Create the tripleo-packages role.

This manages installing, updating, and upgrading TripleO packages.

Story: 2006031
Task: 34668
Task: 34670
Task: 34671

Change-Id: Ib31212da20620b355f2fc196511f168804a008a4
Signed-off-by: ekultails <ekultails@gmail.com>
Signed-off-by: Kevin Carter <kecarter@redhat.com>
changes/67/678567/12
ekultails 3 years ago committed by Kevin Carter
parent 67f8ddc0d7
commit 905da0751a
No known key found for this signature in database
GPG Key ID: CE94BD890A47B20A
  1. 6
      doc/source/roles/role-tripleo-packages.rst
  2. 82
      tripleo_ansible/roles/tripleo-packages/defaults/main.yml
  3. 40
      tripleo_ansible/roles/tripleo-packages/handlers/main.yml
  4. 44
      tripleo_ansible/roles/tripleo-packages/meta/main.yml
  5. 37
      tripleo_ansible/roles/tripleo-packages/molecule/default/Dockerfile
  6. 68
      tripleo_ansible/roles/tripleo-packages/molecule/default/molecule.yml
  7. 21
      tripleo_ansible/roles/tripleo-packages/molecule/default/playbook.yml
  8. 21
      tripleo_ansible/roles/tripleo-packages/molecule/default/prepare.yml
  9. 37
      tripleo_ansible/roles/tripleo-packages/molecule/external_upgrade/Dockerfile
  10. 68
      tripleo_ansible/roles/tripleo-packages/molecule/external_upgrade/molecule.yml
  11. 26
      tripleo_ansible/roles/tripleo-packages/molecule/external_upgrade/playbook.yml
  12. 21
      tripleo_ansible/roles/tripleo-packages/molecule/external_upgrade/prepare.yml
  13. 37
      tripleo_ansible/roles/tripleo-packages/molecule/ffu/Dockerfile
  14. 68
      tripleo_ansible/roles/tripleo-packages/molecule/ffu/molecule.yml
  15. 31
      tripleo_ansible/roles/tripleo-packages/molecule/ffu/playbook.yml
  16. 21
      tripleo_ansible/roles/tripleo-packages/molecule/ffu/prepare.yml
  17. 37
      tripleo_ansible/roles/tripleo-packages/molecule/update/Dockerfile
  18. 76
      tripleo_ansible/roles/tripleo-packages/molecule/update/molecule.yml
  19. 26
      tripleo_ansible/roles/tripleo-packages/molecule/update/playbook.yml
  20. 21
      tripleo_ansible/roles/tripleo-packages/molecule/update/prepare.yml
  21. 37
      tripleo_ansible/roles/tripleo-packages/molecule/upgrade/Dockerfile
  22. 68
      tripleo_ansible/roles/tripleo-packages/molecule/upgrade/molecule.yml
  23. 47
      tripleo_ansible/roles/tripleo-packages/molecule/upgrade/playbook.yml
  24. 21
      tripleo_ansible/roles/tripleo-packages/molecule/upgrade/prepare.yml
  25. 33
      tripleo_ansible/roles/tripleo-packages/tasks/external_upgrade.yml
  26. 56
      tripleo_ansible/roles/tripleo-packages/tasks/fast_forward_post_upgrade.yml
  27. 62
      tripleo_ansible/roles/tripleo-packages/tasks/fast_forward_upgrade.yml
  28. 41
      tripleo_ansible/roles/tripleo-packages/tasks/update.yml
  29. 333
      tripleo_ansible/roles/tripleo-packages/tasks/upgrade.yml
  30. 10
      zuul.d/molecule.yaml

@ -0,0 +1,6 @@
=======================
Role - tripleo-packages
=======================
.. ansibleautoplugin::
:role: tripleo_ansible/roles/tripleo-packages

