Prevent accidental downgrades of RabbitMQ
As version-check.yml is added to deploy.yml, we must make sure the tasks are only run when the rabbitmq container exists. Change-Id: Iaa31bae739110094affb5e402ed9ac40b153ac3d
This commit is contained in:
parent
7a9b0db708
commit
f5ad7829c3
@ -1,4 +1,6 @@
|
|||||||
---
|
---
|
||||||
|
- import_tasks: version-check.yml
|
||||||
|
|
||||||
- include_tasks: remove-ha-all-policy.yml
|
- include_tasks: remove-ha-all-policy.yml
|
||||||
when:
|
when:
|
||||||
- not om_enable_rabbitmq_high_availability | bool
|
- not om_enable_rabbitmq_high_availability | bool
|
||||||
|
@ -1,59 +1,81 @@
|
|||||||
---
|
---
|
||||||
- block:
|
- block:
|
||||||
- name: Get current RabbitMQ version
|
- name: Get container facts
|
||||||
vars:
|
|
||||||
service_name: "rabbitmq"
|
|
||||||
service: "{{ rabbitmq_services[service_name] }}"
|
|
||||||
become: true
|
become: true
|
||||||
command: "{{ kolla_container_engine }} exec {{ service.container_name }} rabbitmqctl --version"
|
kolla_container_facts:
|
||||||
register: rabbitmq_version_current
|
action: get_containers
|
||||||
changed_when: false
|
container_engine: "{{ kolla_container_engine }}"
|
||||||
|
name:
|
||||||
|
- "{{ service.container_name }}"
|
||||||
|
register: container_facts
|
||||||
|
|
||||||
- name: Get new RabbitMQ version
|
- block:
|
||||||
become: true
|
- name: Get current RabbitMQ version
|
||||||
vars:
|
become: true
|
||||||
rabbitmq_container: "{{ rabbitmq_services['rabbitmq'] }}"
|
command: "{{ kolla_container_engine }} exec {{ service.container_name }} rabbitmqctl --version"
|
||||||
kolla_container:
|
register: rabbitmq_version_current
|
||||||
action: "start_container"
|
changed_when: false
|
||||||
command: "rabbitmqctl --version"
|
|
||||||
detach: false
|
|
||||||
environment:
|
|
||||||
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
|
|
||||||
image: "{{ rabbitmq_container.image }}"
|
|
||||||
name: "rabbitmq_version_check"
|
|
||||||
restart_policy: oneshot
|
|
||||||
volumes: "{{ rabbitmq_default_volumes + rabbitmq_extra_volumes }}"
|
|
||||||
register: rabbitmq_version_new
|
|
||||||
failed_when: false
|
|
||||||
check_mode: false
|
|
||||||
|
|
||||||
# As an example, when the new RabbitMQ version is 3.13.6:
|
- name: Get new RabbitMQ version
|
||||||
# new_major_version = 3
|
become: true
|
||||||
# new_minor_version = 13
|
vars:
|
||||||
# new_version = 3.13
|
rabbitmq_container: "{{ rabbitmq_services['rabbitmq'] }}"
|
||||||
# And if the current RabbitMQ version is 3.11.28:
|
kolla_container:
|
||||||
# upgrade_version = 3.12
|
action: "start_container"
|
||||||
- name: Check if running RabbitMQ is at most one version behind
|
command: "rabbitmqctl --version"
|
||||||
vars:
|
container_engine: "{{ kolla_container_engine }}"
|
||||||
current_version_major: "{{ rabbitmq_version_current.stdout | regex_search('^[0-9]+') }}"
|
detach: false
|
||||||
current_version_minor: "{{ rabbitmq_version_current.stdout | regex_search('(?<=.)[^.].') }}"
|
environment:
|
||||||
current_version: "{{ rabbitmq_version_current.stdout | regex_replace('.[^.]+$', '') }}"
|
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
|
||||||
new_version_major: "{{ rabbitmq_version_new.stdout | regex_search('^[0-9]+') }}"
|
image: "{{ rabbitmq_container.image }}"
|
||||||
new_version_minor: "{{ rabbitmq_version_new.stdout | regex_search('(?<=.)[^.].') }}"
|
name: "rabbitmq_version_check"
|
||||||
new_version: "{{ rabbitmq_version_new.stdout | regex_replace('.[^.]+$', '') }}"
|
restart_policy: oneshot
|
||||||
# Note: this assumes 3.13 will be the last release before 4.0.
|
volumes: "{{ rabbitmq_default_volumes + rabbitmq_extra_volumes }}"
|
||||||
upgrade_version: "{{ '4.0' if current_version == '3.13' else current_version_major + '.' + (current_version_minor | int + 1) | string }}"
|
register: rabbitmq_version_new
|
||||||
assert:
|
failed_when: false
|
||||||
that: (current_version_major == new_version_major and
|
check_mode: false
|
||||||
new_version_minor | int - current_version_minor | int <= 1) or
|
|
||||||
(new_version | float == 4.0 and current_version | float == 3.13)
|
# As an example, when the new RabbitMQ version is 3.13.6:
|
||||||
fail_msg: >
|
# new_major_version = 3
|
||||||
Looks like you're trying to run a skip-release upgrade!
