From c2b828fbb8b1e9f085ecbd6d5abd085733f3b7cb Mon Sep 17 00:00:00 2001 From: Sofer Athlan-Guyot Date: Thu, 23 Jul 2020 12:17:31 +0200 Subject: [PATCH] Add openvswitch special treatment to update too. Openvswitch package update can be disruptive during update too. So we factor out the code used for upgrade to re-use for update and undercloud update. We also fix a issue where yum/yumdownloader is not available anymore. This cause the special treatment to not happen anymore what not matter what. Instead of duplicating the ansible sequence, this has been ported to a ansible module that replicate the action defined in the templates. We also make sure to not try to restart the openvswitch service if nothing has been changed during the ovs upgrade task. This cover two cases. First, it's an optimization, if nothing has been done, we don't need to check the service. Second, and most importantly, if ovs isn't installed (this can happen on some minimal installation) then we don't try to restart the non-existent service. We keep the tasks at step 3 that make sure again that the openvswitch service is started. This is a failsafe and as such we ignore any error there. This also support the overcloud-minimal type of installation. Depends-On: https://review.opendev.org/743837 Change-Id: I4fde50e353ab7b2e6b03d963f585f6abe35ca32d Closes-Bug: #1888651 Related-Bug: #1888821 (cherry picked from commit 8ca2b598cbee79177f36448b421692b4cd9c8c8d) --- .../tripleo-packages-baremetal-puppet.yaml | 169 +++--------------- deployment/undercloud/undercloud-upgrade.yaml | 146 +-------------- 2 files changed, 31 insertions(+), 284 deletions(-) diff --git a/deployment/tripleo-packages/tripleo-packages-baremetal-puppet.yaml b/deployment/tripleo-packages/tripleo-packages-baremetal-puppet.yaml index a3951b04c6..6009363126 100644 --- a/deployment/tripleo-packages/tripleo-packages-baremetal-puppet.yaml +++ b/deployment/tripleo-packages/tripleo-packages-baremetal-puppet.yaml @@ -231,158 +231,24 @@ outputs: - rsync state: present when: ansible_distribution_major_version == '8' - # With the layered product packaging, the key package is rhosp-openvswitch. It depends on - # a openvswitch package that includes the version as part of the name (e.g openvswitch2.10). - # This requires some additional special handling: - # - During an upgrade the package name for openvswitch may change so - # upgrading the currently installed package won't do anything. - # - The rhosp-openvswitch package "obsoletes" several packages, - # including older openvswitch packages. This results in a pretty - # severe uninstall/install sequence of operations that stops and - # removes openvswitch which could break network links required to - # continue the upgrade. - # - To prevent rhosp-openvswitch breaking connectivity, the currently - # installed core openvswitch packages need to be erased from the rpm - # database but leave the binaries intact. This effectively - # short-circuits the obsoletes mechanism in rhosp-openvswitch and - # leaves the core elements of openvswitch running. In the future we - # may replace this mechanism with "an upgrade on reboot". We only - # do this for the core openvswitch packages so other packages - # obsoleted by rhosp-openvswitch will be removed when - # rhosp-openvswitch is installed/upgraded. - # - Neither the rhosp-openvswitch nor openvswitch{m.n} package enables - # or starts the systemd service so there must always be a task - # to ensure that it is enabled or OpenvSwitch functionality won't be - # available on reboot. - # - With LP, we expect that the core openvswitch package name will - # change with every major upgrade so this special handling will - # eventually replace the special handling of upgrading the - # openvswitch package "in place" - - name: Get current OpenvSwitch package name - register: ovs_pkg_out - shell: - rpm -qa | awk -F- '/^(openvswitch[0-9]+\.[0-9]+-[0-9]+\.[0-9]+\.