@ -0,0 +1,82 @@
---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# All variables intended for modification should place placed in this file.
# All variables within this role should have a prefix of "tripleo_packages"
# Dictionary packing service data
tripleo_packages_service_data: {}
# Mapping of service_name -> network name. Typically set
# via parameter_defaults in the resource registry. This
# mapping overrides those in ServiceNetMapDefaults.
tripleo_packages_service_net_map: {}
tripleo_packages_default_passwords: {}
# Role name on which the service is applied
tripleo_packages_role_name: ''
# Parameters specific to the role
tripleo_packages_role_parameters: {}
# Mapping of service endpoint -> protocol. Typically set
# via parameter_defaults in the resource registry.
tripleo_packages_endpoint_map: {}
# Set to true to enable package installation at deploy time
tripleo_packages_enable_package_install: false
# Allowed values: 'tripleo-repos' or 'custom-script'
tripleo_packages_fast_forward_repo_type: tripleo-repos
tripleo_packages_fast_forward_repo_args:
tripleo_repos:
ocata: -b ocata current
pike: -b pike current
queens: -b queens current
tripleo_packages_fast_forward_custom_repo_script_content: |
#!/bin/bash
set -e
echo "If you use FastForwardRepoType 'custom-script' you have to provide the upgrade repo script content."
echo "It will be installed as /root/ffu_upgrade_repo.sh on the node"
echo "and passed the upstream name (ocata, pike, queens) of the release as first argument"
exit 1
# Use Leapp for operating system upgrade
tripleo_packages_upgrade_leapp_enabled: true
# Print debugging output when running Leapp
tripleo_packages_upgrade_leapp_debug: true
# Skip RHSM when running Leapp in development/testing.
tripleo_packages_upgrade_leapp_devel_skip_rhsm: false
# Timeout (seconds) for the OS upgrade phase via Leapp
tripleo_packages_upgrade_leapp_reboot_timeout: 1800
# Command or script snippet to run on all overcloud nodes to
# initialize the upgrade process. E.g. a repository switch.
tripleo_packages_upgrade_init_command: ''
# Common commands required by the upgrades process. This should not
# normally be modified by the operator and is set and unset in the
# major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
# environment files.
tripleo_packages_upgrade_init_common_command: ''
tripleo_packages_short_bootstrap_node_name: ''
tripleo_release: "{{ release | default('queens') }}"

@ -0,0 +1,40 @@
---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# The openvswitch package disables the systemd service on install. When installing
# the layered product we prevent the service from being killed, but it doesn't
# do anything to prevent the systemd service from being removed and it is not
# re-enabled by default by the new package.
- name: Check openvswitch service state
systemd:
name: openvswitch
changed_when: false
ignore_errors: true
register: openvswitch_service_state
listen: start openvswitch
- name: Ensure openvswitch is running
systemd:
name: openvswitch
enabled: true
state: started
when:
- (openvswitch_service_state.status is defined) and
(((openvswitch_service_state.status['LoadState'] | lower) != 'not-found') and
((openvswitch_service_state.status['SubState'] | lower) != 'running'))
listen: start openvswitch

@ -0,0 +1,44 @@
---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
galaxy_info:
author: OpenStack
description: TripleO OpenStack Role -- tripleo-packages
company: Red Hat
license: Apache-2.0
min_ansible_version: 2.7
#
# Provide a list of supported platforms, and for each platform a list of versions.
# If you don't wish to enumerate all versions for a particular platform, use 'all'.
# To view available platforms and versions (or releases), visit:
# https://galaxy.ansible.com/api/v1/platforms/
#
platforms:
- name: Fedora
versions:
- 28
- name: CentOS
versions:
- 7
galaxy_tags:
- tripleo
# List your role dependencies here, one per line. Be sure to remove the '[]' above,
# if you add dependencies to this list.
dependencies: []

@ -0,0 +1,37 @@
# Molecule managed
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
{% if item.registry is defined %}
FROM {{ item.registry.url }}/{{ item.image }}
{% else %}
FROM {{ item.image }}
{% endif %}
RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \
elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash {{ item.pkg_extras | default('') }} && dnf clean all; \
elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl python-setuptools bash {{ item.pkg_extras | default('') }} && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml {{ item.pkg_extras | default('') }} && zypper clean -a; \
elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates {{ item.pkg_extras | default('') }}; \
elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates {{ item.pkg_extras | default('') }} && xbps-remove -O; fi
{% for pkg in item.easy_install | default([]) %}
# install pip for centos where there is no python-pip rpm in default repos
RUN easy_install {{ pkg }}
{% endfor %}
CMD ["sh", "-c", "while true; do sleep 10000; done"]

