23 Commits

Author SHA1 Message Date
Zuul
2e231cf7ab Merge "Upgrade mariadb storage during upgrade tasks" 2021-02-26 02:11:10 +00:00
Damien Ciabrini
712cfcc71b Upgrade mariadb storage during upgrade tasks
When a tripleo major upgrade or FFU causes an update or mariadb
to a new major version (e.g. 10.1 -> 10.3), some internal DB
tables must be upgraded (myisam tables), and sometimes the
existing user tables may be migrated to new mariadb defaults.

Move the db-specific upgrade steps into a dedicated script and
make sure that it is called at the right time while upgrading
the undercloud and/or the overcloud.

Closes-Bug: #1913438

Change-Id: I92353622994b28c895d95bdcbe348a73b6c6bb99
2021-02-16 09:08:40 +01:00
ramishra
7f195ff9a8 Remove DefaultPasswords interface
This was mainly there as an legacy interface which was
for internal use. Now that we pull the passwords from
the existing environment and don't use it, we can drop
this.

Reduces a number of heat resources.

Change-Id: If83d0f3d72a229d737a45b2fd37507dc11a04649
2021-02-12 11:38:44 +05:30
Damien Ciabrini
e8ddc606b2 Remove race during mysql database creation
The mysql database is create by container mysql_bootstrap,
which let Kolla run mysqld_safe temporarily, and then
let TripleO run it for additional setup.

Before running the second temporary mysqld server, make
sure that the mysqld_safe script started by Kolla is
always stopped, to avoid any race condition that would
cause the second mysqld_safe server to be killed by the
Kolla one.

Change-Id: Id7cf45fb95d3c8a2c5519b1a13a5651cf414a115
Co-Authored-By: Michele Baldessari <michele@acksyn.org>
Closes-Bug: #1896009
2020-09-17 16:09:50 +02:00
Jose Luis Franco Arza
8783ec9c45 Remove ffwd-upgrade leftovers from THT.
Now that the FFU process relies on the upgrade_tasks and deployment
tasts there is no need to keep the old fast_forward_upgrade_tasks.

This patch removes all the fast_forward_upgrade_tasks section from
the services, as well as from the common structures.

Change-Id: I39b8a846145fdc2fb3d0f6853df541c773ee455e
2020-07-23 15:33:25 +00:00
Jose Luis Franco Arza
94bc023390 Add mode option when creating persistent directories.
Almost every single tripleo service creates a persistent directory. To
simplify the creation, a with_items structure was being used. In which
many times, the mode option was being set. However, that mode option
was not taken into account at the time of creating the file. As a
consequence, the directory was being created with its father directory
rights, instead of the ones being passed in the template.

Change-Id: I215db2bb79029c19ab8c62a7ae8d93cec50fb8dc
Closes-Bug: #1871231
2020-04-20 15:37:08 +02:00
Takashi Kajinami
fffdcf0f30 Use absolute name to include puppet classes
Current puppet modules uses only absolute name to include classes,
so replace relative name by absolute name in template files so that
template description can be consistent with puppet implementation.

Change-Id: I7a704d113289d61ed05f7a31d65caf2908a7994a
2020-04-11 08:13:23 +09:00
Cédric Jeanneret
0875895553 Replace svirt_sandbox_file_t by container_file_t
While they are, at SELinux level, exactly the same (one is an alias to
the other), the "container_file_t" name is easier to understand (and
shorter to write).

A second pass in a couple of days or weeks will be needed in order to
change files that were merged after this first pass.

Change-Id: Ib4b3e65dbaeb5894403301251866b9817240a9d5
2020-02-07 13:33:20 +01:00
Jesse Pretorius (odyssey4me)
2092b1303f Update ffwd-upgrade branch names
The next iteration of fast-forward-upgrade will be
from queens through to train, so we update the names
accordingly.

Change-Id: Ia6d73c33774218b70c1ed7fa9eaad882fde2eefe
2020-01-27 19:42:40 +00:00
Emilien Macchi
a4de1eac9d mysql: refactor upgrade tasks to work without paunch
We are removing Paunch, and also Podman is the only container cli
supported when it comes to upgrades, so this patch simplifies a bit how
we deal with the upgrade of MySQL container.

This submission also adds the path for the ansible modules
installed from tripleo-ansible in the tht-check job.

Change-Id: I8b01ac05bae6544119769e50501bf705b22081f3
2020-01-14 14:55:22 +01:00
Emilien Macchi
7c2fa7b8e9 mysql: move firewall_rules to mysql-container-puppet
The firewall_rules need to be in the service template and can't be in
the base, that is imported.
The current YAQL is looking for firewall_rules in the role_data:
$.data.role_data, []).where($ != null).select($.get('firewall_rules')

So moving the firewall_rules from mysql-base to mysql-container-puppet
will allow the data to be found by the query and the firewall rules to
be applied.

Change-Id: I6183cdf63ea628cc86742d56b5e2cc0ec5e3aab9
Closes-Bug: #1856864
2019-12-18 10:47:31 -05:00
Sagi Shnaidman
016f7c6002 Remove unnecessary slash volume maps
When podman parses such volume map it removes the slash
automatically and shows in inspection volumes w/o slash.
When comparing configurations it turns to be a difference and
it breaks idempotency of containers, causing them to be recreated.

