openstack/tripleo-heat-templates
Code Issues Proposed changes

Merge "Upgrade: make bundles use new container image name after upgrade"

Browse Source
This commit is contained in:
Zuul 2018-04-21 05:17:18 +00:00 committed by Gerrit Code Review
commit 34ef2efc6f
7 changed files with 306 additions and 87 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
docker/services/pacemaker/cinder-backup.yaml
View File

@ -221,7 +221,7 @@ outputs:
- name: Pull latest Cinder-Backup images
command: "docker pull {{docker_image}}"
- name: Get previous Cinder-Backup image id
shell: "docker images | awk '/cinder-backup.* pcmklatest/{print $3}'"
shell: "docker images | awk '/cinder-backup.* pcmklatest/{print $3}' | uniq"
register: cinder_backup_image_id
- block:
- name: Get a list of container using Cinder-Backup image
@ -242,7 +242,7 @@ outputs:
upgrade_tasks:
- name: Get docker Cinder-Backup image
set_fact:
docker_image_latest: *cinder_backup_image_pcmklatest
cinder_backup_docker_image_latest: *cinder_backup_image_pcmklatest
- name: Check for Cinder-Backup Kolla configuration
command: grep '^backup_driver[ \t]*=' /var/lib/config-data/puppet-generated/cinder/etc/cinder/cinder.conf
changed_when: no
@ -290,6 +290,46 @@ outputs:
until: output.rc == 0
- name: Disable cinder_backup service
service: name=openstack-cinder-backup enabled=no
- name: Prepare the switch to new cinder_backup container image name in pacemaker
when:
- step|int == 0
- cinder_backup_containerized|bool
block:
- name: Get cinder_backup image id currently used by pacemaker
shell: "docker images | awk '/cinder-backup.* pcmklatest/{print $3}' | uniq"
register: cinder_backup_current_pcmklatest_id
- name: Temporarily tag the current cinder_backup image id with the upgraded image name
shell: "docker tag {{cinder_backup_current_pcmklatest_id.stdout}} {{cinder_backup_docker_image_latest}}"
- name: Disable the cinder_backup cluster resource before container upgrade
when:
- step|int == 1
- cinder_backup_containerized|bool
- is_bootstrap_node
pacemaker_resource:
resource: openstack-cinder-backup
state: disable
wait_for_resource: true
register: output
retries: 5
until: output.rc == 0
- name: Update the cinder_backup bundle to use the new container image name
when:
- step|int == 1
- cinder_backup_containerized|bool
- is_bootstrap_node
command: "pcs resource bundle update openstack-cinder-backup container image={{cinder_backup_docker_image_latest}}"
- name: Enable the cinder_backup cluster resource
when:
- step|int == 1
- cinder_backup_containerized|bool
- is_bootstrap_node
pacemaker_resource:
resource: openstack-cinder-backup
state: enable
wait_for_resource: true
register: output
retries: 5
until: output.rc == 0
- name: Retag the pacemaker image if containerized
when:
- step|int == 3