@ -0,0 +1,68 @@
---
driver:
name: docker
log: true
platforms:
- name: centos7
hostname: centos7
image: centos:7
dockerfile: Dockerfile
pkg_extras: python-setuptools
easy_install:
- pip
environment: &env
http_proxy: "{{ lookup('env', 'http_proxy') }}"
https_proxy: "{{ lookup('env', 'https_proxy') }}"
command: /sbin/init
tmpfs:
- /run
- /tmp
capabilities:
- ALL
volumes:
- /dev:/dev
- /lib/modules:/lib/modules
- name: fedora28
hostname: fedora28
image: fedora:28
dockerfile: Dockerfile
pkg_extras: python*-setuptools
environment:
http_proxy: "{{ lookup('env', 'http_proxy') }}"
https_proxy: "{{ lookup('env', 'https_proxy') }}"
command: /sbin/init
privileged: true
tmpfs:
- /run
- /tmp
capabilities:
- ALL
volumes:
- /dev:/dev
- /lib/modules:/lib/modules
provisioner:
name: ansible
log: true
env:
ANSIBLE_STDOUT_CALLBACK: yaml
scenario:
test_sequence:
- destroy
- create
- prepare
- converge
- verify
- destroy
lint:
enabled: false
verifier:
name: testinfra
lint:
name: flake8

@ -0,0 +1,21 @@
---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
- name: Converge
hosts: all
roles:
- role: "tripleo-packages"

@ -0,0 +1,21 @@
---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
- name: Prepare
hosts: all
roles:
- role: test_deps

@ -0,0 +1,37 @@
# Molecule managed
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
{% if item.registry is defined %}
FROM {{ item.registry.url }}/{{ item.image }}
{% else %}
FROM {{ item.image }}
{% endif %}
RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \
elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash {{ item.pkg_extras | default('') }} && dnf clean all; \
elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl python-setuptools bash {{ item.pkg_extras | default('') }} && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml {{ item.pkg_extras | default('') }} && zypper clean -a; \
elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates {{ item.pkg_extras | default('') }}; \
elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates {{ item.pkg_extras | default('') }} && xbps-remove -O; fi
{% for pkg in item.easy_install | default([]) %}
# install pip for centos where there is no python-pip rpm in default repos
RUN easy_install {{ pkg }}
{% endfor %}
CMD ["sh", "-c", "while true; do sleep 10000; done"]

@ -0,0 +1,68 @@
---
driver:
name: docker
log: true
platforms:
- name: centos7
hostname: centos7
image: centos:7
dockerfile: Dockerfile
pkg_extras: python-setuptools
easy_install:
- pip
environment: &env
http_proxy: "{{ lookup('env', 'http_proxy') }}"
https_proxy: "{{ lookup('env', 'https_proxy') }}"
command: /sbin/init
tmpfs:
- /run
- /tmp
capabilities:
- ALL
volumes:
- /dev:/dev
- /lib/modules:/lib/modules
- name: fedora28
hostname: fedora28
image: fedora:28
dockerfile: Dockerfile
pkg_extras: python*-setuptools
environment:
http_proxy: "{{ lookup('env', 'http_proxy') }}"
https_proxy: "{{ lookup('env', 'https_proxy') }}"
command: /sbin/init
privileged: true
tmpfs:
- /run
- /tmp
capabilities:
- ALL
volumes:
- /dev:/dev
- /lib/modules:/lib/modules
provisioner:
name: ansible
log: true
env:
ANSIBLE_STDOUT_CALLBACK: yaml
scenario:
test_sequence:
- destroy
- create
- prepare
- converge
- verify
- destroy
lint:
enabled: false
verifier:
name: testinfra
lint:
name: flake8

@ -0,0 +1,26 @@
---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
- name: Converge
hosts: all
vars:
step: 1
tasks:
- name: Import TripleO packages role
include_role:
name: tripleo-packages
tasks_from: external_upgrade.yml

@ -0,0 +1,21 @@
---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
- name: Prepare
hosts: all
roles:
- role: test_deps

