This is a barebones start to the upgrade script for the Liberty cycle.
This change simply cleans it out, more work will come later.
Change-Id: I86515970164a000d321ac4375497bfeba860ba8e
Implements: blueprint liberty-upgrade-path
This change updates all fo the names that we were using to the post
openstack migration name for openstack-ansible.
Change-Id: I6524af53ed02e19a0f56908e42a65d2dae8b71e3
When performing an upgrade, this project strives to have minimal
downtime for VMs that are running. By removing the apparmor profile as a
precondition for upgrades, when the container create role runs, the
profile will default to contained (the most restrictive profile). This
causes instance downtime since neutron can not create network
namespaces.
Related-bug: 1487130
Closes-bug: 1489144
Change-Id: Ife7aab044c7cb882a89c6b108b2d66f5e39aa10c
Previously, we simply checked $? which at that point would be the exit
status of echo, not openstack-ansible. By recording the actual
openstack-ansible exit status, we can properly report failures of the
upgrade script.
Closes-bug: 1480342
Change-Id: Icf43bea84660e4160a2dfcdb4ac93055340b3573
(cherry picked from commit 8a106d184a566f1baed616aee7747d5f2d581c1b)
This patch fixes the following:
1. Properly quote arguments to run_lock function
2. Properly parse out the playbook filename in run_lock
Specifically the upgrade steps where we were using
"-e 'rabbitmq_upgrade=true' setup-infrastructure.yml"
"/tmp/fix_container_interfaces.yml || true"
Were causing issues and this patch resolves them.
Closes-bug: 1479916
Change-Id: I809085d6da493f7f7d545547a0d984c0e7b1bf45
(cherry picked from commit 560fbbdb077c0f8d6f8bfa9b48e967ccef86664a)
The in-tree version of user_group_vars.yml was removed in
30f9443c5d2f3a3bbb51bf75ad5743ef46c9b0ef, but the corresponding
reference in the upgrade script was not also updated.
This commit changes the behavior to remove the file from /etc/ if found.
Change-Id: I9f5b061289c5f43e32983845469f5123cc9f209d
Closes-Bug: #1479501
The rabbitmq playbook is designed to run in parallel across the cluster.
This causes an issue when upgrading rabbitmq to a new major or minor
version because RabbitMQ does not support doing an online migration of
datasets between major versions. while a minor release can be upgrade
while online it is recommended to bring down the cluster to do any
upgrade actions. The current configuration takes no account of this.
Reference:
https://www.rabbitmq.com/clustering.html#upgrading for further details.
* A new variable has been added called `rabbitmq_upgrade`. This is set to
false by default to prevent a new version being installed unintentionally.
To run the upgrade, which will shutdown the cluster, the variable can be
set to true on the commandline:
Example:
openstack-ansible -e rabbitmq_upgrade=true \
rabbitmq-install.yml
* A new variable has been added called `rabbitmq_ignore_version_state`
which can be set "true" to ignore the package and version state tasks.
This has been provided to allow a deployer to rerun the plays in an
environment where the playbooks have been upgraded and the default
version of rabbitmq has changed within the role and the deployer has
elected to upgraded the installation at that time. This will ensure a
deployer is able to recluster an environment as needed without
effecting the package state.
Example:
openstack-ansible -e rabbitmq_ignore_version_state=true \
rabbitmq-install.yml
* A new variable has been added `rabbitmq_primary_cluster_node` which
allows a deployer to elect / set the primary cluster node in an
environment. This variable is used to determine the restart order
of RabbitMQ nodes. IE this will be the last node down and first one
up in an environment. By default this variable is set to:
rabbitmq_primary_cluster_node: "{{ groups['rabbitmq_all'][0] }}"
scripts/run-upgrade.sh has been modified to pass 'rabbitmq_upgrade=true'
on the command line so that RabbitMQ can be upgraded as part of the
upgrade between OpenStack versions.
DocImpact
Change-Id: I17d4429b9b94d47c1578dd58a2fb20698d1fe02e
Closes-bug: #1474992
This change adds a container task to ensure that container networks are up
and using the new configs as written by the lxc-container-create play. This
should resolve an issue where the container networks could be in a down
state after an upgrade due to a configuration file change.
A run function was also added to make it possible for a deployer to know
where in the upgrade process something might have failed and the order in
which the tasks may need to be rerun to continue the upgrade.
Change-Id: If02c4e269375368b6f613c5a9e3c947dddbd27f9
Closes-Bug: #1474585
Partial-Bug: #1475727
Prior to kilo, we created a static 'haproxy' MySQL user for haproxy.