44
docker/services/pacemaker/cinder-volume.yaml
View File

@ -244,7 +244,7 @@ outputs:
docker_image: {get_param: DockerCinderVolumeImage}
docker_image_latest: *cinder_volume_image_pcmklatest
- name: Get previous Cinder-Volume image id
shell: "docker images | awk '/cinder-volume.* pcmklatest/{print $3}'"
shell: "docker images | awk '/cinder-volume.* pcmklatest/{print $3}' | uniq"
register: cinder_volume_image_id
- block:
- name: Get a list of container using Cinder-Volume image
@ -267,7 +267,7 @@ outputs:
upgrade_tasks:
- name: Get docker Cinder-Volume image
set_fact:
docker_image_latest: *cinder_volume_image_pcmklatest
cinder_volume_docker_image_latest: *cinder_volume_image_pcmklatest
- name: Check for Cinder-Volume Kolla configuration
command: grep '^volume_driver[ \t]*=' /var/lib/config-data/puppet-generated/cinder/etc/cinder/cinder.conf
changed_when: no
@ -315,6 +315,46 @@ outputs:
until: output.rc == 0
- name: Disable cinder_volume service from boot
service: name=openstack-cinder-volume enabled=no
- name: Prepare the switch to new cinder_volume container image name in pacemaker
when:
- step|int == 0
- cinder_volume_containerized|bool
block:
- name: Get cinder_volume image id currently used by pacemaker
shell: "docker images | awk '/cinder-volume.* pcmklatest/{print $3}' | uniq"
register: cinder_volume_current_pcmklatest_id
- name: Temporarily tag the current cinder_volume image id with the upgraded image name
shell: "docker tag {{cinder_volume_current_pcmklatest_id.stdout}} {{cinder_volume_docker_image_latest}}"
- name: Disable the cinder_volume cluster resource before container upgrade
when:
- step|int == 1
- cinder_volume_containerized|bool
- is_bootstrap_node
pacemaker_resource:
resource: openstack-cinder-volume
state: disable
wait_for_resource: true
register: output
retries: 5
until: output.rc == 0
- name: Update the cinder_volume bundle to use the new container image name
when:
- step|int == 1
- cinder_volume_containerized|bool
- is_bootstrap_node
command: "pcs resource bundle update openstack-cinder-volume container image={{cinder_volume_docker_image_latest}}"
- name: Enable the cinder_volume cluster resource
when:
- step|int == 1
- cinder_volume_containerized|bool
- is_bootstrap_node
pacemaker_resource:
resource: openstack-cinder-volume
state: enable
wait_for_resource: true
register: output
retries: 5
until: output.rc == 0
- name: Retag the pacemaker image if containerized
when:
- step|int == 3

71
docker/services/pacemaker/database/mysql.yaml
View File

@ -302,7 +302,7 @@ outputs:
docker_image: {get_param: DockerMysqlImage}
docker_image_latest: *mysql_image_pcmklatest
- name: Get previous Mariadb image id
shell: "docker images | awk '/mariadb.* pcmklatest/{print $3}'"
shell: "docker images | awk '/mariadb.* pcmklatest/{print $3}' | uniq"
register: mariadb_image_id
- block:
- name: Get a list of container using Mariadb image
@ -325,7 +325,7 @@ outputs:
upgrade_tasks:
- name: Get docker Mysql image
set_fact:
docker_image_latest: *mysql_image_pcmklatest
mysql_docker_image_latest: *mysql_image_pcmklatest
- name: Check for Mysql Kolla configuration
stat:
path: /var/lib/config-data/puppet-generated/mysql
@ -376,6 +376,28 @@ outputs:
file: state=absent path=/etc/xinetd.d/galera-monitor
- name: Restart xinetd service after clustercheck removal
service: name=xinetd state=restarted
- name: Prepare the switch to new galera container image name in pacemaker
when:
- step|int == 0
- mysql_containerized|bool
block:
- name: Get galera image id currently used by pacemaker
shell: "docker images | awk '/mariadb.* pcmklatest/{print $3}' | uniq"
register: galera_current_pcmklatest_id
- name: Temporarily tag the current galera image id with the upgraded image name
shell: "docker tag {{galera_current_pcmklatest_id.stdout}} {{mysql_docker_image_latest}}"
- name: Disable the galera cluster resource before container upgrade
when:
- step|int == 1
- mysql_containerized|bool
- is_bootstrap_node
pacemaker_resource:
resource: galera
state: disable
wait_for_resource: true
register: output
retries: 5
until: output.rc == 0
- name: Move Mysql logging to /var/log/containers
when:
- step|int == 1
@ -390,34 +412,42 @@ outputs:
# rc == 6 means the configuration doesn't exist in the CIB
when: mysql_logs_moved.rc == 6
block:
- name: Disable the galera cluster resource
pacemaker_resource:
resource: galera
state: disable
wait_for_resource: true
register: output
retries: 5
until: output.rc == 0
- name: Add a bind mount for logging in the galera bundle
command: pcs resource bundle update galera-bundle storage-map add id=mysql-log source-dir=/var/log/containers/mysql target-dir=/var/log/mysql options=rw
- name: Reconfigure Mysql log file in the galera resource agent
command: pcs resource update galera log=/var/log/mysql/mysqld.log
- name: Enable the galera cluster resource
pacemaker_resource:
resource: galera
state: enable
wait_for_resource: true
register: output
retries: 5
until: output.rc == 0
- name: Update the galera bundle to use the new container image name
when:
- step|int == 1
- mysql_containerized|bool
- is_bootstrap_node
command: "pcs resource bundle update galera-bundle container image={{mysql_docker_image_latest}}"
- name: Enable the galera cluster resource
when:
- step|int == 1
- mysql_containerized|bool
- is_bootstrap_node
pacemaker_resource:
resource: galera
state: enable
wait_for_resource: true
register: output
retries: 5
until: output.rc == 0
- name: Retag the pacemaker image if containerized
when:
- step|int == 3
- mysql_containerized|bool
block: *mysql_fetch_retag_container_tasks
- name: Check and upgrade Mysql database after major version upgrade
when: step|int == 4
when: step|int == 3
block:
# mariadb package changes ownership of /var/lib/mysql on package
# update, so update here rather than in tripleo-package, to
# guarantee that ownership is fixed at the end of step 3
- name: Update host mariadb packages
when: step|int == 3
yum: name=mariadb-server-galera state=latest
- name: Mysql upgrade script
set_fact:
mysql_upgrade_script:
@ -426,7 +456,8 @@ outputs:
# executed for the current version of MariaDB.
list_join:
- ' '
- - '{% if mysql_containerized %}sudo -E kolla_set_configs; {% endif %}'
- - '{% if mysql_containerized %}kolla_set_configs; {% endif %}'
- 'chown -R mysql:mysql /var/lib/mysql;'
- 'mysqld_safe --user=mysql --wsrep-provider=none --skip-networking --wsrep-on=off &'
- 'timeout 60 sh -c ''while ! mysqladmin ping --silent; do sleep 1; done'';'
- 'mysql_upgrade;'

