3fb15ad780
The major upgrade procedure has been collecting new bits over time,
but has not really had bits cleaned out of it when unnecessary. Some
parts have also never been used.
This patch does the following:
1. Consolidates the basic deploy node changes into a single playbook
which is tagged, and therefore easy to run stand alone and use
with skip-tags if necessary.
2. Removes the ceph-galaxy-removal playbook which was for the P->Q
upgrade only.
3. Removes the ansible_fact_cleanup playbook and script - the first
ran the second which was a bit pointless, given it could be done
in a playbook task instead. This has been rolled into the
deploy-config-changes playbook.
4. Removes the memcached-flush playbook which was only actually
required for the N->O upgrade. The functionality to enable the
flush more surgically was enabled via a var in the keystone role
in [a], so that can be used in the future if need be.
5. Consolidates user-secrets-adjustment into the
deploy-config-changes playbook, and also removes the var renames
which were only appropriate for the Q->R upgrade.
6. Removes the make_rst_table, migrate_openstack_vars and
test_migrate_openstack_vars scripts which do not ever appear to
have been used.
7. Changes the limited playbook run for galera_all/rabbitmq_all from
only doing lxc-containers-create.yml to all of setup_hosts to
ensure that any hosts missed out in the previous step is handled
in that step. This is useful if rabbitmq/galera are installed on
hosts instead of in containers.
8. Removed the extra backup of the /etc/openstack_deploy directory
given that it is already archived by the run-upgrade script.
9. Made the backup of the OSA configuration done in run-upgrade
idempotent.
10. Removes the reference content for upgrades, given that most of
it is duplicated and the simplified structure negates the need
for a reference guide.
11. Change the infrastructure part of the upgrade to be simpler,
and use the setup-infrastructure playbook.
[a] https://review.openstack.org/#/q/topic:bug/1793389
Related-Bug: #1808041
Change-Id: I58732dc181ee985364e97aa890987a98544ed06c
98 lines
3.5 KiB
YAML
98 lines
3.5 KiB
YAML
---
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
- name: Prepare environment and configuration for deploying the new release
|
|
hosts: localhost
|
|
connection: local
|
|
gather_facts: false
|
|
user: root
|
|
vars:
|
|
repo_root_dir: "{{ (playbook_dir ~ '/../../') | realpath }}"
|
|
ansible_python_interpreter: "/usr/bin/python"
|
|
tasks:
|
|
- name: Remove unnecessary env.d override files
|
|
shell: |
|
|
set -e
|
|
exit_code=0
|
|
if [[ -e /etc/openstack_deploy/env.d ]]; then
|
|
for f in $(diff --brief --report-identical-files /etc/openstack_deploy/env.d /opt/openstack-ansible/inventory/env.d | awk '/identical/ {print $2}' 2>/dev/null); do
|
|
echo "Deleting ${f} because it is identical to the defaults."
|
|
rm -f ${f}
|
|
exit_code=2
|
|
done
|
|
fi
|
|
exit ${exit_code}
|
|
args:
|
|
executable: /bin/bash
|
|
register: _envd_dir_cleanup
|
|
changed_when: _envd_dir_cleanup.rc == 2
|
|
failed_when: _envd_dir_cleanup.rc not in [0,2]
|
|
tags:
|
|
- identical-envd-file-cleanup
|
|
|
|
- name: Find any config files in the user-space env.d directory
|
|
find:
|
|
paths:
|
|
- "/etc/openstack_deploy/env.d"
|
|
patterns: '*.yml'
|
|
register: _envd_dir_contents
|
|
tags:
|
|
- custom-envd-file-check
|
|
|
|
- name: Halt the upgrade and warn the user to inspect the env.d files for changes
|
|
fail:
|
|
msg: |
|
|
There are files in /etc/openstack_deploy/env.d which override the default inventory
|
|
layout in {{ repo_root_dir }}/inventory/env.d. The difference between these files
|
|
should be carefully reviewed to understand whether the changes are still necessary
|
|
and applicable to the environment. If all the user-space env.d files are necessary,
|
|
then please re-run this playbook with the CLI option '--skip-tags custom-envd-file-check'.
|
|
when:
|
|
- _envd_dir_contents.matched > 0
|
|
tags:
|
|
- custom-envd-file-check
|
|
|
|
- name: Read example user secrets file
|
|
shell: "grep '^[a-zA-Z]' {{ repo_root_dir }}/etc/openstack_deploy/user_secrets.yml"
|
|
register: new_secrets
|
|
tags:
|
|
- update-secrets
|
|
|
|
- name: Read existing user secrets file
|
|
shell: "grep '^[a-zA-Z]' /etc/openstack_deploy/user_secrets.yml"
|
|
register: user_secrets
|
|
tags:
|
|
- update-secrets
|
|
|
|
- name: Add missing secrets
|
|
lineinfile:
|
|
dest: "/etc/openstack_deploy/user_secrets.yml"
|
|
line: "{{ item }}"
|
|
with_items: "{{ new_secrets.stdout_lines }}"
|
|
when:
|
|
- "user_secrets.stdout.find(item) == -1"
|
|
tags:
|
|
- update-secrets
|
|
|
|
- name: Generate new secrets
|
|
shell: "{{ repo_root_dir }}/scripts/pw-token-gen.py --file /etc/openstack_deploy/user_secrets.yml"
|
|
tags:
|
|
- update-secrets
|
|
|
|
- name: Remove fact cache to ensure a fresh one is built during the upgrade
|
|
file:
|
|
path: "/etc/openstack_deploy/ansible_facts"
|
|
state: absent
|
|
tags:
|
|
- remove-fact-cache
|