@ -0,0 +1,37 @@
# Molecule managed
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
{% if item.registry is defined %}
FROM {{ item.registry.url }}/{{ item.image }}
{% else %}
FROM {{ item.image }}
{% endif %}
RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \
elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash {{ item.pkg_extras | default('') }} && dnf clean all; \
elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl python-setuptools bash {{ item.pkg_extras | default('') }} && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml {{ item.pkg_extras | default('') }} && zypper clean -a; \
elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates {{ item.pkg_extras | default('') }}; \
elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates {{ item.pkg_extras | default('') }} && xbps-remove -O; fi
{% for pkg in item.easy_install | default([]) %}
# install pip for centos where there is no python-pip rpm in default repos
RUN easy_install {{ pkg }}
{% endfor %}
CMD ["sh", "-c", "while true; do sleep 10000; done"]

@ -0,0 +1,68 @@
---
driver:
name: docker
log: true
platforms:
- name: centos7
hostname: centos7
image: centos:7
dockerfile: Dockerfile
pkg_extras: python-setuptools
easy_install:
- pip
environment: &env
http_proxy: "{{ lookup('env', 'http_proxy') }}"
https_proxy: "{{ lookup('env', 'https_proxy') }}"
command: /sbin/init
tmpfs:
- /run
- /tmp
capabilities:
- ALL
volumes:
- /dev:/dev
- /lib/modules:/lib/modules
- name: fedora28
hostname: fedora28
image: fedora:28
dockerfile: Dockerfile
pkg_extras: python*-setuptools
environment:
http_proxy: "{{ lookup('env', 'http_proxy') }}"
https_proxy: "{{ lookup('env', 'https_proxy') }}"
command: /sbin/init
privileged: true
tmpfs:
- /run
- /tmp
capabilities:
- ALL
volumes:
- /dev:/dev
- /lib/modules:/lib/modules
provisioner:
name: ansible
log: true
env:
ANSIBLE_STDOUT_CALLBACK: yaml
scenario:
test_sequence:
- destroy
- create
- prepare
- converge
- verify
- destroy
lint:
enabled: false
verifier:
name: testinfra
lint:
name: flake8

@ -0,0 +1,31 @@
---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
- name: Converge
hosts: all
vars:
step: 3
tasks:
- name: Import TripleO packages role
include_role:
name: tripleo-packages
tasks_from: fast_forward_upgrade.yml
- name: Import TripleO packages role
include_role:
name: tripleo-packages
tasks_from: fast_forward_post_upgrade.yml

@ -0,0 +1,21 @@
---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
- name: Prepare
hosts: all
roles:
- role: test_deps

@ -0,0 +1,37 @@
# Molecule managed
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
{% if item.registry is defined %}
FROM {{ item.registry.url }}/{{ item.image }}
{% else %}
FROM {{ item.image }}
{% endif %}
RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \
elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash {{ item.pkg_extras | default('') }} && dnf clean all; \
elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl python-setuptools bash {{ item.pkg_extras | default('') }} && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml {{ item.pkg_extras | default('') }} && zypper clean -a; \
elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates {{ item.pkg_extras | default('') }}; \
elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates {{ item.pkg_extras | default('') }} && xbps-remove -O; fi
{% for pkg in item.easy_install | default([]) %}
# install pip for centos where there is no python-pip rpm in default repos
RUN easy_install {{ pkg }}
{% endfor %}
CMD ["sh", "-c", "while true; do sleep 10000; done"]