60
docker/services/pacemaker/database/redis.yaml
View File

@ -269,7 +269,7 @@ outputs:
docker_image: {get_param: DockerRedisImage}
docker_image_latest: *redis_image_pcmklatest
- name: Get previous Redis image id
shell: "docker images | awk '/redis.* pcmklatest/{print $3}'"
shell: "docker images | awk '/redis.* pcmklatest/{print $3}' | uniq"
register: redis_image_id
- block:
- name: Get a list of container using Redis image
@ -292,7 +292,7 @@ outputs:
upgrade_tasks:
- name: Get docker redis image
set_fact:
docker_image_latest: *redis_image_pcmklatest
redis_docker_image_latest: *redis_image_pcmklatest
- name: Check for redis Kolla configuration
stat:
path: /var/lib/config-data/puppet-generated/redis
@ -339,6 +339,28 @@ outputs:
until: output.rc == 0
- name: Disable redis service
service: name=redis enabled=no
- name: Prepare the switch to new redis container image name in pacemaker
when:
- step|int == 0
- redis_containerized|bool
block:
- name: Get redis image id currently used by pacemaker
shell: "docker images | awk '/redis.* pcmklatest/{print $3}' | uniq"
register: redis_current_pcmklatest_id
- name: Temporarily tag the current redis image id with the upgraded image name
shell: "docker tag {{redis_current_pcmklatest_id.stdout}} {{redis_docker_image_latest}}"
- name: Disable the redis cluster resource before container upgrade
when:
- step|int == 1
- redis_containerized|bool
- is_bootstrap_node
pacemaker_resource:
resource: redis-bundle
state: disable
wait_for_resource: true
register: output
retries: 5
until: output.rc == 0
- name: Move redis logging to /var/log/containers
when:
- step|int == 1
@ -353,26 +375,28 @@ outputs:
# rc == 6 means the configuration doesn't exist in the CIB
when: redis_logs_moved.rc == 6
block:
- name: Disable the redis cluster resource
pacemaker_resource:
resource: redis
state: disable
wait_for_resource: true
register: output
retries: 5
until: output.rc == 0
- name: Remove old bind mount for logging in the redis bundle
command: pcs resource bundle update redis-bundle storage-map remove redis-log
- name: Add a bind mount for logging in the redis bundle
command: pcs resource bundle update redis-bundle storage-map add id=redis-log source-dir=/var/log/containers/redis target-dir=/var/log/redis options=rw
- name: Enable the redis cluster resource
pacemaker_resource:
resource: redis
state: enable
wait_for_resource: true
register: output
retries: 5
until: output.rc == 0
- name: Update the redis bundle to use the new container image name
when:
- step|int == 1
- redis_containerized|bool
- is_bootstrap_node
command: "pcs resource bundle update redis-bundle container image={{redis_docker_image_latest}}"
- name: Enable the redis cluster resource
when:
- step|int == 1
- redis_containerized|bool
- is_bootstrap_node
pacemaker_resource:
resource: redis-bundle
state: enable
wait_for_resource: true
register: output
retries: 5
until: output.rc == 0
- name: Retag the pacemaker image if containerized
when:
- step|int == 3

