_TASKS+=("os-sahara-install.yml")
RUN_TASKS+=("${UPGRADE_UTILS}/post-redeploy-cleanup.yml")
run_items "/opt/openstack-ansible"
### Run the redeploy tasks

36
leap-upgrades/run-stages.sh Executable file
View File

@ -0,0 +1,36 @@
#!/usr/bin/env bash
# Copyright 2017, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# NOTICE: To run this in an automated fashion run the script via
# root@HOSTNAME:/opt/openstack-ansible# echo "YES" | bash scripts/run-upgrade.sh
## Shell Opts ----------------------------------------------------------------
set -e -u -v
## Main ----------------------------------------------------------------------
source lib/vars.sh
source lib/functions.sh
## Stages --------------------------------------------------------------------
source prep.sh
source upgrade.sh
source migrations.sh
source re-deploy.sh
echo -e "\n====================================================="
notice "All Leaps successful."
echo -e "=====================================================\n"
exit 0

32
leap-upgrades/upgrade-utilities-kilo/playbooks/container-network-adjustments.yml Normal file
View File

@ -0,0 +1,32 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Container network adjustments
hosts: "all_containers"
max_fail_percentage: 100
gather_facts: false
user: root
tasks:
- name: Get interface files
command: ls -1 /etc/network/interfaces.d/
register: interface_files
failed_when: false
- name: Remove old interface files
file:
path: "/etc/network/interfaces.d/{{ item }}"
state: "absent"
with_items:
- "{{ interface_files.stdout_lines }}"
failed_when: false

33
leap-upgrades/upgrade-utilities-kilo/playbooks/container-network-bounce.yml Normal file
View File

@ -0,0 +1,33 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Container network restart
hosts: "all_containers"
max_fail_percentage: 100
gather_facts: false
user: root
tasks:
- name: Ensure network interfaces are all up
lxc_container:
name: "{{ inventory_hostname }}"
container_command: |
INTERFACES=""
INTERFACES+="\$(awk '/auto/ {print \$2}' /etc/network/interfaces) "
INTERFACES+="\$(ls -1 /etc/network/interfaces.d/ | awk -F'.cfg' '{print \$1}')"
for i in \${INTERFACES}; do
ifdown \$i || true
ifup \$i || true
done
delegate_to: "{{ physical_host }}"

49
leap-upgrades/upgrade-utilities-kilo/playbooks/host-adjustments.yml Normal file
View File

@ -0,0 +1,49 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Host adjustments
hosts: "hosts"
max_fail_percentage: 100
gather_facts: false
user: root
tasks:
- name: Remove old lxc cache files
file:
path: "{{ item }}"
state: "absent"
with_items:
- "/var/cache/lxc_trusty.tgz"
- "/var/cache/lxc/rpc-trusty-container.tgz"
- name: Ensure services log files are fix
shell: |
if [ ! -h "/var/log/{{ item }}" ] && [ -d "/var/log/{{ item }}" ];then
mv /var/log/{{ item }} /openstack/log/{{ inventory_hostname }}-{{ item }}
ln -s /openstack/log/{{ inventory_hostname }}-{{ item }} /var/log/{{ item }}
else
# Exit 99 when nothing found to change
exit 99
fi
failed_when: false
changed_when: log_change.rc == 0
register: log_change
with_items:
- "cinder"
- "glance"
- "heat"
- "horizon"
- "keystone"
- "nova"
- "neutron"
- "swift"

28
leap-upgrades/upgrade-utilities-kilo/playbooks/remove-juno-log-rotate.yml Normal file
View File

@ -0,0 +1,28 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Remove juno log-rotate config
hosts: "hosts"
gather_facts: false
user: root
tasks:
- name: find log rotate config in /etc/logrotate.d/
command: "find /etc/logrotate.d -type f -name 'openstack_*'"
register: log_rotate
- name: Remove juno log rotate files
file:
path: "{{ item }}"
state: absent
with_items: log_rotate.stdout_lines

37
leap-upgrades/upgrade-utilities-kilo/playbooks/swift-repo-adjustments.yml Normal file
View File

@ -0,0 +1,37 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Ensure swift has access to the backports repo
hosts: "swift_all"
max_fail_percentage: 100
gather_facts: false
user: root
tasks:
- name: Ensure all swift nodes have access to the backports repo
shell: |
UBUNTU_RELEASE=$(lsb_release -sc)
UBUNTU_REPO=$(awk "/^deb .*ubuntu\/? ${UBUNTU_RELEASE} main/ {print \$2; exit}" /etc/apt/sources.list)
UBUNTU_BACKPORTS="deb ${UBUNTU_REPO} ${UBUNTU_RELEASE}-backports main restricted universe multiverse"
if ! grep "^$UBUNTU_BACKPORTS" /etc/apt/sources.list; then
echo $UBUNTU_BACKPORTS | tee -a /etc/apt/sources.list
apt-get update
else
exit 1
fi
environment:
PATH: "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games"
changed_when: repo_updates.rc == 0
failed_when: false
register: repo_updates

57
leap-upgrades/upgrade-utilities-kilo/playbooks/swift-ring-adjustments.yml Normal file
View File

@ -0,0 +1,57 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Send swift rings from localhost to the first swift node
hosts: "swift_hosts[0]"
max_fail_percentage: 100
gather_facts: false
user: root
tasks:
- name: Ensure the swift system user
user:
name: "{{ swift_system_user_name }}"
group: "{{ swift_system_group_name }}"
comment: "{{ swift_system_comment }}"
shell: "{{ swift_system_shell }}"
system: "yes"
createhome: "yes"
home: "{{ swift_system_home_folder }}"
- name: Ensure "/etc/swift/ring_build_files/" exists
file:
path: "{{ item }}"
owner: "{{ swift_system_user_name }}"
group: "{{ swift_system_group_name }}"
state: "directory"
with_items:
- "/etc/swift"
- "/etc/swift/ring_build_files"
- name: "Copy the rings from localhost to swift_host[0]"
copy:
src: "{{ item }}"
dest: "/etc/swift/ring_build_files/"
mode: "0644"
owner: "{{ swift_system_user_name }}"
group: "{{ swift_system_group_name }}"
with_fileglob:
- /etc/swift/rings/*.ring.gz
- /etc/swift/rings/*.builder
when: >
inventory_hostname == groups['swift_hosts'][0]
vars:
swift_system_user_name: swift
swift_system_group_name: swift
swift_system_shell: /bin/bash
swift_system_comment: swift system user
swift_system_home_folder: "/var/lib/{{ swift_system_user_name }}"

33
leap-upgrades/upgrade-utilities-kilo/playbooks/user-secrets-adjustments-kilo.yml Normal file
View File

@ -0,0 +1,33 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: User secrets adjustments
hosts: localhost
connection: local
gather_facts: false
user: root
tasks:
- name: Read example user secrets file
shell: "grep '^[a-zA-Z]' {{ osa_playbook_dir }}/etc/openstack_deploy/user_secrets.yml"
register: secrets
- name: Add missing secret
shell: |
if ! grep '^{{ item }}' /etc/openstack_deploy/user_secrets.yml; then
echo {{ item }} | tee -a /etc/openstack_deploy/user_secrets.yml
fi
with_items: secrets.stdout_lines
- name: Generate new secrets
shell: "{{ osa_playbook_dir }}/scripts/pw-token-gen.py --file /etc/openstack_deploy/user_secrets.yml"

48
leap-upgrades/upgrade-utilities-kilo/scripts/create-new-openstack-deploy-structure.sh Executable file
View File

@ -0,0 +1,48 @@
#!/usr/bin/env bash
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
## Shell Opts ----------------------------------------------------------------
set -e -u -v
# Create new openstack_deploy directory.
if [ -d "/etc/rpc_deploy" ];then
# Create an archive of the old deployment directory
tar -czf ~/pre-upgrade-backup.tgz /etc/rpc_deploy
# Move the new deployment directory bits into place
mkdir -p /etc/openstack_deploy/
cp -R /etc/rpc_deploy/* /etc/openstack_deploy/
mv /etc/rpc_deploy /etc/rpc_deploy.OLD
else
echo "No /etc/rpc_deploy directory found, thus nothing to upgrade."
exit 1
fi
if [ ! -d "/etc/openstack_deploy/upgrade-juno" ];then
mkdir -p "/etc/openstack_deploy/upgrade-juno"
fi
# Drop deprecation file.
cat > /etc/rpc_deploy.OLD/DEPRECATED.txt <<EOF
This directory have been deprecated please navigate to "/etc/openstack_deploy"
EOF
# Move the old RPC files to OpenStack files.
pushd /etc/openstack_deploy
rename 's/rpc_/openstack_/g' rpc_*
popd
# Make the extra configuration directories within the "/etc/openstack_deploy" directory
mkdir -p /etc/openstack_deploy/conf.d
mkdir -p /etc/openstack_deploy/env.d

53
leap-upgrades/upgrade-utilities-kilo/scripts/juno-container-cleanup.sh Executable file
View File

@ -0,0 +1,53 @@
#!/usr/bin/env bash
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
## Shell Opts ----------------------------------------------------------------
set -e -u -v
export MAIN_PATH="${MAIN_PATH:-$(dirname $(dirname $(dirname $(dirname $(readlink -f $0)))))}"
export SCRIPTS_PATH="${SCRIPTS_PATH:-$(dirname $(dirname $(dirname $(readlink -f $0))))}"
function remove_inv_items {
${SCRIPTS_PATH}/inventory-manage.py -f /etc/openstack_deploy/openstack_inventory.json -r "$1"
}
function get_inv_items {
${SCRIPTS_PATH}/inventory-manage.py -f /etc/openstack_deploy/openstack_inventory.json -l | grep -w ".*$1"
}
function remove_inv_groups {
${SCRIPTS_PATH}/inventory-manage.py -f /etc/openstack_deploy/openstack_inventory.json --remove-group "$1"
}
# Remove containers that we no longer need
pushd ${MAIN_PATH}/playbooks
# Remove the dead container types from inventory
REMOVED_CONTAINERS=""
REMOVED_CONTAINERS+="$(get_inv_items 'rsyslog_container' | awk '{print $2}') "
REMOVED_CONTAINERS+="$(get_inv_items 'nova_api_ec2' | awk '{print $2}') "
REMOVED_CONTAINERS+="$(get_inv_items 'nova_spice_console' | awk '{print $2}') "
# Remove unused groups from inventory
REMOVED_GROUPS="nova_api_ec2 nova_api_ec2_container nova_spice_console nova_spice_console_container rabbit rabbit_all"
for i in ${REMOVED_GROUPS}; do
remove_inv_groups $i
done
for i in ${REMOVED_CONTAINERS};do
remove_inv_items $i
done
popd

63
leap-upgrades/upgrade-utilities-kilo/scripts/juno-is-metal-preserve.py Executable file
View File

@ -0,0 +1,63 @@
#!/usr/bin/env python
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import os
import yaml
with open('/etc/rpc_deploy.OLD/rpc_environment.yml', 'r') as f:
rpc_environment = yaml.safe_load(f.read())
for root, _, files in os.walk('/etc/openstack_deploy/env.d'):
for item in files:
env_file = os.path.join(root, item)
with open(env_file, 'r') as f:
os_environment = yaml.safe_load(f.read())
if 'container_skel' not in os_environment:
continue
changed = False
for i in os_environment['container_skel']:
os_item = os_environment['container_skel'][i]
if i not in rpc_environment['container_skel']:
continue
rpc_item = rpc_environment['container_skel'][i]
if 'is_metal' in rpc_item:
rpc_metal = rpc_item['is_metal']
else:
rpc_metal = False
if 'is_metal' in os_item['properties']:
os_metal = os_item['properties']['is_metal']
else:
os_metal = False
if rpc_metal != os_metal:
changed = True
os_item['properties']['is_metal'] = rpc_metal
if changed:
with open(env_file, 'w') as fsw:
fsw.write(
yaml.safe_dump(
os_environment,
default_flow_style=False,
width=1000
)
)

32
leap-upgrades/upgrade-utilities-kilo/scripts/juno-kilo-add-repo-infra.py Executable file
View File

@ -0,0 +1,32 @@
#!/usr/bin/env python
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import yaml
with open('/etc/openstack_deploy/openstack_user_config.yml', 'r') as f:
user_config = yaml.safe_load(f.read())
# Create the new repo servers entries
repo_servers = dict()
o = repo_servers['repo-infra_hosts'] = user_config['infra_hosts']
with open('/etc/openstack_deploy/conf.d/repo-servers.yml', 'w') as fsw:
fsw.write(
yaml.safe_dump(
repo_servers,
default_flow_style=False,
width=1000
)
)

59
leap-upgrades/upgrade-utilities-kilo/scripts/juno-kilo-ldap-conversion.py Executable file
View File

@ -0,0 +1,59 @@
#!/usr/bin/env python
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import yaml
with open('/etc/openstack_deploy/user_variables.yml', 'r') as f:
user_vars = yaml.safe_load(f.read())
# Grab a map of the old keystone ldap entries
new_ldap = dict()
for k, v in user_vars.items():
if k.startswith('keystone_ldap'):
new_ldap['%s' % k.split('keystone_ldap_')[-1]] = v
# Rename misnamed old keystone ldap entries
MISNAMED_ENTRIES = {'user_bind': 'user', 'user_bind_password': 'password'}
for entry in MISNAMED_ENTRIES:
if entry in new_ldap:
new_ldap[MISNAMED_ENTRIES[entry]] = new_ldap.pop(entry)
if 'server' in new_ldap:
if 'scheme' in new_ldap:
ldap_scheme = new_ldap['scheme']
new_ldap.pop('scheme')
else:
ldap_scheme = 'ldap'
new_ldap['url'] = "%s://%s" % (ldap_scheme, new_ldap['server'])
new_ldap.pop('server')
# Open user secrets file.
with open('/etc/openstack_deploy/user_secrets.yml', 'r') as fsr:
user_secrets = yaml.safe_load(fsr.read())
# LDAP variable to instruct keystone to use ldap
ldap = user_secrets['keystone_ldap'] = dict()
# "ldap" section within the keystone_ldap variable.
ldap['ldap'] = new_ldap
with open('/etc/openstack_deploy/user_secrets.yml', 'w') as fsw:
fsw.write(
yaml.safe_dump(
user_secrets,
default_flow_style=False,
width=1000
)
)

