Add openvswitch special treatment to update too.

Openvswitch package update can be disruptive during update too.  So we
factor out the code used for upgrade to re-use for update and
undercloud update.

We also fix a issue where yum/yumdownloader is not available anymore.
This cause the special treatment to not happen anymore what not matter
what.

Instead of duplicating the ansible sequence, this has been ported to a
ansible module that replicate the action defined in the templates.

We also make sure to not try to restart the openvswitch service if
nothing has been changed during the ovs upgrade task.  This cover two
cases.  First, it's an optimization, if nothing has been done, we
don't need to check the service.  Second, and most importantly, if ovs
isn't installed (this can happen on some minimal installation) then we
don't try to restart the non-existent service.

We keep the tasks at step 3 that make sure again that the openvswitch
service is started.  This is a failsafe and as such we ignore any
error there.  This also support the overcloud-minimal type of
installation.

Depends-On: https://review.opendev.org/743838
Change-Id: I4fde50e353ab7b2e6b03d963f585f6abe35ca32d
Closes-Bug: #1888651
Related-Bug: #1888821
(cherry picked from commit 8ca2b598cb)
(cherry picked from commit c2b828fbb8)
This commit is contained in:
Sofer Athlan-Guyot 2020-07-23 12:17:31 +02:00
parent 6c7ccc9347
commit ed65866d43
2 changed files with 31 additions and 284 deletions