In kilo and onwards, we now have a user variable called
galera_monitoring_user which defaults to monitoring. This commit
updates scripts/run-upgrade.sh to remove the old haproxy user to
ensure we don't have a defunct MySQL user lying about.
Change-Id: I071596c4c6d881d5304fc49a7cf752d5489ee19b
Closes-Bug: #1472673
Currently, scripts/run-upgrade.sh will not successfully upgrade a
deploy from juno->kilo. This update does the following:
- copies etc/openstack_deploy/env.d/* to /etc/openstack_deploy/env.d
- uses ansible modules where possible rather than using the ansible
shell module
- forces ansible command to return true where necessary (we introduce
new ansible host groups in kilo and these groups do not yet have
containers built which will cause the ansible command to fail)
- updates the python code to keep is_metal configurations between
juno and kilo deployments (kilo defaults is_metal=true for
cinder_volumes, which was not the default on juno)
- moves a closing if statement higher up in the script which was
erroneously causing a bunch of code to be skipped
Change-Id: Ic99dcbc3f64b8dbfec6188a017a8bcda1c80e544
Closes-Bug: #1471190
Co-Authored-By: Kevin Carter <kevin.carter@rackspace.com>
Changed the command to find the containers to only look for the contianer
config file within a given directory and to only look one level deep.
This change is in response to an issue that can happen if the container
directory "/var/lib/lxc" is also a mounted file system.
Change-Id: Id39995580900e2b9d9a35435d0cfeba82075d62b
Closes-Bug: #1470571
This removes the link files that are powering the basic pip config
thoughout the stack. The removal is to ensure that there are no
conflicting sources of truth when upgrading from Juno.
Closes-Bug: #1450580
Change-Id: I074f46c9b35793b35cf22ab49dd97f938df0cfac
This change modifies the container create bind mounts to use the
absolute path that would be within the container instead of the
relitive path. This change is being done to ensure that there
are never issues with bind mounts as in newer versions of LXC and
the CGManager the absolute path is required.
Change-Id: I6af23c7ea0a7f905bdd587adde966a449402ed0a
Closes-Bug: #1462068
This change simply makes sure that all containers and hosts have the
`apt-transport-https` package installed. this package is absolutly
required everywhere because we've changed all of the repo endpoints
to https and not all systems have this package installed on a base
kick. Furthermore an entry was added into the upgrade script to
ensure that upon upgrade everything will converge and remain
consistent.
Change-Id: I4b357ff7099a4c1c63c85ac9560aefc8d56709be
Closes-Bug: #1463155
Moved all of the group_vars/all.yml file into its own variable file
This change was done to allow a user to override basic options
without having to modify the default group variable files. While
the group_vars/all.yml file is still present it is only holding the
revision information that is used for release data and the minimal
required kernel that allows the system to function using VXLAN.
The upgrade script was modified to support the new "default"
user_group_vars.yml file.
tempest_swift_enabled was set to true in group_vars, so this has
now been set as a default in the role instead.
Commit 1bd2bc052a36c7f8c28e473d0a37fd29827198b0 implemented the
package URL update for rabbitmq, but not the corresponding sha256
update. This was not noticed due to group_vars overriding the URL
to a previous version, resulting in the above-mentioned commit
taking no effect. This patch therefore also corrects the sha256.
Closes-Bug: #1460516
Closes-Bug: #1460992
Change-Id: I8e42bb124827bb276134d662c9a171db8e4c017e
Upgrades stalled when installing pip packages with an external loadbalancer.
The temporary variable will allow pip to connect directly to the local pip
repo server instead of through the loadbalancer. The file this variable goes
in is named to be removed.
Closes-Bug: 1460700
Change-Id: I1b257a77b5814f3024c7d7885bf3b807eeb2526b
When adding rabbit_cluster_name: rpc to the user variables, it just
echoed it and did not redirect the output to add it to the
user_variables.yml file.
Change-Id: Idddc9eedf868f1312d7a449bba7079d207309538
This commit simply updates scripts/run-upgrade.sh to fix the typo
where the echo is not actually appending output to user_secrets.yml.
Change-Id: I21007c4fdf580cc2e1ef97b1f226d5518a7cb1fc
Closes-Bug: #1445665
This script was created to allow for Juno (v10.x) to be
upgrade to Kilo (v11.x). This script attempts to wrap all
of the changes that have taken place between the Rackspace
release of Juno and the community product created in master
that is Kilo.
Partially implements: blueprint master-kilofication
Change-Id: Ibbc2a8192fb3a4e8508aefc74b1d062cd890f1a0