49
leap-upgrades/upgrade-utilities-kilo/scripts/juno-rpc-extras-create.py Executable file
View File

@ -0,0 +1,49 @@
#!/usr/bin/env python
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import yaml
with open('/etc/openstack_deploy/user_variables.yml', 'r') as f:
user_vars = yaml.safe_load(f.read())
# Grab a map of the old rpc maas entries
extra_types = ['maas_', 'rackspace_', 'elasticsearch_', 'kibana_', 'logstash_']
rpc_extras = dict()
for k, v in user_vars.items():
for i in extra_types:
if k.startswith(i):
rpc_extras[k] = v
# Clean up rpc extra variables from user variables
for i in rpc_extras.keys():
del(user_vars[i])
with open('/etc/openstack_deploy/user_variables.yml', 'w') as fsw:
fsw.write(
yaml.safe_dump(
user_vars,
default_flow_style=False,
width=1000
)
)
with open('/etc/openstack_deploy/user_extras_variables.yml', 'w') as fsw:
fsw.write(
yaml.safe_dump(
rpc_extras,
default_flow_style=False,
width=1000
)
)

132
leap-upgrades/upgrade-utilities-kilo/scripts/new-variable-prep.sh Executable file
View File

@ -0,0 +1,132 @@
#!/usr/bin/env bash
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
## Shell Opts ----------------------------------------------------------------
set -e
export MAIN_PATH="${MAIN_PATH:-$(dirname $(dirname $(dirname $(dirname $(readlink -f $0)))))}"
export SCRIPTS_PATH="${SCRIPTS_PATH:-$(dirname $(dirname $(dirname $(readlink -f $0))))}"
# Copy over the new environment map
if [ -f "/etc/openstack_deploy/openstack_environment.yml" ];then
cp /etc/openstack_deploy/openstack_environment.yml /etc/openstack_deploy/openstack_environment.yml.old
fi
cp ${MAIN_PATH}/etc/openstack_deploy/openstack_environment.yml /etc/openstack_deploy/
for i in $(ls -1 ${MAIN_PATH}/etc/openstack_deploy/env.d/);do
if [ ! -f "/etc/openstack_deploy/env.d/$i" ];then
cp "${MAIN_PATH}/etc/openstack_deploy/env.d/$i" /etc/openstack_deploy/env.d/
fi
done
# Enable the old ha tool in neutron
if ! grep '^neutron_legacy_ha_tool_enabled' /etc/openstack_deploy/user_variables.yml;then
echo 'neutron_legacy_ha_tool_enabled: true' | tee -a /etc/openstack_deploy/user_variables.yml
fi
# Set the rabbitmq cluster name if its not set to something else.
if ! grep '^rabbit_cluster_name\:' /etc/openstack_deploy/user_variables.yml;then
echo 'rabbit_cluster_name: rpc' | tee -a /etc/openstack_deploy/user_variables.yml
fi
# Add some new variables to user_variables.yml
if ! grep '^galera_innodb_log_file_size' /etc/openstack_deploy/user_variables.yml;then
echo 'galera_innodb_log_file_size: 128M' | tee -a /etc/openstack_deploy/user_variables.yml
fi
# Add some new variables to user_variables.yml
if ! grep '^galera_cluster_name' /etc/openstack_deploy/user_variables.yml;then
echo 'galera_cluster_name: rpc_galera_cluster' | tee -a /etc/openstack_deploy/user_variables.yml
fi
# Set the ssl protocol settings.
if ! grep '^ssl_protocol' /etc/openstack_deploy/user_variables.yml;then
echo 'ssl_protocol: "ALL -SSLv2 -SSLv3"' | tee -a /etc/openstack_deploy/user_variables.yml
fi
# Cipher suite string from "https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/".
if ! grep '^ssl_cipher_suite' /etc/openstack_deploy/user_variables.yml;then
echo 'ssl_cipher_suite: "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS"' | tee -a /etc/openstack_deploy/user_variables.yml
fi
# We are overriding the default value for neutron_l2_population.
if ! grep '^neutron_l2_population' /etc/openstack_deploy/user_variables.yml;then
echo 'neutron_l2_population: True' | tee -a /etc/openstack_deploy/user_variables.yml
fi
# Ensure that the user_group_vars.yml file is not present.
if [ -f "/etc/openstack_deploy/user_group_vars.yml" ];then
rm /etc/openstack_deploy/user_group_vars.yml
fi
# Create secrets file.
if [ ! -f "/etc/openstack_deploy/user_secrets.yml" ];then
touch /etc/openstack_deploy/user_secrets.yml
fi
# Make newlines the only separator
IFS=$'\n'
# Populate the secrets file with data that should be secret.
if [ -f "/etc/openstack_deploy/user_extras_variables.yml" ];then
for i in 'key\:' 'token\:' 'password\:' 'secret\:';do
for l in $(grep "$i" /etc/openstack_deploy/user_extras_variables.yml);do
if ! grep "$l" /etc/openstack_deploy/user_extras_secrets.yml;then
echo "$l" | tee -a /etc/openstack_deploy/user_extras_secrets.yml
fi
done
done
if [ -f "/etc/openstack_deploy/user_extras_secrets.yml" ];then
# Setting the secret generator to always return true because the file may be a zero byte file
${SCRIPTS_PATH}/pw-token-gen.py --file /etc/openstack_deploy/user_extras_secrets.yml || true
fi
fi
for i in 'key\:' 'token\:' 'swift_hash_path' 'password\:' 'secret\:';do
for l in $(grep "$i" /etc/openstack_deploy/user_variables.yml);do
if ! grep "$l" /etc/openstack_deploy/user_secrets.yml; then
echo "$l" | tee -a /etc/openstack_deploy/user_secrets.yml
fi
done
done
# Rename the mysql_root_password to galera_root_password.
sed -i 's/mysql_root_password/galera_root_password/g' /etc/openstack_deploy/user_secrets.yml
# Change the glance swift auth value if set. Done because the glance input variable has changed.
if grep '^glance_swift_store_auth_address\:' /etc/openstack_deploy/user_variables.yml | grep -e 'keystone_service_internaluri' -e 'auth_identity_uri'; then
sed -i 's/^glance_swift_store_auth_address:.*/glance_swift_store_auth_address: "{{ keystone_service_internalurl }}"/g' /etc/openstack_deploy/user_variables.yml
fi
# Create some new secrets.
for i in 'glance_profiler_hmac_key:' 'cinder_profiler_hmac_key:' 'heat_profiler_hmac_key:' 'nova_v21_service_password:';do
if ! grep "^$i" /etc/openstack_deploy/user_secrets.yml;then
echo "$i" | tee -a /etc/openstack_deploy/user_secrets.yml
fi
done
# Create the horizon secret key if not found.
if ! grep '^horizon_secret_key\:' /etc/openstack_deploy/user_secrets.yml;then
echo 'horizon_secret_key:' | tee -a /etc/openstack_deploy/user_secrets.yml
fi
# Set the galera monitoring user to the old Juno Value.
if ! grep '^galera_monitoring_user' /etc/openstack_deploy/user_deleteme_post_upgrade_variables.yml;then
echo 'galera_monitoring_user: "haproxy"' | tee -a /etc/openstack_deploy/user_deleteme_post_upgrade_variables.yml
fi
# Regenerate secrets for the new entries if any
${SCRIPTS_PATH}/pw-token-gen.py --file /etc/openstack_deploy/user_secrets.yml

29
leap-upgrades/upgrade-utilities-kilo/scripts/old-variable-remove.sh Executable file
View File

@ -0,0 +1,29 @@
#!/usr/bin/env bash
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
## Shell Opts ----------------------------------------------------------------
set -e -u -v
# Remove old ldap variables from "user_variables.yml".
sed -i '/keystone_ldap.*/d' /etc/openstack_deploy/user_variables.yml
# Remove secrets from the user_variables file that are now in the secrets file.
sed -i -e '/key\:/d' -e '/token\:/d' -e '/password\:/d' -e '/secret\:/d' /etc/openstack_deploy/user_extras_variables.yml
# Remove secrets from the user_variables file that are now in the secrets file.
sed -i -e '/key\:/d' -e '/token\:/d' -e '/swift_hash_path/d' -e '/password\:/d' -e '/secret\:/d' /etc/openstack_deploy/user_variables.yml
# Remove the environment version entry from user config.
sed -i '/^environment_version.*/d' /etc/openstack_deploy/openstack_user_config.yml

1
leap-upgrades/upgrade-utilities-liberty/playbooks/ansible_fact_cleanup-liberty.yml Symbolic link
View File

@ -0,0 +1 @@
../../upgrade-utilities/ansible_fact_cleanup.yml

54
leap-upgrades/upgrade-utilities-liberty/playbooks/deploy-config-changes-liberty.yml Normal file
View File

@ -0,0 +1,54 @@
---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Upgrade environment/inventory configuration
hosts: localhost
connection: local
gather_facts: false
user: root
tasks:
- name: Create an old copy of openstack_deploy
copy:
src: "/etc/openstack_deploy/"
dest: "/etc/openstack_deploy.KILO/"
force: no
- name: Copy new env.d files into place
copy:
src: "{{ repo_root_dir }}/etc/openstack_deploy/env.d/{{ item }}.yml"
dest: "/etc/openstack_deploy/env.d/{{ item }}.yml"
force: no
with_items:
- aodh
- haproxy
- name: Add new neutron environment memberships
command: "{{ playbook_dir }}/../scripts/add_new_neutron_env.py {{ repo_root_dir }}"
args:
creates: /etc/openstack_deploy.KILO/NEUTRON_MIGRATED
- name: Remove old ceilometer environment memberships
command: "{{ playbook_dir }}/../scripts/fix_ceilometer_env.py"
args:
creates: /etc/openstack_deploy.KILO/CEILOMETER_MIGRATED
- name: Update OpenStack variable names
command: "{{ playbook_dir }}/../scripts/migrate_openstack_vars.py {{ item }} {{ (item | basename)[:-4] }}"
args:
creates: "/etc/openstack_deploy.KILO/VARS_MIGRATED_{{ (item | basename)[:-4] }}"
with_fileglob:
- "/etc/openstack_deploy/user_*.yml"
vars:
repo_root_dir: "{{ osa_playbook_dir }}/"

39
leap-upgrades/upgrade-utilities-liberty/playbooks/disable-neutron-port-security.yml Normal file
View File

@ -0,0 +1,39 @@
---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Update neutron security bindings variables
hosts: localhost
connection: local
gather_facts: false
user: root
tasks:
- fail:
msg: >
neutron_ml2_conf_ini_overrides is defined in one of your overrides files but
neutron_ml2_conf_ini_overrides.ml2.extension_drivers is unset. Please set
neutron_ml2_conf_ini_overrides.ml2.extension_drivers = '' to prevent
https://bugs.launchpad.net/neutron/+bug/1509312
when:
- neutron_ml2_conf_ini_overrides is defined
- "'extension_drivers' not in (neutron_ml2_conf_ini_overrides.ml2 | default({}))"
- name: Disable the port security driver
# The below is not ideal, but it preserves whatever was in the
# user_variables file without clobbering comments or having an
# additional script.
lineinfile:
dest: /etc/openstack_deploy/user_variables.yml
line: "neutron_ml2_conf_ini_overrides:\n ml2:\n extension_drivers: ''"
when:
- neutron_ml2_conf_ini_overrides is not defined

29
leap-upgrades/upgrade-utilities-liberty/playbooks/mariadb-apt-cleanup.yml Normal file
View File

@ -0,0 +1,29 @@
---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: MariaDB apt sources cleanup
hosts: "hosts"
max_fail_percentage: 100
gather_facts: false
user: root
tasks:
- name: Remove MariaDB repositories left over from Juno
shell: |
sed -i '/http:.*maria.*/d' /etc/apt/sources.list.d/*
ignore_errors: true
- name: Remove MariaDB repositories left over from Mitaka
apt_repository:
repo: "deb https://mirror.rackspace.com/mariadb/repo/10.0/ubuntu trusty main"
state: "absent"

23
leap-upgrades/upgrade-utilities-liberty/playbooks/memcached-flush.yml Normal file
View File

@ -0,0 +1,23 @@
---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Memcached cache flush
hosts: memcached_all
gather_facts: false
user: root
tasks:
- name: Flush all of the cache in memcached
shell: |
echo 'flush_all' | nc $(awk '/^\-l/ {print $2}' /etc/memcached.conf) $(awk '/^\-p/ {print $2}' /etc/memcached.conf)

33
leap-upgrades/upgrade-utilities-liberty/playbooks/user-secrets-adjustment-liberty.yml Normal file
View File