[-0]+-|openvswitch-2)/{print $1}' - - name: Don't update if not present - set_fact: - run_ovs_update: "{{ (ovs_pkg_out.stdout | length) > 0 }}" - - name: Block for gathering information for upgrading OpenvSwitch layered product packaging + - name: Special treatment for OpenvSwitch + tripleo_ovs_upgrade: when: - step|int == 2 - - run_ovs_update|bool - block: - - name: Process rhosp-openvswitch layered package for new version number - shell: | - set -o pipefail - yum info -q rhosp-openvswitch | awk '/^Version/{print $NF}' - register: rhosp_package_result - failed_when: false - - name: Set fact for triggering OpenvSwitch layered product package handling - set_fact: - ovs_lp_packaging: "{{ rhosp_package_result.rc == 0 }}" - - name: Capture the expected OpenvSwitch version. - set_fact: - new_ovs_version: "{{ rhosp_package_result.stdout }}" - when: ovs_lp_packaging|default(false) - - name: Get version from current OpenvSwitch package - register: ovs_version_out - shell: - rpm -qi "{{ ovs_pkg_out.stdout }}" | awk '/^Version/{print $NF}' - - name: split numeric version for OpenvSwitch into parts - set_fact: - ovs_version_parts: "{{ ovs_version_out.stdout.split('.') }}" - - name: get major minor version for OpenvSwitch package naming - set_fact: - current_ovs_version: "{{ ovs_version_parts[0] }}.{{ ovs_version_parts[1] }}" - - name: get OpenvSwitch major version - set_fact: - current_ovs_major_version: "{{ ovs_version_parts[0]|int }}" - - name: get OpenvSwitch minor version - set_fact: - current_ovs_minor_version: "{{ ovs_version_parts[1]|int }}" - - name: Block for upgrading OpenvSwitch when layer package is present + register: ovs_upgrade + - name: Always ensure the openvswitch service is enabled and running after upgrades + service: + name: openvswitch + enabled: yes + state: started when: - step|int == 2 - - ovs_lp_packaging|default(false) - block: - - name: set current OpenvSwitch package suffix if old version is layered product format - set_fact: - package_suffix: "{{ current_ovs_version }}" - when: - - current_ovs_major_version|int >= 3 or current_ovs_minor_version|int >=10 - - name: remove old OpenvSwitch package(s) if version doesn't match - shell: | - rpm -e --noscripts --nopreun --nopostun --notriggers --nodeps $(rpm -qa 'openvswitch{{ package_suffix|default('') }}*' | grep -v 'selinux') - args: - warn: false - when: new_ovs_version != current_ovs_version - - name: install/upgrade OpenvSwitch LP package - package: - name: rhosp-openvswitch - state: latest - - name: set flag to skip other upgrade steps since OpenvSwitch is already upgraded! - set_fact: - run_ovs_update: false - - name: Check for openvswitch upgrade if not layered package installs - when: - - step|int == 2 - - run_ovs_update|bool - block: - - name: check if an upgrade is required - register: ovs_need_upgrade - failed_when: false - shell: | - yum check-upgrade openvswitch | awk '/openvswitch/{print}' - - name: Check openvswitch packaging. - shell: rpm -q --scripts openvswitch | awk '/postuninstall/,/*/' | grep -q "systemctl.*try-restart" - register: ovs_packaging_issue - failed_when: false - - name: Upgrade openvswitch - block: - - name: "Ensure empty directory: emptying." - file: - state: absent - path: /root/OVS_UPGRADE - - name: "Ensure empty directory: creating." - file: - state: directory - path: /root/OVS_UPGRADE - owner: root - group: root - mode: 0750 - - name: Make yum cache. - command: yum makecache - - name: Download OVS packages. - command: yumdownloader --destdir /root/OVS_UPGRADE --resolve openvswitch - - name: Get rpm list for manual upgrade of OVS. - shell: ls -1 /root/OVS_UPGRADE/*.rpm - register: ovs_list_of_rpms - - name: Manual upgrade of OVS - shell: | - rpm -U --replacepkgs --notriggerun --nopostun {{item}} - args: - chdir: /root/OVS_UPGRADE - with_items: - - "{{ovs_list_of_rpms.stdout_lines}}" - when: - - step|int == 2 - - run_ovs_update|bool - - ovs_packaging_issue.rc == 0 | default(false) - - ovs_need_upgrade.stdout|default('') + - ovs_upgrade.changed|bool - name: Install libibverbs (https://bugs.launchpad.net/tripleo/+bug/1817743) when: step|int == 2 package: name: libibverbs state: installed - # The openvswitch package disables the systemd service on install. When installing - # the layered product we prevent the service from being killed, but it doesn't - # do anything to prevent the systemd service from being removed and it is not - # re-enabled by default by the new package. - - name: Always ensure the openvswitch service is enabled and running after upgrades - when: step|int == 2 - service: - name: openvswitch - enabled: yes - state: started - name: Check for os-net-config upgrade shell: "yum check-upgrade | awk '/os-net-config/{print}'" register: os_net_config_need_upgrade @@ -452,6 +318,19 @@ outputs: - name: Set boolean skip_package_update set_fact: skip_package_update: {get_param: SkipPackageUpdate} + - name: Special treatment for OpenvSwitch + tripleo_ovs_upgrade: + when: + - step|int == 2 + register: ovs_upgrade + - name: Always ensure the openvswitch service is enabled and running after upgrades + service: + name: openvswitch + enabled: yes + state: started + when: + - step|int == 2 + - ovs_upgrade.changed|bool # Exclude ansible until https://github.com/ansible/ansible/issues/56636 # is available - name: Update all packages @@ -462,10 +341,12 @@ outputs: name: '*' state: latest exclude: ansible - # This is failsafe unless openvswitch package does something to the systemd service state. + # This is failsafe unless openvswitch package does something + # to the systemd service state. - name: Ensure openvswitch is running after update when: step|int == 3 service: name: openvswitch enabled: yes state: started + ignore_errors: true diff --git a/deployment/undercloud/undercloud-upgrade.yaml b/deployment/undercloud/undercloud-upgrade.yaml index d7f80df843..9480781bca 100644 --- a/deployment/undercloud/undercloud-upgrade.yaml +++ b/deployment/undercloud/undercloud-upgrade.yaml @@ -60,153 +60,19 @@ outputs: - step|int == 0 - ansible_distribution == 'RedHat' - not (skip_rhel_enforcement | bool) - # With the layered product packaging, the key package is rhosp-openvswitch. It depends on - # a openvswitch package that includes the version as part of the name (e.g openvswitch2.10). - # This requires some additional special handling: - # - During an upgrade the package name for openvswitch may change so - # upgrading the currently installed package won't do anything. - # - The rhosp-openvswitch package "obsoletes" several packages, - # including older openvswitch packages. This results in a pretty - # severe uninstall/install sequence of operations that stops and - # removes openvswitch which could break network links required to - # continue the upgrade. - # - To prevent rhosp-openvswitch breaking connectivity, the currently - # installed core openvswitch packages need to be erased from the rpm - # database but leave the binaries intact. This effectively - # short-circuits the obsoletes mechanism in rhosp-openvswitch and - # leaves the core elements of openvswitch running. In the future we - # may replace this mechanism with "an upgrade on reboot". We only - # do this for the core openvswitch packages so other packages - # obsoleted by rhosp-openvswitch will be removed when - # rhosp-openvswitch is installed/upgraded. - # - Neither the rhosp-openvswitch nor openvswitch{m.n} package enables - # or starts the systemd service so there must always be a task - # to ensure that it is enabled or OpenvSwitch functionality won't be - # available on reboot. - # - With LP, we expect that the core openvswitch package name will - # change with every major upgrade so this special handling will - # eventually replace the special handling of upgrading the - # openvswitch package "in place" - - name: Get current OpenvSwitch package name - register: ovs_pkg_out - shell: - rpm -qa | awk -F- '/^(openvswitch[0-9]+\.[0-9]+-[0-9]+\.[0-9]+\.