openstack
/
tripleo-heat-templates
Code Issues Proposed changes

Delivers upgrade scripts where upgrade steps are disabled 

This delivers a /root/tripleo_upgrade_node.sh to those nodes
that have the disable_upgrade_deployment flag set to true.
They will later be upgraded manually by the operator who will
invoke the script delivered here using upgrade-non-controller.sh

We can also deliver any service specific upgrade configuration,
such as configuring nova-compute to use the placement API as this
is required in order for placement to be configured and installed
during the subsequent upgrade steps for controller services.

This removes the compute and swift specific upgrade scripts as
they are now merged into the common
tripleo_upgrade_node.sh - removing any hard coded
reference to a particular role name (compute/objectstorage) and
only relying on the disable_upgrade_deployment is roles_data.yaml

Change-Id: I4531a4038b78087ef4a1a62c35f1328822427817
Co-Authored-By: Mathieu Bultel <mbultel@redhat.com>
This commit is contained in:
marios 2017-01-13 13:06:14 +02:00 committed by Marios Andreou
parent 9df2928850
commit ed220aecf5
8 changed files with 119 additions and 176 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
extraconfig/tasks/major_upgrade_compute.sh
View File

@ -1,35 +0,0 @@
#!/bin/bash
#
# This delivers the compute upgrade script to be invoked as part of the tripleo
# major upgrade workflow.
#
set -eu
UPGRADE_SCRIPT=/root/tripleo_upgrade_node.sh
cat > $UPGRADE_SCRIPT << ENDOFCAT
### DO NOT MODIFY THIS FILE
### This file is automatically delivered to the compute nodes as part of the
### tripleo upgrades workflow
set -eu
# pin nova to kilo (messaging +-1) for the nova-compute service
crudini --set /etc/nova/nova.conf upgrade_levels compute $upgrade_level_nova_compute
$(declare -f special_case_ovs_upgrade_if_needed)
special_case_ovs_upgrade_if_needed
yum -y install python-zaqarclient # needed for os-collect-config
yum -y update
# Due to bug#1640177 we need to restart compute agent
echo "Restarting openstack ceilometer agent compute"
systemctl restart openstack-ceilometer-compute
ENDOFCAT
# ensure the permissions are OK
chmod 0755 $UPGRADE_SCRIPT

42
extraconfig/tasks/major_upgrade_object_storage.sh
View File

@ -1,42 +0,0 @@
#!/bin/bash
#
# This delivers the swift-storage upgrade script to be invoked as part of the tripleo
# major upgrade workflow.
#
set -eu
UPGRADE_SCRIPT=/root/tripleo_upgrade_node.sh
cat > $UPGRADE_SCRIPT << ENDOFCAT
### DO NOT MODIFY THIS FILE
### This file is automatically delivered to the swift-storage nodes as part of the
### tripleo upgrades workflow
set -eu
function systemctl_swift {
action=\$1
for S in openstack-swift-account-auditor openstack-swift-account-reaper openstack-swift-account-replicator openstack-swift-account \
openstack-swift-container-auditor openstack-swift-container-replicator openstack-swift-container-updater openstack-swift-container \
openstack-swift-object-auditor openstack-swift-object-replicator openstack-swift-object-updater openstack-swift-object; do
systemctl \$action \$S
done
}
$(declare -f special_case_ovs_upgrade_if_needed)
special_case_ovs_upgrade_if_needed
systemctl_swift stop
yum -y install python-zaqarclient # needed for os-collect-config
yum -y update
systemctl_swift start
ENDOFCAT
# ensure the permissions are OK
chmod 0755 $UPGRADE_SCRIPT