@ -0,0 +1,33 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: User secrets adjustments
hosts: localhost
connection: local
gather_facts: false
user: root
tasks:
- name: Read example user secrets file
shell: "grep '^[a-zA-Z]' {{ osa_playbook_dir }}/etc/openstack_deploy/user_secrets.yml"
register: secrets
- name: Add missing secret
shell: |
if ! grep '^{{ item }}' /etc/openstack_deploy/user_secrets.yml; then
echo {{ item }} | tee -a /etc/openstack_deploy/user_secrets.yml
fi
with_items: secrets.stdout_lines
- name: Generate new secrets
shell: "{{ osa_playbook_dir }}/scripts/pw-token-gen.py --file /etc/openstack_deploy/user_secrets.yml"

68
leap-upgrades/upgrade-utilities-liberty/scripts/add_new_neutron_env.py Executable file
View File

@ -0,0 +1,68 @@
#!/usr/bin/env python
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import os
import sys
import yaml
def add_new_dict_data(original, new):
"""Adds/appends new entries to existing dicts
Adds new key/value entries to existing dictionaries, and appends
new leaf values.
"""
if not hasattr(new, 'items'):
return
for key, new_values in new.items():
# Add our whole sub-dictionary into the tree
if key not in original:
original[key] = new_values
return
# Only populate missing values
for val in new_values:
if val not in original[key]:
original[key].append(val)
add_new_dict_data(original[key], new[key])
if __name__ == '__main__':
repo_root = sys.argv[1]
kilo_file = '/etc/openstack_deploy.KILO/env.d/neutron.yml'
repo_liberty_file = os.path.join(repo_root,
'etc/openstack_deploy/env.d/neutron.yml')
liberty_file = '/etc/openstack_deploy/env.d/neutron.yml'
flag_file = '/etc/openstack_deploy.KILO/NEUTRON_MIGRATED'
with open(kilo_file, 'r') as f:
kilo_dict = yaml.safe_load(f.read())
with open(repo_liberty_file, 'r') as f:
liberty_dict = yaml.safe_load(f.read())
for skel in ('component_skel', 'container_skel', 'physical_skel'):
add_new_dict_data(kilo_dict[skel], liberty_dict[skel])
with open(liberty_file, 'w') as f:
f.write(yaml.safe_dump(kilo_dict, default_flow_style=False,
width=1000))
with open(flag_file, 'w') as f:
f.write('Neutron variables migrated from kilo to liberty.')

46
leap-upgrades/upgrade-utilities-liberty/scripts/fix_ceilometer_env.py Executable file
View File

@ -0,0 +1,46 @@
#!/usr/bin/env python
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import yaml
# These values happen to be both the keys and the values removed from the
# environment file
BLACK_LIST = [
'ceilometer_alarm_notifier',
'ceilometer_alarm_evaluator'
]
def clean_vars():
with open('/etc/openstack_deploy/env.d/ceilometer.yml', 'r') as f:
environment = yaml.safe_load(f.read())
for var in BLACK_LIST:
# If the values aren't present, using 'pop' and the try/except
# allow the script to continue without changes
environment['component_skel'].pop(var, None)
container_skel = environment['container_skel']
try:
container_skel['ceilometer_api_container']['contains'].remove(var)
except ValueError:
pass
with open('/etc/openstack_deploy/env.d/ceilometer.yml', 'w') as f:
f.write(yaml.safe_dump(environment, default_flow_style=False,
width=1000))
if __name__ == '__main__':
clean_vars()
with open('/etc/openstack_deploy.KILO/CEILOMETER_MIGRATED', 'w') as f:
f.write('Deprecated ceilometer environment info has been removed.')

45
leap-upgrades/upgrade-utilities-liberty/scripts/make_rst_table.py Executable file
View File

@ -0,0 +1,45 @@
#!/usr/bin/env python
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# This file is used to generate a ReStructured Text table suitable for
# documentating the variable name changes. Its contents are meant to be
# inserted into doc/source/upgrade-guide/scripts.rst.
# As of right now, running this script and inserting the output into
# the file is manual.
from migrate_openstack_vars import VAR_MAPPINGS
# Print old/new values in each row, right aligned.
row_format = "| {:>40} | {:>40} |"
# For the line separators, move the dividing '+' sign over so it's aligned
# with the '|' in the rows.
divider_format = "+-{:->42}---{:->40}"
header_divide_format = "+={:=>42}==={:=>40}"
# Header info
print(divider_format.format('+', '+'))
print(row_format.format('Old Value', 'New Value'))
print(header_divide_format.format('+', '+'))
# If we just used the items method, we'd get an unsorted output.
keys = VAR_MAPPINGS.keys()
keys.sort()
for key in keys:
print(row_format.format(key, VAR_MAPPINGS[key]))
print(divider_format.format('+', '+'))

92
leap-upgrades/upgrade-utilities-liberty/scripts/migrate_openstack_vars.py Executable file
View File

@ -0,0 +1,92 @@
#!/usr/bin/env python
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# This could probably be made more generic, since the biggest change per
# service is the variable mappings
import sys
VAR_MAPPINGS = {
# Nova changes
"nova_v21_service_name": "nova_service_name",
"nova_v21_service_type": "nova_service_type",
"nova_v21_service_proto": "nova_service_proto",
"nova_v21_service_publicuri_proto": "nova_service_publicuri_proto",
"nova_v21_service_adminuri_proto": "nova_service_adminuri_proto",
"nova_v21_service_internaluri_proto": "nova_service_internaluri_proto",
"nova_v21_service_port": "nova_service_port",
"nova_v21_service_description": "nova_service_description",
"nova_v21_service_publicuri": "nova_service_publicuri",
"nova_v21_service_publicurl": "nova_service_publicurl",
"nova_v21_service_adminuri": "nova_service_adminuri",
"nova_v21_service_adminurl": "nova_service_adminurl",
"nova_v21_service_internaluri": "nova_service_internaluri",
"nova_v21_service_internalurl": "nova_service_internalurl",
# Heat changes
# These also have a different default value: "Default" -> default
# Should this be handled in a second pass, or at the same time?
"heat_service_project_domain_name": "heat_service_project_domain_id",
"heat_service_user_domain_name": "heat_service_user_domain_id",
# Galera server changes
"galera_sst_method": "galera_wsrep_sst_method",
}
def update_variables(old_contents):
"""Replace all references to old variables.
This includes comments and references within values for other variables.
"""
new_contents = []
for line in old_contents:
words = line.split()
for word in words:
# Using the whitespace split above, the keys in the yaml file will
# have a : at the end, so we need to strip that off before
# replacing
if word.endswith(':'):
word = word[:-1]
if word in VAR_MAPPINGS.keys():
line = line.replace(word, VAR_MAPPINGS[word])
new_contents.append(line)
return new_contents
def main(filename):
with open(filename, 'r') as f:
contents = f.readlines()
new_contents = update_variables(contents)
with open(filename, 'w') as f:
f.write(''.join(new_contents))
if __name__ == '__main__':
if len(sys.argv) < 3:
sys.exit("Filename and flag file reference required.")
filename = sys.argv[1]
flag_ref = sys.argv[2]
main(filename)
flag_file = '/etc/openstack_deploy.KILO/VARS_MIGRATED_%s' % flag_ref
with open(flag_file, 'w') as f:
f.write('OpenStack Kilo variables migrated.')

86
leap-upgrades/upgrade-utilities-liberty/scripts/test_migrate_openstack_vars.py Executable file
View File

@ -0,0 +1,86 @@
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
from migrate_openstack_vars import main
from migrate_openstack_vars import VAR_MAPPINGS
import os
import sys
FILE_NAME = 'test_user_variables.yml'
def set_up():
# Create an example file with key/value pairs, as well as a comment
# The old to new value mappings are written to a file, then later the
# file is inspected to ensure no old values remain.
var_lines = ["{}: {}".format(key, val) for
key, val in VAR_MAPPINGS.items()]
var_lines.append('# A test comment')
sample = VAR_MAPPINGS.items()[0]
var_lines.append('# {} / {}'.format(*sample))
with open(FILE_NAME, 'w') as f:
f.write('\n'.join(var_lines))
def teardown():
# Remove files so they don't pollute the directories.
os.remove(FILE_NAME)
def test():
main(FILE_NAME)
with open(FILE_NAME, 'r') as f:
contents = f.readlines()
for line in contents:
# only split lines that look like a key/value pair.
if ':' in line:
var, value = line.split(':', 1)
value = value.strip()
elif '/' in line:
# For the comment containing a variable, clean up the list
# contents before assigning the parts we want to test.
parts = line.split()
parts.remove('#')
parts.remove('/')
var, value = parts
else:
var = value = line
# Once run through the 'main' function, the keys and values should
# match
if not value == var:
import pdb; pdb.set_trace() # NOQA
print("Var and value don't match.")
print("Var: {}, Value: {}".format(var, value))
sys.exit()
invalid_variable = var not in VAR_MAPPINGS.values()
# Comments aren't in our test mapping, so make sure we ignore them
is_comment = line.startswith('#')
if invalid_variable and not is_comment:
err = "Variable {} doesn't appear to be a valid new name."
sys.exit(err.format(var))
print("Tests passed")
if __name__ == '__main__':
set_up()
test()
teardown()

1
leap-upgrades/upgrade-utilities-mitaka/playbooks/ansible_fact_cleanup-mitaka-1.yml Symbolic link
View File

@ -0,0 +1 @@
../../upgrade-utilities/ansible_fact_cleanup.yml

1
leap-upgrades/upgrade-utilities-mitaka/playbooks/ansible_fact_cleanup-mitaka-2.yml Symbolic link
View File

@ -0,0 +1 @@
ansible_fact_cleanup-mitaka-1.yml

43
leap-upgrades/upgrade-utilities-mitaka/playbooks/deploy-config-changes-mitaka.yml Normal file
View File

@ -0,0 +1,43 @@
---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Upgrade environment/inventory configuration
hosts: localhost
connection: local
gather_facts: false
user: root
tasks:
- name: Create an old copy of openstack_deploy
copy:
src: "/etc/openstack_deploy/"
dest: "/etc/openstack_deploy.LIBERTY/"
force: no
- name: Copy new env.d files into place
copy:
src: "{{ repo_root_dir }}/etc/openstack_deploy/env.d/{{ item }}.yml"
dest: "/etc/openstack_deploy/env.d/{{ item }}.yml"
force: no
with_items:
- ironic
- name: Update OpenStack variable names
command: "{{ playbook_dir }}/../scripts/migrate_openstack_vars.py {{ item }} {{ (item | basename)[:-4] }}"
args:
creates: "/etc/openstack_deploy.LIBERTY/VARS_MIGRATED_{{ (item | basename)[:-4] }}"
with_fileglob:
- "/etc/openstack_deploy/user_*.yml"
vars:
repo_root_dir: "{{ osa_playbook_dir }}/"

63
leap-upgrades/upgrade-utilities-mitaka/playbooks/old-hostname-compatibility-mitaka.yml Normal file
View File

@ -0,0 +1,63 @@
---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Set hostname alias for local lookup compatibility
hosts: hosts
gather_facts: true
tasks:
- name: Update Alias hostnames
lineinfile:
dest: /etc/hosts
insertafter: "^127.0.0.1"
regexp: "^127.0.1.1"
line: "127.0.1.1 {{ rfc_1034_1035_name }}.{{ domain_name }} {{ rfc_1034_1035_name }} {{ inventory_hostname }} {{ ansible_hostname }}"
state: present
register: result1
when:
- rfc_1034_1035_name != inventory_hostname
- rfc_1034_1035_name != ansible_hostname
- name: Update Alias hostnames
lineinfile:
dest: /etc/hosts
insertafter: "^127.0.0.1"
regexp: "^127.0.1.1"
line: "127.0.1.1 {{ rfc_1034_1035_name }}.{{ domain_name }} {{ rfc_1034_1035_name }} {{ ansible_hostname }}"
state: present
register: result2
when:
- rfc_1034_1035_name == inventory_hostname
- rfc_1034_1035_name != ansible_hostname
- name: Update Alias hostnames
lineinfile:
dest: /etc/hosts
insertafter: "^127.0.0.1"
regexp: "^127.0.1.1"
line: "127.0.1.1 {{ rfc_1034_1035_name }}.{{ domain_name }} {{ rfc_1034_1035_name }} {{ inventory_hostname }}"
state: present
when:
- result1 | skipped
- result2 | skipped
vars:
rfc_1034_1035_name: "{{ inventory_hostname | replace('_', '-') }}"
domain_name: "{{ openstack_domain|default('openstack.local') }}"
- name: Cleanup heat services through the database
hosts: galera_all[0]
user: root
tasks:
- name: Run database clean up for rfc1034/5
command: >
mysql --verbose --unbuffered -e "delete from service where host like '%\_%';" heat
failed_when: false

24
leap-upgrades/upgrade-utilities-mitaka/playbooks/pip-conf-removal.yml Normal file
View File

@ -0,0 +1,24 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Remove pip.conf if found
hosts: "hosts"
gather_facts: true
user: root
tasks:
- name: Remove pip.conf
file:
path: "{{ ansible_env.HOME }}/.pip/pip.conf"
state: "absent"

34
leap-upgrades/upgrade-utilities-mitaka/playbooks/user-secrets-adjustment-mitaka.yml Normal file
View File

@ -0,0 +1,34 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: User secrets adjustments
hosts: localhost
connection: local
gather_facts: false
user: root
tasks:
- name: Read example user secrets file
shell: "grep '^[a-zA-Z]' {{ osa_playbook_dir }}/etc/openstack_deploy/user_secrets.yml"
register: secrets
- name: Add missing secret
shell: |
if ! grep '^{{ item }}' /etc/openstack_deploy/{{ _osa_secrets_file_name }}; then
echo {{ item }} | tee -a /etc/openstack_deploy/{{ _osa_secrets_file_name }}
fi
with_items: secrets.stdout_lines
- name: Generate new secrets
shell: "{{ osa_playbook_dir }}/scripts/pw-token-gen.py --file /etc/openstack_deploy/{{ _osa_secrets_file_name }}"
vars:
_osa_secrets_file_name: "{{ osa_secrets_file_name | default('user_secrets.yml') }}"

