Re-deploy the Heat venv if it mismatches the repo
We currently have two issues with venvs:
- if you update your venv on the repo server, it is not possible for
that updated venv to land on the service's container as the get_url
task always skips if the file exists (even if the file is different)
- if you have an updated venv on the repo server and forcefully delete
the cached venv tarball on the service's container, the new tarball
will get unarchived over top of the existing venv
This commit does the following:
- gets the checksum of the /var/cache tarball and downloads checksum
file from repo server
- updates "Attempt venv download" to only download the venv if the
cache doesn't exist or if the local and remote checksums differ
- adds a "force: true" to "Attempt venv download" task so that the venv
tarball will get re-downloaded when the when condition is true (this
is necessary otherwise the download will get skipped since the
destination already exists)
- adds a new task "Remove existing venv" so we can first remove the
venv before we unarchive the potentially new venv from the repo
server
- updates "Create heat venv dir" and "Unarchive pre-built venv"
tasks to only proceed if "heat_get_venv | changed", which
prevents these tasks from running when they the venv tarball hasn't
changed
- adds multiple service restarts to
os_heat/tasks/heat_install.yml so that heat will restart
correctly should the venv/packages update without any associated
config changes
NOTE: The reason why we compare local and remote checksum is to avoid
unnecessarily downloading the venv when the checksums are in fact
the same. On small deploys this is more or less a non-issue but
if a deploy w/ thousands of compute nodes re-runs playbooks we
want to limit the venv downloads when it's unnecessary.
Change-Id: If3817f6ec8424bbaeccfed3884283ecdedd9a03e
This commit is contained in:
Matt Thompson
@@ -173,6 +173,7 @@ heat_requires_pip_packages:
|
||||
- virtualenv
|
||||
- virtualenv-tools
|
||||
- python-keystoneclient # Keystoneclient needed to OSA keystone lib
|
||||
- httplib2
|
||||
|
||||
# Common pip packages
|
||||
heat_pip_packages:
|
||||
|
||||
@@ -52,13 +52,42 @@
|
||||
- heat-install
|
||||
- heat-pip-packages
|
||||
|
||||
- name: Get local venv checksum
|
||||
stat:
|
||||
path: "/var/cache/{{ heat_venv_download_url | basename }}"
|
||||
get_md5: False
|
||||
when: heat_venv_enabled | bool
|
||||
register: local_venv_stat
|
||||
tags:
|
||||
- heat-install
|
||||
- heat-pip-packages
|
||||
|
||||
- name: Get remote venv checksum
|
||||
uri:
|
||||
url: "{{ heat_venv_download_url | replace('tgz', 'checksum') }}"
|
||||
return_content: True
|
||||
when: heat_venv_enabled | bool
|
||||
register: remote_venv_checksum
|
||||
tags:
|
||||
- heat-install
|
||||
- heat-pip-packages
|
||||
|
||||
# TODO: When project moves to ansible 2 we can pass this a sha256sum which will:
|
||||
# a) allow us to remove force: yes
|
||||
# b) allow the module to calculate the checksum of dest file which would
|
||||
# result in file being downloaded only if provided and dest sha256sum
|
||||
# checksums differ
|
||||
- name: Attempt venv download
|
||||
get_url:
|
||||
url: "{{ heat_venv_download_url }}"
|
||||
dest: "/var/cache/{{ heat_venv_download_url | basename }}"
|
||||
force: yes
|
||||
ignore_errors: true
|
||||
register: get_venv
|
||||
when: heat_venv_enabled | bool
|
||||
when:
|
||||
- heat_venv_enabled | bool
|
||||
- (local_venv_stat.stat.exists == False or
|
||||
{{ local_venv_stat.stat.checksum is defined and local_venv_stat.stat.checksum != remote_venv_checksum.content | trim }})
|
||||
tags:
|
||||
- heat-install
|
||||
- heat-pip-packages
|
||||
@@ -71,13 +100,24 @@
|
||||
- heat-install
|
||||
- heat-pip-packages
|
||||
|
||||
- name: Remove existing venv
|
||||
file:
|
||||
path: "{{ heat_venv_bin | dirname }}"
|
||||
state: absent
|
||||
when:
|
||||
- heat_venv_enabled | bool
|
||||
- heat_get_venv | changed
|
||||
tags:
|
||||
- heat-install
|
||||
- heat-pip-packages
|
||||
|
||||
- name: Create heat venv dir
|
||||
file:
|
||||
path: "{{ heat_venv_bin | dirname }}"
|
||||
state: directory
|
||||
when:
|
||||
- heat_venv_enabled | bool
|
||||
- heat_get_venv | success
|
||||
- heat_get_venv | changed
|
||||
tags:
|
||||
- heat-install
|
||||
- heat-pip-packages
|
||||
@@ -89,7 +129,8 @@
|
||||
copy: "no"
|
||||
when:
|
||||
- heat_venv_enabled | bool
|
||||
- heat_get_venv | success
|
||||
- heat_get_venv | changed
|
||||
notify: Restart heat services
|
||||
tags:
|
||||
- heat-install
|
||||
- heat-pip-packages
|
||||
@@ -120,6 +161,7 @@
|
||||
when:
|
||||
- heat_venv_enabled | bool
|
||||
- heat_get_venv | failed
|
||||
notify: Restart heat services
|
||||
tags:
|
||||
- heat-install
|
||||
- heat-pip-packages
|
||||
@@ -136,6 +178,7 @@
|
||||
with_items:
|
||||
- "{{ heat_pip_packages }}"
|
||||
when: not heat_venv_enabled | bool
|
||||
notify: Restart heat services
|
||||
tags:
|
||||
- heat-install
|
||||
- heat-pip-packages
|
||||
|
||||
Reference in New Issue
Block a user