8 files changed, 75 insertions, 93 deletions

diff --git a/extraconfig/nova_metadata/krb-service-principals.yaml b/extraconfig/nova_metadata/krb-service-principals.yaml
index c66e6460..56d3cbc0 100644
--- a/extraconfig/nova_metadata/krb-service-principals.yaml
+++ b/extraconfig/nova_metadata/krb-service-principals.yaml
@@ -46,7 +46,7 @@ resources:
           # Filter null values and values that contain don't contain
           # 'metadata_settings', get the values from that key and get the
           # unique ones.
-          expression: list($.data.where($ != null).where($.containsKey('metadata_settings')).metadata_settings.flatten().distinct())
+          expression: list(coalesce($.data, []).where($ != null).where($.containsKey('metadata_settings')).metadata_settings.flatten().distinct())
           data: {get_param: RoleData}
 
   # Generates entries for nova metadata with the following format:
@@ -57,7 +57,7 @@ resources:
     properties:
       value:
         yaql:
-          expression: let(fqdns => $.data.fqdns) -> dict($.data.metadata.where($ != null and $.type = 'vip').select([concat('managed_service_', $.service, $.network), concat($.service, '/', $fqdns.get($.network))]))
+          expression: let(fqdns => $.data.fqdns) -> dict(coalesce($.data.metadata, []).where($ != null and $.type = 'vip').select([concat('managed_service_', $.service, $.network), concat($.service, '/', $fqdns.get($.network))]))
           data:
             metadata: {get_attr: [IncomingMetadataSettings, value]}
             fqdns:
@@ -72,7 +72,7 @@ resources:
     properties:
       value:
         yaql:
-          expression: dict($.data.where($ != null and $.type = 'node').select([$.service, $.network.replace('_', '')]).groupBy($[0], $[1]))
+          expression: dict(coalesce($.data, []).where($ != null and $.type = 'node').select([$.service, $.network.replace('_', '')]).groupBy($[0], $[1]))
           data: {get_attr: [IncomingMetadataSettings, value]}
 
 outputs:
diff --git a/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml b/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml
index e8316c53..30a83550 100644
--- a/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml
+++ b/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml
@@ -53,6 +53,12 @@ parameters:
     type: string
   rhel_reg_http_proxy_password:
     type: string
+  UpdateOnRHELRegistration:
+    type: boolean
+    default: false
+    description: |
+      When enabled, the system will perform a yum update after performing the
+      RHEL Registration process.
 
 resources:
 
@@ -134,6 +140,37 @@ resources:
       input_values:
         REG_METHOD: {get_param: rhel_reg_method}
 
+  YumUpdateConfigurationAfterRHELRegistration:
+    type: OS::Heat::SoftwareConfig
+    properties:
+      group: script
+      config: |
+        #!/bin/bash
+        set -x
+        num_updates=$(yum list -q updates | wc -l)
+        if [ "$num_updates" -eq "0" ]; then
+           echo "No packages require updating"
+           exit 0
+        fi
+        full_command="yum -q -y update"
+        echo "Running: $full_command"
+        result=$($full_command)
+        return_code=$?
+        echo "$result"
+        echo "yum return code: $return_code"
+        exit $return_code
+
+  UpdateDeploymentAfterRHELRegistration:
+    type: OS::Heat::SoftwareDeployment
+    depends_on: RHELRegistrationDeployment
+    conditions:
+      update_requested: {get_param: UpdateOnRHELRegistration}
+    properties:
+      name: UpdateDeploymentAfterRHELRegistration
+      config: {get_resource: YumUpdateConfigurationAfterRHELRegistration}
+      server:  {get_param: server}
+      actions: ['CREATE'] # Only do this on CREATE
+
 outputs:
   deploy_stdout:
     description: Deployment reference, used to trigger puppet apply on changes
diff --git a/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration b/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration
index 0d0fa3f1..d14ed73f 100644
--- a/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration
+++ b/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration
@@ -240,7 +240,6 @@ case "${REG_METHOD:-}" in
             retry subscription-manager $repos
             retry yum install -y katello-agent || true # needed for errata reporting to satellite6
             katello-package-upload
-            retry subscription-manager repos --disable ${satellite_repo}
         else
             pushd /usr/share/rhn/
             curl --retry ${retry_max_count} --retry-delay 10 --max-time 30 -k -O $REG_SAT_URL/pub/RHN-ORG-TRUSTED-SSL-CERT
diff --git a/extraconfig/tasks/pacemaker_common_functions.sh b/extraconfig/tasks/pacemaker_common_functions.sh
index aae4a2de..4480f74d 100755
--- a/extraconfig/tasks/pacemaker_common_functions.sh
+++ b/extraconfig/tasks/pacemaker_common_functions.sh
@@ -299,9 +299,10 @@ function systemctl_swift {
 }
 