96
extraconfig/tasks/major_upgrade_pacemaker_init.j2.yaml
View File

@ -1,96 +0,0 @@
heat_template_version: ocata
description: 'Upgrade for Pacemaker deployments'
parameters:
servers:
type: json
input_values:
type: json
description: input values for the software deployments
UpgradeInitCommand:
type: string
description: |
Command or script snippet to run on all overcloud nodes to
initialize the upgrade process. E.g. a repository switch.
default: ''
UpgradeLevelNovaCompute:
type: string
description: Nova Compute upgrade level
default: ''
resources:
# For the UpgradeInit also rename /etc/resolv.conf.save for +bug/1567004
UpgradeInitConfig:
type: OS::Heat::SoftwareConfig
properties:
group: script
config:
list_join:
- ''
- - "#!/bin/bash\n\n"
- "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
- get_param: UpgradeInitCommand
# TODO(jistr): for Mitaka->Newton upgrades and further we can use
# map_merge with input_values instead of feeding params into scripts
# via str_replace on bash snippets
# FIXME(shardy) we have hard-coded per-role *ScriptConfig's here
# Would be better to have a common config for all roles
ComputeDeliverUpgradeScriptConfig:
type: OS::Heat::SoftwareConfig
properties:
group: script
config:
list_join:
- ''
- - str_replace:
template: |
#!/bin/bash
upgrade_level_nova_compute='UPGRADE_LEVEL_NOVA_COMPUTE'
params:
UPGRADE_LEVEL_NOVA_COMPUTE: {get_param: UpgradeLevelNovaCompute}
- get_file: pacemaker_common_functions.sh
- get_file: major_upgrade_compute.sh
ObjectStorageDeliverUpgradeScriptConfig:
type: OS::Heat::SoftwareConfig
properties:
group: script
config:
list_join:
- ''
- - get_file: pacemaker_common_functions.sh
- get_file: major_upgrade_object_storage.sh
CephStorageDeliverUpgradeScriptConfig:
type: OS::Heat::SoftwareConfig
properties:
group: script
config:
list_join:
- ''
- - get_file: pacemaker_common_functions.sh
- get_file: major_upgrade_ceph_storage.sh
{% for role in roles %}
UpgradeInit{{role.name}}Deployment:
type: OS::Heat::SoftwareDeploymentGroup
properties:
servers: {get_param: [servers, {{role.name}}]}
config: {get_resource: UpgradeInitConfig}
input_values: {get_param: input_values}
{% if not role.name in ['Controller', 'BlockStorage'] %}
{{role.name}}DeliverUpgradeScriptDeployment:
type: OS::Heat::SoftwareDeploymentGroup
properties:
servers: {get_param: [servers, {{role.name}}]}
config: {get_resource: {{role.name}}DeliverUpgradeScriptConfig}
input_values: {get_param: input_values}
{% endif %}
{% endfor %}

51
extraconfig/tasks/tripleo_upgrade_node.sh Normal file
View File

@ -0,0 +1,51 @@
#!/bin/bash
#
# This delivers the operator driven upgrade script to be invoked as part of
# the tripleo major upgrade workflow. The utility 'upgrade-non-controller.sh'
# is used from the undercloud to invoke the /root/tripleo_upgrade_node.sh
#
set -eu
UPGRADE_SCRIPT=/root/tripleo_upgrade_node.sh
cat > $UPGRADE_SCRIPT << ENDOFCAT
### DO NOT MODIFY THIS FILE
### This file is automatically delivered to those nodes where the
### disable_upgrade_deployment flag is set in roles_data.yaml.
set -eu
NOVA_COMPUTE=""
if systemctl show 'openstack-nova-compute' --property ActiveState | grep '\bactive\b'; then
NOVA_COMPUTE="true"
fi
DEBUG="true"
SCRIPT_NAME=$(basename $0)
$(declare -f log_debug)
$(declare -f manage_systemd_service)
$(declare -f systemctl_swift)
# pin nova messaging +-1 for the nova-compute service
if [[ -n \$NOVA_COMPUTE ]]; then
crudini --set /etc/nova/nova.conf upgrade_levels compute auto
fi
$(declare -f special_case_ovs_upgrade_if_needed)
special_case_ovs_upgrade_if_needed
yum -y install python-zaqarclient # needed for os-collect-config
systemctl_swift stop
yum -y update
systemctl_swift start
# Due to bug#1640177 we need to restart compute agent
if [[ -n \$NOVA_COMPUTE ]]; then
echo "Restarting openstack ceilometer agent compute"
systemctl restart openstack-ceilometer-compute
fi
ENDOFCAT
# ensure the permissions are OK
chmod 0755 $UPGRADE_SCRIPT

1
overcloud.j2.yaml
View File

@ -610,6 +610,7 @@ resources:
{% for role in roles %}
{{role.name}}: {get_attr: [{{role.name}}, attributes, nova_server_resource]}
{% endfor %}
EndpointMap: {get_attr: [EndpointMap, endpoint_map]}
role_data:
{% for role in roles %}
{{role.name}}: {get_attr: [{{role.name}}ServiceChain, role_data]}

