diff --git a/doc/source/roles/role-tripleo-packages.rst b/doc/source/roles/role-tripleo-packages.rst new file mode 100644 index 000000000..a164f3d84 --- /dev/null +++ b/doc/source/roles/role-tripleo-packages.rst @@ -0,0 +1,6 @@ +======================= +Role - tripleo-packages +======================= + +.. ansibleautoplugin:: + :role: tripleo_ansible/roles/tripleo-packages diff --git a/tripleo_ansible/roles/tripleo-packages/defaults/main.yml b/tripleo_ansible/roles/tripleo-packages/defaults/main.yml new file mode 100644 index 000000000..30623e95d --- /dev/null +++ b/tripleo_ansible/roles/tripleo-packages/defaults/main.yml @@ -0,0 +1,82 @@ +--- +# Copyright 2019 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +# All variables intended for modification should place placed in this file. + +# All variables within this role should have a prefix of "tripleo_packages" + +# Dictionary packing service data +tripleo_packages_service_data: {} + +# Mapping of service_name -> network name. Typically set +# via parameter_defaults in the resource registry. This +# mapping overrides those in ServiceNetMapDefaults. +tripleo_packages_service_net_map: {} +tripleo_packages_default_passwords: {} + +# Role name on which the service is applied +tripleo_packages_role_name: '' + +# Parameters specific to the role +tripleo_packages_role_parameters: {} + +# Mapping of service endpoint -> protocol. Typically set +# via parameter_defaults in the resource registry. +tripleo_packages_endpoint_map: {} + +# Set to true to enable package installation at deploy time +tripleo_packages_enable_package_install: false + +# Allowed values: 'tripleo-repos' or 'custom-script' +tripleo_packages_fast_forward_repo_type: tripleo-repos +tripleo_packages_fast_forward_repo_args: + tripleo_repos: + ocata: -b ocata current + pike: -b pike current + queens: -b queens current +tripleo_packages_fast_forward_custom_repo_script_content: | + #!/bin/bash + set -e + echo "If you use FastForwardRepoType 'custom-script' you have to provide the upgrade repo script content." + echo "It will be installed as /root/ffu_upgrade_repo.sh on the node" + echo "and passed the upstream name (ocata, pike, queens) of the release as first argument" + exit 1 + +# Use Leapp for operating system upgrade +tripleo_packages_upgrade_leapp_enabled: true + +# Print debugging output when running Leapp +tripleo_packages_upgrade_leapp_debug: true + +# Skip RHSM when running Leapp in development/testing. +tripleo_packages_upgrade_leapp_devel_skip_rhsm: false + +# Timeout (seconds) for the OS upgrade phase via Leapp +tripleo_packages_upgrade_leapp_reboot_timeout: 1800 + +# Command or script snippet to run on all overcloud nodes to +# initialize the upgrade process. E.g. a repository switch. +tripleo_packages_upgrade_init_command: '' + +# Common commands required by the upgrades process. This should not +# normally be modified by the operator and is set and unset in the +# major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml +# environment files. +tripleo_packages_upgrade_init_common_command: '' +tripleo_packages_short_bootstrap_node_name: '' + +tripleo_release: "{{ release | default('queens') }}" diff --git a/tripleo_ansible/roles/tripleo-packages/handlers/main.yml b/tripleo_ansible/roles/tripleo-packages/handlers/main.yml new file mode 100644 index 000000000..bdc41af22 --- /dev/null +++ b/tripleo_ansible/roles/tripleo-packages/handlers/main.yml @@ -0,0 +1,40 @@ +--- +# Copyright 2019 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# + + +# The openvswitch package disables the systemd service on install. When installing +# the layered product we prevent the service from being killed, but it doesn't +# do anything to prevent the systemd service from being removed and it is not +# re-enabled by default by the new package. +- name: Check openvswitch service state + systemd: + name: openvswitch + changed_when: false + ignore_errors: true + register: openvswitch_service_state + listen: start openvswitch + +- name: Ensure openvswitch is running + systemd: + name: openvswitch + enabled: true + state: started + when: + - (openvswitch_service_state.status is defined) and + (((openvswitch_service_state.status['LoadState'] | lower) != 'not-found') and + ((openvswitch_service_state.status['SubState'] | lower) != 'running')) + listen: start openvswitch diff --git a/tripleo_ansible/roles/tripleo-packages/meta/main.yml b/tripleo_ansible/roles/tripleo-packages/meta/main.yml new file mode 100644 index 000000000..92fd1488d --- /dev/null +++ b/tripleo_ansible/roles/tripleo-packages/meta/main.yml @@ -0,0 +1,44 @@ +--- +# Copyright 2019 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +galaxy_info: + author: OpenStack + description: TripleO OpenStack Role -- tripleo-packages + company: Red Hat + license: Apache-2.0 + min_ansible_version: 2.7 + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + platforms: + - name: Fedora + versions: + - 28 + - name: CentOS + versions: + - 7 + + galaxy_tags: + - tripleo + + +# List your role dependencies here, one per line. Be sure to remove the '[]' above, +# if you add