45
leap-upgrades/upgrade-utilities-mitaka/scripts/make_rst_table.py Executable file
View File

@ -0,0 +1,45 @@
#!/usr/bin/env python
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# This file is used to generate a ReStructured Text table suitable for
# documentating the variable name changes. Its contents are meant to be
# inserted into doc/source/upgrade-guide/scripts.rst.
# As of right now, running this script and inserting the output into
# the file is manual.
from migrate_openstack_vars import VAR_MAPPINGS
# Print old/new values in each row, right aligned.
row_format = "| {:>40} | {:>40} |"
# For the line separators, move the dividing '+' sign over so it's aligned
# with the '|' in the rows.
divider_format = "+-{:->42}---{:->40}"
header_divide_format = "+={:=>42}==={:=>40}"
# Header info
print(divider_format.format('+', '+'))
print(row_format.format('Old Value', 'New Value'))
print(header_divide_format.format('+', '+'))
# If we just used the items method, we'd get an unsorted output.
keys = VAR_MAPPINGS.keys()
keys.sort()
for key in keys:
print(row_format.format(key, VAR_MAPPINGS[key]))
print(divider_format.format('+', '+'))

70
leap-upgrades/upgrade-utilities-mitaka/scripts/migrate_openstack_vars.py Executable file
View File

@ -0,0 +1,70 @@
#!/usr/bin/env python
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# This could probably be made more generic, since the biggest change per
# service is the variable mappings
import sys
VAR_MAPPINGS = {
# Add mapped items here
'test-old': 'test-new'
}
def update_variables(old_contents):
"""Replace all references to old variables.
This includes comments and references within values for other variables.
"""
new_contents = []
for line in old_contents:
words = line.split()
for word in words:
# Using the whitespace split above, the keys in the yaml file will
# have a : at the end, so we need to strip that off before
# replacing
if word.endswith(':'):
word = word[:-1]
if word in VAR_MAPPINGS.keys():
line = line.replace(word, VAR_MAPPINGS[word])
new_contents.append(line)
return new_contents
def main(filename):
with open(filename, 'r') as f:
contents = f.readlines()
new_contents = update_variables(contents)
with open(filename, 'w') as f:
f.write(''.join(new_contents))
if __name__ == '__main__':
if len(sys.argv) < 3:
sys.exit("Filename and flag file reference required.")
filename = sys.argv[1]
flag_ref = sys.argv[2]
main(filename)
flag_file = '/etc/openstack_deploy.LIBERTY/VARS_MIGRATED_%s' % flag_ref
with open(flag_file, 'w') as f:
f.write('OpenStack Mitaka variables migrated.')

86
leap-upgrades/upgrade-utilities-mitaka/scripts/test_migrate_openstack_vars.py Executable file
View File

@ -0,0 +1,86 @@
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
from migrate_openstack_vars import main
from migrate_openstack_vars import VAR_MAPPINGS
import os
import sys
FILE_NAME = 'test_user_variables.yml'
def set_up():
# Create an example file with key/value pairs, as well as a comment
# The old to new value mappings are written to a file, then later the
# file is inspected to ensure no old values remain.
var_lines = ["{}: {}".format(key, val) for
key, val in VAR_MAPPINGS.items()]
var_lines.append('# A test comment')
sample = VAR_MAPPINGS.items()[0]
var_lines.append('# {} / {}'.format(*sample))
with open(FILE_NAME, 'w') as f:
f.write('\n'.join(var_lines))
def teardown():
# Remove files so they don't pollute the directories.
os.remove(FILE_NAME)
def test():
main(FILE_NAME)
with open(FILE_NAME, 'r') as f:
contents = f.readlines()
for line in contents:
# only split lines that look like a key/value pair.
if ':' in line:
var, value = line.split(':', 1)
value = value.strip()
elif '/' in line:
# For the comment containing a variable, clean up the list
# contents before assigning the parts we want to test.
parts = line.split()
parts.remove('#')
parts.remove('/')
var, value = parts
else:
var = value = line
# Once run through the 'main' function, the keys and values should
# match
if not value == var:
import pdb; pdb.set_trace() # NOQA
print("Var and value don't match.")
print("Var: {}, Value: {}".format(var, value))
sys.exit()
invalid_variable = var not in VAR_MAPPINGS.values()
# Comments aren't in our test mapping, so make sure we ignore them
is_comment = line.startswith('#')
if invalid_variable and not is_comment:
err = "Variable {} doesn't appear to be a valid new name."
sys.exit(err.format(var))
print("Tests passed")
if __name__ == '__main__':
set_up()
test()
teardown()

1
leap-upgrades/upgrade-utilities-newton/playbooks/ansible_fact_cleanup-newton.yml Symbolic link
View File

@ -0,0 +1 @@
../../upgrade-utilities/ansible_fact_cleanup.yml

47
leap-upgrades/upgrade-utilities-newton/playbooks/aodh-api-init-delete.yml Normal file
View File

@ -0,0 +1,47 @@
---
# Copyright 2016, Logan Vig <logan2211@gmail.com>
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Delete aodh-api init file
hosts: aodh_all
gather_facts: false
user: root
pre_tasks:
- name: Check init system
command: cat /proc/1/comm
register: _pid1_name
- name: Set the name of pid1
set_fact:
pid1_name: "{{ _pid1_name.stdout }}"
tasks:
- name: Stop the aodh-api service
service:
name: aodh-api
state: stopped
enabled: no
- name: Remove the aodh-api upstart init file
file:
path: '/etc/init/aodh-api.conf'
state: absent
when: pid1_name == "init"
- name: Reload upstart init scripts
command: initctl reload-configuration
when: pid1_name == "init"
- name: Remove the aodh-api systemd init file
file:
path: '/etc/systemd/system/aodh-api.service'
when: pid1_name == "systemd"
- name: Reload systemd
command: systemctl daemon-reload
when: pid1_name == "systemd"

47
leap-upgrades/upgrade-utilities-newton/playbooks/ceilometer-api-init-delete.yml Normal file
View File

@ -0,0 +1,47 @@
---
# Copyright 2016, Logan Vig <logan2211@gmail.com>
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Delete ceilometer-api init file
hosts: ceilometer_api
gather_facts: false
user: root
pre_tasks:
- name: Check init system
command: cat /proc/1/comm
register: _pid1_name
- name: Set the name of pid1
set_fact:
pid1_name: "{{ _pid1_name.stdout }}"
tasks:
- name: Stop the ceilometer-api service
service:
name: ceilometer-api
state: stopped
enabled: no
- name: Remove the ceilometer-api upstart init file
file:
path: '/etc/init/ceilometer-api.conf'
state: absent
when: pid1_name == "init"
- name: Reload upstart init scripts
command: initctl reload-configuration
when: pid1_name == "init"
- name: Remove the ceilometer-api systemd init file
file:
path: '/etc/systemd/system/ceilometer-api.service'
when: pid1_name == "systemd"
- name: Reload systemd
command: systemctl daemon-reload
when: pid1_name == "systemd"

63
leap-upgrades/upgrade-utilities-newton/playbooks/deploy-config-changes-newton.yml Normal file
View File

@ -0,0 +1,63 @@
---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Upgrade environment/inventory configuration
hosts: localhost
connection: local
gather_facts: false
user: root
tasks:
- name: Create an old copy of openstack_deploy
copy:
src: "/etc/openstack_deploy/"
dest: "/etc/openstack_deploy.NEWTON/"
force: no
- name: Retrieve differences
shell: rsync -avun "{{ repo_root_dir }}/playbooks/inventory/env.d/" "/etc/openstack_deploy/env.d/" | grep "yml$"
failed_when: false
register: diff_result
- name: Copy new env.d files into place
copy:
src: "{{ repo_root_dir }}/playbooks/inventory/env.d/{{ item }}"
dest: "/etc/openstack_deploy/env.d/{{ item }}"
force: no
with_items:
- "{{ diff_result.stdout_lines }}"
when: diff_result.stdout != ""
- name: Check result for emptiness
debug: msg="All new env.d files are placed in the stock repo. No new changes"
when: diff_result.stdout == ""
- name: Update OpenStack variable names
command: "{{ playbook_dir }}/../scripts/migrate_openstack_vars.py {{ item }} {{ (item | basename)[:-4] }}"
args:
creates: "/etc/openstack_deploy.NEWTON/VARS_MIGRATED_{{ (item | basename)[:-4] }}"
with_fileglob:
- "/etc/openstack_deploy/user_*.yml"
- name: Write vars required for upgrade from Mitaka
lineinfile:
dest: /etc/openstack_deploy/user_variables.yml
regexp: "^{{ item.key }}"
line: "{{ item.key }}: {{ item.value }}"
state: present
with_items:
- key: "default_bind_mount_logs"
value: false
vars:
repo_root_dir: "{{ osa_playbook_dir }}/"

58
leap-upgrades/upgrade-utilities-newton/playbooks/galera-cluster-rolling-restart.yml Normal file
View File

@ -0,0 +1,58 @@
---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Gracefully restart mariadb/galera cluster
hosts: galera_all
serial: 1
max_fail_percentage: 0
gather_facts: false
user: root
tasks:
- name: Stop mariadb
service:
name: mysql
state: stopped
retries: 5
delay: 10
- name: Stop container
lxc_container:
name: "{{ inventory_hostname }}"
state: "stopped"
delegate_to: "{{ physical_host }}"
- name: Start container
lxc_container:
name: "{{ inventory_hostname }}"
state: "started"
delegate_to: "{{ physical_host }}"
post_tasks:
- name: Wait for mariadb port 3306 to be available
local_action:
module: wait_for
port: "3306"
host: "{{ ansible_ssh_host | default(inventory_hostname) }}"
retries: 10
delay: 10
- name: Check that WSREP is ready and Synced
shell: "/usr/bin/mysqladmin --defaults-file=/etc/mysql/debian.cnf extended-status | egrep '(wsrep_local_state_comment)'"
register: mysql_ready
until:
- mysql_ready.rc == 0
- (mysql_ready.stdout).find("Synced") != -1
retries: 60
delay: 1

27
leap-upgrades/upgrade-utilities-newton/playbooks/lbaas-version-check.yml Normal file
View File

@ -0,0 +1,27 @@
---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Fail fast if LBaaS v1 is configured
hosts: localhost
connection: local
tasks:
- name: Checking if neutron_lbaas variable exists
fail:
msg: |
LBaaS v1 has been removed from OpenStack in Newton and there is no migration path for it.
Please implement LBaaS v2.
http://docs.openstack.org/developer/openstack-ansible-os_neutron/configure-network-services.html#special-notes-about-lbaas
when:
- neutron_lbaas is defined and neutron_lbaas | bool

23
leap-upgrades/upgrade-utilities-newton/playbooks/memcached-flush.yml Normal file
View File

@ -0,0 +1,23 @@
---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Memcached cache flush
hosts: memcached_all
gather_facts: false
user: root
tasks:
- name: Flush all of the cache in memcached
shell: |
echo 'flush_all' | nc $(awk '/^\-l/ {print $2}' /etc/memcached.conf | awk -F, '{ print $1 }') $(awk '/^\-p/ {print $2}' /etc/memcached.conf)

54
leap-upgrades/upgrade-utilities-newton/playbooks/old-hostname-compatibility-newton.yml Normal file
View File

@ -0,0 +1,54 @@
---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Set hostname alias for local lookup compatibility
hosts: "hosts"
gather_facts: true
tasks:
- name: Update Alias hostnames
lineinfile:
dest: /etc/hosts
insertafter: "^127.0.0.1"
regexp: "^127.0.1.1"
line: "127.0.1.1 {{ rfc_1034_1035_name }}.{{ domain_name }} {{ rfc_1034_1035_name }} {{ inventory_hostname }} {{ ansible_hostname }}"
state: present
register: result1
when:
- rfc_1034_1035_name != inventory_hostname
- rfc_1034_1035_name != ansible_hostname
- name: Update Alias hostnames
lineinfile:
dest: /etc/hosts
insertafter: "^127.0.0.1"
regexp: "^127.0.1.1"
line: "127.0.1.1 {{ rfc_1034_1035_name }}.{{ domain_name }} {{ rfc_1034_1035_name }} {{ ansible_hostname }}"
state: present
register: result2
when:
- rfc_1034_1035_name == inventory_hostname
- rfc_1034_1035_name != ansible_hostname
- name: Update Alias hostnames
lineinfile:
dest: /etc/hosts
insertafter: "^127.0.0.1"
regexp: "^127.0.1.1"
line: "127.0.1.1 {{ rfc_1034_1035_name }}.{{ domain_name }} {{ rfc_1034_1035_name }} {{ inventory_hostname }}"
state: present
when:
- result1 | skipped
- result2 | skipped
vars:
rfc_1034_1035_name: "{{ inventory_hostname | replace('_', '-') }}"
domain_name: "{{ openstack_domain|default('openstack.local') }}"

45
leap-upgrades/upgrade-utilities-newton/playbooks/user-secrets-adjustment-newton.yml Normal file
View File