63
puppet/major_upgrade_steps.j2.yaml
View File

@ -1,6 +1,7 @@
{% set enabled_roles = roles|rejectattr('disable_upgrade_deployment')|list -%}
{% set batch_upgrade_steps_max = 3 -%}
{% set upgrade_steps_max = 6 -%}
{% set deliver_script = {'deliver': False} -%}
heat_template_version: ocata
description: 'Upgrade steps for all roles'
@ -17,6 +18,19 @@ parameters:
description: >
Setting to a previously unused value during stack-update will trigger
the Upgrade resources to re-run on all roles.
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
KeystoneRegion:
type: string
default: 'regionOne'
description: Keystone region for endpoint
NovaPassword:
description: The password for the nova service and db account, used by nova-api.
type: string
hidden: true
conditions:
# Conditions to disable any steps where the task list is empty
@ -35,6 +49,43 @@ conditions:
resources:
{% for role in roles if role.disable_upgrade_deployment|default(false) %}
{{role.name}}DeliverUpgradeScriptConfig:
type: OS::Heat::SoftwareConfig
properties:
group: script
config:
list_join:
- ''
- - "#!/bin/bash\n\n"
- "set -eu\n\n"
- "if hiera -c /etc/puppet/hiera.yaml service_names | grep nova_compute ; then\n\n"
- " crudini --set /etc/nova/nova.conf placement auth_type password\n\n"
- " crudini --set /etc/nova/nova.conf placement username placement\n\n"
- " crudini --set /etc/nova/nova.conf placement project_domain_name Default\n\n"
- " crudini --set /etc/nova/nova.conf placement user_domain_name Default\n\n"
- " crudini --set /etc/nova/nova.conf placement project_name service\n\n"
- " systemctl restart openstack-nova-compute\n\n"
- "fi\n\n"
- str_replace:
template: |
crudini --set /etc/nova/nova.conf placement password 'SERVICE_PASSWORD'
crudini --set /etc/nova/nova.conf placement region_name 'REGION_NAME'
crudini --set /etc/nova/nova.conf placement auth_url 'AUTH_URL'
params:
SERVICE_PASSWORD: { get_param: NovaPassword }
REGION_NAME: { get_param: KeystoneRegion }
AUTH_URL: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
- get_file: ../extraconfig/tasks/pacemaker_common_functions.sh
- get_file: ../extraconfig/tasks/tripleo_upgrade_node.sh
{{role.name}}DeliverUpgradeScriptDeployment:
type: OS::Heat::SoftwareDeploymentGroup
properties:
servers: {get_param: [servers, {{role.name}}]}
config: {get_resource: {{role.name}}DeliverUpgradeScriptConfig}
{% endfor %}
# Upgrade Steps for all roles, batched updates
# The UpgradeConfig resources could actually be created without
# serialization, but the event output is easier to follow if we
@ -50,8 +101,18 @@ resources:
{% if role.name in enabled_roles %}
depends_on:
- {{role.name}}UpgradeBatch_Step{{step -1}}
{%- endif %}
{% else %}
{% for role in roles if role.disable_upgrade_deployment|default(false) %}
{% if deliver_script.update({'deliver': True}) %} {% endif %}
{% endfor %}
{% if deliver_script.deliver %}
depends_on:
{% endif %}
{%- endif %}
{% for dep in roles if dep.disable_upgrade_deployment|default(false) %}
- {{dep.name}}DeliverUpgradeScriptDeployment
{% endfor %}
{% endif %}
properties:
UpgradeStepConfig: {get_param: [role_data, {{role.name}}, upgrade_batch_tasks]}
step: {{step}}

6
puppet/post.j2.yaml
View File

@ -12,7 +12,11 @@ parameters:
role_data:
type: json
description: Mapping of Role name e.g Controller to the per-role data
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
DeployIdentifier:
default: ''
type: string

1
roles_data.yaml
View File

@ -184,7 +184,6 @@
- OS::TripleO::Services::Collectd
- name: CephStorage
disable_upgrade_deployment: True
ServicesDefault:
- OS::TripleO::Services::CACerts
- OS::TripleO::Services::CephOSD