...
- Run puppet with the rocky modules/tags
- Stop apache2 and puppet
- Purge the keystone package
- Run
apt dist-upgrade - Run puppet again
- This will re-install keystone (ensure that apache2 does not start - should be ensured by puppet as of the enable: false flag in hiera)
- Run keystone-manage doctor and ensure nothing is wrong
- Run
keystone-manage db_sync --expand- Returns nothing
- Run
keystone-manage db_sync --migrate- Returns nothing
- At this point, you may restart apache2 on this node
- Upgrade keystone on the other nodes, one at a time
- Basically run step 1-5 on the other nodes
- When all nodes are upgraded, perform the final DB sync
keystone-manage db_sync --contract
- Remove the
keystone::enabled: falseand thekeystone::manage_service: falsehiera key from the first node, and re-run puppet - Remove the
keystone::sync_db: falsekey from hiera
Glance
To upgrade glace without any downtime you would need to follow the following procedure:
- Set
glance::sync_db: falsein a global hiera-file - Select which glance-server to upgrade first.
- In the node-specific hiera for this host you should set:
glance::api::enable: falsefollowed by a puppet-run. This would stop the glance-api service on the host.
- In the node-specific hiera for this host you should set:
- Run puppet on the first host with the rocky modules/tags
- Run
apt dist-upgrade - Run
glance-manage db_sync expand - Run
glance-manage db_sync migrate - Remove the
glance::api::enable: falsefrom the node-specific hiera, and run puppet again. This would re-start the glance api-server on this host.- Test that this api-server works.
- Upgrade the rest of the glance hosts (ie; step 3 + 4 for each of the remaining glance hosts)
- Run
glance-manage db_synccontract