Change-Id: Ifdebecc8c7975b6f5cfefb14b0133be247b7abf0
2019-12-04 20:32:14 +02:00
Jose Luis Franco Arza
4cbae84c75 Get rid of docker removing in post_upgrade tasks.
When upgrading from Rocky to Stein we moved also from using the docker
container engine into Podman. To ensure that every single docker container
was removed after the upgrade a post_upgrade task was added which made
use of the tripleo-docker-rm role that removed the container. In this cycle,
from Stein to Train both the Undercloud and Overcloud work with Podman, so
there is no need to remove any docker container anymore.

This patch removes all the tripleo-docker-rm post-upgrade task and in those
services which only included a single task, the post-upgrade-tasks section
is also erased.

Change-Id: I5c9ab55ec6ff332056a426a76e150ea3c9063c6e
2019-11-12 16:33:38 +01:00
Alex Schultz
7906fb43be Drop legacy log folder and readme
We switched to containers a long time ago. This patch drops the
management of a /var/log/<service> directory and the creation of a
readme indicating that we've moved to containers which makes the logging
available under /var/log/containers/<service>

Change-Id: Ia4e991d5d937031ac3312f639b726a944743dd1e
2019-11-04 09:19:07 -07:00
Alex Schultz
f2147c9974 Ensure service log folder permissions
We should ensure that the service folders are 0750. We're setting
/var/log/containers but we should also ensure the service folders also
have the correct permissions.

Change-Id: I28e8017edc7e30a60288adf846da722fd6ab310e
2019-11-04 08:48:24 -07:00
Emilien Macchi
81258ae551 Convert container environment from a list to a dict
Moving all the container environments from lists to dicts, so they can
be consumed later by the podman_container ansible module which uses
dict.

Using a dict is also easier to parse, since it doesn't involve "=" for
each item in the environment to export.

Change-Id: I894f339cdf03bc2a93c588f826f738b0b851a3ad
Depends-On: I98c75e03d78885173d829fa850f35c52c625e6bb
2019-10-16 01:29:31 +00:00
Emilien Macchi
24a934de79 Add KOLLA_BOOTSTRAP=True to 2 bootstrap containers
keystone_bootstrap and mysql_sync_credentials are containers which need
to be run on the bootstrap node only, there is no need to run them on
other controllers. It avoids useless verbosity when they fail to
execute.

Change-Id: I4acf992e41f60a5462f8fa35964c051ca15895ba
Closes-Bug: #1840999
2019-08-21 19:55:38 -04:00
Emilien Macchi
8013f3c96c mysql: remove grep filter workaround for logs
Since I01e6c65d18f3a1889f8aaa75e2e6f68175bbc608 was landed, we don't
need the workaround which pulled out some logs we didn't want to parse.

Change-Id: Ibee22da33391a5e67de02fe08c634a887c9bfa69
Related-Bug: #1811384
2019-08-06 11:37:57 -04:00
Jose Luis Franco Arza
d1035703b7 Force removal of docker container in tripleo-docker-rm.
The tripleo-docker-rm role has been replaced by tripleo-container-rm [0].
This role will identify the docker engine via the container_cli variable
and perform a deletion of that container. However, these tasks inside the
post_upgrade_tasks section were thought to remove the old docker containers
after upgrading from rocky to stein, in which podman starts to be the
container engine by default.

For that reason, we need to ensure that the container engine in which the
containers are removed is docker, as otherwise we will be removing the
podman container and the deployment steps will fail.

Closes-Bug: #1836531
[0] - 2135446a35

Depends-On: https://review.opendev.org/#/c/671698/
Change-Id: Ib139a1d77f71fc32a49c9878d1b4a6d07564e9dc
2019-07-19 12:37:35 +00:00
Dan Prince
a68151d02a Convert Docker*Image parameters
This converts all Docker*Image parameter varients into
Container*Image varients.

The commit was autogenerated with the following shell commands:

for file in $(grep -lr Docker.*Image --include \*.yaml --exclude-dir releasenotes); do
  sed -e "s|Docker\([^ ]*Image\)|Container\1|g" -i $file
done

Change-Id: Iab06efa5616975b99aa5772a65b415629f8d7882
Depends-On: I7d62a3424ccb7b01dc101329018ebda896ea8ff3
Depends-On: Ib1dc0c08ce7971a03639acc42b1e738d93a52f98
2019-06-05 14:33:44 -06:00
Jiri Stransky
39930ed2fd Only attempt to start previous MariaDB if the image is available
On upgrade of undercloud from Rocky to Stein, we can't run this task
always. The old MariaDB image was in Docker, but after the upgrade
only Podman might be available, and it wouldn't have the previous
MariaDB image available. Our best option here is likely skipping the
redo log cleanup and hope that the redo log is clean. If this happens
to cause problems in the wild, we might need a completely different
solution (a parameter pointing to old MariaDB image url so that we can
re-download it etc.).

Change-Id: I51a338d840190c8931ab40692f727e5e0638ba40
Closes-Bug: #1821013
2019-03-20 16:01:29 +01:00
Emilien Macchi
3e62d483fc Rename docker_puppet_tasks to container_puppet_tasks
Change-Id: I23c539555fe1f9db96cd9b84fdcb4240473d55df
2019-03-05 12:07:09 -05:00
David J Peacock
6dbfde9c85 flatten database service MySQL Server
This change combines the previous puppet and docker files into a single
file that performs the docker service installation and configuration.

With this patch the baremetal version of database service MySQL Server
has been removed.

Change-Id: I407bd8d8fe9bde53609e4316b12eb0b7151552ca
Related-Blueprint: services-yaml-flattening
2019-02-28 08:36:31 -05:00