Versions Compared

Old Version 7

changes.mady.by.user Lars Erik Pedersen

Saved on

compared with

New Version 8

changes.mady.by.user Lars Erik Pedersen

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Run puppet with the rocky modules/tags
  2. Stop apache2 and puppet
  3. Purge the keystone package
  4. Run apt dist-upgrade
  5. Run puppet again
    1. This will re-install keystone (ensure that apache2 does not start - should be ensured by puppet as of the enable: false flag in hiera)
  6. Run keystone-manage doctor and ensure nothing is wrong
  7. Run keystone-manage db_sync --expand
    1. Returns nothing
  8. Run keystone-manage db_sync --migrate
    1. Returns nothing
  9. At this point, you may restart apache2 on this node
  10. Upgrade keystone on the other nodes, one at a time
    1. Basically run step 1-5 on the other nodes
  11. When all nodes are upgraded, perform the final DB sync
    1. keystone-manage db_sync --contract
  12. Remove the keystone::enabled: false and the keystone::manage_service: false hiera key from the first node, and re-run puppet
  13. Remove the keystone::sync_db: false key from hiera

Glance

To upgrade glace glance without any downtime you would need to follow the following procedure:

  1. Set glance::sync_db: false in a global hiera-file
  2. Select which glance-server to upgrade first.
    1. In the node-specific hiera for this host you should set: glance::api::enable: false followed by a puppet-run. This would stop the glance-api service on the host.
  3. Run puppet on the first host with the rocky modules/tags
  4. Run apt dist-upgrade
  5. Run glance-manage db expand
  6. Run glance-manage db migrate
  7. Remove the glance::api::enable: false from the node-specific hiera, and run puppet again. This would re-start the glance api-server on this host.
    1. Test that this api-server works.
  8. Upgrade the rest of the glance hosts (ie; step 3 + 4 for each of the remaining glance hosts)
  9. Run glance-manage dbcontract
  10. Remove glance::sync_db: false in a global hiera-file

Cinder

To upgrade cinder without any downtime, follow this procedure

  1. Run puppet on the first host with rocky modules/tags
  2. Stop puppet, apache2 and the cinder-services
  3. Run apt dist-upgrade
  4. Run cinder-manage db sync
  5. In hiera, add cinder::keystone::authtoken::www_authenticate_uri: "%{alias('ntnuopenstack::keystone::auth::uri')}"
    1. And Remove cinder::keystone::authtoken::auth_uri: "%{alias('ntnuopenstack::keystone::auth::uri')}"
  6. Re-run puppet
  7. Repeat steps 1-3 and 6 on the rest of the cinder nodes

Heat

The rolling upgrade procedure for heat includes a step where you are supposed to create a new rabbot vhost. I don't want that. Therefore, this is the cold upgrade steps

  1. Set heat::api::enabled: false and heat::engine::enabled: false and heat::api_cfn: false in hiera to stop all services
  2. Run puppet with rocky modules/tags
  3. Run apt-dist-upgrade
  4. Run heat-manage db_sync
  5. In hiera, add heat::keystone::authtoken::www_authenticate_uri: "%{alias('ntnuopenstack::keystone::auth::uri')}" to ntnuopenstack.yaml in hiera
    1. And remove heat::keystone::authtoken::auth_uri: "%{alias('ntnuopenstack::keystone::auth::uri')}"
  6. Remove the hiera keys that disabled the services and re-run puppet