@ -0,0 +1,45 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: User secrets adjustments
hosts: localhost
connection: local
gather_facts: false
user: root
tasks:
- name: Read example user secrets file
shell: "grep '^[a-zA-Z]' {{ osa_playbook_dir }}/etc/openstack_deploy/user_secrets.yml"
register: secrets
- name: Rename changed secrets
lineinfile:
dest: "/etc/openstack_deploy/{{ _osa_secrets_file_name }}"
regexp: "^{{ item.old_name }}: (.*)$"
line: "{{ item.new_name }}: \\1"
backrefs: yes
with_items:
- { old_name: "ironic_galera_password", new_name: "ironic_container_mysql_password" }
- name: Read user secrets file
shell: "grep '^[a-zA-Z]' /etc/openstack_deploy/{{ _osa_secrets_file_name }}"
register: user_secrets
- name: Add missing secrets
lineinfile:
dest: "/etc/openstack_deploy/{{ _osa_secrets_file_name }}"
line: "{{ item }}"
with_items: "{{ secrets.stdout_lines }}"
when: user_secrets.stdout.find("{{ item }}") == -1
- name: Generate new secrets
shell: "{{ osa_playbook_dir }}/scripts/pw-token-gen.py --file /etc/openstack_deploy/{{ _osa_secrets_file_name }}"
vars:
_osa_secrets_file_name: "{{ osa_secrets_file_name | default('user_secrets.yml') }}"

45
leap-upgrades/upgrade-utilities-newton/scripts/make_rst_table.py Executable file
View File

@ -0,0 +1,45 @@
#!/usr/bin/env python
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# This file is used to generate a ReStructured Text table suitable for
# documentating the variable name changes. Its contents are meant to be
# inserted into doc/source/upgrade-guide/scripts.rst.
# As of right now, running this script and inserting the output into
# the file is manual.
from migrate_openstack_vars import VAR_MAPPINGS
# Print old/new values in each row, right aligned.
row_format = "| {:>40} | {:>40} |"
# For the line separators, move the dividing '+' sign over so it's aligned
# with the '|' in the rows.
divider_format = "+-{:->42}---{:->40}"
header_divide_format = "+={:=>42}==={:=>40}"
# Header info
print(divider_format.format('+', '+'))
print(row_format.format('Old Value', 'New Value'))
print(header_divide_format.format('+', '+'))
# If we just used the items method, we'd get an unsorted output.
keys = VAR_MAPPINGS.keys()
keys.sort()
for key in keys:
print(row_format.format(key, VAR_MAPPINGS[key]))
print(divider_format.format('+', '+'))

70
leap-upgrades/upgrade-utilities-newton/scripts/migrate_openstack_vars.py Executable file
View File

@ -0,0 +1,70 @@
#!/usr/bin/env python
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# This could probably be made more generic, since the biggest change per
# service is the variable mappings
import sys
VAR_MAPPINGS = {
# Add mapped items here
'test-old': 'test-new'
}
def update_variables(old_contents):
"""Replace all references to old variables.
This includes comments and references within values for other variables.
"""
new_contents = []
for line in old_contents:
words = line.split()
for word in words:
# Using the whitespace split above, the keys in the yaml file will
# have a : at the end, so we need to strip that off before
# replacing
if word.endswith(':'):
word = word[:-1]
if word in VAR_MAPPINGS.keys():
line = line.replace(word, VAR_MAPPINGS[word])
new_contents.append(line)
return new_contents
def main(filename):
with open(filename, 'r') as f:
contents = f.readlines()
new_contents = update_variables(contents)
with open(filename, 'w') as f:
f.write(''.join(new_contents))
if __name__ == '__main__':
if len(sys.argv) < 3:
sys.exit("Filename and flag file reference required.")
filename = sys.argv[1]
flag_ref = sys.argv[2]
main(filename)
flag_file = '/etc/openstack_deploy.NEWTON/VARS_MIGRATED_%s' % flag_ref
with open(flag_file, 'w') as f:
f.write('OpenStack Newton variables migrated.')

86
leap-upgrades/upgrade-utilities-newton/scripts/test_migrate_openstack_vars.py Executable file
View File

@ -0,0 +1,86 @@
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
from migrate_openstack_vars import main
from migrate_openstack_vars import VAR_MAPPINGS
import os
import sys
FILE_NAME = 'test_user_variables.yml'
def set_up():
# Create an example file with key/value pairs, as well as a comment
# The old to new value mappings are written to a file, then later the
# file is inspected to ensure no old values remain.
var_lines = ["{}: {}".format(key, val) for
key, val in VAR_MAPPINGS.items()]
var_lines.append('# A test comment')
sample = VAR_MAPPINGS.items()[0]
var_lines.append('# {} / {}'.format(*sample))
with open(FILE_NAME, 'w') as f:
f.write('\n'.join(var_lines))
def teardown():
# Remove files so they don't pollute the directories.
os.remove(FILE_NAME)
def test():
main(FILE_NAME)
with open(FILE_NAME, 'r') as f:
contents = f.readlines()
for line in contents:
# only split lines that look like a key/value pair.
if ':' in line:
var, value = line.split(':', 1)
value = value.strip()
elif '/' in line:
# For the comment containing a variable, clean up the list
# contents before assigning the parts we want to test.
parts = line.split()
parts.remove('#')
parts.remove('/')
var, value = parts
else:
var = value = line
# Once run through the 'main' function, the keys and values should
# match
if not value == var:
import pdb; pdb.set_trace() # NOQA
print("Var and value don't match.")
print("Var: {}, Value: {}".format(var, value))
sys.exit()
invalid_variable = var not in VAR_MAPPINGS.values()
# Comments aren't in our test mapping, so make sure we ignore them
is_comment = line.startswith('#')
if invalid_variable and not is_comment:
err = "Variable {} doesn't appear to be a valid new name."
sys.exit(err.format(var))
print("Tests passed")
if __name__ == '__main__':
set_up()
test()
teardown()

24
leap-upgrades/upgrade-utilities/ansible_fact_cleanup.yml Normal file
View File

@ -0,0 +1,24 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Ansible fact cleanup
hosts: localhost
connection: local
gather_facts: false
user: root
tasks:
- name: Remove any of the stored facts ansible may already have
command: >
find /etc/openstack_deploy/ansible_facts/ -type f -exec rm {} \;

43
leap-upgrades/upgrade-utilities/cinder-volume-container-lvm-check.yml Normal file
View File

@ -0,0 +1,43 @@
---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Destroy lxc containers except galera
hosts: "cinder_volume"
gather_facts: false
user: root
tasks:
- name: Check if cinder is in a container
set_fact:
in_container: true
when: >
is_metal == true or
container_name != physical_host
- name: Check if cinder backends are LVM
set_fact:
uses_lvm: true
when: >
'lvm' in item.value['volume_driver'] | lower
with_dict: "{{ cinder_backends }}"
- name: Check for cinder volume in a container failure
fail:
msg: >-
In order to continue you must perform a manual migration of the cinder volume container
[ {{ container_name }} ] to the physical host [ {{ physical_host }} ]. The leap
upgrade can NOT continue until this task has been accomplished.
when: >
uses_lvm | default(false) == true and
in_container | default(false) == true

58
leap-upgrades/upgrade-utilities/db-backup.sh Normal file
View File

@ -0,0 +1,58 @@
#!/usr/bin/env bash
# Copyright 2017, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Set the full path to the MYSQL commands
## Shell Opts ----------------------------------------------------------------
set -e -u -v
MYSQLDUMP=$(which mysqldump)
MYSQL=$(which mysql)
TAR=$(which tar)
# If a my.cnf file is not found, force the user to enter the mysql root password
if [ ! -f "${HOME}/.my.cnf" ];then
echo -e "No \".my.cnf\" in \"${HOME}\". You are going to need the MySQL Root password."
MYSQL="${MYSQL} -u root -p"
MYSQLDUMP="${MYSQLDUMP} -u root -p"
fi
# return a list of databases to backup
DB_NAMES=$(${MYSQL} -Bse "show databases;" | grep -v -e "schema" -e "mysql")
# Set the backup directory
DB_BACKUP_DIR=${DB_BACKUP_DIR:-"/var/backup"}
# Go to the Database Backup Dir
pushd ${DB_BACKUP_DIR}
# Backup all databases individually
for db in ${DB_NAMES};do
echo "Performing a Database Backup on ${db}"
if [ -f "${db}.sql" ];then
echo "Moving old Database Backup to ${db}.sql.old"
mv ${db}.sql ${db}.backup-$(date +%y%m%d-%H%M%S).sql
fi
${MYSQLDUMP} ${db} > ${db}.sql
done
# Create an archive of the new backup.
echo "Creating an Archive of the Database Backup Directory"
if [ -f "OpenstackDatabases.tgz" ];then
echo "Moving old Database archive to OpenstackDatabases.tgz.old"
mv OpenstackDatabases.tgz OpenstackDatabases.tgz.old
fi
${TAR} -cvzf OpenstackDatabases-$(date +%y%m%d).tgz ${DB_BACKUP_DIR}/*.sql
echo "Done."
popd
exit 0

27
leap-upgrades/upgrade-utilities/db-backup.yml Normal file
View File

@ -0,0 +1,27 @@
---
# Copyright 2016, @WalmartLabs
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Backup the databases
hosts: galera_all[0]
gather_facts: false
user: root
tasks:
- name: Sync db-backup script to DB node
copy:
src: "{{ playbook_dir }}/db-backup.sh"
dest: "/opt/db-backup.sh"
- name: Run a database backup
command: bash /opt/db-backup.sh

62
leap-upgrades/upgrade-utilities/db-collation-alter.yml Normal file
View File

@ -0,0 +1,62 @@
---
# Copyright 2016, @WalmartLabs
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Update database collations
hosts: galera_all[0]
gather_facts: false
user: root
tasks:
- name: Find tables with utf8_unicode_ci collation
command: >
mysql -e
"SELECT T.table_schema, T.table_name FROM information_schema.`TABLES` T,
information_schema.`COLLATION_CHARACTER_SET_APPLICABILITY` CCSA
WHERE CCSA.collation_name = T.table_collation AND CCSA.CHARACTER_SET_NAME = 'utf8'
AND CCSA.COLLATION_NAME = 'utf8_unicode_ci';"
register: utf8_unicode_ci_tables
- name: Disable global foreign key checks
command: >
mysql -e
"SET GLOBAL FOREIGN_KEY_CHECKS = 0;"
when: utf8_unicode_ci_tables.stdout_lines | length > 0
- name: Convert tables to utf8_general_ci collation
command: >
mysql -e
"ALTER TABLE {{ item.split()[1] }} CONVERT TO CHARACTER SET utf8 COLLATE utf8_general_ci;"
{{ item.split()[0] }}
with_items: "{{ utf8_unicode_ci_tables.stdout_lines }}"
when: item | search("^(?!table_schema)\w+\t\w+$")
- name: Enable global foreign key checks
command: >
mysql -e
"SET GLOBAL FOREIGN_KEY_CHECKS = 1;"
when: utf8_unicode_ci_tables.stdout_lines | length > 0
- name: Find databases with utf8_unicode_ci collation
command: >
mysql -e
"SELECT SCHEMA_NAME FROM information_schema.SCHEMATA
WHERE DEFAULT_CHARACTER_SET_NAME = 'utf8' AND DEFAULT_COLLATION_NAME = 'utf8_unicode_ci';"
register: utf8_unicode_ci_databases
- name: Convert databases to utf8_general_ci collation
command: >
mysql -e
"ALTER DATABASE {{ item }} CHARACTER SET utf8 COLLATE utf8_general_ci;"
with_items: "{{ utf8_unicode_ci_databases.stdout_lines }}"
when: item | search("^(?!SCHEMA_NAME)\w+$")

22
leap-upgrades/upgrade-utilities/db-force-upgrade.yml Normal file
View File

@ -0,0 +1,22 @@
---
# Copyright 2016, @WalmartLabs
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Upgrade DB scheme
hosts: galera_all[0]
gather_facts: false
user: root
tasks:
- name: Upgrade the DB schemes
command: mysql_upgrade