64
docker/services/pacemaker/haproxy.yaml
View File

@ -308,7 +308,7 @@ outputs:
docker_image: {get_param: DockerHAProxyImage}
docker_image_latest: *haproxy_image_pcmklatest
- name: Get previous Haproxy image id
shell: "docker images | awk '/haproxy.* pcmklatest/{print $3}'"
shell: "docker images | awk '/haproxy.* pcmklatest/{print $3}' | uniq"
register: haproxy_image_id
- block:
- name: Get a list of container using Haproxy image
@ -331,7 +331,7 @@ outputs:
upgrade_tasks:
- name: Get docker haproxy image
set_fact:
docker_image_latest: *haproxy_image_pcmklatest
haproxy_docker_image_latest: *haproxy_image_pcmklatest
- name: Set HAProxy upgrade facts
block: *haproxy_update_upgrade_facts
- name: haproxy baremetal to container upgrade tasks
@ -364,6 +364,28 @@ outputs:
register: output
retries: 5
until: output.rc == 0
- name: Prepare the switch to new haproxy container image name in pacemaker
when:
- step|int == 0
- haproxy_containerized|bool
block:
- name: Get haproxy image id currently used by pacemaker
shell: "docker images | awk '/haproxy.* pcmklatest/{print $3}' | uniq"
register: haproxy_current_pcmklatest_id
- name: Temporarily tag the current haproxy image id with the upgraded image name
shell: "docker tag {{haproxy_current_pcmklatest_id.stdout}} {{haproxy_docker_image_latest}}"
- name: Disable the haproxy cluster resource before container upgrade
when:
- step|int == 1
- haproxy_containerized|bool
- is_bootstrap_node
pacemaker_resource:
resource: haproxy-bundle
state: disable
wait_for_resource: true
register: output
retries: 5
until: output.rc == 0
- name: Expose HAProxy stats socket on the host and mount TLS cert if needed
when:
- step|int == 1
@ -378,18 +400,9 @@ outputs:
command: cibadmin --query --xpath "//storage-mapping[@id='haproxy-cert']"
ignore_errors: true
register: haproxy_cert_mounted
- name: Disable the haproxy cluster resource
pacemaker_resource:
resource: haproxy-bundle
state: disable
wait_for_resource: true
register: output
retries: 5
until: output.rc == 0
# rc == 6 means the configuration doesn't exist in the CIB
when: haproxy_stats_exposed.rc == 6 or haproxy_cert_mounted.rc == 6
- name: Add a bind mount for stats socket in the haproxy bundle
command: pcs resource bundle update haproxy-bundle storage-map add id=haproxy-var-lib source-dir=/var/lib/haproxy target-dir=/var/lib/haproxy options=rw
# rc == 6 means the configuration doesn't exist in the CIB
when: haproxy_stats_exposed.rc == 6
- name: Set HAProxy public cert volume mount fact
set_fact:
@ -398,15 +411,24 @@ outputs:
- name: Add a bind mount for public certificate in the haproxy bundle
command: pcs resource bundle update haproxy-bundle storage-map add id=haproxy-cert source-dir={{ haproxy_public_cert_path }} target-dir=/var/lib/kolla/config_files/src-tls/{{ haproxy_public_cert_path }} options=ro
when: haproxy_cert_mounted.rc == 6 and haproxy_public_tls_enabled|bool
- name: Enable the haproxy cluster resource
pacemaker_resource:
resource: haproxy-bundle
state: enable
wait_for_resource: true
register: output
retries: 5
until: output.rc == 0
when: haproxy_stats_exposed.rc == 6 or haproxy_cert_mounted.rc == 6
- name: Update the haproxy bundle to use the new container image name
when:
- step|int == 1
- haproxy_containerized|bool
- is_bootstrap_node
command: "pcs resource bundle update haproxy-bundle container image={{haproxy_docker_image_latest}}"
- name: Enable the haproxy cluster resource
when:
- step|int == 1
- haproxy_containerized|bool
- is_bootstrap_node
pacemaker_resource:
resource: haproxy-bundle
state: enable
wait_for_resource: true
register: output
retries: 5
until: output.rc == 0
- name: Retag the pacemaker image if containerized
when:
- step|int == 3