@ -0,0 +1,76 @@
---
driver:
name: docker
log: true
platforms:
- name: centos7
hostname: centos7
image: centos:7
dockerfile: Dockerfile
pkg_extras: python-setuptools
easy_install:
- pip
environment: &env
http_proxy: "{{ lookup('env', 'http_proxy') }}"
https_proxy: "{{ lookup('env', 'https_proxy') }}"
command: >-
/sbin/init &&
/bin/mkdir -p /var/run/dbus &&
/usr/bin/dbus-uuidgen > /var/lib/dbus/machine-id &&
/usr/bin/dbus-daemon --config-file=/usr/share/dbus-1/system.conf
tmpfs:
- /run
- /tmp
capabilities:
- ALL
volumes:
- /dev:/dev
- /lib/modules:/lib/modules
- name: fedora28
hostname: fedora28
image: fedora:28
dockerfile: Dockerfile
pkg_extras: python*-setuptools
environment:
http_proxy: "{{ lookup('env', 'http_proxy') }}"
https_proxy: "{{ lookup('env', 'https_proxy') }}"
command: >-
/sbin/init &&
/bin/mkdir -p /var/run/dbus &&
/usr/bin/dbus-uuidgen > /var/lib/dbus/machine-id &&
/usr/bin/dbus-daemon --config-file=/usr/share/dbus-1/system.conf
privileged: true
tmpfs:
- /run
- /tmp
capabilities:
- ALL
volumes:
- /dev:/dev
- /lib/modules:/lib/modules
provisioner:
name: ansible
log: true
env:
ANSIBLE_STDOUT_CALLBACK: yaml
scenario:
test_sequence:
- destroy
- create
- prepare
- converge
- verify
- destroy
lint:
enabled: false
verifier:
name: testinfra
lint:
name: flake8

@ -0,0 +1,26 @@
---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
- name: Converge
hosts: all
vars:
step: 3
tasks:
- name: Import TripleO packages role
include_role:
name: tripleo-packages
tasks_from: update.yml

@ -0,0 +1,21 @@
---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
- name: Prepare
hosts: all
roles:
- role: test_deps

@ -0,0 +1,37 @@
# Molecule managed
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
{% if item.registry is defined %}
FROM {{ item.registry.url }}/{{ item.image }}
{% else %}
FROM {{ item.image }}
{% endif %}
RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \
elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash {{ item.pkg_extras | default('') }} && dnf clean all; \
elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl python-setuptools bash {{ item.pkg_extras | default('') }} && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml {{ item.pkg_extras | default('') }} && zypper clean -a; \
elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates {{ item.pkg_extras | default('') }}; \
elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates {{ item.pkg_extras | default('') }} && xbps-remove -O; fi
{% for pkg in item.easy_install | default([]) %}
# install pip for centos where there is no python-pip rpm in default repos
RUN easy_install {{ pkg }}
{% endfor %}
CMD ["sh", "-c", "while true; do sleep 10000; done"]

@ -0,0 +1,68 @@
---
driver:
name: docker
log: true
platforms:
- name: centos7
hostname: centos7
image: centos:7
dockerfile: Dockerfile
pkg_extras: python-setuptools openvswitch numactl-libs* unbound-libs*
easy_install:
- pip
environment: &env
http_proxy: "{{ lookup('env', 'http_proxy') }}"
https_proxy: "{{ lookup('env', 'https_proxy') }}"
command: /sbin/init
tmpfs:
- /run
- /tmp
capabilities:
- ALL
volumes:
- /dev:/dev
- /lib/modules:/lib/modules
- name: fedora28
hostname: fedora28
image: fedora:28
dockerfile: Dockerfile
pkg_extras: python*-setuptools openvswitch 'dnf-command(download)' unbound-libs*
environment:
http_proxy: "{{ lookup('env', 'http_proxy') }}"
https_proxy: "{{ lookup('env', 'https_proxy') }}"
command: /sbin/init
privileged: true
tmpfs:
- /run
- /tmp
capabilities:
- ALL
volumes:
- /dev:/dev
- /lib/modules:/lib/modules
provisioner:
name: ansible
log: true
env:
ANSIBLE_STDOUT_CALLBACK: yaml
scenario:
test_sequence:
- destroy
- create
- prepare
- converge
- verify
- destroy
lint:
enabled: false
verifier:
name: testinfra
lint:
name: flake8

@ -0,0 +1,47 @@
---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
- name: Converge
hosts: all
tasks:
- name: Import TripleO packages role (step|0)
include_role:
name: tripleo-packages
tasks_from: upgrade.yml
vars:
step: 0
- name: Import TripleO packages role (step|2)
include_role:
name: tripleo-packages
tasks_from: upgrade.yml
vars:
step: 2
- name: Import TripleO packages role (step|3)
include_role:
name: tripleo-packages
tasks_from: upgrade.yml
vars:
step: 3
- name: Import TripleO packages role (step|4)
include_role:
name: tripleo-packages
tasks_from: upgrade.yml
vars:
step: 4