106
leap-upgrades/upgrade-utilities/db-migrations-kilo.yml Normal file
View File

@ -0,0 +1,106 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Set venv path
hosts: "keystone_all[0]:glance_all[0]:cinder_all[0]:nova_api_os_compute[0]:neutron_server[0]:heat_all[0]"
user: root
vars:
file_name: "{{ venv_tar_location | basename }}"
tasks:
- name: Set venv fact
set_fact:
venv_path: "/opt/{{ file_name.split('.tgz')[0] }}"
- name: Keystone DB Migrations
hosts: "keystone_all[0]"
user: root
tasks:
- name: Perform a Keystone DB sync 67
command: "{{ venv_path }}/bin/keystone-manage db_sync"
- name: Glance DB Migrations
hosts: "glance_all[0]"
user: root
tasks:
- name: Perform a Glance DB sync
command: "{{ venv_path }}/bin/glance-manage db_sync"
- name: Cinder DB Migrations
hosts: "cinder_all[0]"
user: root
tasks:
- name: Perform a cinder DB sync
command: "{{ venv_path }}/bin/cinder-manage db sync"
- name: Nova DB Migrations
hosts: "nova_api_os_compute[0]"
user: root
tasks:
- name: Perform a Nova DB sync
command: "{{ venv_path }}/bin/nova-manage db sync"
- name: Run nova flavor migrations
command: "{{ venv_path }}/bin/nova-manage db migrate_flavor_data --force"
- name: Run nova null uuid checks
command: "{{ venv_path }}/bin/nova-manage db null_instance_uuid_scan --delete"
- name: Neutron DB Migrations
hosts: "neutron_server[0]"
user: root
vars:
neutron_plugins:
ml2:
plugin_ini: "plugins/ml2/ml2_conf.ini"
ml2.lxb:
plugin_ini: "plugins/ml2/ml2_conf.ini"
plumgrid:
plugin_ini: "plugins/plumgrid/plumgrid.ini"
neutron_system_user_name: "neutron"
neutron_db_revision: "head"
neutron_db_plugin: "/etc/neutron/{{ neutron_plugins[neutron_plugin_type | default('ml2')]['plugin_ini'] }}"
neutron_db_config: "/etc/neutron/neutron.conf"
tasks:
- name: Perform a Neutron DB Upgrade
command: "{{ venv_path }}/bin/neutron-db-manage --config-file {{ neutron_db_config }} --config-file {{ neutron_db_plugin }} upgrade {{ neutron_db_revision }}"
sudo: yes
sudo_user: "{{ neutron_system_user_name }}"
- name: Check for DB revision
shell: "{{ venv_path }}/bin/neutron-db-manage history | grep -w 'Revision ID: {{ neutron_db_revision }}'"
register: neutron_dbmanage
failed_when: false
changed_when: neutron_dbmanage.rc != 0
sudo: yes
sudo_user: "{{ neutron_system_user_name }}"
- name: Perform a Neutron DB Stamp
command: "{{ venv_path }}/bin/neutron-db-manage --config-file {{ neutron_db_config }} --config-file {{ neutron_db_plugin }} stamp {{ neutron_db_revision }}"
when: neutron_dbmanage.rc != 0
sudo: yes
sudo_user: "{{ neutron_system_user_name }}"
- name: Heat DB Migrations
hosts: "heat_all[0]"
user: root
tasks:
- name: Perform a heat DB sync
command: "{{ venv_path }}/bin/heat-manage db_sync"
- name: Horizon DB drop
hosts: "utility_all[0]"
user: root
tasks:
- name: Drop horizon DB - It will be recreated later
command: "mysql --unbuffered -sNL -e 'drop database {{ horizon_galera_database | default('dash') }}'"
register: drop_db
failed_when: false
changed_when: drop_db.rc == 0

102
leap-upgrades/upgrade-utilities/db-migrations-liberty.yml Normal file
View File

@ -0,0 +1,102 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Set venv path
hosts: "keystone_all[0]:glance_all[0]:cinder_all[0]:nova_api_os_compute[0]:neutron_server[0]:heat_all[0]"
user: root
vars:
file_name: "{{ venv_tar_location | basename }}"
tasks:
- name: Set venv fact
set_fact:
venv_path: "/opt/{{ file_name.split('.tgz')[0] }}"
- name: Keystone DB Migrations
hosts: "keystone_all[0]"
user: root
tasks:
- name: Perform a Keystone DB sync
command: "{{ venv_path }}/bin/keystone-manage db_sync 75"
- name: Glance DB Migrations
hosts: "glance_all[0]"
user: root
tasks:
- name: Perform a Glance DB sync
command: "{{ venv_path }}/bin/glance-manage db_sync"
- name: Cinder DB Migrations
hosts: "cinder_all[0]"
user: root
tasks:
- name: Perform a cinder DB sync
command: "{{ venv_path }}/bin/cinder-manage db sync"
- name: Nova DB Migrations
hosts: "nova_api_os_compute[0]"
user: root
tasks:
- name: Run nova null uuid checks
command: "{{ venv_path }}/bin/nova-manage db null_instance_uuid_scan --delete"
- name: Perform a Nova DB sync
command: "{{ venv_path }}/bin/nova-manage db sync"
- name: Stop Neutron Server
hosts: "neutron_server"
user: root
tasks:
- name: Stop Neutron server
service:
name: "neutron-server"
state: stopped
pattern: "neutron-server"
- name: Neutron DB Migrations
hosts: "neutron_server[0]"
user: root
vars:
neutron_plugins:
ml2:
plugin_ini: "plugins/ml2/ml2_conf.ini"
ml2.lxb:
plugin_ini: "plugins/ml2/ml2_conf.ini"
plumgrid:
plugin_ini: "plugins/plumgrid/plumgrid.ini"
neutron_system_user_name: "neutron"
neutron_db_revision: "heads"
neutron_db_plugin: "/etc/neutron/{{ neutron_plugins[neutron_plugin_type | default('ml2')]['plugin_ini'] }}"
neutron_db_config: "/etc/neutron/neutron.conf"
tasks:
- name: Perform a Neutron DB Upgrade
command: "{{ venv_path }}/bin/neutron-db-manage --config-file {{ neutron_db_config }} --config-file {{ neutron_db_plugin }} upgrade {{ neutron_db_revision }}"
sudo: yes
sudo_user: "{{ neutron_system_user_name }}"
- name: Heat DB Migrations
hosts: "heat_all[0]"
user: root
tasks:
- name: Perform a heat DB sync
command: "{{ venv_path }}/bin/heat-manage db_sync"
- name: Horizon DB drop
hosts: "utility_all[0]"
user: root
tasks:
- name: Drop horizon DB - It will be recreated later
command: "mysql --unbuffered -sNL -e 'drop database {{ horizon_galera_database | default('dash') }}'"
register: drop_db
failed_when: false
changed_when: drop_db.rc == 0

113
leap-upgrades/upgrade-utilities/db-migrations-mitaka.yml Normal file
View File

@ -0,0 +1,113 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Set venv path
hosts: "keystone_all[0]:glance_all[0]:cinder_all[0]:nova_api_os_compute[0]:neutron_server[0]:heat_all[0]:ironic_conductor[0]"
user: root
vars:
file_name: "{{ venv_tar_location | basename }}"
tasks:
- name: Set venv fact
set_fact:
venv_path: "/opt/{{ file_name.split('.tgz')[0] }}"
- name: Keystone DB Migrations
hosts: "keystone_all[0]"
user: root
tasks:
- name: Perform a Keystone DB sync
command: "{{ venv_path }}/bin/keystone-manage db_sync"
- name: Glance DB Migrations
hosts: "glance_all[0]"
user: root
tasks:
- name: Perform a Glance DB sync
command: "{{ venv_path }}/bin/glance-manage db_sync"
- name: Cinder DB Migrations
hosts: "cinder_all[0]"
user: root
tasks:
- name: Perform a cinder DB sync
command: "{{ venv_path }}/bin/cinder-manage db sync"
- name: Nova DB Migrations
hosts: "nova_api_os_compute[0]"
user: root
tasks:
- name: Run nova null uuid checks
command: "{{ venv_path }}/bin/nova-manage db null_instance_uuid_scan --delete"
- name: Perform a Nova DB sync
command: "{{ venv_path }}/bin/nova-manage db sync"
- name: Perform Nova online data migrations
command: "{{ venv_path }}/bin/nova-manage db online_data_migrations"
- name: Stop Neutron Server
hosts: "neutron_server"
user: root
tasks:
- name: Stop Neutron server
service:
name: "neutron-server"
state: stopped
pattern: "neutron-server"
- name: Neutron DB Migrations
hosts: "neutron_server[0]"
user: root
vars:
neutron_plugins:
ml2:
plugin_ini: "plugins/ml2/ml2_conf.ini"
ml2.lxb:
plugin_ini: "plugins/ml2/ml2_conf.ini"
plumgrid:
plugin_ini: "plugins/plumgrid/plumgrid.ini"
nuage:
plugin_ini: "plugins/nuage/nuage.ini"
neutron_system_user_name: "neutron"
neutron_db_revision: "heads"
neutron_db_plugin: "/etc/neutron/{{ neutron_plugins[neutron_plugin_type | default('ml2')]['plugin_ini'] }}"
neutron_db_config: "/etc/neutron/neutron.conf"
tasks:
- name: Perform a Neutron DB Upgrade
command: "{{ venv_path }}/bin/neutron-db-manage --config-file {{ neutron_db_config }} --config-file {{ neutron_db_plugin }} upgrade {{ neutron_db_revision }}"
sudo: yes
sudo_user: "{{ neutron_system_user_name }}"
- name: Heat DB Migrations
hosts: "heat_all[0]"
user: root
tasks:
- name: Perform a heat DB sync
command: "{{ venv_path }}/bin/heat-manage db_sync"
- name: Horizon DB drop
hosts: "utility_all[0]"
user: root
tasks:
- name: Drop horizon DB - It will be recreated later
command: "mysql --unbuffered -sNL -e 'drop database {{ horizon_galera_database | default('dash') }}'"
register: drop_db
failed_when: false
changed_when: drop_db.rc == 0
- name: Ironic DB Migrations
hosts: "ironic_conductor[0]"
user: root
tasks:
- name: Update database schema
command: "{{ venv_path }}/ironic-dbsync upgrade"

132
leap-upgrades/upgrade-utilities/db-migrations-newton.yml Normal file
View File

@ -0,0 +1,132 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Set venv path
hosts: "keystone_all[0]:glance_all[0]:cinder_all[0]:nova_api_os_compute[0]:neutron_server[0]:heat_all[0]:ironic_conductor[0]:aodh_all[0]"
user: root
vars:
file_name: "{{ venv_tar_location | basename }}"
tasks:
- name: Set venv fact
set_fact:
venv_path: "/opt/{{ file_name.split('.tgz')[0] }}"
- name: Keystone DB Migrations
hosts: "keystone_all[0]"
user: root
tasks:
- name: Perform a Keystone DB sync
command: "{{ venv_path }}/bin/keystone-manage db_sync"
- name: Glance DB Migrations
hosts: "glance_all[0]"
user: root
tasks:
- name: Perform a Glance DB sync
command: "{{ venv_path }}/bin/glance-manage db_sync"
- name: Cinder DB Migrations
hosts: "cinder_all[0]"
user: root
tasks:
- name: Perform a cinder DB sync
command: "{{ venv_path }}/bin/cinder-manage db sync"
- name: Perform service purge
shell: |
IFS=$'\n'
for i in $({{ venv_path }}/bin/cinder-manage service list | awk '/None/ {print $1, $2}'); do
eval "{{ venv_path }}/bin/cinder-manage service remove $i"
done
args:
executable: /bin/bash
- name: Nova DB Migrations
hosts: "nova_api_os_compute[0]"
user: root
tasks:
- name: Run nova null uuid checks
command: "{{ venv_path }}/bin/nova-manage db null_instance_uuid_scan --delete"
- name: Perform a Nova DB sync
command: "{{ venv_path }}/bin/nova-manage db sync"
- name: Perform Nova online data migrations
command: "{{ venv_path }}/bin/nova-manage db online_data_migrations"
- name: Stop Neutron Server
hosts: "neutron_server"
user: root
tasks:
- name: Stop Neutron server
service:
name: "neutron-server"
state: stopped
pattern: "neutron-server"
- name: Neutron DB Migrations
hosts: "neutron_server[0]"
user: root
vars:
neutron_plugins:
ml2.lxb:
plugin_ini: "plugins/ml2/ml2_conf.ini"
ml2.ovs:
plugin_ini: "plugins/ml2/ml2_conf.ini"
ml2.ovs.dvr:
plugin_ini: "plugins/ml2/ml2_conf.ini"
ml2.calico:
plugin_ini: "plugins/ml2/ml2_conf.ini"
plumgrid:
plugin_ini: "plugins/plumgrid/plumgrid.ini"
nuage:
plugin_ini: "plugins/nuage/nuage.ini"
neutron_system_user_name: "neutron"
neutron_db_revision: "heads"
neutron_db_plugin: "/etc/neutron/{{ neutron_plugins[neutron_plugin_type | default('ml2.lxb')]['plugin_ini'] }}"
neutron_db_config: "/etc/neutron/neutron.conf"
tasks:
- name: Perform a Neutron DB Upgrade
command: "{{ venv_path }}/bin/neutron-db-manage --config-file {{ neutron_db_config }} --config-file {{ neutron_db_plugin }} upgrade {{ neutron_db_revision }}"
sudo: yes
sudo_user: "{{ neutron_system_user_name }}"
- name: Heat DB Migrations
hosts: "heat_all[0]"
user: root
tasks:
- name: Perform a heat DB sync
command: "{{ venv_path }}/bin/heat-manage db_sync"
- name: Horizon DB drop
hosts: "utility_all[0]"
user: root
tasks:
- name: Drop horizon DB - It will be recreated later
command: "mysql --unbuffered -sNL -e 'drop database {{ horizon_galera_database | default('dash') }}'"
register: drop_db
failed_when: false
changed_when: drop_db.rc == 0
- name: AODH DB Migrations
hosts: "aodh_all[0]"
user: root
tasks:
- name: Perform a Aodh DB sync
command: "{{ aodh_bin }}/aodh-dbsync"
- name: Ironic DB Migrations
hosts: "ironic_conductor[0]"
user: root
tasks:
- name: Update database schema
command: "{{ venv_path }}/ironic-dbsync upgrade"

35
leap-upgrades/upgrade-utilities/db-stop.yml Normal file
View File

@ -0,0 +1,35 @@
---
# Copyright 2016, @WalmartLabs
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Stop all database servers
hosts: galera_all
gather_facts: false
user: root
tasks:
- name: Stop mysql
service:
name: mysql
state: stopped
failed_when: false
- name: Remove stale .sst
file:
path: "/var/lib/mysql/.sst"
state: absent
- name: Remove grstate.dat
file:
path: "/var/lib/mysql/grastate.dat"
state: "absent"

82
leap-upgrades/upgrade-utilities/destroy-old-containers.yml Normal file
View File