dependencies to this list. +dependencies: [] diff --git a/tripleo_ansible/roles/tripleo-packages/molecule/default/Dockerfile b/tripleo_ansible/roles/tripleo-packages/molecule/default/Dockerfile new file mode 100644 index 000000000..1b91a0e0b --- /dev/null +++ b/tripleo_ansible/roles/tripleo-packages/molecule/default/Dockerfile @@ -0,0 +1,37 @@ +# Molecule managed +# Copyright 2019 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +{% if item.registry is defined %} +FROM {{ item.registry.url }}/{{ item.image }} +{% else %} +FROM {{ item.image }} +{% endif %} + +RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \ + elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash {{ item.pkg_extras | default('') }} && dnf clean all; \ + elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl python-setuptools bash {{ item.pkg_extras | default('') }} && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \ + elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml {{ item.pkg_extras | default('') }} && zypper clean -a; \ + elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates {{ item.pkg_extras | default('') }}; \ + elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates {{ item.pkg_extras | default('') }} && xbps-remove -O; fi + +{% for pkg in item.easy_install | default([]) %} +# install pip for centos where there is no python-pip rpm in default repos +RUN easy_install {{ pkg }} +{% endfor %} + + +CMD ["sh", "-c", "while true; do sleep 10000; done"] diff --git a/tripleo_ansible/roles/tripleo-packages/molecule/default/molecule.yml b/tripleo_ansible/roles/tripleo-packages/molecule/default/molecule.yml new file mode 100644 index 000000000..4e21e8195 --- /dev/null +++ b/tripleo_ansible/roles/tripleo-packages/molecule/default/molecule.yml @@ -0,0 +1,68 @@ +--- +driver: + name: docker + +log: true + +platforms: + - name: centos7 + hostname: centos7 + image: centos:7 + dockerfile: Dockerfile + pkg_extras: python-setuptools + easy_install: + - pip + environment: &env + http_proxy: "{{ lookup('env', 'http_proxy') }}" + https_proxy: "{{ lookup('env', 'https_proxy') }}" + command: /sbin/init + tmpfs: + - /run + - /tmp + capabilities: + - ALL + volumes: + - /dev:/dev + - /lib/modules:/lib/modules + + - name: fedora28 + hostname: fedora28 + image: fedora:28 + dockerfile: Dockerfile + pkg_extras: python*-setuptools + environment: + http_proxy: "{{ lookup('env', 'http_proxy') }}" + https_proxy: "{{ lookup('env', 'https_proxy') }}" + command: /sbin/init + privileged: true + tmpfs: + - /run + - /tmp + capabilities: + - ALL + volumes: + - /dev:/dev + - /lib/modules:/lib/modules + +provisioner: + name: ansible + log: true + env: + ANSIBLE_STDOUT_CALLBACK: yaml + +scenario: + test_sequence: + - destroy + - create + - prepare + - converge + - verify + - destroy + +lint: + enabled: false + +verifier: + name: testinfra + lint: + name: flake8 diff --git a/tripleo_ansible/roles/tripleo-packages/molecule/default/playbook.yml b/tripleo_ansible/roles/tripleo-packages/molecule/default/playbook.yml new file mode 100644 index 000000000..1ec7e0bf8 --- /dev/null +++ b/tripleo_ansible/roles/tripleo-packages/molecule/default/playbook.yml @@ -0,0 +1,21 @@ +--- +# Copyright 2019 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +- name: Converge + hosts: all + roles: + - role: "tripleo-packages" diff --git a/tripleo_ansible/roles/tripleo-packages/molecule/default/prepare.yml b/tripleo_ansible/roles/tripleo-packages/molecule/default/prepare.yml new file mode 100644 index 000000000..ef85c3128 --- /dev/null +++ b/tripleo_ansible/roles/tripleo-packages/molecule/default/prepare.yml @@ -0,0 +1,21 @@ +--- +# Copyright 2019 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +- name: Prepare + hosts: all + roles: + - role: test_deps diff --git a/tripleo_ansible/roles/tripleo-packages/molecule/external_upgrade/Dockerfile b/tripleo_ansible/roles/tripleo-packages/molecule/external_upgrade/Dockerfile new file mode 100644 index 000000000..1b91a0e0b --- /dev/null +++ b/tripleo_ansible/roles/tripleo-packages/molecule/external_upgrade/Dockerfile @@ -0,0 +1,37 @@ +# Molecule managed +# Copyright 2019 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +{% if item.registry is defined %} +FROM {{ item.registry.url }}/{{ item.image }} +{% else %} +FROM {{ item.image }} +{% endif %} + +RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \ + elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash {{ item.pkg_extras | default('') }} && dnf clean all; \ + elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl python-setuptools bash {{ item.pkg_extras | default('') }} && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \ + elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml {{ item.pkg_extras | default('') }} && zypper clean -a; \ + elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates {{ item.pkg_extras | default('') }}; \ + elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates {{ item.pkg_extras | default('') }} && xbps-remove -O; fi + +{% for pkg in item.easy_install | default([]) %} +# install pip for centos where there is no python-pip