Create post-deploy.conf on update/upgrade for octavia
Containers are restarted with new command lines during upgrade/updates
before the external_deploy_task are run that create a configuration file
that is used on the command line. This results in octavia services
failing to start.
Note: this was originally merged as:
https://review.opendev.org/#/c/750986/
but the OctaviaBase references in templates was incorrect so the
original patch was reverted through:
https://review.opendev.org/#/c/763561/
As the original patch had not been backported, it makes more sense to
revert and get a correct fix in place and backport that instead of
requiring backporting a series or backporting a squashed commit.
Conflicts:
deployment/octavia/octavia-api-container-puppet.yaml
deployment/octavia/octavia-housekeeping-container-puppet.yaml
Change-Id: Ib3476e53f89b50bae72b9c95a5d3dec51ed3de7e
Related-Bug: #1863595
(cherry picked from commit 6c11a949fc
)
This commit is contained in:
parent
28ae385579
commit
2b01176450
|
@ -402,49 +402,64 @@ outputs:
|
||||||
content: |
|
content: |
|
||||||
d /var/run/octavia 0755 root root - -
|
d /var/run/octavia 0755 root root - -
|
||||||
update_tasks:
|
update_tasks:
|
||||||
- name: Set internal tls variable
|
list_concat:
|
||||||
set_fact:
|
- {get_attr: [OctaviaBase, role_data, update_tasks]}
|
||||||
internal_tls_enabled: {get_param: EnableInternalTLS}
|
- - name: octavia_api_tmpfile_cleanup
|
||||||
- name: remove TLS proxy if configured and running
|
when: step|int == 1
|
||||||
when:
|
block: &octavia_api_tmpfile_cleanup
|
||||||
- step|int == 2
|
- name: octavia_api_tmpfile_cleanup
|
||||||
- internal_tls_enabled|bool
|
|
||||||
block: &remove_octavia_tls_proxy_tasks
|
|
||||||
- name: stop and remove octavia_api_tls_proxy container if docker
|
|
||||||
docker:
|
|
||||||
name: octavia_api_tls_proxy
|
|
||||||
state: absent
|
|
||||||
when: container_cli == 'docker'
|
|
||||||
- name: "check if tripleo_octavia_api_tls_proxy service exists in systemd"
|
|
||||||
stat:
|
|
||||||
path: "/etc/systemd/system/tripleo_octavia_api_tls_proxy.service"
|
|
||||||
register: systemd_exists
|
|
||||||
- name: Remove tripleo_octavia_api_tls_proxy service
|
|
||||||
when:
|
|
||||||
- container_cli == 'podman'
|
|
||||||
- systemd_exists.stat.exists
|
|
||||||
block:
|
|
||||||
- name: stop and disable octavia_api_tls_proxy container
|
|
||||||
systemd:
|
|
||||||
name: tripleo_octavia_api_tls_proxy
|
|
||||||
state: stopped
|
|
||||||
enabled: no
|
|
||||||
- name: clean up tripleo service file for octavia_api_tls_proxy
|
|
||||||
file:
|
file:
|
||||||
|
path: /etc/tmpfiles.d/var-run-octavia.conf
|
||||||
state: absent
|
state: absent
|
||||||
|
- name: Set internal tls variable
|
||||||
|
set_fact:
|
||||||
|
internal_tls_enabled: {get_param: EnableInternalTLS}
|
||||||
|
- name: remove TLS proxy if configured and running
|
||||||
|
when:
|
||||||
|
- step|int == 2
|
||||||
|
- internal_tls_enabled|bool
|
||||||
|
block: &remove_octavia_tls_proxy_tasks
|
||||||
|
- name: stop and remove octavia_api_tls_proxy container if docker
|
||||||
|
docker:
|
||||||
|
name: octavia_api_tls_proxy
|
||||||
|
state: absent
|
||||||
|
when: container_cli == 'docker'
|
||||||
|
- name: "check if tripleo_octavia_api_tls_proxy service exists in systemd"
|
||||||
|
stat:
|
||||||
path: "/etc/systemd/system/tripleo_octavia_api_tls_proxy.service"
|
path: "/etc/systemd/system/tripleo_octavia_api_tls_proxy.service"
|
||||||
- name: reload systemd
|
register: systemd_exists
|
||||||
systemd:
|
- name: Remove tripleo_octavia_api_tls_proxy service
|
||||||
daemon-reload: yes
|
when:
|
||||||
|
- container_cli == 'podman'
|
||||||
|
- systemd_exists.stat.exists
|
||||||
|
block:
|
||||||
|
- name: stop and disable octavia_api_tls_proxy container
|
||||||
|
systemd:
|
||||||
|
name: tripleo_octavia_api_tls_proxy
|
||||||
|
state: stopped
|
||||||
|
enabled: no
|
||||||
|
- name: clean up tripleo service file for octavia_api_tls_proxy
|
||||||
|
file:
|
||||||
|
state: absent
|
||||||
|
path: "/etc/systemd/system/tripleo_octavia_api_tls_proxy.service"
|
||||||
|
- name: reload systemd
|
||||||
|
systemd:
|
||||||
|
daemon-reload: yes