View File

@ -356,158 +356,24 @@ outputs:
- rsync - rsync
state: present state: present
when: ansible_distribution_major_version == '8' when: ansible_distribution_major_version == '8'
# With the layered product packaging, the key package is rhosp-openvswitch. It depends on - name: Special treatment for OpenvSwitch
# a openvswitch package that includes the version as part of the name (e.g openvswitch2.10). tripleo_ovs_upgrade:
# This requires some additional special handling:
# - During an upgrade the package name for openvswitch may change so
# upgrading the currently installed package won't do anything.
# - The rhosp-openvswitch package "obsoletes" several packages,
# including older openvswitch packages. This results in a pretty
# severe uninstall/install sequence of operations that stops and
# removes openvswitch which could break network links required to
# continue the upgrade.
# - To prevent rhosp-openvswitch breaking connectivity, the currently
# installed core openvswitch packages need to be erased from the rpm
# database but leave the binaries intact. This effectively
# short-circuits the obsoletes mechanism in rhosp-openvswitch and
# leaves the core elements of openvswitch running. In the future we
# may replace this mechanism with "an upgrade on reboot". We only
# do this for the core openvswitch packages so other packages
# obsoleted by rhosp-openvswitch will be removed when
# rhosp-openvswitch is installed/upgraded.
# - Neither the rhosp-openvswitch nor openvswitch{m.n} package enables
# or starts the systemd service so there must always be a task
# to ensure that it is enabled or OpenvSwitch functionality won't be
# available on reboot.
# - With LP, we expect that the core openvswitch package name will
# change with every major upgrade so this special handling will
# eventually replace the special handling of upgrading the
# openvswitch package "in place"
- name: Get current OpenvSwitch package name
register: ovs_pkg_out
shell:
rpm -qa | awk -F- '/^(openvswitch[0-9]+\.[0-9]+-[0-9]+\.[0-9]+\.[-0]+-|openvswitch-2)/{print $1}'
- name: Don't update if not present
set_fact:
run_ovs_update: "{{ (ovs_pkg_out.stdout | length) > 0 }}"
- name: Block for gathering information for upgrading OpenvSwitch layered product packaging
when: when:
- step|int == 2 - step|int == 2
- run_ovs_update|bool register: ovs_upgrade
block: - name: Always ensure the openvswitch service is enabled and running after upgrades
- name: Process rhosp-openvswitch layered package for new version number service:
shell: | name: openvswitch
set -o pipefail enabled: yes
yum info -q rhosp-openvswitch | awk '/^Version/{print $NF}' state: started
register: rhosp_package_result
failed_when: false
- name: Set fact for triggering OpenvSwitch layered product package handling
set_fact:
ovs_lp_packaging: "{{ rhosp_package_result.rc == 0 }}"
- name: Capture the expected OpenvSwitch version.
set_fact:
new_ovs_version: "{{ rhosp_package_result.stdout }}"
when: ovs_lp_packaging|default(false)
- name: Get version from current OpenvSwitch package
register: ovs_version_out
shell:
rpm -qi "{{ ovs_pkg_out.stdout }}" | awk '/^Version/{print $NF}'
- name: split numeric version for OpenvSwitch into parts
set_fact:
ovs_version_parts: "{{ ovs_version_out.stdout.split('.') }}"
- name: get major minor version for OpenvSwitch package naming
set_fact:
current_ovs_version: "{{ ovs_version_parts[0] }}.{{ ovs_version_parts[1] }}"
- name: get OpenvSwitch major version
set_fact:
current_ovs_major_version: "{{ ovs_version_parts[0]|int }}"
- name: get OpenvSwitch minor version
set_fact:
current_ovs_minor_version: "{{ ovs_version_parts[1]|int }}"
- name: Block for upgrading OpenvSwitch when layer package is present
when: when:
- step|int == 2 - step|int == 2
- ovs_lp_packaging|default(false) - ovs_upgrade.changed|bool
block:
- name: set current OpenvSwitch package suffix if old version is layered product format
set_fact:
package_suffix: "{{ current_ovs_version }}"
when:
- current_ovs_major_version|int >= 3 or current_ovs_minor_version|int >=10
- name: remove old OpenvSwitch package(s) if version doesn't match
shell: |