rpm in default repos +RUN easy_install {{ pkg }} +{% endfor %} + + +CMD ["sh", "-c", "while true; do sleep 10000; done"] diff --git a/tripleo_ansible/roles/tripleo-packages/molecule/external_upgrade/molecule.yml b/tripleo_ansible/roles/tripleo-packages/molecule/external_upgrade/molecule.yml new file mode 100644 index 000000000..4e21e8195 --- /dev/null +++ b/tripleo_ansible/roles/tripleo-packages/molecule/external_upgrade/molecule.yml @@ -0,0 +1,68 @@ +--- +driver: + name: docker + +log: true + +platforms: + - name: centos7 + hostname: centos7 + image: centos:7 + dockerfile: Dockerfile + pkg_extras: python-setuptools + easy_install: + - pip + environment: &env + http_proxy: "{{ lookup('env', 'http_proxy') }}" + https_proxy: "{{ lookup('env', 'https_proxy') }}" + command: /sbin/init + tmpfs: + - /run + - /tmp + capabilities: + - ALL + volumes: + - /dev:/dev + - /lib/modules:/lib/modules + + - name: fedora28 + hostname: fedora28 + image: fedora:28 + dockerfile: Dockerfile + pkg_extras: python*-setuptools + environment: + http_proxy: "{{ lookup('env', 'http_proxy') }}" + https_proxy: "{{ lookup('env', 'https_proxy') }}" + command: /sbin/init + privileged: true + tmpfs: + - /run + - /tmp + capabilities: + - ALL + volumes: + - /dev:/dev + - /lib/modules:/lib/modules + +provisioner: + name: ansible + log: true + env: + ANSIBLE_STDOUT_CALLBACK: yaml + +scenario: + test_sequence: + - destroy + - create + - prepare + - converge + - verify + - destroy + +lint: + enabled: false + +verifier: + name: testinfra + lint: + name: flake8 diff --git a/tripleo_ansible/roles/tripleo-packages/molecule/external_upgrade/playbook.yml b/tripleo_ansible/roles/tripleo-packages/molecule/external_upgrade/playbook.yml new file mode 100644 index 000000000..024ecc6a8 --- /dev/null +++ b/tripleo_ansible/roles/tripleo-packages/molecule/external_upgrade/playbook.yml @@ -0,0 +1,26 @@ +--- +# Copyright 2019 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +- name: Converge + hosts: all + vars: + step: 1 + tasks: + - name: Import TripleO packages role + include_role: + name: tripleo-packages + tasks_from: external_upgrade.yml diff --git a/tripleo_ansible/roles/tripleo-packages/molecule/external_upgrade/prepare.yml b/tripleo_ansible/roles/tripleo-packages/molecule/external_upgrade/prepare.yml new file mode 100644 index 000000000..ef85c3128 --- /dev/null +++ b/tripleo_ansible/roles/tripleo-packages/molecule/external_upgrade/prepare.yml @@ -0,0 +1,21 @@ +--- +# Copyright 2019 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +- name: Prepare + hosts: all + roles: + - role: test_deps diff --git a/tripleo_ansible/roles/tripleo-packages/molecule/ffu/Dockerfile b/tripleo_ansible/roles/tripleo-packages/molecule/ffu/Dockerfile new file mode 100644 index 000000000..1b91a0e0b --- /dev/null +++ b/tripleo_ansible/roles/tripleo-packages/molecule/ffu/Dockerfile @@ -0,0 +1,37 @@ +# Molecule managed +# Copyright 2019 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +{% if item.registry is defined %} +FROM {{ item.registry.url }}/{{ item.image }} +{% else %} +FROM {{ item.image }} +{% endif %} + +RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \ + elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash {{ item.pkg_extras | default('') }} && dnf clean all; \ + elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl python-setuptools bash {{ item.pkg_extras | default('') }} && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \ + elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml {{ item.pkg_extras | default('') }} && zypper clean -a; \ + elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates {{ item.pkg_extras | default('') }}; \ + elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates {{ item.pkg_extras | default('') }} && xbps-remove -O; fi + +{% for pkg in item.easy_install | default([]) %} +# install pip for centos where there is no python-pip rpm in default repos +RUN easy_install {{ pkg }} +{% endfor %} + + +CMD ["sh", "-c", "while true; do sleep 10000; done"] diff --git a/tripleo_ansible/roles/tripleo-packages/molecule/ffu/molecule.yml b/tripleo_ansible/roles/tripleo-packages/molecule/ffu/molecule.yml new file mode 100644 index 000000000..4e21e8195 --- /dev/null +++ b/tripleo_ansible/roles/tripleo-packages/molecule/ffu/molecule.yml @@ -0,0 +1,68 @@ +--- +driver: + name: docker + +log: true + +platforms: + - name: centos7 + hostname: centos7 + image: centos:7 + dockerfile: Dockerfile + pkg_extras: python-setuptools + easy_install: + - pip + environment: &env + http_proxy: "{{ lookup('env', 'http_proxy') }}" + https_proxy: "{{ lookup('env', 'https_proxy') }}" + command: /sbin/init + tmpfs: + - /run + - /tmp + capabilities: + - ALL + volumes: + - /dev:/dev + - /lib/modules:/lib/modules + + - name: fedora28 + hostname: fedora28 + image: fedora:28 + dockerfile: Dockerfile + pkg_extras: python*-setuptools + environment: + http_proxy: "{{ lookup('env', 'http_proxy') }}" + https_proxy: "{{ lookup('env', 'https_proxy') }}" + command: /sbin/init + privileged: true + tmpfs: + - /run + - /tmp + capabilities: + - ALL + volumes: + - /dev:/dev + - /lib/modules:/lib/modules + +provisioner: + name: ansible + log: true + env: + ANSIBLE_STDOUT_CALLBACK: yaml + +scenario: + test_sequence: + - destroy + - create + - prepare + - converge + - verify + - destroy + +lint: + enabled: false + +verifier: + name: testinfra + lint: + name: flake8 diff --git a/tripleo_ansible/roles/tripleo-packages/molecule/ffu/playbook.yml b/tripleo_ansible/roles/tripleo-packages/molecule/ffu/playbook.yml new file mode 100644 index 000000000..fab9dcbff --- /dev/null +++ b/tripleo_ansible/roles/tripleo-packages/molecule/ffu/playbook.yml @@ -0,0 +1,31 @@ +--- +# Copyright 2019 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +- name: Converge + hosts: all + vars: + step: 3 + tasks: + - name: Import TripleO packages role + include_role: + name: tripleo-packages + tasks_from: fast_forward_upgrade.yml + + - name: Import TripleO packages role + include_role: + name: tripleo-packages + tasks_from: fast_forward_post_upgrade.yml diff --git a/tripleo_ansible/roles/tripleo-packages/molecule/ffu/prepare.yml b/tripleo_ansible/roles/tripleo-packages/molecule/ffu/prepare.yml new file mode 100644 index 000000000..ef85c3128 --- /dev/null +++ b/tripleo_ansible/roles/tripleo-packages/molecule/ffu/prepare.yml @@ -0,0 +1,21 @@ +--- +# Copyright 2019 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +- name: Prepare + hosts: all + roles: + - role: test_deps diff --git a/tripleo_ansible/roles/tripleo-packages/molecule/update/Dockerfile b/tripleo_ansible/roles/tripleo-packages/molecule/update/Dockerfile new file mode 100644 index 000000000..1b91a0e0b --- /dev/null +++ b/tripleo_ansible/roles/tripleo-packages/molecule/update/Dockerfile @@ -0,0 +1,37 @@ +# Molecule managed +# Copyright 2019 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +{% if item.registry is defined %} +FROM {{ item.registry.url }}/{{ item.image }} +{% else %} +FROM {{ item.image }} +{% endif %} + +RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \ + elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash {{ item.pkg_extras | default('') }} && dnf clean all; \ + elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl python-setuptools bash {{ item.pkg_extras | default('') }} && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \ + elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml {{ item.pkg_extras | default('') }} && zypper clean -a; \ + elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates {{ item.pkg_extras | default('') }}; \ + elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates {{ item.pkg_extras | default('') }} && xbps-remove -O; fi + +{% for pkg in item.easy_install | default([]) %} +# install pip for centos where there is no python-pip rpm in default repos +RUN easy_install {{ pkg }} +{% endfor %} + + +CMD ["sh", "-c", "while true; do sleep 10000; done"] diff --git a/tripleo_ansible/roles/tripleo-packages/molecule/update/molecule.yml b/tripleo_ansible/roles/tripleo-packages/molecule/update/molecule.yml new file mode 100644 index 000000000..6b84c79a7 --- /dev/null +++ b/tripleo_ansible/roles/tripleo-packages/molecule/update/molecule.yml @@ -0,0 +1,76 @@ +--- +driver: + name: docker + +log: true + +platforms: + - name: centos7 + hostname: centos7 + image: centos:7 + dockerfile: Dockerfile + pkg_extras: python-setuptools + easy_install: + - pip + environment: &env + http_proxy: "{{ lookup('env', 'http_proxy') }}" + https_proxy: "{{ lookup('env', 'https_proxy') }}" + command: >- + /sbin/init && + /bin/mkdir -p /var/run/dbus && + /usr/bin/dbus-uuidgen > /var/lib/dbus/machine-id && + /usr/bin/dbus-daemon --config-file=/usr/share/dbus-1/system.conf + tmpfs: + - /run + - /tmp + capabilities: + - ALL + volumes: + - /dev:/dev + - /lib/modules:/lib/modules + + - name: fedora28 + hostname: fedora28 + image: fedora:28 + dockerfile: Dockerfile + pkg_extras: python*-setuptools + environment: + http_proxy: "{{ lookup('env', 'http_proxy') }}" + https_proxy: "{{ lookup('env', 'https_proxy') }}" + command: >- + /sbin/init && + /bin/mkdir -p /var/run/dbus && + /usr/bin/dbus-uuidgen > /var/lib/dbus/machine-id && + /usr/bin/dbus-daemon --config-file=/usr/share/dbus-1/system.conf + privileged: true + tmpfs: + - /run + - /tmp + capabilities: + - ALL + volumes: + - /dev:/dev + - /lib/modules:/lib/modules + +provisioner: + name: ansible + log: true + env: + ANSIBLE_STDOUT_CALLBACK: yaml + +scenario: + test_sequence: + - destroy + - create + - prepare + - converge + - verify + - destroy + +lint: + enabled: false + +verifier: + name: testinfra + lint: + name: flake8 diff --git a/tripleo_ansible/roles/tripleo-packages/molecule/update/playbook.yml b/tripleo_ansible/roles/tripleo-packages/molecule/update/playbook.yml new file mode 100644 index 000000000..cd30ad2e4 --- /dev/null +++ b/tripleo_ansible/roles/tripleo-packages/molecule/update/playbook.yml @@ -0,0 +1,26 @@ +--- +# Copyright 2019 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +- name: Converge + hosts: all + vars: + step: 3 + tasks: + - name: Import TripleO packages role + include_role: + name: tripleo-packages + tasks_from: update.yml diff --git