 # Special-case OVS for https://bugs.launchpad.net/tripleo/+bug/1635205
+# Update condition and add --notriggerun for +bug/1669714
 function special_case_ovs_upgrade_if_needed {
-    if [[ -n $(rpm -q --scripts openvswitch | awk '/postuninstall/,/*/' | grep "systemctl.*try-restart") ]]; then
-        echo "Manual upgrade of openvswitch - restart in postun detected"
+    if rpm -qa | grep "^openvswitch-2.5.0-14" || rpm -q --scripts openvswitch | awk '/postuninstall/,/*/' | grep "systemctl.*try-restart" ; then
+        echo "Manual upgrade of openvswitch - ovs-2.5.0-14 or restart in postun detected"
         rm -rf OVS_UPGRADE
         mkdir OVS_UPGRADE && pushd OVS_UPGRADE
         echo "Attempting to downloading latest openvswitch with yumdownloader"
@@ -310,8 +311,8 @@ function special_case_ovs_upgrade_if_needed {
             if rpm -U --test $pkg 2>&1 | grep "already installed" ; then
                 echo "Looks like newer version of $pkg is already installed, skipping"
             else
-                echo "Updating $pkg with nopostun option"
-                rpm -U --replacepkgs --nopostun $pkg
+                echo "Updating $pkg with --nopostun --notriggerun"
+                rpm -U --replacepkgs --nopostun --notriggerun $pkg
             fi
         done
         popd
diff --git a/extraconfig/tasks/swift-ring-deploy.yaml b/extraconfig/tasks/swift-ring-deploy.yaml
deleted file mode 100644
index d17f78ae..00000000
--- a/extraconfig/tasks/swift-ring-deploy.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
-heat_template_version: ocata
-
-parameters:
-  servers:
-    type: json
-  SwiftRingGetTempurl:
-    default: ''
-    description: A temporary Swift URL to download rings from.
-    type: string
-
-resources:
-  SwiftRingDeployConfig:
-    type: OS::Heat::SoftwareConfig
-    properties:
-      group: script
-      inputs:
-        - name: swift_ring_get_tempurl
-      config: |
-        #!/bin/sh
-        pushd /
-        curl --insecure --silent "${swift_ring_get_tempurl}" | tar xz || true
-        popd
-
-  SwiftRingDeploy:
-    type: OS::Heat::SoftwareDeployments
-    properties:
-      name: SwiftRingDeploy
-      config: {get_resource: SwiftRingDeployConfig}
-      servers:  {get_param: servers}
-      input_values:
-        swift_ring_get_tempurl: {get_param: SwiftRingGetTempurl}
diff --git a/extraconfig/tasks/swift-ring-update.yaml b/extraconfig/tasks/swift-ring-update.yaml
deleted file mode 100644
index 440c6883..00000000
--- a/extraconfig/tasks/swift-ring-update.yaml
+++ /dev/null
@@ -1,42 +0,0 @@
-heat_template_version: ocata
-
-parameters:
-  servers:
-    type: json
-  SwiftRingPutTempurl:
-    default: ''
-    description: A temporary Swift URL to upload rings to.
-    type: string
-
-resources:
-  SwiftRingUpdateConfig:
-    type: OS::Heat::SoftwareConfig
-    properties:
-      group: script
-      inputs:
-        - name: swift_ring_put_tempurl
-      config: |
-        #!/bin/sh
-        TMP_DATA=$(mktemp -d)
-        function cleanup {
-          rm -Rf "$TMP_DATA"
-        }
-        trap cleanup EXIT
-        # sanity check in case rings are not consistent within cluster
-        swift-recon --md5 | grep -q "doesn't match" && exit 1
-        pushd ${TMP_DATA}
-        tar -cvzf swift-rings.tar.gz /etc/swift/*.builder /etc/swift/*.ring.gz /etc/swift/backups/*
-        resp=`curl --insecure --silent -X PUT "${swift_ring_put_tempurl}" --write-out "%{http_code}" --data-binary @swift-rings.tar.gz`
-        popd
-        if [ "$resp" != "201" ]; then
-            exit 1
-        fi
-
-  SwiftRingUpdate:
-    type: OS::Heat::SoftwareDeployments
-    properties:
-      name: SwiftRingUpdate
-      config: {get_resource: SwiftRingUpdateConfig}
-      servers: {get_param: servers}
-      input_values:
-        swift_ring_put_tempurl: {get_param: SwiftRingPutTempurl}
diff --git a/extraconfig/tasks/tripleo_upgrade_node.sh b/extraconfig/tasks/tripleo_upgrade_node.sh
index 24211ab0..a5a312dc 100644
--- a/extraconfig/tasks/tripleo_upgrade_node.sh
+++ b/extraconfig/tasks/tripleo_upgrade_node.sh
@@ -28,12 +28,15 @@ SCRIPT_NAME=$(basename $0)
 $(declare -f log_debug)
 $(declare -f manage_systemd_service)
 $(declare -f systemctl_swift)
+$(declare -f special_case_ovs_upgrade_if_needed)
 