44
docker/services/pacemaker/manila-share.yaml
View File

@ -185,7 +185,7 @@ outputs:
docker_image: {get_param: DockerManilaShareImage}
docker_image_latest: *manila_share_image_pcmklatest
- name: Get previous Manila-Share image id
shell: "docker images | awk '/manila-share.* pcmklatest/{print $3}'"
shell: "docker images | awk '/manila-share.* pcmklatest/{print $3}' | uniq"
register: manila_share_image_id
- block:
- name: Get a list of container using Manila-Share image
@ -208,7 +208,7 @@ outputs:
upgrade_tasks:
- name: Get docker Manila-Share image
set_fact:
docker_image_latest: *manila_share_image_pcmklatest
manila_share_docker_image_latest: *manila_share_image_pcmklatest
- name: Check for Manila-Share Kolla configuration
stat:
path: /var/lib/config-data/puppet-generated/manila
@ -223,6 +223,46 @@ outputs:
block:
- name: Stop and disable manila_share service
service: name=openstack-manila-share state=stopped enabled=no
- name: Prepare the switch to new Manila-Share container image name in pacemaker
when:
- step|int == 0
- manila_share_containerized|bool
block:
- name: Get Manila-Share image id currently used by pacemaker
shell: "docker images | awk '/manila-share.* pcmklatest/{print $3}' | uniq"
register: manila_share_current_pcmklatest_id
- name: Temporarily tag the current Manila-Share image id with the upgraded image name
shell: "docker tag {{manila_share_current_pcmklatest_id.stdout}} {{manila_share_docker_image_latest}}"
- name: Disable the Manila-Share cluster resource before container upgrade
when:
- step|int == 1
- manila_share_containerized|bool
- is_bootstrap_node
pacemaker_resource:
resource: openstack-manila-share
state: disable
wait_for_resource: true
register: output
retries: 5
until: output.rc == 0
- name: Update the Manila-Share bundle to use the new container image name
when:
- step|int == 1
- manila_share_containerized|bool
- is_bootstrap_node
command: "pcs resource bundle update openstack-manila-share container image={{manila_share_docker_image_latest}}"
- name: Enable the Manila-Share cluster resource
when:
- step|int == 1
- manila_share_containerized|bool
- is_bootstrap_node
pacemaker_resource:
resource: openstack-manila-share
state: enable
wait_for_resource: true
register: output
retries: 5
until: output.rc == 0
- name: Retag the pacemaker image if containerized
when:
- step|int == 3