a/tripleo_ansible/roles/tripleo-packages/molecule/update/prepare.yml b/tripleo_ansible/roles/tripleo-packages/molecule/update/prepare.yml new file mode 100644 index 000000000..ef85c3128 --- /dev/null +++ b/tripleo_ansible/roles/tripleo-packages/molecule/update/prepare.yml @@ -0,0 +1,21 @@ +--- +# Copyright 2019 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +- name: Prepare + hosts: all + roles: + - role: test_deps diff --git a/tripleo_ansible/roles/tripleo-packages/molecule/upgrade/Dockerfile b/tripleo_ansible/roles/tripleo-packages/molecule/upgrade/Dockerfile new file mode 100644 index 000000000..1b91a0e0b --- /dev/null +++ b/tripleo_ansible/roles/tripleo-packages/molecule/upgrade/Dockerfile @@ -0,0 +1,37 @@ +# Molecule managed +# Copyright 2019 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +{% if item.registry is defined %} +FROM {{ item.registry.url }}/{{ item.image }} +{% else %} +FROM {{ item.image }} +{% endif %} + +RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \ + elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash {{ item.pkg_extras | default('') }} && dnf clean all; \ + elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl python-setuptools bash {{ item.pkg_extras | default('') }} && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \ + elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml {{ item.pkg_extras | default('') }} && zypper clean -a; \ + elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates {{ item.pkg_extras | default('') }}; \ + elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates {{ item.pkg_extras | default('') }} && xbps-remove -O; fi + +{% for pkg in item.easy_install | default([]) %} +# install pip for centos where there is no python-pip rpm in default repos +RUN easy_install {{ pkg }} +{% endfor %} + + +CMD ["sh", "-c", "while true; do sleep 10000; done"] diff --git a/tripleo_ansible/roles/tripleo-packages/molecule/upgrade/molecule.yml b/tripleo_ansible/roles/tripleo-packages/molecule/upgrade/molecule.yml new file mode 100644 index 000000000..f356316cf --- /dev/null +++ b/tripleo_ansible/roles/tripleo-packages/molecule/upgrade/molecule.yml @@ -0,0 +1,68 @@ +--- +driver: + name: docker + +log: true + +platforms: + - name: centos7 + hostname: centos7 + image: centos:7 + dockerfile: Dockerfile + pkg_extras: python-setuptools openvswitch numactl-libs* unbound-libs* + easy_install: + - pip + environment: &env + http_proxy: "{{ lookup('env', 'http_proxy') }}" + https_proxy: "{{ lookup('env', 'https_proxy') }}" + command: /sbin/init + tmpfs: + - /run + - /tmp + capabilities: + - ALL + volumes: + - /dev:/dev + - /lib/modules:/lib/modules + + - name: fedora28 + hostname: fedora28 + image: fedora:28 + dockerfile: Dockerfile + pkg_extras: python*-setuptools openvswitch 'dnf-command(download)' unbound-libs* + environment: + http_proxy: "{{ lookup('env', 'http_proxy') }}" + https_proxy: "{{ lookup('env', 'https_proxy') }}" + command: /sbin/init + privileged: true + tmpfs: + - /run + - /tmp + capabilities: + - ALL + volumes: + - /dev:/dev + - /lib/modules:/lib/modules + +provisioner: + name: ansible + log: true + env: + ANSIBLE_STDOUT_CALLBACK: yaml + +scenario: + test_sequence: + - destroy + - create + - prepare + - converge + - verify + - destroy + +lint: + enabled: false + +verifier: + name: testinfra + lint: + name: flake8 diff --git a/tripleo_ansible/roles/tripleo-packages/molecule/upgrade/playbook.yml b/tripleo_ansible/roles/tripleo-packages/molecule/upgrade/playbook.yml new file mode 100644 index 000000000..d11e11a4b --- /dev/null +++ b/tripleo_ansible/roles/tripleo-packages/molecule/upgrade/playbook.yml @@ -0,0 +1,47 @@ +--- +# Copyright 2019 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +- name: Converge + hosts: all + tasks: + - name: Import TripleO packages role (step|0) + include_role: + name: tripleo-packages + tasks_from: upgrade.yml + vars: + step: 0 + + - name: Import TripleO packages role (step|2) + include_role: + name: tripleo-packages + tasks_from: upgrade.yml + vars: + step: 2 + + - name: Import TripleO packages role (step|3) + include_role: + name: tripleo-packages + tasks_from: upgrade.yml + vars: + step: 3 + + - name: Import TripleO packages role (step|4) + include_role: + name: tripleo-packages + tasks_from: upgrade.yml + vars: + step: 4 diff --git a/tripleo_ansible/roles/tripleo-packages/molecule/upgrade/prepare.yml b/tripleo_ansible/roles/tripleo-packages/molecule/upgrade/prepare.yml new file mode 100644 index 000000000..ef85c3128 --- /dev/null +++ b/tripleo_ansible/roles/tripleo-packages/molecule/upgrade/prepare.yml @@ -0,0 +1,21 @@ +--- +# Copyright 2019 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +- name: Prepare + hosts: all + roles: + - role: test_deps diff --git a/tripleo_ansible/roles/tripleo-packages/tasks/external_upgrade.yml b/tripleo_ansible/roles/tripleo-packages/tasks/external_upgrade.yml new file mode 100644 index 000000000..3bcdb491f --- /dev/null +++ b/tripleo_ansible/roles/tripleo-packages/tasks/external_upgrade.yml @@ -0,0 +1,33 @@ +--- +# Copyright 2019 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +- name: Clean up upgrade artifacts + when: + - (step | int) == 1 + tags: + - never + - system_upgrade_cleanup + block: + - name: cleanup tripleo_persist + include_role: + name: tripleo-persist + tasks_from: cleanup.yml + + - name: cleanup tripleo_transfer + include_role: + name: tripleo-transfer + tasks_from: cleanup.yml diff --git a/tripleo_ansible/roles/tripleo-packages/tasks/fast_forward_post_upgrade.yml b/tripleo_ansible/roles/tripleo-packages/tasks/fast_forward_post_upgrade.yml new file mode 100644 index 000000000..8ff2713cd --- /dev/null +++ b/tripleo_ansible/roles/tripleo-packages/tasks/fast_forward_post_upgrade.yml @@ -0,0 +1,56 @@ +--- +# Copyright 2019 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +- name: Debug fast forward upgrade repo variables + debug: + var: "{{ item }}" + loop: + - tripleo_packages_fast_forward_repo_type + - tripleo_packages_fast_forward_repo_args + when: + - (step | int) == 3 + +- when: + - is_bootstrap_node|bool + - tripleo_packages_fast_forward_repo_type == 'tripleo-repos' + block: + - name: clone tripleo-repos + git: + repo: https://github.com/openstack/tripleo-repos.git + dest: /home/stack/tripleo-repos/ + version: master + + - name: install tripleo-repos + command: python setup.py install + args: + chdir: /home/stack/tripleo-repos/ + + - name: Enable tripleo-repos + command: "tripleo-repos {{ tripleo_packages_fast_forward_repo_args['tripleo_repos'][tripleo_release] }}" + +- when: + - is_bootstrap_node|bool + - tripleo_packages_fast_forward_repo_type == 'custom-script' + block: + - name: Create custom Script for upgrading repo. + copy: + dest: /root/ffu_update_repo.sh + content: "{{ tripleo_packages_fast_forward_custom_repo_script_content }}" + mode: 0700 + + - name: Execute custom script for upgrading repo. + shell: "/root/ffu_update_repo.sh {{ tripleo_release }}" diff --git a/tripleo_ansible/roles/tripleo-packages/tasks/fast_forward_upgrade.yml b/tripleo_ansible/roles/tripleo-packages/tasks/fast_forward_upgrade.yml new file mode 100644 index 000000000..484ee1c39 --- /dev/null +++ b/tripleo_ansible/roles/tripleo-packages/tasks/fast_forward_upgrade.yml @@ -0,0 +1,62 @@ +--- +# Copyright 2019 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +- name: set is_bootstrap_node fact + set_fact: + is_bootstrap_node: "{{ tripleo_packages_short_bootstrap_node_name|lower == ansible_hostname|lower }}" + +- name: Debug fast forward upgrade repo variables + debug: + var: "{{ item }}" + loop: + - tripleo_packages_fast_forward_repo_type + - tripleo_packages_fast_forward_repo_args + when: + - (step | int) == 3 + +- when: + - (step | int) == 3 + - is_bootstrap_node|bool + - tripleo_packages_fast_forward_repo_type == 'tripleo-repos' + block: + - name: clone tripleo-repos + git: + repo: https://github.com/openstack/tripleo-repos.git + dest: /home/stack/tripleo-repos/ + version: master + + - name: install tripleo-repos + command: python setup.py install + args: + chdir: /home/stack/tripleo-repos/ + + - name: Enable tripleo-repos + command: "tripleo-repos {{ tripleo_packages_fast_forward_repo_args.tripleo_repos[tripleo_release] }}" + +- when: + - (step | int) == 3 + - is_bootstrap_node|bool + - tripleo_packages_fast_forward_repo_type == 'custom-script' + block: + - name: Create custom Script for upgrading repo. + copy: + dest: /root/ffu_update_repo.sh + content: "{{ tripleo_packages_fast_forward_custom_repo_script_content }}" + mode: 0700 + + - name: Execute custom script for upgrading repo. + shell: "/root/ffu_update_repo.sh {{ tripleo_release }}" diff --git a/tripleo_ansible/roles/tripleo-packages/tasks/update.yml b/tripleo_ansible/roles/tripleo-packages/tasks/update.yml new file mode 100644 index 000000000..07cbc0f35 --- /dev/null +++ b/tripleo_ansible/roles/tripleo-packages/tasks/update.yml @@ -0,0 +1,41 @@ +--- +# Copyright 2019 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +- name: Check for existing yum.pid + stat: + path: /var/run/yum.pid + register: yum_pid_file + when: + - ((step | int) == 0) or ((step | int) == 3) + +- name: Exit if existing yum process + fail: + msg: >- + ERROR existing yum.pid detected - can't continue! Please ensure there is no other + package update process for the duration of the minor update worfklow. Exiting. + when: + - (((step | int) == 0) or ((step | int) == 3)) and (yum_pid_file.stat.exists | bool) + +# Ansbile cannot upgrade itself as it will cause the current execution to fail. +# https://github.com/ansible/ansible/issues/56636 +- name: Update all packages + when: step|int == 3 + package: + name: '*' + state: latest + exclude: ansible + notify: start openvswitch diff --git a/tripleo_ansible/roles/tripleo-packages/tasks/upgrade.yml b/tripleo_ansible/roles/tripleo-packages/tasks/upgrade.yml new file mode 100644 index 000000000..9f0383abd --- /dev/null +++ b/tripleo_ansible/roles/tripleo-packages/tasks/upgrade.yml @@ -0,0 +1,333 @@ +--- +# Copyright 2019 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +- name: system_upgrade_prepare step 3 + when: (step | int) == 3 + tags: + - never + - system_upgrade + - system_upgrade_prepare + block: + - name: remove