@ -0,0 +1,21 @@
---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
- name: Prepare
hosts: all
roles:
- role: test_deps

@ -0,0 +1,33 @@
---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
- name: Clean up upgrade artifacts
when:
- (step | int) == 1
tags:
- never
- system_upgrade_cleanup
block:
- name: cleanup tripleo_persist
include_role:
name: tripleo-persist
tasks_from: cleanup.yml
- name: cleanup tripleo_transfer
include_role:
name: tripleo-transfer
tasks_from: cleanup.yml

@ -0,0 +1,56 @@
---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
- name: Debug fast forward upgrade repo variables
debug:
var: "{{ item }}"
loop:
- tripleo_packages_fast_forward_repo_type
- tripleo_packages_fast_forward_repo_args
when:
- (step | int) == 3
- when:
- is_bootstrap_node|bool
- tripleo_packages_fast_forward_repo_type == 'tripleo-repos'
block:
- name: clone tripleo-repos
git:
repo: https://github.com/openstack/tripleo-repos.git
dest: /home/stack/tripleo-repos/
version: master
- name: install tripleo-repos
command: python setup.py install
args:
chdir: /home/stack/tripleo-repos/
- name: Enable tripleo-repos
command: "tripleo-repos {{ tripleo_packages_fast_forward_repo_args['tripleo_repos'][tripleo_release] }}"
- when:
- is_bootstrap_node|bool
- tripleo_packages_fast_forward_repo_type == 'custom-script'
block:
- name: Create custom Script for upgrading repo.
copy:
dest: /root/ffu_update_repo.sh
content: "{{ tripleo_packages_fast_forward_custom_repo_script_content }}"
mode: 0700
- name: Execute custom script for upgrading repo.
shell: "/root/ffu_update_repo.sh {{ tripleo_release }}"

@ -0,0 +1,62 @@
---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
- name: set is_bootstrap_node fact
set_fact:
is_bootstrap_node: "{{ tripleo_packages_short_bootstrap_node_name|lower == ansible_hostname|lower }}"
- name: Debug fast forward upgrade repo variables
debug:
var: "{{ item }}"
loop:
- tripleo_packages_fast_forward_repo_type
- tripleo_packages_fast_forward_repo_args
when:
- (step | int) == 3
- when:
- (step | int) == 3
- is_bootstrap_node|bool
- tripleo_packages_fast_forward_repo_type == 'tripleo-repos'
block:
- name: clone tripleo-repos
git:
repo: https://github.com/openstack/tripleo-repos.git
dest: /home/stack/tripleo-repos/
version: master
- name: install tripleo-repos
command: python setup.py install
args:
chdir: /home/stack/tripleo-repos/
- name: Enable tripleo-repos
command: "tripleo-repos {{ tripleo_packages_fast_forward_repo_args.tripleo_repos[tripleo_release] }}"
- when:
- (step | int) == 3
- is_bootstrap_node|bool
- tripleo_packages_fast_forward_repo_type == 'custom-script'
block:
- name: Create custom Script for upgrading repo.
copy:
dest: /root/ffu_update_repo.sh
content: "{{ tripleo_packages_fast_forward_custom_repo_script_content }}"
mode: 0700
- name: Execute custom script for upgrading repo.
shell: "/root/ffu_update_repo.sh {{ tripleo_release }}"

@ -0,0 +1,41 @@
---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
- name: Check for existing yum.pid
stat:
path: /var/run/yum.pid
register: yum_pid_file
when:
- ((step | int) == 0) or ((step | int) == 3)
- name: Exit if existing yum process
fail:
msg: >-
ERROR existing yum.pid detected - can't continue! Please ensure there is no other
package update process for the duration of the minor update worfklow. Exiting.
when:
- (((step | int) == 0) or ((step | int) == 3)) and (yum_pid_file.stat.exists | bool)
# Ansbile cannot upgrade itself as it will cause the current execution to fail.
# https://github.com/ansible/ansible/issues/56636
- name: Update all packages
when: step|int == 3
package:
name: '*'
state: latest
exclude: ansible
notify: start openvswitch