|
||||||
|
|
||||||
upgrade_tasks:
|
upgrade_tasks:
|
||||||
- name: Set internal tls variable
|
list_concat:
|
||||||
set_fact:
|
- {get_attr: [OctaviaBase, role_data, upgrade_tasks]}
|
||||||
internal_tls_enabled: {get_param: EnableInternalTLS}
|
- - name: octavia_api_tmpfile_cleanup
|
||||||
- name: remove TLS proxy if configured and running
|
when: step|int == 1
|
||||||
when:
|
block: *octavia_api_tmpfile_cleanup
|
||||||
- step|int == 2
|
- name: Set internal tls variable
|
||||||
- internal_tls_enabled|bool
|
set_fact:
|
||||||
block: *remove_octavia_tls_proxy_tasks
|
internal_tls_enabled: {get_param: EnableInternalTLS}
|
||||||
|
- name: remove TLS proxy if configured and running
|
||||||
|
when:
|
||||||
|
- step|int == 2
|
||||||
|
- internal_tls_enabled|bool
|
||||||
|
block: *remove_octavia_tls_proxy_tasks
|
||||||
external_upgrade_tasks:
|
external_upgrade_tasks:
|
||||||
- when:
|
- when:
|
||||||
- step|int == 1
|
- step|int == 1
|
||||||
|
|
|
@ -288,3 +288,20 @@ outputs:
|
||||||
- octavia_client_cert_unset
|
- octavia_client_cert_unset
|
||||||
- {}
|
- {}
|
||||||
- octavia::certificates::client_cert_data: {get_param: OctaviaClientCert}
|
- octavia::certificates::client_cert_data: {get_param: OctaviaClientCert}
|
||||||
|
update_tasks: &ensure_start_up_files
|
||||||
|
- name: make sure that post-deploy.conf exists before restarting containers on update or upgrade
|
||||||
|
when: step|int == 5
|
||||||
|
block:
|
||||||
|
- name: check for octavia post-deploy.conf file
|
||||||
|
stat:
|
||||||
|
path: /var/lib/config-data/puppet-generated/octavia/etc/octavia/post-deploy.conf
|
||||||
|
register: octavia_post_deploy_stat
|
||||||
|
- name: create an empty post-deploy.conf file if it does not exist
|
||||||
|
file:
|
||||||
|
path: /var/lib/config-data/puppet-generated/octavia/etc/octavia/post-deploy.conf
|
||||||
|
state: touch
|
||||||
|
setype: container_file_t
|
||||||
|
mode: '0755'
|
||||||
|
when:
|
||||||
|
- octavia_post_deploy_stat.exists is defined and not octavia_post_deploy_stat.exists
|
||||||
|
upgrade_tasks: *ensure_start_up_files
|
||||||
|
|
|
@ -195,7 +195,8 @@ outputs:
|
||||||
environment:
|
environment:
|
||||||
KOLLA_CONFIG_STRATEGY: COPY_ALWAYS
|
KOLLA_CONFIG_STRATEGY: COPY_ALWAYS
|
||||||
- {}
|
- {}
|
||||||
|
update_tasks: {get_attr: [OctaviaBase, role_data, update_tasks]}
|
||||||
|
upgrade_tasks: {get_attr: [OctaviaBase, role_data, upgrade_tasks]}
|
||||||
host_prep_tasks:
|
host_prep_tasks:
|
||||||
- name: create persistent directories
|
- name: create persistent directories
|
||||||
file:
|
file:
|
||||||
|
|
|
@ -147,6 +147,8 @@ outputs:
|
||||||
- /var/log/containers/octavia:/var/log/octavia:z
|
- /var/log/containers/octavia:/var/log/octavia:z
|
||||||
environment:
|
environment:
|
||||||
KOLLA_CONFIG_STRATEGY: COPY_ALWAYS
|
KOLLA_CONFIG_STRATEGY: COPY_ALWAYS
|
||||||
|
update_tasks: {get_attr: [OctaviaBase, role_data, update_tasks]}
|
||||||
|
upgrade_tasks: {get_attr: [OctaviaBase, role_data, upgrade_tasks]}
|
||||||
host_prep_tasks:
|
host_prep_tasks:
|
||||||
- name: create persistent directories
|
- name: create persistent directories
|
||||||
file:
|
file:
|
||||||
|
@ -156,7 +158,6 @@ outputs:
|
||||||
mode: "{{ item.mode }}"
|
mode: "{{ item.mode }}"
|
||||||
with_items:
|
with_items:
|
||||||
- { 'path': /var/log/containers/octavia, 'setype': svirt_sandbox_file_t, 'mode': '0750' }
|
- { 'path': /var/log/containers/octavia, 'setype': svirt_sandbox_file_t, 'mode': '0750' }
|
||||||
upgrade_tasks: []
|
|
||||||
external_upgrade_tasks:
|
external_upgrade_tasks:
|
||||||
- when:
|
- when:
|
||||||
- step|int == 1
|
- step|int == 1
|
||||||
|
|
|
@ -167,7 +167,8 @@ outputs:
|
||||||
name: virt_sandbox_use_netlink
|
name: virt_sandbox_use_netlink
|
||||||
persistent: yes
|
persistent: yes
|
||||||
state: yes
|
state: yes
|
||||||
upgrade_tasks: []
|
update_tasks: {get_attr: [OctaviaBase, role_data, update_tasks]}
|
||||||
|
upgrade_tasks: {get_attr: [OctaviaBase, role_data, upgrade_tasks]}
|
||||||
external_upgrade_tasks:
|
external_upgrade_tasks:
|
||||||
- when:
|
- when:
|
||||||
- step|int == 1
|
- step|int == 1
|
||||||
|
|
Loading…
Reference in New Issue