...
Check preliminari ed installazione release sul controller1
- Modificare l'HA in modo che per tutti i servizi punti al controller2 (che ha i servizi a caracal attivi)
- Controllare che tutti i servizi Openstack siano spenti
- Migrare online il db placement e nova
Code Block language bash #placement va fatto prima di nova su -s /bin/sh -c "placement-manage db online_data_migration" placement su -s /bin/sh -c "nova-manage db online_data_migration" nova su -s /bin/sh -c "cinder-manage db online_data_migrations" cinder
...
Controllare se sono installati openstack-client e selinux
Code Block language bash [root@controller-01 ~]# yum list installed | grep openstackclient python-openstackclient-lang.noarch 6.6.1-1.el9s @centos-openstack-caracal python3-openstackclient.noarch 6.6.1-1.el9s @centos-openstack-caracal [root@controller-01 ~]# yum list installed | grep openstack-selinux openstack-selinux.noarch 0.8.40-1.el9s @centos-openstack-zed
Controllare versione kernel e ceph
Code Block language bash [root@controller-01 ~]# yum list installed | grep kernel kernel.x86_64 5.14.0-427.24.1.el9_4 @anaconda kernel.x86_64 5.14.0-503.33.1.el9_5 @baseos kernel-core.x86_64 5.14.0-427.24.1.el9_4 @anaconda kernel-core.x86_64 5.14.0-503.33.1.el9_5 @baseos kernel-headers.x86_64 5.14.0-503.33.1.el9_5 @appstream kernel-modules.x86_64 5.14.0-427.24.1.el9_4 @anaconda kernel-modules.x86_64 5.14.0-503.33.1.el9_5 @baseos kernel-modules-core.x86_64 5.14.0-427.24.1.el9_4 @anaconda kernel-modules-core.x86_64 5.14.0-503.33.1.el9_5 @baseos kernel-srpm-macros.noarch 1.0-13.el9 @appstream kernel-tools.x86_64 5.14.0-503.33.1.el9_5 @baseos kernel-tools-libs.x86_64 5.14.0-503.33.1.el9_5 @baseos [root@controller-01 ~]# yum list installed | grep ceph blosc.x86_64 1.21.0-3.el9s @centos-ceph-pacific centos-release-ceph-reef.noarch 1.0-1.el9 @extras ceph-common.x86_64 2:18.2.4-2.el9s @centos-ceph-reef [root@controller-01 ~]# uname -a Linux controller-01.cloud.pd.infn.it 5.14.0-503.33.1.el9_5.x86_64 #1 SMP PREEMPT_DYNAMIC Thu Mar 20 03:39:23 EDT 2025 x86_64 x86_64 x86_64 GNU/LinuxRimuovere release Caracal
Code Block language bash yum remove centos-release-openstack-caracal.noarch
Installare Epoxy
Code Block language bash dnf install -y https://trunk.rdoproject.org/rdo_release/rdo-release.el9s.rpm (potrebbe servire) dnf install centos-release-openstack-epoxy
Salvare configurazioni che di solito vengono sovrascritte
Code Block language bash export REL=caracal cp /etc/httpd/conf.d/openstack-dashboard.conf /etc/httpd/conf.d/openstack-dashboard.conf.$REL
Update pacchetti
Code Block language bash dnf update -y dnf upgrade -y da verificare e scrivere output
Code Block language bash title risultato collapse true # DA VERIFICARE PER EPOXY # Nell’update vengono scaricati i nuovi rpm: attenzione a questi file di configurazione cp /etc/openstack-dashboard/local_settings /etc/openstack-dashboard/local_settings.$REL cp /etc/neutron/neutron.conf /etc/neutron/neutron.conf.$REL cp /etc/nova/nova.conf /etc/nova/nova.conf.$REL cp /etc/placement/placement.conf /etc/placement/placement.conf.$REL cp /etc/heat/heat.conf /etc/heat/heat.conf.$REL cp /etc/neutron/dhcp_agent.ini /etc/neutron/dhcp_agent.ini.$REL cp /etc/neutron/l3_agent.ini /etc/neutron/l3_agent.ini.$REL cp /etc/neutron/metadata_agent.ini /etc/neutron/metadata_agent.ini.$REL cp /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini.$REL cp /etc/neutron/plugins/ml2/openvswitch_agent.ini /etc/neutron/plugins/ml2/openvswitch_agent.ini.$REL cp /etc/keystone/keystone.conf /etc/keystone/keystone.conf.$REL cp /etc/glance/glance-api.conf /etc/glance/glance-api.conf.$REL cp /etc/cinder/cinder.conf /etc/cinder/cinder.conf.$REL cp /etc/httpd/conf.d/auth_openidc.conf /etc/httpd/conf.d/auth_openidc.conf.