rpm -e --noscripts --nopreun --nopostun --notriggers --nodeps $(rpm -qa 'openvswitch{{ package_suffix|default('') }}*' | grep -v 'selinux')
args:
warn: false
when: new_ovs_version != current_ovs_version
- name: install/upgrade OpenvSwitch LP package
package:
name: rhosp-openvswitch
state: latest
- name: set flag to skip other upgrade steps since OpenvSwitch is already upgraded!
set_fact:
run_ovs_update: false
- name: Check for openvswitch upgrade if not layered package installs
when:
- step|int == 2
- run_ovs_update|bool
block:
- name: check if an upgrade is required
register: ovs_need_upgrade
failed_when: false
shell: |
yum check-upgrade openvswitch | awk '/openvswitch/{print}'
- name: Check openvswitch packaging.
shell: rpm -q --scripts openvswitch | awk '/postuninstall/,/*/' | grep -q "systemctl.*try-restart"
register: ovs_packaging_issue
failed_when: false
- name: Upgrade openvswitch
block:
- name: "Ensure empty directory: emptying."
file:
state: absent
path: /root/OVS_UPGRADE
- name: "Ensure empty directory: creating."
file:
state: directory
path: /root/OVS_UPGRADE
owner: root
group: root
mode: 0750
- name: Make yum cache.
command: yum makecache
- name: Download OVS packages.
command: yumdownloader --destdir /root/OVS_UPGRADE --resolve openvswitch
- name: Get rpm list for manual upgrade of OVS.
shell: ls -1 /root/OVS_UPGRADE/*.rpm
register: ovs_list_of_rpms
- name: Manual upgrade of OVS
shell: |
rpm -U --replacepkgs --notriggerun --nopostun {{item}}
args:
chdir: /root/OVS_UPGRADE
with_items:
- "{{ovs_list_of_rpms.stdout_lines}}"
when:
- step|int == 2
- run_ovs_update|bool
- ovs_packaging_issue.rc == 0 | default(false)
- ovs_need_upgrade.stdout|default('')
- name: Install libibverbs (https://bugs.launchpad.net/tripleo/+bug/1817743) - name: Install libibverbs (https://bugs.launchpad.net/tripleo/+bug/1817743)
when: step|int == 2 when: step|int == 2
package: package:
name: libibverbs name: libibverbs
state: installed state: installed
# The openvswitch package disables the systemd service on install. When installing
# the layered product we prevent the service from being killed, but it doesn't
# do anything to prevent the systemd service from being removed and it is not
# re-enabled by default by the new package.
- name: Always ensure the openvswitch service is enabled and running after upgrades
when: step|int == 2
service:
name: openvswitch
enabled: yes
state: started
- name: Check for os-net-config upgrade - name: Check for os-net-config upgrade
shell: "yum check-upgrade | awk '/os-net-config/{print}'" shell: "yum check-upgrade | awk '/os-net-config/{print}'"
register: os_net_config_need_upgrade register: os_net_config_need_upgrade
@ -577,6 +443,19 @@ outputs:
- name: Set boolean skip_package_update - name: Set boolean skip_package_update
set_fact: set_fact:
skip_package_update: {get_param: SkipPackageUpdate} skip_package_update: {get_param: SkipPackageUpdate}
- name: Special treatment for OpenvSwitch
tripleo_ovs_upgrade:
when:
- step|int == 2
register: ovs_upgrade
- name: Always ensure the openvswitch service is enabled and running after upgrades
service:
name: openvswitch
enabled: yes
state: started
when:
- step|int == 2
- ovs_upgrade.changed|bool
# Exclude ansible until https://github.com/ansible/ansible/issues/56636 # Exclude ansible until https://github.com/ansible/ansible/issues/56636
# is available # is available
- name: Update all packages - name: Update all packages
@ -587,13 +466,15 @@ outputs:
name: '*' name: '*'
state: latest state: latest
exclude: ansible exclude: ansible
# This is failsafe unless openvswitch package does something to the systemd service state. # This is failsafe unless openvswitch package does something
# to the systemd service state.
- name: Ensure openvswitch is running after update - name: Ensure openvswitch is running after update
when: step|int == 3 when: step|int == 3
service: service:
name: openvswitch name: openvswitch
enabled: yes enabled: yes
state: started state: started
ignore_errors: true
fast_forward_upgrade_tasks: fast_forward_upgrade_tasks:
- block: - block:
- name: set is_bootstrap_node fact - name: set is_bootstrap_node fact