all OpenStack packages + shell: |- + yum -y remove *el7ost* -- \ + -*openvswitch* \ + -python2-babel \ + -python2-dateutil \ + -python2-ipaddress \ + -python2-jinja2 \ + -python2-markupsafe \ + -python2-six + when: + - upgrade_leapp_enabled | bool + + - name: install leapp + package: + name: leapp + state: latest + when: + - upgrade_leapp_enabled | bool + +- name: system_upgrade_prepare step 4 + when: (step | int) == 4 + tags: + - never + - system_upgrade + - system_upgrade_prepare + block: + - name: run leapp upgrade (download packages) + shell: >- + {% if upgrade_leapp_devel_skip_rhsm|default(false) %}LEAPP_DEVEL_SKIP_RHSM=1{% endif %} + leapp upgrade + {% if upgrade_leapp_debug|default(true) %}--debug{% endif %} + when: + - upgrade_leapp_enabled | bool + +- name: system_upgrade_run step 4 + when: + - (step | int) == 4 + tags: + - never + - system_upgrade + - system_upgrade_run + # In case someone needs to re-run system_upgrade_run post-tasks + # but doesn't want to reboot, they can run with + # `--skip-tags system_upgrade_reboot`. + - system_upgrade_reboot + block: + - name: reboot to perform the upgrade + reboot: + reboot_timeout: "{{ upgrade_leapp_reboot_timeout }}" + when: + - upgrade_leapp_enabled | bool + +- name: Package and repo update tasks + when: + - (step | int) == 0 + block: + - name: Run UpgradeInitCommand + shell: |- + set -o pipefail + if [[ -f /etc/resolv.conf.save ]]; then + rm /etc/resolv.conf.save + fi + {{ tripleo_packages_upgrade_init_command }} + args: + executable: /bin/bash + - name: Run UpgradeInitCommonCommand + shell: |- + set -o pipefail + {{ tripleo_packages_upgrade_init_common_command }} + args: + executable: /bin/bash + when: + - (tripleo_packages_upgrade_init_common_command | length) > 0 + - name: Ensure TripleO prerequisite packages are installed + package: + name: + - jq + - lvm2 + - net-snmp + - openstack-selinux + - os-net-config + - pacemaker + - pcs + - puppet-tripleo + - python3-heat-agent* + state: present + when: + - ansible_distribution_major_version == '8' + +# With the layered product packaging, the key package is rhosp-openvswitch. It depends on +# a openvswitch package that includes the version as part of the name (e.g openvswitch2.10). +# This requires some additional special handling: +# - During an upgrade the package name for openvswitch may change so +# upgrading the currently installed package won't do anything. +# - The rhosp-openvswitch package "obsoletes" several packages, +# including older openvswitch packages. This results in a pretty +# severe uninstall/install sequence of operations that stops and +# removes openvswitch which could break network links required to +# continue the upgrade. +# - To prevent rhosp-openvswitch breaking connectivity, the currently +# installed core openvswitch packages need to be erased from the rpm +# database but leave the binaries intact. This effectively +# short-circuits the obsoletes mechanism in rhosp-openvswitch and +# leaves the core elements of openvswitch running. In the future we +# may replace this mechanism with "an upgrade on reboot". We only +# do this for the core openvswitch packages so other packages +# obsoleted by rhosp-openvswitch will be removed when +# rhosp-openvswitch is installed/upgraded. +# - Neither the rhosp-openvswitch nor openvswitch{m.n} package enables +# or starts the systemd service so there must always be a task +# to ensure that it is enabled or OpenvSwitch functionality won't be +# available on reboot. +# - With LP, we expect that the core openvswitch package name will +# change with every major upgrade so this special handling will +# eventually replace the special handling of upgrading the +# openvswitch package "in place" +- name: Block for gathering information for upgrading OpenvSwitch layered product packaging + when: (step | int) == 2 + block: + - name: Process rhosp-openvswitch layered package for new version number + shell: |- + set -o pipefail + yum info -q rhosp-openvswitch | awk '/^Version/{print $NF}' + register: rhosp_package_result + ignore_errors: true + + - name: Set fact for triggering OpenvSwitch layered product package handling + set_fact: + ovs_lp_packaging: "{{ rhosp_package_result.rc == 0 }}" + + - name: Capture the expected OpenvSwitch version. + set_fact: + new_ovs_version: "{{ rhosp_package_result.stdout }}" + when: + - ovs_lp_packaging | default(false) + + - name: Get current OpenvSwitch package name + register: ovs_pkg_out + shell: |- + set -o pipefail + rpm -qa | awk -F- '/^(openvswitch[0-9]+\.[0-9]+-|openvswitch-2)/{print $1}' + + - name: Get version from current OpenvSwitch package + register: ovs_version_out + shell: |- + set -o pipefail + rpm -qi "{{ ovs_pkg_out.stdout }}" | awk '/^Version/{print $NF}' + + - name: split numeric version for OpenvSwitch into parts + set_fact: + ovs_version_parts: "{{ ovs_version_out.stdout.split('.') }}" + + - name: get major minor version for OpenvSwitch package naming + set_fact: + current_ovs_version: "{{ ovs_version_parts[0] }}.