$REL mv -f /etc/openstack-dashboard/local_settings.rpmnew /etc/openstack-dashboard/local_settings mv -f /etc/neutron/neutron.conf.rpmnew /etc/neutron/neutron.conf mv -f /etc/nova/nova.conf.rpmnew /etc/nova/nova.conf mv -f /etc/placement/placement.conf.rpmnew /etc/placement/placement.conf mv -f /etc/heat/heat.conf.rpmnew /etc/heat/heat.conf mv -f /etc/neutron/dhcp_agent.ini.rpmnew /etc/neutron/dhcp_agent.ini mv -f /etc/neutron/l3_agent.ini.rpmnew /etc/neutron/l3_agent.ini mv -f /etc/neutron/metadata_agent.ini.rpmnew /etc/neutron/metadata_agent.ini mv -f /etc/neutron/plugins/ml2/ml2_conf.ini.rpmnew /etc/neutron/plugins/ml2/ml2_conf.ini mv -f /etc/neutron/plugins/ml2/openvswitch_agent.ini.rpmnew /etc/neutron/plugins/ml2/openvswitch_agent.ini mv -f /etc/keystone/keystone.conf.rpmnew /etc/keystone/keystone.conf mv -f /etc/glance/glance-api.conf.rpmnew /etc/glance/glance-api.conf mv -f /etc/cinder/cinder.conf.rpmnew /etc/cinder/cinder.conf mv -f /etc/httpd/conf.d/auth_openidc.conf.rpmnew /etc/httpd/conf.d/auth_openidc.conf
Code Block language bash Aggiorniamo le configurazioni con puppet (ATTENZIONE: modificare puppet perche' non faccia partire i servizi una volta aggiornati) puppet agent -t (il servizi devono rimanere spenti pero'...controllare)
KEYSTONE
Code Block language bash #crudini --set /etc/keystone/keystone.conf database connection mysql+pymysql://keystone:KEYSTONE_xx_yyy@192.168.60.88:4306/keystone #crudini --set /etc/keystone/keystone.conf token provider fernet su -s /bin/sh -c "keystone-manage doctor" keystone su -s /bin/sh -c "keystone-manage db_sync --expand" keystone Facciamo ripartire httpd systemctl start httpd Spegnamo Keystone sul controller2 e facciamo aggiornamento alla fine di tutti i servizi o aggiorniamo ogni servizio singolarmente? Nel caso di aggiornamento del servizio nel controller2: systemctl stop httpd dnf install -y https://trunk.rdoproject.org/rdo_release/rdo-release.el9s.rpm (potrebbe servire) dnf install centos-release-openstack-epoxy dnf update openstack-keystone httpd python3-mod_wsgi e con i file di configurazione come facciamo? systemctl start httpd su -s /bin/sh -c "keystone-manage db_sync --contract" keystone Dalla doc openstack: Update your configuration files (/etc/keystone/) on all nodes (except the first node, which you’ve already done) with those corresponding to the latest release. Upgrade all keystone nodes to the next release, and restart them one at a time. During this step, you’ll have a mix of releases operating side by side, both writing to the database. As the next release begins writing to the new schema, database triggers will also migrate the data to the old schema, keeping both data schemas in sync. Run keystone-manage db_sync --contract to remove the old schema and all data migration triggers. When this process completes, the database will no longer be able to support the previous release. Farei aggiornamento del controller2 tutto alla fine in questo caso, dopo l'aggiornamento del controller2 e fatto ripartire keystone, si deve eseguire il comando su -s /bin/sh -c "keystone-manage db_sync --contract" keystone
GLANCE
Code Block language bash # crudini --set /etc/glance/glance-api.conf database connection mysql+pymysql://glance:GLANCE_xx_yyy@192.168.60.88:5306/glance su -s /bin/sh -c "glance-manage db expand" glance su -s /bin/sh -c "glance-manage db migrate" glance systemctl start openstack-glance-api.service Spegnamo il servizio nel controller2 systemctl stop openstack-glance-api.service Quanto anche il controller2 sara' aggiornato, eseguire su -s /bin/sh -c "glance-manage db contract" glance
PLACEMENT
Code Block language bash crudini --set /etc/placement/placement.conf placement_database connection \ mysql+pymysql://placement:PLACEMENT_xx_yyy@192.168.60.88:6306/placement su -s /bin/sh -c "placement-manage db expand" placement ---> da verificare, altre guide dicono di fare solo il sync, che expand e contract non c'e' per placement... accendere il servizio placement sul controller1 e spengerlo sul controller2 systemctl stop httpd Quando il controller2 sara' aggiornato su -s /bin/sh -c "placement-manage db contract" placement ( da verificare)