 # pin nova messaging +-1 for the nova-compute service
 if [[ -n \$NOVA_COMPUTE ]]; then
     crudini  --set /etc/nova/nova.conf upgrade_levels compute auto
 fi
 
+special_case_ovs_upgrade_if_needed
+
 if [[ -n \$SWIFT_STORAGE ]]; then
     systemctl_swift stop
 fi
diff --git a/extraconfig/tasks/yum_update.sh b/extraconfig/tasks/yum_update.sh
index 3bf72f14..20a5b658 100755
--- a/extraconfig/tasks/yum_update.sh
+++ b/extraconfig/tasks/yum_update.sh
@@ -40,9 +40,17 @@ touch "$timestamp_file"
 
 command_arguments=${command_arguments:-}
 
-list_updates=$(yum list updates)
-
-if [[ "$list_updates" == "" ]]; then
+# yum check-update exits 100 if updates are available
+set +e
+check_update=$(yum check-update 2>&1)
+check_update_exit=$?
+set -e
+
+if [[ "$check_update_exit" == "1" ]]; then
+    echo "Failed to check for package updates"
+    echo "$check_update"
+    exit 1
+elif [[ "$check_update_exit" != "100" ]]; then
     echo "No packages require updating"
     exit 0
 fi
@@ -70,6 +78,9 @@ if [[ "$pacemaker_status" == "active" && \
     fi
 fi
 
+# special case https://bugs.launchpad.net/tripleo/+bug/1635205 +bug/1669714
+special_case_ovs_upgrade_if_needed
+
 if [[ "$pacemaker_status" == "active" ]] ; then
     echo "Pacemaker running, stopping cluster node and doing full package update"
     node_count=$(pcs status xml | grep -o "<nodes_configured.*/>" | grep -o 'number="[0-9]*"' | grep -o "[0-9]*")
@@ -113,15 +124,19 @@ if [[ "$pacemaker_status" == "active" ]] ; then
         fi
     done
 
-    tstart=$(date +%s)
-    while ! clustercheck; do
-        sleep 5
-        tnow=$(date +%s)
-        if (( tnow-tstart > galera_sync_timeout )) ; then
-            echo "ERROR galera sync timed out"
-            exit 1
-        fi
-    done
+    RETVAL=$( pcs resource show galera-master | grep wsrep_cluster_address | grep -q `crm_node -n` ; echo $? )
+
+    if [[ $RETVAL -eq 0 && -e /etc/sysconfig/clustercheck ]]; then
+        tstart=$(date +%s)
+        while ! clustercheck; do
+            sleep 5
+            tnow=$(date +%s)
+            if (( tnow-tstart > galera_sync_timeout )) ; then
+                echo "ERROR galera sync timed out"
+                exit 1
+            fi
+        done
+    fi
 
     echo "Waiting for pacemaker cluster to settle"
     if ! timeout -k 10 $cluster_settle_timeout crm_resource --wait; then