[-0]+-|openvswitch-2)/{print $1}' - - name: Don't update if not present - set_fact: - run_ovs_update: "{{ (ovs_pkg_out.stdout | length) > 0 }}" - - name: Block for gathering information for upgrading OpenvSwitch layered product packaging + - name: Special treatment for OpenvSwitch + tripleo_ovs_upgrade: when: - step|int == 2 - - run_ovs_update|bool - block: - - name: Process rhosp-openvswitch layered package for new version number - shell: | - set -o pipefail - yum info -q rhosp-openvswitch | awk '/^Version/{print $NF}' - register: rhosp_package_result - failed_when: false - - name: Set fact for triggering OpenvSwitch layered product package handling - set_fact: - ovs_lp_packaging: "{{ rhosp_package_result.rc == 0 }}" - - name: Capture the expected OpenvSwitch version. - set_fact: - new_ovs_version: "{{ rhosp_package_result.stdout }}" - when: ovs_lp_packaging|default(false) - - name: Get version from current OpenvSwitch package - register: ovs_version_out - shell: - rpm -qi "{{ ovs_pkg_out.stdout }}" | awk '/^Version/{print $NF}' - - name: split numeric version for OpenvSwitch into parts - set_fact: - ovs_version_parts: "{{ ovs_version_out.stdout.split('.') }}" - - name: get major minor version for OpenvSwitch package naming - set_fact: - current_ovs_version: "{{ ovs_version_parts[0] }}.{{ ovs_version_parts[1] }}" - - name: get OpenvSwitch major version - set_fact: - current_ovs_major_version: "{{ ovs_version_parts[0]|int }}" - - name: get OpenvSwitch minor version - set_fact: - current_ovs_minor_version: "{{ ovs_version_parts[1]|int }}" - - name: Block for upgrading OpenvSwitch when layer package is present - when: - - step|int == 2 - - ovs_lp_packaging|default(false) - block: - - name: set current OpenvSwitch package suffix if old version is layered product format - set_fact: - package_suffix: "{{ current_ovs_version }}" - when: - - current_ovs_major_version|int >= 3 or current_ovs_minor_version|int >=10 - - name: remove old OpenvSwitch package(s) if version doesn't match - shell: | - rpm -e --noscripts --nopreun --nopostun --notriggers --nodeps $(rpm -qa 'openvswitch{{ package_suffix|default('') }}*' | grep -v 'selinux') - args: - warn: false - when: new_ovs_version != current_ovs_version - - name: install/upgrade OpenvSwitch LP package - package: - name: rhosp-openvswitch - state: latest - - name: set flag to skip other upgrade steps since OpenvSwitch is already upgraded! - set_fact: - run_ovs_update: false - - name: Check for openvswitch upgrade if not layered package installs - when: - - step|int == 2 - - run_ovs_update|bool - block: - - name: check if an upgrade is required - register: ovs_need_upgrade - failed_when: false - shell: | - yum check-upgrade openvswitch | awk '/openvswitch/{print}' - - name: Check openvswitch packaging. - shell: rpm -q --scripts openvswitch | awk '/postuninstall/,/*/' | grep -q "systemctl.*try-restart" - register: ovs_packaging_issue - failed_when: false - - name: Upgrade openvswitch - block: - - name: "Ensure empty directory: emptying." - file: - state: absent - path: /root/OVS_UPGRADE - - name: "Ensure empty directory: creating." - file: - state: directory - path: /root/OVS_UPGRADE - owner: root - group: root - mode: 0750 - - name: Make yum cache. - command: yum makecache - - name: Download OVS packages. - command: yumdownloader --destdir /root/OVS_UPGRADE --resolve openvswitch - - name: Get rpm list for manual upgrade of OVS. - shell: ls -1 /root/OVS_UPGRADE/*.rpm - register: ovs_list_of_rpms - - name: Manual upgrade of OVS - shell: | - rpm -U --replacepkgs --notriggerun --nopostun {{item}} - args: - chdir: /root/OVS_UPGRADE - with_items: - - "{{ovs_list_of_rpms.stdout_lines}}" - when: - - step|int == 2 - - run_ovs_update|bool - - ovs_packaging_issue.rc == 0 | default(false) - - ovs_need_upgrade.stdout|default('') - # The openvswitch package disables the systemd service on install. When installing - # the layered product we prevent the service from being killed, but it doesn't - # do anything to prevent the systemd service from being removed and it is not - # re-enabled by default by the new package. + register: ovs_upgrade - name: Always ensure the openvswitch service is enabled and running after upgrades - when: step|int == 2 service: name: openvswitch enabled: yes state: started + when: + - step|int == 2 + - ovs_upgrade.changed|bool # Exclude ansible until https://github.com/ansible/ansible/issues/56636 # is available - name: Update all packages