@ -0,0 +1,333 @@
---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
- name: system_upgrade_prepare step 3
when: (step | int) == 3
tags:
- never
- system_upgrade
- system_upgrade_prepare
block:
- name: remove all OpenStack packages
shell: |-
yum -y remove *el7ost* -- \
-*openvswitch* \
-python2-babel \
-python2-dateutil \
-python2-ipaddress \
-python2-jinja2 \
-python2-markupsafe \
-python2-six
when:
- upgrade_leapp_enabled | bool
- name: install leapp
package:
name: leapp
state: latest
when:
- upgrade_leapp_enabled | bool
- name: system_upgrade_prepare step 4
when: (step | int) == 4
tags:
- never
- system_upgrade
- system_upgrade_prepare
block:
- name: run leapp upgrade (download packages)
shell: >-
{% if upgrade_leapp_devel_skip_rhsm|default(false) %}LEAPP_DEVEL_SKIP_RHSM=1{% endif %}
leapp upgrade
{% if upgrade_leapp_debug|default(true) %}--debug{% endif %}
when:
- upgrade_leapp_enabled | bool
- name: system_upgrade_run step 4
when:
- (step | int) == 4
tags:
- never
- system_upgrade
- system_upgrade_run
# In case someone needs to re-run system_upgrade_run post-tasks
# but doesn't want to reboot, they can run with
# `--skip-tags system_upgrade_reboot`.
- system_upgrade_reboot
block:
- name: reboot to perform the upgrade
reboot:
reboot_timeout: "{{ upgrade_leapp_reboot_timeout }}"
when:
- upgrade_leapp_enabled | bool
- name: Package and repo update tasks
when:
- (step | int) == 0
block:
- name: Run UpgradeInitCommand
shell: |-
set -o pipefail
if [[ -f /etc/resolv.conf.save ]]; then
rm /etc/resolv.conf.save
fi
{{ tripleo_packages_upgrade_init_command }}
args:
executable: /bin/bash
- name: Run UpgradeInitCommonCommand
shell: |-
set -o pipefail
{{ tripleo_packages_upgrade_init_common_command }}
args:
executable: /bin/bash
when:
- (tripleo_packages_upgrade_init_common_command | length) > 0
- name: Ensure TripleO prerequisite packages are installed
package:
name:
- jq
- lvm2
- net-snmp
- openstack-selinux
- os-net-config
- pacemaker
- pcs
- puppet-tripleo
- python3-heat-agent*
state: present
when:
- ansible_distribution_major_version == '8'
# With the layered product packaging, the key package is rhosp-openvswitch. It depends on
# a openvswitch package that includes the version as part of the name (e.g openvswitch2.10).
# This requires some additional special handling:
# - During an upgrade the package name for openvswitch may change so
# upgrading the currently installed package won't do anything.
# - The rhosp-openvswitch package "obsoletes" several packages,
# including older openvswitch packages. This results in a pretty
# severe uninstall/install sequence of operations that stops and
# removes openvswitch which could break network links required to
# continue the upgrade.
# - To prevent rhosp-openvswitch breaking connectivity, the currently
# installed core openvswitch packages need to be erased from the rpm
# database but leave the binaries intact. This effectively
# short-circuits the obsoletes mechanism in rhosp-openvswitch and
# leaves the core elements of openvswitch running. In the future we
# may replace this mechanism with "an upgrade on reboot". We only
# do this for the core openvswitch packages so other packages
# obsoleted by rhosp-openvswitch will be removed when
# rhosp-openvswitch is installed/upgraded.
# - Neither the rhosp-openvswitch nor openvswitch{m.n} package enables
# or starts the systemd service so there must always be a task
# to ensure that it is enabled or OpenvSwitch functionality won't be
# available on reboot.
# - With LP, we expect that the core openvswitch package name will
# change with every major upgrade so this special handling will
# eventually replace the special handling of upgrading the
# openvswitch package "in place"
- name: Block for gathering information for upgrading OpenvSwitch layered product packaging