|
# new_minor_version = 13
|
||||||
RabbitMQ must be at most one version behind the target release version ({{ rabbitmq_version_new.stdout | trim }}) to run this upgrade.
|
# new_version = 3.13
|
||||||
You are running {{ rabbitmq_version_current.stdout }}.
|
# And if the current RabbitMQ version is 3.11.28:
|
||||||
Please first upgrade to {{ upgrade_version }} with the command ``kolla-ansible rabbitmq-upgrade {{ upgrade_version }}``.
|
# upgrade_version = 3.12
|
||||||
See these docs for more details: https://docs.openstack.org/kolla-ansible/latest/reference/message-queues/rabbitmq.html#slurp
|
- name: Check if running RabbitMQ is at most one version behind
|
||||||
|
vars:
|
||||||
|
current_version_major: "{{ rabbitmq_version_current.stdout | regex_search('^[0-9]+') }}"
|
||||||
|
current_version_minor: "{{ rabbitmq_version_current.stdout | regex_search('(?<=.)[^.].') }}"
|
||||||
|
current_version: "{{ rabbitmq_version_current.stdout | regex_replace('.[^.]+$', '') }}"
|
||||||
|
new_version_major: "{{ rabbitmq_version_new.stdout | regex_search('^[0-9]+') }}"
|
||||||
|
new_version_minor: "{{ rabbitmq_version_new.stdout | regex_search('(?<=.)[^.].') }}"
|
||||||
|
new_version: "{{ rabbitmq_version_new.stdout | regex_replace('.[^.]+$', '') }}"
|
||||||
|
# Note: this assumes 3.13 will be the last release before 4.0.
|
||||||
|
upgrade_version: "{{ '4.0' if current_version == '3.13' else current_version_major + '.' + (current_version_minor | int + 1) | string }}"
|
||||||
|
assert:
|
||||||
|
that: (current_version_major == new_version_major and
|
||||||
|
new_version_minor | int - current_version_minor | int <= 1) or
|
||||||
|
(new_version | float == 4.0 and current_version | float == 3.13)
|
||||||
|
fail_msg: >
|
||||||
|
Looks like you're trying to run a skip-release upgrade!
|
||||||
|
RabbitMQ must be at most one version behind the target release version ({{ rabbitmq_version_new.stdout | trim }}) to run this upgrade.
|
||||||
|
You are running {{ rabbitmq_version_current.stdout }}.
|
||||||
|
Please first upgrade to {{ upgrade_version }} with the command ``kolla-ansible rabbitmq-upgrade {{ upgrade_version }}``.
|
||||||
|
See these docs for more details: https://docs.openstack.org/kolla-ansible/latest/reference/message-queues/rabbitmq.html#slurp
|
||||||
|
|
||||||
|
- name: Catch when RabbitMQ is being downgraded
|
||||||
|
assert:
|
||||||
|
that: rabbitmq_version_current.stdout is version(rabbitmq_version_new.stdout | trim, 'le', version_type='semver')
|
||||||
|
fail_msg: >
|
||||||
|
Looks like you're about to downgrade RabbitMQ from version {{ rabbitmq_version_current.stdout }} to version {{ rabbitmq_version_new.stdout | trim }}.
|
||||||
|
If you're absolutely certain you want to do this, please skip the tag `rabbitmq-version-check`.
|
||||||
|
Otherwise, see these docs for how to pin the version of RabbitMQ:
|
||||||
|
https://docs.openstack.org/kolla-ansible/latest/reference/message-queues/rabbitmq.html#rabbitmq-versions
|
||||||
|
|
||||||
|
when: container_facts[service.container_name] is defined
|
||||||
|
|
||||||
delegate_to: "{{ groups[role_rabbitmq_groups] | first }}"
|
delegate_to: "{{ groups[role_rabbitmq_groups] | first }}"
|
||||||
run_once: true
|
run_once: true
|
||||||
tags: rabbitmq-version-check
|
tags: rabbitmq-version-check
|
||||||
|
vars:
|
||||||
|
service_name: "rabbitmq"
|
||||||
|
service: "{{ rabbitmq_services[service_name] }}"
|
||||||
|
@ -0,0 +1,5 @@
|
|||||||
|
---
|
||||||
|
fixes:
|
||||||
|
- |
|
||||||
|
Adds a check to stop deploying/upgrading the RabbitMQ containers if it
|
||||||
|
will result in downgrading the version of RabbitMQ running.
|
Loading…
Reference in New Issue
Block a user