diff options
| -rw-r--r-- | extraconfig/tasks/major_upgrade_ceph_storage.sh | 77 | ||||
| -rw-r--r-- | puppet/cinder-storage.yaml | 12 | ||||
| -rw-r--r-- | puppet/controller.yaml | 3 | ||||
| -rw-r--r-- | puppet/services/horizon.yaml | 13 | ||||
| -rw-r--r-- | puppet/services/snmp.yaml | 4 |
5 files changed, 69 insertions, 40 deletions
diff --git a/extraconfig/tasks/major_upgrade_ceph_storage.sh b/extraconfig/tasks/major_upgrade_ceph_storage.sh index de42b16d..03a1c1c2 100644 --- a/extraconfig/tasks/major_upgrade_ceph_storage.sh +++ b/extraconfig/tasks/major_upgrade_ceph_storage.sh @@ -4,32 +4,89 @@ # major upgrade workflow. # set -eu +set -o pipefail UPGRADE_SCRIPT=/root/tripleo_upgrade_node.sh -cat > $UPGRADE_SCRIPT << ENDOFCAT +cat > $UPGRADE_SCRIPT << 'ENDOFCAT' +#!/bin/bash ### DO NOT MODIFY THIS FILE ### This file is automatically delivered to the ceph-storage nodes as part of the ### tripleo upgrades workflow +set -eu + +echo INFO: starting $(basename "$0") +# Exit if not running +if ! pidof ceph-osd; then + echo INFO: ceph-osd is not running, skipping + exit 0 +fi -function systemctl_ceph { - action=\$1 - systemctl \$action ceph -} +# Exit if not Hammer +INSTALLED_VERSION=$(ceph --version | awk '{print $3}') +if ! [[ "$INSTALLED_VERSION" =~ ^0\.94.* ]]; then + echo INFO: version of Ceph installed is not 0.94, skipping + exit 0 +fi -# "so that mirrors aren't rebalanced as if the OSD died" - gfidente +OSD_PIDS=$(pidof ceph-osd) +OSD_IDS=$(ls /var/lib/ceph/osd | awk 'BEGIN { FS = "-" } ; { print $2 }') + +# "so that mirrors aren't rebalanced as if the OSD died" - gfidente / leseb ceph osd set noout +ceph osd set norebalance +ceph osd set nodeep-scrub +ceph osd set noscrub + +# Stop daemon using Hammer sysvinit script +for OSD_ID in $OSD_IDS; do + service ceph stop osd.${OSD_ID} +done + +# Nice guy will return non-0 only when all failed +timeout 60 bash -c "while kill -0 ${OSD_PIDS} 2> /dev/null; do + sleep 2; +done" -systemctl_ceph stop +# Update (Ceph to Jewel) yum -y install python-zaqarclient # needed for os-collect-config yum -y update -systemctl_ceph start -ceph osd unset noout +# Restart/Exit if not on Jewel, only in that case we need the changes +UPDATED_VERSION=$(ceph --version | awk '{print $3}') +if [[ "$UPDATED_VERSION" =~ ^0\.94.* ]]; then + echo WARNING: Ceph was not upgraded, restarting daemon + for OSD_ID in $OSD_IDS; do + service ceph start osd.${OSD_ID} + done +elif [[ "$UPDATED_VERSION" =~ ^10\.2.* ]]; then + # RPM could own some of these but we can't take risks on the pre-existing files + for d in /var/lib/ceph/osd /var/log/ceph /var/run/ceph /etc/ceph; do + chown -R ceph:ceph $d + done + + # Replay udev events with newer rules + udevadm trigger && udevadm settle + + # Enable systemd unit + systemctl enable ceph-osd.target + for OSD_ID in $OSD_IDS; do + systemctl enable ceph-osd@${OSD_ID} + systemctl start ceph-osd@${OSD_ID} + done + echo INFO: Ceph was upgraded to Jewel +else + echo ERROR: Ceph was upgraded to an unknown release, daemon is stopped, need manual intervention + exit 1 +fi + +ceph osd unset noout +ceph osd unset norebalance +ceph osd unset nodeep-scrub +ceph osd unset noscrub ENDOFCAT # ensure the permissions are OK chmod 0755 $UPGRADE_SCRIPT - diff --git a/puppet/cinder-storage.yaml b/puppet/cinder-storage.yaml index 26906532..bc26df75 100644 --- a/puppet/cinder-storage.yaml +++ b/puppet/cinder-storage.yaml @@ -30,14 +30,6 @@ parameters: default: default description: Name of an existing Nova key pair to enable SSH access to the instances type: string - SnmpdReadonlyUserName: - default: ro_snmp_user - description: The user name for SNMPd with readonly rights running on all Overcloud nodes - type: string - SnmpdReadonlyUserPassword: - description: The user password for SNMPd with readonly rights running on all Overcloud nodes - type: string - hidden: true UpdateIdentifier: default: '' type: string @@ -235,8 +227,6 @@ resources: server: {get_resource: BlockStorage} config: {get_resource: BlockStorageConfig} input_values: - snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName} - snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} # Map heat metadata into hiera datafiles @@ -274,8 +264,6 @@ resources: volume: mapped_data: tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} - snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} - snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} # Resource for site-specific injection of root certificate NodeTLSCAData: diff --git a/puppet/controller.yaml b/puppet/controller.yaml index a6efe1aa..a4f87525 100644 --- a/puppet/controller.yaml +++ b/puppet/controller.yaml @@ -427,9 +427,6 @@ resources: corosync_ipv6: {get_input: corosync_ipv6} tripleo::fencing::config: {get_input: fencing_config} - # Neutron - snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} - snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} # Redis redis_vip: {get_input: redis_vip} # Firewall diff --git a/puppet/services/horizon.yaml b/puppet/services/horizon.yaml index c8ec2b2b..6ea5ec4e 100644 --- a/puppet/services/horizon.yaml +++ b/puppet/services/horizon.yaml @@ -68,19 +68,6 @@ outputs: add_listen: false priority: 10 access_log_format: '%a %l %u %t \"%r\" %>s %b \"%%{}{Referer}i\" \"%%{}{User-Agent}i\"' - # NOTE: bind IP is found in Heat replacing the network name with the local node IP - # for the given network; replacement examples (eg. for internal_api): - # internal_api -> IP - # internal_api_uri -> [IP] - # internal_api_subnet - > IP/CIDR - apache::ip: {get_param: [ServiceNetMap, HorizonNetwork]} - apache_remote_proxy_ips_network: - str_replace: - template: "NETWORK_subnet" - params: - NETWORK: {get_param: [ServiceNetMap, HorizonNetwork]} - apache::mod::remoteip::proxy_ips: - - "%{hiera('apache_remote_proxy_ips_network')}" horizon::bind_address: {get_param: [ServiceNetMap, HorizonNetwork]} horizon::django_debug: {get_param: Debug} horizon::keystone_url: {get_param: [EndpointMap, KeystoneInternal, uri]} diff --git a/puppet/services/snmp.yaml b/puppet/services/snmp.yaml index e38ccf42..4d01632d 100644 --- a/puppet/services/snmp.yaml +++ b/puppet/services/snmp.yaml @@ -35,8 +35,8 @@ outputs: value: service_name: snmp config_settings: - snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName} - snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword} + tripleo::profile::base::snmp::snmpd_user: {get_param: SnmpdReadonlyUserName} + tripleo::profile::base::snmp::snmpd_password: {get_param: SnmpdReadonlyUserPassword} tripleo.snmp.firewall_rules: '127 snmp': dport: 161 |