when: (step | int) == 2
block:
- name: Process rhosp-openvswitch layered package for new version number
shell: |-
set -o pipefail
yum info -q rhosp-openvswitch | awk '/^Version/{print $NF}'
register: rhosp_package_result
ignore_errors: true
- name: Set fact for triggering OpenvSwitch layered product package handling
set_fact:
ovs_lp_packaging: "{{ rhosp_package_result.rc == 0 }}"
- name: Capture the expected OpenvSwitch version.
set_fact:
new_ovs_version: "{{ rhosp_package_result.stdout }}"
when:
- ovs_lp_packaging | default(false)
- name: Get current OpenvSwitch package name
register: ovs_pkg_out
shell: |-
set -o pipefail
rpm -qa | awk -F- '/^(openvswitch[0-9]+\.[0-9]+-|openvswitch-2)/{print $1}'
- name: Get version from current OpenvSwitch package
register: ovs_version_out
shell: |-
set -o pipefail
rpm -qi "{{ ovs_pkg_out.stdout }}" | awk '/^Version/{print $NF}'
- name: split numeric version for OpenvSwitch into parts
set_fact:
ovs_version_parts: "{{ ovs_version_out.stdout.split('.') }}"
- name: get major minor version for OpenvSwitch package naming
set_fact:
current_ovs_version: "{{ ovs_version_parts[0] }}.{{ ovs_version_parts[1] }}"
- name: get OpenvSwitch major version
set_fact:
current_ovs_major_version: "{{ ovs_version_parts[0]|int }}"
- name: get OpenvSwitch minor version
set_fact:
current_ovs_minor_version: "{{ ovs_version_parts[1]|int }}"
- name: Block for upgrading OpenvSwitch when layer package is present
when:
- (step | int) == 2
- ovs_lp_packaging | default(false)
block:
- name: set current OpenvSwitch package suffix if old version is layered product format
set_fact:
package_suffix: "{{ current_ovs_version }}"
when:
- ((current_ovs_major_version | int) >= 3) or
((current_ovs_minor_version | int) >= 10)
- name: remove old OpenvSwitch package(s) if version doesn't match
shell: |-
rpm -e --noscripts \
--nopreun \
--nopostun \
--notriggers \
--nodeps $(rpm -qa 'openvswitch{{ package_suffix|default('') }}*' | grep -v 'selinux')
args:
warn: false
when:
- new_ovs_version != current_ovs_version
- name: install/upgrade OpenvSwitch LP package
package:
name: rhosp-openvswitch
state: latest
notify: start openvswitch
- name: set flag to skip other upgrade steps since OpenvSwitch is already upgraded!
set_fact:
run_ovs_update: false
- name: Check for openvswitch upgrade if not layered package installs
when:
- (step | int) == 2
- run_ovs_update|default(true)
block:
- name: check if an upgrade is required
register: ovs_need_upgrade
ignore_errors: true
shell: |
yum check-upgrade openvswitch | awk '/openvswitch/{print}'
- name: Check openvswitch packaging.
shell: |-
set -o pipefail
rpm -q --scripts openvswitch | awk '/postuninstall/,/*/' | grep -q "systemctl.*try-restart"
register: ovs_packaging_issue
ignore_errors: true
- name: Upgrade openvswitch
when:
- (step | int) == 2
- run_ovs_update | default(true)
- ovs_packaging_issue is success
- ovs_need_upgrade.stdout | default('')
block:
- name: "Ensure empty directory: emptying."
file:
state: absent
path: /root/OVS_UPGRADE
- name: "Ensure empty directory: creating."
file:
state: directory
path: /root/OVS_UPGRADE
owner: root
group: root
mode: 0750
- name: Make yum cache.
command: yum makecache
- name: Download OVS packages
shell: |-
if command -v yumdownloader; then
yumdownloader --destdir /root/OVS_UPGRADE --resolve openvswitch
else
dnf download --destdir /root/OVS_UPGRADE --resolve openvswitch
fi
- name: Get rpm list for manual upgrade of OVS.
shell: ls -1 /root/OVS_UPGRADE/*.rpm
register: ovs_list_of_rpms
- name: Manual upgrade of OVS
shell: |
rpm -U --replacepkgs --notriggerun --nopostun {{ item }}
args:
chdir: /root/OVS_UPGRADE
loop: "{{ ovs_list_of_rpms.stdout_lines }}"
notify: "start openvswitch"