{{ ovs_version_parts[1] }}" + + - name: get OpenvSwitch major version + set_fact: + current_ovs_major_version: "{{ ovs_version_parts[0]|int }}" + + - name: get OpenvSwitch minor version + set_fact: + current_ovs_minor_version: "{{ ovs_version_parts[1]|int }}" + +- name: Block for upgrading OpenvSwitch when layer package is present + when: + - (step | int) == 2 + - ovs_lp_packaging | default(false) + block: + - name: set current OpenvSwitch package suffix if old version is layered product format + set_fact: + package_suffix: "{{ current_ovs_version }}" + when: + - ((current_ovs_major_version | int) >= 3) or + ((current_ovs_minor_version | int) >= 10) + + - name: remove old OpenvSwitch package(s) if version doesn't match + shell: |- + rpm -e --noscripts \ + --nopreun \ + --nopostun \ + --notriggers \ + --nodeps $(rpm -qa 'openvswitch{{ package_suffix|default('') }}*' | grep -v 'selinux') + args: + warn: false + when: + - new_ovs_version != current_ovs_version + + - name: install/upgrade OpenvSwitch LP package + package: + name: rhosp-openvswitch + state: latest + notify: start openvswitch + + - name: set flag to skip other upgrade steps since OpenvSwitch is already upgraded! + set_fact: + run_ovs_update: false + +- name: Check for openvswitch upgrade if not layered package installs + when: + - (step | int) == 2 + - run_ovs_update|default(true) + block: + - name: check if an upgrade is required + register: ovs_need_upgrade + ignore_errors: true + shell: | + yum check-upgrade openvswitch | awk '/openvswitch/{print}' + + - name: Check openvswitch packaging. + shell: |- + set -o pipefail + rpm -q --scripts openvswitch | awk '/postuninstall/,/*/' | grep -q "systemctl.*try-restart" + register: ovs_packaging_issue + ignore_errors: true + +- name: Upgrade openvswitch + when: + - (step | int) == 2 + - run_ovs_update | default(true) + - ovs_packaging_issue is success + - ovs_need_upgrade.stdout | default('') + block: + - name: "Ensure empty directory: emptying." + file: + state: absent + path: /root/OVS_UPGRADE + + - name: "Ensure empty directory: creating." + file: + state: directory + path: /root/OVS_UPGRADE + owner: root + group: root + mode: 0750 + + - name: Make yum cache. + command: yum makecache + + - name: Download OVS packages + shell: |- + if command -v yumdownloader; then + yumdownloader --destdir /root/OVS_UPGRADE --resolve openvswitch + else + dnf download --destdir /root/OVS_UPGRADE --resolve openvswitch + fi + + - name: Get rpm list for manual upgrade of OVS. + shell: ls -1 /root/OVS_UPGRADE/*.rpm + register: ovs_list_of_rpms + + - name: Manual upgrade of OVS + shell: | + rpm -U --replacepkgs --notriggerun --nopostun {{ item }} + args: + chdir: /root/OVS_UPGRADE + loop: "{{ ovs_list_of_rpms.stdout_lines }}" + notify: "start openvswitch" + +- name: Install libibverbs (https://bugs.launchpad.net/tripleo/+bug/1817743) + when: + - (step | int) == 2 + package: + name: libibverbs + state: installed + +- name: Check for os-net-config upgrade + shell: |- + set -o pipefail + yum check-upgrade | awk '/os-net-config/{print}' + ignore_errors: true + register: os_net_config_need_upgrade + when: + - (step | int) == 3 + +- name: Check that os-net-config has configuration + shell: test -s /etc/os-net-config/config.json + register: os_net_config_has_config + ignore_errors: true + when: + - (step | int) == 3 + +- name: os-net-config block + when: + - (step | int) == 3 + - os_net_config_need_upgrade.rc == 0 + - (os_net_config_need_upgrade.stdout | length) > 0 + - os_net_config_has_config.rc == 0 + block: + - name: Upgrade os-net-config + package: + name: os-net-config + state: latest + + - name: take new os-net-config parameters into account now + command: os-net-config --no-activate -c /etc/os-net-config/config.json -v --detailed-exit-codes + register: os_net_config_upgrade + failed_when: os_net_config_upgrade.rc not in [0,2] + changed_when: os_net_config_upgrade.rc == 2 + +# Ansbile cannot upgrade itself as it will cause the current execution to fail. +# https://github.com/ansible/ansible/issues/56636 +- name: Update all packages + when: (step | int) == 3 + yum: + name: '*' + state: latest + exclude: ansible diff --git a/zuul.d/molecule.yaml b/zuul.d/molecule.yaml index 69a3d96d5..5ceaf6c79 100644 --- a/zuul.d/molecule.yaml +++ b/zuul.d/molecule.yaml @@ -35,7 +35,7 @@ - tripleo-ansible-centos-7-molecule-tripleo-validations-package - tripleo-ansible-centos-7-molecule-tripleo-sshd - tripleo-ansible-centos-7-molecule-backup-and-restore - + - tripleo-ansible-centos-7-molecule-tripleo-packages gate: jobs: - tripleo-ansible-centos-7-molecule-aide @@ -71,6 +71,7 @@ - tripleo-ansible-centos-7-molecule-tripleo-validations-package - tripleo-ansible-centos-7-molecule-tripleo-sshd - tripleo-ansible-centos-7-molecule-backup-and-restore + - tripleo-ansible-centos-7-molecule-tripleo-packages name: tripleo-ansible-molecule-jobs - job: files: @@ -312,3 +313,10 @@ parent: tripleo-ansible-centos-7-base vars: tripleo_role_name: backup-and-restore +- job: + files: + - ^tripleo_ansible/roles/tripleo-packages/.* + name: tripleo-ansible-centos-7-molecule-tripleo-packages + parent: tripleo-ansible-centos-7-base + vars: + tripleo_role_name: tripleo-packages