@ -0,0 +1,82 @@
---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Destroy lxc containers except galera
hosts: "all_containers:!galera_all:!neutron_agent"
gather_facts: false
user: root
tasks:
- name: Destroy a container
command: lxc-destroy --force --name "{{ container_name }}"
delegate_to: "{{ physical_host }}"
register: destroy
failed_when: destroy.rc not in [0, 1]
changed_when: destroy.rc == 0
- name: Destroy container data
file:
path: "{{ item }}"
state: "absent"
with_items:
- "/var/lib/lxc/{{ container_name }}"
- "/openstack/{{ container_name }}"
- "/openstack/backup/{{ container_name }}"
- "/openstack/log/{{ container_name }}"
- "/var/log/lxc/lxc-{{ container_name }}.log"
delegate_to: "{{ physical_host }}"
- name: Destroy lxc container cache
hosts: "hosts"
gather_facts: false
user: root
tasks:
- name: Destroy container cache data
file:
path: "{{ item }}"
state: "absent"
with_items:
- "/var/cache/lxc/download"
- "/var/cache/lxc/trusty"
- "/var/lib/lxc/LXC_NAME"
delegate_to: "{{ physical_host }}"
- name: Simple destroy the Galera Containers
hosts: galera_all
gather_facts: false
tasks:
- name: Destroy a container
command: lxc-destroy --force --name "{{ container_name }}"
delegate_to: "{{ physical_host }}"
register: destroy
failed_when: destroy.rc not in [0, 1]
changed_when: destroy.rc == 0
- name: Host prep for redeployment
hosts: "hosts"
gather_facts: false
user: root
tasks:
- name: Stop LXC dnsmasq
command: "lxc-system-manage dnsmasq-stop"
failed_when: false
- name: Bring the LXC bridged interface down
command: "ifdown {{ lxc_net_bridge | default('lxcbr0') }}"
failed_when: false
- name: Update apt-cache
command: apt-get update
- name: Search for and destroy reminent RPC grouped containers
shell: >-
lxc-ls -f | awk '/rpc/ {print $1}' | grep -v "neutron_agent" | xargs -n 1 lxc-destroy -fn
failed_when: false

43
leap-upgrades/upgrade-utilities/glance-db-storage-url-fix.yml Normal file
View File

@ -0,0 +1,43 @@
---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Run post glance upgrade fix
hosts: galera_all[0]
gather_facts: false
user: root
tasks:
- name: Get image_locations backup status
command: >
mysql --verbose --unbuffered -e
"desc image_locations_keystone_v3_mig_pre_liberty" glance
ignore_errors: yes
register: glance_backup_existing
- name: Backup glance image_locations
command: >
mysql --verbose --unbuffered -e
"create table image_locations_keystone_v3_mig_pre_liberty (select * from image_locations);" glance
when:
- glance_backup_existing.rc == 1
- "{{ glance_swift_store_auth_version | default(3) }} == 3"
- name: Run database fix for glance
command: >
mysql --verbose --unbuffered -e
"update image_locations set value=replace(value, '{{ keystone_service_port }}/v2.0/', '{{ keystone_service_port }}/v3/')
where value like 'swift%{{ internal_lb_vip_address }}:{{ keystone_service_port }}/v2.0/%' and status='active';" glance
when:
- "{{ glance_swift_store_auth_version | default(3) }} == 3"

42
leap-upgrades/upgrade-utilities/neutron-container-forget.sh Executable file
View File

@ -0,0 +1,42 @@
#!/usr/bin/env bash
# Copyright 2017, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
## Shell Opts ----------------------------------------------------------------
set -e -u -v
export MAIN_PATH="${MAIN_PATH:-$(dirname $(dirname $(dirname $(dirname $(readlink -f $0)))))}"
export SCRIPTS_PATH="${SCRIPTS_PATH:-$(dirname $(dirname $(dirname $(readlink -f $0))))}"
function remove_inv_items {
${SCRIPTS_PATH}/inventory-manage.py -f /etc/openstack_deploy/openstack_inventory.json -r "$1"
}
function get_inv_items {
${SCRIPTS_PATH}/inventory-manage.py -f /etc/openstack_deploy/openstack_inventory.json -l | grep -w ".*$1"
}
# Remove containers that we no longer need
pushd ${MAIN_PATH}/playbooks
# Remove the dead container types from inventory
REMOVED_CONTAINERS=""
REMOVED_CONTAINERS+="$(get_inv_items 'neutron_agent' | awk '{print $2}') "
for i in ${REMOVED_CONTAINERS};do
remove_inv_items $i
done
popd

79
leap-upgrades/upgrade-utilities/neutron-mtu-migration.yml Normal file
View File

@ -0,0 +1,79 @@
---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Update neutron MTU for vlan, vxlan, and flat networks
hosts: galera_all[0]
gather_facts: false
user: root
tasks:
- name: Retrieve networks
shell: |
mysql -sNL \
--unbuffered \
-e "SELECT network_id, network_type, physical_network FROM ml2_network_segments WHERE network_type IN ('vlan','flat','vxlan','gre') AND network_id IN (select id from networks where mtu=0);" {{ neutron_galera_database | default('neutron') }} | tr "\t" "|"
register: networks
- name: Create neutron MTU migration script
copy:
content: |
{% for item in networks.stdout_lines %}
{% set network_mtu = [] %}
{%- for pn in provider_networks %}
{% if not network_mtu %}
{% if pn['network']['net_name'] is defined and
pn['network']['net_name'] == item.split('|')[-1] and
pn['network']['container_mtu'] is defined %}
{% if not network_mtu %}
{% if network_mtu.append(pn['network']['container_mtu']) %}{% endif %}
{% endif %}
# Defined network mtu: {{ network_mtu }} {{ item.split('|')[-1] }}
{% endif %}
{% endif %}
{% endfor %}
{%- if neutron_network_device_mtu is defined and not network_mtu %}
{% if not network_mtu %}
{% if network_mtu.append(neutron_network_device_mtu) %}{% endif %}
{% endif %}
# Global Defined network mtu: {{ network_mtu }} {{ item.split('|')[-1] }}
{% endif %}
{%- if not network_mtu %}
{% if item.split('|')[1] == 'vlan' or item.split('|')[1] == 'flat' %}
{% if not network_mtu %}
{% if network_mtu.append('1500') %}{% endif %}
{% endif %}
# Using standard fallback MTU of 1500 for {{ item.split('|')[1] }} type network
{% elif item.split('|')[1] == 'gre' %}
{% if not network_mtu %}
{% if network_mtu.append('1476') %}{% endif %}
{% endif %}
# Using gre fallback MTU of 1476 for {{ item.split('|')[1] }} type network
{% elif item.split('|')[1] == 'vxlan' or item.split('|')[1] == 'NULL' %}
{% if not network_mtu %}
{% if network_mtu.append('1450') %}{% endif %}
{% endif %}
# Using vxlan fallback MTU of 1450 for {{ item.split('|')[1] }} type network
{% endif %}
{% endif %}
{%- if network_mtu %}
mysql -sNL --unbuffered -e "UPDATE networks SET mtu={{ network_mtu[0] }} WHERE id='{{ item.split('|')[0] }}';" {{ neutron_galera_database | default('neutron') }}
{% endif %}
{% endfor %}
dest: /tmp/neutron-mtu-script.sh
- name: Run neutron MTU migration script
command: bash /tmp/neutron-mtu-script.sh

39
leap-upgrades/upgrade-utilities/neutron-remove-old-containers.yml Normal file
View File

@ -0,0 +1,39 @@
---
# Copyright 2017, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Remove the reminent neutron agent containers
hosts: "hosts"
gather_facts: false
user: root
tasks:
- name: Search for and destroy reminent RPC grouped containers
shell: >-
lxc-ls -f | awk '/rpc/ {print $1}' | xargs -n 1 lxc-destroy -fn
failed_when: false
args:
executable: /bin/bash
- name: Remove the reminent neutron agent containers
hosts: "neutron_agent[0]"
gather_facts: false
user: root
tasks:
- name: Rebalance neutron agents
shell: |
. /root/openrc
/opt/neutron-ha-tool.py --l3-agent-migrate --now --insecure
/opt/neutron-ha-tool.py --replicate-dhcp --now --insecure
args:
executable: /bin/bash

71
leap-upgrades/upgrade-utilities/nova-libvirt-fix.yml Normal file
View File

@ -0,0 +1,71 @@
---
# Copyright 2017, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Nova compute fixes
hosts: "nova_compute"
gather_facts: false
user: root
vars:
nova_system_user_name: nova
nova_system_home_folder: "/var/lib/{{ nova_system_user_name }}"
nova_libvirt_save_path: "{{ nova_system_home_folder }}/save"
nova_qemu_user: libvirt-qemu
nova_qemu_group: kvm
tasks:
- name: Check the state of the qemu save directory
stat:
path: "/var/lib/libvirt/qemu/save"
failed_when: false
register: _qemu_save_dir
- name: Check the state of the nova save directory
stat:
path: "{{ nova_libvirt_save_path }}"
failed_when: false
register: _nova_save_dir
- name: Create nova save directory
file:
dest: "{{ nova_libvirt_save_path }}"
state: "directory"
owner: "nova"
group: "nova"
when: not _nova_save_dir.stat.exists | bool
- name: Index saved qemu items
command: "ls -1 /var/lib/libvirt/qemu/save"
changed_when: false
register: _qemu_save_items
- name: Move the existing save directory to nova_libvirt_save_path
shell: "mv /var/lib/libvirt/qemu/save/{{ item }} {{ nova_libvirt_save_path }}/{{ item }}"
with_items: "{{ _qemu_save_items.stdout_lines }}"
when:
- _qemu_save_dir.stat.isdir | bool
- _qemu_save_items.stdout_lines | length > 0
- name: Remove qemu save directory
file:
dest: "/var/lib/libvirt/qemu/save"
state: "absent"
when: _qemu_save_dir.stat.isdir | bool
- name: Symlink qemu save dir to nova_libvirt_save_path
file:
src: "{{ nova_libvirt_save_path }}"
dest: "/var/lib/libvirt/qemu/save"
state: link
owner: "{{ nova_qemu_user }}"
group: "{{ nova_qemu_group }}"

29
leap-upgrades/upgrade-utilities/pip-conf-purge.yml Normal file
View File

@ -0,0 +1,29 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Old conf removal
hosts: hosts
gather_facts: true
user: root
tasks:
- name: Remove pip.conf
file:
path: "{{ ansible_env.HOME }}/.pip/pip.conf"
state: "absent"
- name: Remove 00apt-cacher-proxy
file:
path: "/etc/apt/apt.conf.d/00apt-cacher-proxy"
state: "absent"

87
leap-upgrades/upgrade-utilities/pip-unify.yml Normal file
View File

@ -0,0 +1,87 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Unify pip utils
hosts: "hosts:!localhost"
gather_facts: false
user: root
vars:
pip_upstream_url: "https://raw.githubusercontent.com/pypa/get-pip/430ba37776ae2ad89f794c7a43b90dc23bac334c/get-pip.py"
pip_validate_certs: true
tasks:
- name: "Copy global requirements"
copy:
src: "/opt/leap42/openstack-ansible-{{ release_version }}/global-requirement-pins.txt"
dest: "/tmp/global-requirement-pins.txt"
- name: "Copy upgrade requirements"
copy:
src: "{{ playbook_dir }}/../lib/upgrade-requirements.txt"
dest: "/tmp/upgrade-requirements.txt"
- name: Get Modern PIP
get_url:
url: "{{ pip_upstream_url }}"
dest: "/opt/get-pip.py"
force: "yes"
validate_certs: "{{ pip_validate_certs }}"
register: get_pip
until: get_pip | success
failed_when: false
retries: 5
delay: 2
- name: Get Modern PIP using fallback URL
get_url:
url: "{{ pip_fallback_url }}"
dest: "/opt/get-pip.py"
force: "yes"
validate_certs: "{{ pip_validate_certs }}"
when: get_pip | failed
register: get_pip_fallback
until: get_pip_fallback | success
retries: 5
delay: 2
- name: purge old pip utils
raw: "rm -rf /usr/local/lib/python2.7/dist-packages/{{ item }}*"
with_items:
- setuptools
- wheel
- pip
- distutils
- packaging
args:
executable: /bin/bash
- name: Re-install pip
raw: |
/usr/bin/python /opt/get-pip.py \
--force-reinstall \
--upgrade \
--isolated \
--constraint /tmp/global-requirement-pins.txt
args:
executable: /bin/bash
- name: Re-install pip packaging requirements
raw: |
/usr/bin/python /opt/get-pip.py \
--upgrade \
--isolated \
--requirement /tmp/upgrade-requirements.txt \
--constraint /tmp/global-requirement-pins.txt
args:
executable: /bin/bash

122
leap-upgrades/upgrade-utilities/post-redeploy-cleanup.yml Normal file
View File