66
docker/services/pacemaker/rabbitmq.yaml
View File

@ -238,7 +238,7 @@ outputs:
docker_image: {get_param: DockerRabbitmqImage}
docker_image_latest: *rabbitmq_image_pcmklatest
- name: Get previous Rabbitmq image id
shell: "docker images | awk '/rabbitmq.* pcmklatest/{print $3}'"
shell: "docker images | awk '/rabbitmq.* pcmklatest/{print $3}' | uniq"
register: rabbitmq_image_id
- block:
- name: Get a list of container using Rabbitmq image
@ -261,7 +261,7 @@ outputs:
upgrade_tasks:
- name: Get docker Rabbitmq image
set_fact:
docker_image_latest: *rabbitmq_image_pcmklatest
rabbitmq_docker_image_latest: *rabbitmq_image_pcmklatest
- name: Check for Rabbitmq Kolla configuration
stat:
path: /var/lib/config-data/puppet-generated/rabbitmq
@ -306,6 +306,28 @@ outputs:
until: output.rc == 0
- name: Disable rabbitmq service
service: name=rabbitmq-server enabled=no
- name: Prepare the switch to new rabbitmq container image name in pacemaker
when:
- step|int == 0
- rabbit_containerized|bool
block:
- name: Get rabbitmq image id currently used by pacemaker
shell: "docker images | awk '/rabbitmq.* pcmklatest/{print $3}' | uniq"
register: rabbitmq_current_pcmklatest_id
- name: Temporarily tag the current rabbitmq image id with the upgraded image name
shell: "docker tag {{rabbitmq_current_pcmklatest_id.stdout}} {{rabbitmq_docker_image_latest}}"
- name: Disable the rabbitmq cluster resource before container upgrade
when:
- step|int == 1
- rabbit_containerized|bool
- is_bootstrap_node
pacemaker_resource:
resource: rabbitmq-bundle
state: disable
wait_for_resource: true
register: output
retries: 5
until: output.rc == 0
- name: Move rabbitmq logging to /var/log/containers
when:
- step|int == 1
@ -316,28 +338,28 @@ outputs:
command: cibadmin --query --xpath "//storage-mapping[@id='rabbitmq-log']"
ignore_errors: true
register: rabbitmq_logs_moved
- name: Change rabbitmq logging configuration in pacemaker
- name: Add a bind mount for logging in the rabbitmq bundle
# rc == 6 means the configuration doesn't exist in the CIB
when: rabbitmq_logs_moved.rc == 6
block:
- name: Disable the rabbitmq cluster resource
pacemaker_resource:
resource: rabbitmq
state: disable
wait_for_resource: true
register: output
retries: 5
until: output.rc == 0
- name: Add a bind mount for logging in the rabbitmq bundle
command: pcs resource bundle update rabbitmq-bundle storage-map add id=rabbitmq-log source-dir=/var/log/containers/rabbitmq target-dir=/var/log/rabbitmq options=rw
- name: Enable the rabbitmq cluster resource
pacemaker_resource:
resource: rabbitmq
state: enable
wait_for_resource: true
register: output
retries: 5
until: output.rc == 0
command: pcs resource bundle update rabbitmq-bundle storage-map add id=rabbitmq-log source-dir=/var/log/containers/rabbitmq target-dir=/var/log/rabbitmq options=rw
- name: Update the rabbitmq bundle to use the new container image name
when:
- step|int == 1
- rabbit_containerized|bool
- is_bootstrap_node
command: "pcs resource bundle update rabbitmq-bundle container image={{rabbitmq_docker_image_latest}}"
- name: Enable the rabbitmq cluster resource
when:
- step|int == 1
- rabbit_containerized|bool
- is_bootstrap_node
pacemaker_resource:
resource: rabbitmq-bundle
state: enable
wait_for_resource: true
register: output
retries: 5
until: output.rc == 0
- name: Retag the pacemaker image if containerized
when:
- step|int == 3