NOVA
Code Block language bash #crudini --set /etc/nova/nova.conf api_database connection mysql+pymysql://nova:NOVA_xx_yyy@192.168.60.88:6306/nova_api #crudini --set /etc/nova/nova.conf database connection mysql+pymysql://nova:NOVA_xx_yyy@192.168.60.88:6306/nova #crudini --set /etc/nova/nova.conf DEFAULT transport_url rabbit://openstack:RABBIT_zzz@192.168.60.223:5672 su -s /bin/sh -c "nova-status upgrade check" nova su -s /bin/sh -c "nova-manage api_db sync" nova su -s /bin/sh -c "nova-manage db sync" nova Far partire il servizio nel controller1 e spegnerlo nel controller2 systemctl start/stop \ openstack-nova-api.service \ openstack-nova-scheduler.service \ openstack-nova-conductor.service \ openstack-nova-novncproxy.service Quando anche il controller2 e tutti i compute saranno aggiornati, eseguire di nuovo su -s /bin/sh -c "nova-manage db online_data_migrations" novaNEUTRON
Code Block language bash #crudini --set /etc/neutron/neutron.conf database connection mysql+pymysql://neutron:NEUTRON_xx_yyy@192.168.60.88:5306/neutron #crudini --set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:RABBIT_zzz@192.168.60.223:5672 #crudini --set /etc/neutron/neutron.conf DEFAULT core_plugin ml2 #crudini --set /etc/neutron/neutron.conf DEFAULT service_plugins router #crudini --set /etc/neutron/neutron.conf DEFAULT allow_overlapping_ips True #crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers flat,vlan,vxlan,gre #crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types gre #crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers openvswitch #crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 extension_drivers port_security #crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_flat flat_networks * #crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_ipset True #su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron su -s /bin/sh -c "neutron-db-manage upgrade --expand" neutron Stoppare il servizio sul controller2 systemctl stop neutron-server.service \ neutron-openvswitch-agent.service neutron-dhcp-agent.service \ neutron-metadata-agent.service systemctl stop neutron-l3-agent.service Quando anche il controller2 sara' aggiornato eseguire il comando su -s /bin/sh -c "neutron-db-manage upgrade --contract" neutron
CINDER
Code Block language bash #crudini --set /etc/cinder/cinder.conf database connection mysql+pymysql://cinder:CINDER_xx_yyy@192.168.60.88:5306/cinder #crudini --set /etc/cinder/cinder.conf DEFAULT transport_url rabbit://openstack:RABBIT_zzz@192.168.60.223:5672 su -s /bin/sh -c "cinder-manage db sync" cinder Far partire il servizio sul controller1 e stopparlo sul controller2 systemctl start/stop openstack-cinder-api.service openstack-cinder-scheduler.service Quando il controller2 sara' aggiornato rieseguire il online_data_migration su -s /bin/sh -c "cinder-manage db online_data_migrations" cinder
HEAT
Code Block language bash crudini --set /etc/heat/heat.conf database connection mysql+pymysql://heat:HEAT_xx_yyy@192.168.60.88:4306/heat crudini --set /etc/heat/heat.conf DEFAULT transport_url rabbit://openstack:RABBIT_zzz@192.168.60.223:5672 su -s /bin/sh -c "heat-manage db_sync --command expand" heat su -s /bin/sh -c "heat-manage db_sync --command migrate_data" heat Accendere il servizio sul controller1 e spegnerlo sul controller2 systemctl start/stop openstack-heat-api.service \ openstack-heat-api-cfn.service openstack-heat-engine.service Quando anche il controller2 sara' aggiornato su -s /bin/sh -c "heat-manage db_sync --command contract" heat
- DASHBOARD: nulla da fare
...