@ -0,0 +1,122 @@
---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Disable/delete the services with CLIs
hosts: utility_all[0]
user: root
vars:
services:
- name: "nova"
list_command: " service-list "
awk_filter: "/_container.*down/"
awk_print_column: '$6" "$4'
delete_command: " service-disable "
post_command: "sleep 5"
- name: "nova"
list_command: " service-list "
awk_filter: "/_container.*down/"
awk_print_column: "$2"
delete_command: " service-delete "
- name: "cinder"
list_command: " service-list "
awk_filter: "/_container.*down/"
awk_print_column: '$4" "$2'
delete_command: " service-disable "
- name: "neutron"
list_command: " agent-list "
awk_filter: "/_container.*xxx/"
awk_print_column: "$2"
delete_command: " agent-update --admin-state-down "
post_command: "sleep 5"
- name: "neutron"
list_command: " agent-list "
awk_filter: "/_container.*xxx/"
awk_print_column: "$2"
delete_command: " agent-delete "
tasks:
- name: Registering what to disable
shell: |
. {{ ansible_env.HOME }}/openrc
{{ item.name }} {{ item.list_command}} | awk '{{ item.awk_filter }}{print {{ item.awk_print_column }} }'
register: to_disable
with_items: "{{ services }}"
args:
executable: /bin/bash
- name: showing the list of items
debug:
msg: "We will delete the following item for {{ item.0.item.name }}: {{ item.1 }}"
with_subelements:
- to_disable.results
- stdout_lines
- name: Disabling or deleting the services/agents
shell: |
. {{ ansible_env.HOME }}/openrc
{{ item.0.item.name }} {{ item.0.item.delete_command }} {{ item.1 }}
{{ item.0.item.post_command | default('')}}
with_subelements:
- to_disable.results
- stdout_lines
args:
executable: /bin/bash
- name: Apply cinder changes with cinder-manage
hosts: cinder_all[0]
user: root
tasks:
- name: Removing the cinder services with old container hostnames
shell: |
. /openstack/venvs/cinder-{{openstack_release}}/bin/activate
cinder-manage service list \
| awk '/.*_container.*XXX/{print $1" "$2}'\
| while read line; do
cinder-manage service remove $line;
done
args:
executable: /bin/bash
- name: Move the cinder volumes running in containers to new hostnames
shell: |
. /openstack/venvs/cinder-{{openstack_release}}/bin/activate
cinder-manage service list \
| awk '/volume.*_container.*XXX/{print $2 }'\
| while IFS=@ read cinderhost cinderbackend; do
cinder-manage volume update_host \
--currenthost $cinderhost@$cinderbackend \
--newhost ${cinderhost//_/-}@$cinderbackend;
done
args:
executable: /bin/bash
- name: Cleanup layer2 ports
gather_facts: no
hosts: utility_all[0]
tasks:
- name: disable and delete new ports
# list all the ports, sort them by network and then state in the reverse order.
# Save the network if there is an old dhcp port to migrate. Check if there are
# dhcp ports in the same network that are active. Print them for deletion.
shell: |
. {{ ansible_env.HOME }}/openrc
neutron port-list -c id -c device_owner -c binding:host_id -c status \
-c network_id -f value | sort -k 5 -k 4 -r | \
awk '/dhcp.*BUILD/{net=$5}; /dhcp.*ACTIVE/{if(net==$5){print $1}}' | \
while read portid; do
neutron port-update --admin-state-up False $portid
sleep 1
neutron port-delete $portid
done
args:
executable: /bin/bash

46
leap-upgrades/upgrade-utilities/power-down.yml Normal file
View File

@ -0,0 +1,46 @@
---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Stop all OpenStack services
hosts: all
gather_facts: false
tasks:
- name: Stop all openstack services
shell: |
for i in $(ls /etc/init /etc/init.d | grep "{{ item }}"); do
service ${i%".conf"*} stop || true;
done
with_items:
- trove
- sahara
- barbican
- magnum
- ironic
- swift
- gnocchi
- designate
- aodh
- ceilometer
- horizon
- heat
- neutron
- nova
- cinder
- glance
- keystone
- apache
failed_when: false
args:
executable: /bin/bash

42
leap-upgrades/upgrade-utilities/venv-prep.yml Normal file
View File

@ -0,0 +1,42 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Sync combined venv and prep
hosts: "keystone_all[0]:glance_all[0]:cinder_all[0]:nova_api_os_compute[0]:neutron_server[0]:heat_all[0]:ironic_conductor[0]:aodh_all[0]"
user: root
gather_facts: false
vars:
file_name: "{{ venv_tar_location | basename }}"
tasks:
- name: Install virtualenv-tools
pip:
name: "git+https://github.com/fireteam/virtualenv-tools@53b6fdbd21851e0bfbc027c53bc0a7697574d90a#egg=virtualenv-tools"
state: "present"
- synchronize:
src: "{{ venv_tar_location }}"
dest: "/opt/{{ file_name }}"
register: sync_job
- name: Unarchive pre-built venv
unarchive:
src: "/opt/{{ file_name }}"
dest: "/opt"
copy: "no"
when: sync_job | changed
- name: Rewire venv
command: "virtualenv-tools --update-path=auto /opt/{{ file_name.split('.tgz')[0] }}"
when: sync_job | changed

133
leap-upgrades/upgrade.sh Executable file
View File

@ -0,0 +1,133 @@
#!/usr/bin/env bash
# Copyright 2017, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# NOTICE: To run this in an automated fashion run the script via
# root@HOSTNAME:/opt/openstack-ansible# echo "YES" | bash scripts/run-upgrade.sh
## Shell Opts ----------------------------------------------------------------
set -e -u -v
## Main ----------------------------------------------------------------------
source lib/vars.sh
source lib/functions.sh
### Kilo System migration
# Run tasks
UPGRADE_SCRIPTS="${UPGRADE_UTILS}-kilo/scripts"
# If the kilo leap has been accomplished, skip.
if [[ ! -f "/opt/leap42/openstack-ansible-${KILO_RELEASE}.leap" ]]; then
notice 'Running kilo leap'
link_release "/opt/leap42/openstack-ansible-${KILO_RELEASE}"
pushd "/opt/leap42/openstack-ansible-${KILO_RELEASE}"
if [[ -d "/etc/rpc_deploy" ]]; then
SCRIPTS_PATH="/opt/leap42/openstack-ansible-${KILO_RELEASE}/scripts" MAIN_PATH="/opt/leap42/openstack-ansible-${KILO_RELEASE}" ${UPGRADE_SCRIPTS}/create-new-openstack-deploy-structure.sh
fi
${UPGRADE_SCRIPTS}/juno-rpc-extras-create.py
SCRIPTS_PATH="/opt/leap42/openstack-ansible-${KILO_RELEASE}/scripts" MAIN_PATH="/opt/leap42/openstack-ansible-${KILO_RELEASE}" ${UPGRADE_SCRIPTS}/new-variable-prep.sh
# Convert LDAP variables if any are found
if grep '^keystone_ldap.*' /etc/openstack_deploy/user_variables.yml;then
${UPGRADE_SCRIPTS}/juno-kilo-ldap-conversion.py
fi
# Create the repo servers entries from the same entries found within the infra_hosts group.
if ! grep -r '^repo-infra_hosts\:' /etc/openstack_deploy/openstack_user_config.yml /etc/openstack_deploy/conf.d/;then
if [ ! -f "/etc/openstack_deploy/conf.d/repo-servers.yml" ];then
${UPGRADE_SCRIPTS}/juno-kilo-add-repo-infra.py
fi
fi
# In Kilo+ we need to mark the network used for container ssh and management.
if ! grep -q "is_container_address" /etc/openstack_deploy/openstack_user_config.yml; then
sed -i.bak '/container_bridge: "br-mgmt"/a \ \ \ \ \ \ \ \ is_container_address: true' /etc/openstack_deploy/openstack_user_config.yml
fi
if ! grep -q "is_ssh_address" /etc/openstack_deploy/openstack_user_config.yml; then
sed -i.bak '/container_bridge: "br-mgmt"/a \ \ \ \ \ \ \ \ is_ssh_address: true' /etc/openstack_deploy/openstack_user_config.yml
fi
${UPGRADE_SCRIPTS}/juno-is-metal-preserve.py
SCRIPTS_PATH="/opt/leap42/openstack-ansible-${KILO_RELEASE}/scripts" MAIN_PATH="/opt/leap42/openstack-ansible-${KILO_RELEASE}" ${UPGRADE_SCRIPTS}/old-variable-remove.sh
SCRIPTS_PATH="/opt/leap42/openstack-ansible-${KILO_RELEASE}/scripts" MAIN_PATH="/opt/leap42/openstack-ansible-${KILO_RELEASE}" ${UPGRADE_SCRIPTS}/juno-container-cleanup.sh
popd
UPGRADE_PLAYBOOKS="${UPGRADE_UTILS}-kilo/playbooks"
RUN_TASKS=()
RUN_TASKS+=("${UPGRADE_PLAYBOOKS}/user-secrets-adjustments-kilo.yml -e 'osa_playbook_dir=/opt/leap42/openstack-ansible-${KILO_RELEASE}'")
RUN_TASKS+=("${UPGRADE_PLAYBOOKS}/host-adjustments.yml")
RUN_TASKS+=("${UPGRADE_PLAYBOOKS}/remove-juno-log-rotate.yml || true")
if [ "$(ansible 'swift_hosts' --list-hosts)" != "No hosts matched" ]; then
RUN_TASKS+=("${UPGRADE_PLAYBOOKS}/swift-ring-adjustments.yml")
RUN_TASKS+=("${UPGRADE_PLAYBOOKS}/swift-repo-adjustments.yml")
fi
run_items "/opt/leap42/openstack-ansible-${KILO_RELEASE}"
tag_leap_success "${KILO_RELEASE}-prep"
fi
### Kilo System migration
### Liberty System migration
# Run tasks
if [[ ! -f "/opt/leap42/openstack-ansible-${LIBERTY_RELEASE}.leap" ]]; then
notice 'Running liberty leap'
link_release "/opt/leap42/openstack-ansible-${LIBERTY_RELEASE}"
UPGRADE_PLAYBOOKS="${UPGRADE_UTILS}-liberty/playbooks"
RUN_TASKS=()
RUN_TASKS+=("${UPGRADE_PLAYBOOKS}/ansible_fact_cleanup-liberty.yml")
RUN_TASKS+=("${UPGRADE_PLAYBOOKS}/deploy-config-changes-liberty.yml -e 'osa_playbook_dir=/opt/leap42/openstack-ansible-${LIBERTY_RELEASE}'")
RUN_TASKS+=("${UPGRADE_PLAYBOOKS}/user-secrets-adjustment-liberty.yml -e 'osa_playbook_dir=/opt/leap42/openstack-ansible-${LIBERTY_RELEASE}'")
RUN_TASKS+=("${UPGRADE_PLAYBOOKS}/mariadb-apt-cleanup.yml")
RUN_TASKS+=("${UPGRADE_PLAYBOOKS}/disable-neutron-port-security.yml")
run_items "/opt/leap42/openstack-ansible-${LIBERTY_RELEASE}"
tag_leap_success "${LIBERTY_RELEASE}-prep"
fi
### Liberty System migration
### Mitaka System migration
# Run tasks
if [[ ! -f "/opt/leap42/openstack-ansible-${MITAKA_RELEASE}.leap" ]]; then
notice 'Running mitaka leap'
link_release "/opt/leap42/openstack-ansible-${MITAKA_RELEASE}"
UPGRADE_PLAYBOOKS="${UPGRADE_UTILS}-mitaka/playbooks"
RUN_TASKS=()
RUN_TASKS+=("${UPGRADE_PLAYBOOKS}/ansible_fact_cleanup-mitaka-1.yml")
RUN_TASKS+=("${UPGRADE_PLAYBOOKS}/deploy-config-changes-mitaka.yml -e 'osa_playbook_dir=/opt/leap42/openstack-ansible-${MITAKA_RELEASE}'")
RUN_TASKS+=("${UPGRADE_PLAYBOOKS}/user-secrets-adjustment-mitaka.yml -e 'osa_playbook_dir=/opt/leap42/openstack-ansible-${MITAKA_RELEASE}'")
RUN_TASKS+=("${UPGRADE_PLAYBOOKS}/pip-conf-removal.yml")
RUN_TASKS+=("${UPGRADE_PLAYBOOKS}/old-hostname-compatibility-mitaka.yml")
RUN_TASKS+=("${UPGRADE_PLAYBOOKS}/ansible_fact_cleanup-mitaka-2.yml")
run_items "/opt/leap42/openstack-ansible-${MITAKA_RELEASE}"
tag_leap_success "${MITAKA_RELEASE}-prep"
fi
### Mitaka System migration
### Newton Deploy
# Run tasks
if [[ ! -f "/opt/leap42/openstack-ansible-${NEWTON_RELEASE}.leap" ]]; then
notice 'Running newton leap'
link_release "/opt/leap42/openstack-ansible-${NEWTON_RELEASE}"
UPGRADE_PLAYBOOKS="${UPGRADE_UTILS}-newton/playbooks"
RUN_TASKS=()
RUN_TASKS+=("${UPGRADE_PLAYBOOKS}/lbaas-version-check.yml")
RUN_TASKS+=("${UPGRADE_PLAYBOOKS}/ansible_fact_cleanup-newton.yml")
RUN_TASKS+=("${UPGRADE_PLAYBOOKS}/deploy-config-changes-newton.yml -e 'osa_playbook_dir=/opt/leap42/openstack-ansible-${NEWTON_RELEASE}'")
RUN_TASKS+=("${UPGRADE_PLAYBOOKS}/user-secrets-adjustment-newton.yml -e 'osa_playbook_dir=/opt/leap42/openstack-ansible-${NEWTON_RELEASE}'")
RUN_TASKS+=("${UPGRADE_PLAYBOOKS}/old-hostname-compatibility-newton.yml")
run_items "/opt/leap42/openstack-ansible-${NEWTON_RELEASE}"
tag_leap_success "${NEWTON_RELEASE}-prep"
fi
### Run host upgrade
notice 'Running host upgrade'
link_release "/opt/leap42/openstack-ansible-${NEWTON_RELEASE}"
RUN_TASKS=()
RUN_TASKS+=("${UPGRADE_UTILS}/pip-conf-purge.yml")
RUN_TASKS+=("openstack-hosts-setup.yml")
run_items "/opt/openstack-ansible"
### Run host upgrade