View File

@ -60,153 +60,19 @@ outputs:
- step|int == 0 - step|int == 0
- ansible_distribution == 'RedHat' - ansible_distribution == 'RedHat'
- not (skip_rhel_enforcement | bool) - not (skip_rhel_enforcement | bool)
# With the layered product packaging, the key package is rhosp-openvswitch. It depends on - name: Special treatment for OpenvSwitch
# a openvswitch package that includes the version as part of the name (e.g openvswitch2.10). tripleo_ovs_upgrade:
# This requires some additional special handling:
# - During an upgrade the package name for openvswitch may change so
# upgrading the currently installed package won't do anything.
# - The rhosp-openvswitch package "obsoletes" several packages,
# including older openvswitch packages. This results in a pretty
# severe uninstall/install sequence of operations that stops and
# removes openvswitch which could break network links required to
# continue the upgrade.
# - To prevent rhosp-openvswitch breaking connectivity, the currently
# installed core openvswitch packages need to be erased from the rpm
# database but leave the binaries intact. This effectively
# short-circuits the obsoletes mechanism in rhosp-openvswitch and
# leaves the core elements of openvswitch running. In the future we
# may replace this mechanism with "an upgrade on reboot". We only
# do this for the core openvswitch packages so other packages
# obsoleted by rhosp-openvswitch will be removed when
# rhosp-openvswitch is installed/upgraded.
# - Neither the rhosp-openvswitch nor openvswitch{m.n} package enables
# or starts the systemd service so there must always be a task
# to ensure that it is enabled or OpenvSwitch functionality won't be
# available on reboot.
# - With LP, we expect that the core openvswitch package name will
# change with every major upgrade so this special handling will
# eventually replace the special handling of upgrading the
# openvswitch package "in place"
- name: Get current OpenvSwitch package name
register: ovs_pkg_out
shell:
rpm -qa | awk -F- '/^(openvswitch[0-9]+\.[0-9]+-[0-9]+\.[0-9]+\.[-0]+-|openvswitch-2)/{print $1}'
- name: Don't update if not present
set_fact:
run_ovs_update: "{{ (ovs_pkg_out.stdout | length) > 0 }}"
- name: Block for gathering information for upgrading OpenvSwitch layered product packaging
when: when:
- step|int == 2 - step|int == 2
- run_ovs_update|bool register: ovs_upgrade
block:
- name: Process rhosp-openvswitch layered package for new version number
shell: |
set -o pipefail
yum info -q rhosp-openvswitch | awk '/^Version/{print $NF}'
register: rhosp_package_result
failed_when: false
- name: Set fact for triggering OpenvSwitch layered product package handling
set_fact:
ovs_lp_packaging: "{{ rhosp_package_result.rc == 0 }}"
- name: Capture the expected OpenvSwitch version.
set_fact:
new_ovs_version: "{{ rhosp_package_result.stdout }}"
when: ovs_lp_packaging|default(false)
- name: Get version from current OpenvSwitch package
register: ovs_version_out
shell:
rpm -qi "{{ ovs_pkg_out.stdout }}" | awk '/^Version/{print $NF}'
- name: split numeric version for OpenvSwitch into parts
set_fact:
ovs_version_parts: "{{ ovs_version_out.stdout.split('.') }}"
- name: get major minor version for OpenvSwitch package naming
set_fact:
current_ovs_version: "{{ ovs_version_parts[0] }}.{{ ovs_version_parts[1] }}"
- name: get OpenvSwitch major version
set_fact:
current_ovs_major_version: "{{ ovs_version_parts[0]|int }}"
- name: get OpenvSwitch minor version
set_fact:
current_ovs_minor_version: "{{ ovs_version_parts[1]|int }}"
- name: Block for upgrading OpenvSwitch when layer package is present
when:
- step|int == 2
- ovs_lp_packaging|default(false)
block:
- name: set current OpenvSwitch package suffix if old version is layered product format
set_fact:
package_suffix: "{{ current_ovs_version }}"
when:
- current_ovs_major_version|int >= 3 or current_ovs_minor_version|int >=10
- name: remove old OpenvSwitch package(s) if version doesn't match
shell: |
rpm -e --noscripts --nopreun --nopostun --notriggers --nodeps $(rpm -qa 'openvswitch{{ package_suffix|default('') }}*' | grep -v 'selinux')
args:
warn: false
when: new_ovs_version != current_ovs_version
- name: install/upgrade OpenvSwitch LP package
package:
name: rhosp-openvswitch
state: latest
- name: set flag to skip other upgrade steps since OpenvSwitch is already upgraded!
set_fact:
run_ovs_update: false
- name: Check for openvswitch upgrade if not layered package installs
when:
- step|int == 2
- run_ovs_update|bool
block:
- name: check if an upgrade is required
register: ovs_need_upgrade
failed_when: false
shell: |
yum check-upgrade openvswitch | awk '/openvswitch/{print}'
- name: Check openvswitch packaging.
shell: rpm -q --scripts openvswitch | awk '/postuninstall/,/*/' | grep -q "systemctl.*try-restart"
register: ovs_packaging_issue
failed_when: false
- name: Upgrade openvswitch
block:
- name: "Ensure empty directory: emptying."
file:
state: absent
path: /root/OVS_UPGRADE
- name: "Ensure empty directory: creating."
file:
state: directory
path: /root/OVS_UPGRADE
owner: root
group: root
mode: 0750
- name: Make yum cache.
command: yum makecache
- name: Download OVS packages.
command: yumdownloader --destdir /root/OVS_UPGRADE --resolve openvswitch
- name: Get rpm list for manual upgrade of OVS.
shell: ls -1 /root/OVS_UPGRADE/*.rpm
register: ovs_list_of_rpms
- name: Manual upgrade of OVS
shell: |
rpm -U --replacepkgs --notriggerun --nopostun {{item}}
args:
chdir: /root/OVS_UPGRADE
with_items:
- "{{ovs_list_of_rpms.stdout_lines}}"
when:
- step|int == 2
- run_ovs_update|bool
- ovs_packaging_issue.rc == 0 | default(false)
- ovs_need_upgrade.stdout|default('')
# The openvswitch package disables the systemd service on install. When installing
# the layered product we prevent the service from being killed, but it doesn't
# do anything to prevent the systemd service from being removed and it is not
# re-enabled by default by the new package.
- name: Always ensure the openvswitch service is enabled and running after upgrades - name: Always ensure the openvswitch service is enabled and running after upgrades
when: step|int == 2
service: service:
name: openvswitch name: openvswitch
enabled: yes enabled: yes
state: started state: started
when:
- step|int == 2
- ovs_upgrade.changed|bool
# Exclude ansible until https://github.com/ansible/ansible/issues/56636 # Exclude ansible until https://github.com/ansible/ansible/issues/56636
# is available # is available
- name: Update all packages - name: Update all packages