80db361d31
In situations where self signed certs are utilized for the API, the addition of the insecure is necessary to make post-redeploy-cleanup work. Change-Id: Ie5d5b6248feba5c4479567d22e74c76065725fda
123 lines
4.9 KiB
YAML
123 lines
4.9 KiB
YAML
---
|
|
# Copyright 2016, Rackspace US, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
- name: Disable/delete the services with CLIs
|
|
hosts: utility_all[0]
|
|
user: root
|
|
vars:
|
|
services:
|
|
- name: "nova"
|
|
list_command: " service-list "
|
|
awk_filter: "/_container.*down/"
|
|
awk_print_column: '$6" "$4'
|
|
delete_command: " service-disable "
|
|
post_command: "sleep 5"
|
|
- name: "nova"
|
|
list_command: " service-list "
|
|
awk_filter: "/_container.*down/"
|
|
awk_print_column: "$2"
|
|
delete_command: " service-delete "
|
|
- name: "cinder"
|
|
list_command: " service-list "
|
|
awk_filter: "/_container.*down/"
|
|
awk_print_column: '$4" "$2'
|
|
delete_command: " service-disable "
|
|
- name: "neutron"
|
|
list_command: " agent-list "
|
|
awk_filter: "/_container.*xxx/"
|
|
awk_print_column: "$2"
|
|
delete_command: " agent-update --admin-state-down "
|
|
post_command: "sleep 5"
|
|
- name: "neutron"
|
|
list_command: " agent-list "
|
|
awk_filter: "/_container.*xxx/"
|
|
awk_print_column: "$2"
|
|
delete_command: " agent-delete "
|
|
tasks:
|
|
- name: Registering what to disable
|
|
shell: |
|
|
. {{ ansible_env.HOME }}/openrc
|
|
{{ item.name }} {{ openrc_insecure |default(false) |bool |ternary('--insecure','') }} {{ item.list_command}} | awk '{{ item.awk_filter }}{print {{ item.awk_print_column }} }'
|
|
register: to_disable
|
|
with_items: "{{ services }}"
|
|
args:
|
|
executable: /bin/bash
|
|
|
|
- name: showing the list of items
|
|
debug:
|
|
msg: "We will delete the following item for {{ item.0.item.name }}: {{ item.1 }}"
|
|
with_subelements:
|
|
- to_disable.results
|
|
- stdout_lines
|
|
|
|
- name: Disabling or deleting the services/agents
|
|
shell: |
|
|
. {{ ansible_env.HOME }}/openrc
|
|
{{ item.0.item.name }} {{ openrc_insecure |default(false) |bool |ternary('--insecure','') }} {{ item.0.item.delete_command }} {{ item.1 }}
|
|
{{ item.0.item.post_command | default('')}}
|
|
with_subelements:
|
|
- to_disable.results
|
|
- stdout_lines
|
|
args:
|
|
executable: /bin/bash
|
|
|
|
- name: Apply cinder changes with cinder-manage
|
|
hosts: cinder_all[0]
|
|
user: root
|
|
tasks:
|
|
- name: Removing the cinder services with old container hostnames
|
|
shell: |
|
|
. /openstack/venvs/cinder-{{openstack_release}}/bin/activate
|
|
cinder-manage {{ openrc_insecure |default(false) |bool |ternary('--insecure','') }} service list \
|
|
| awk '/.*_container.*XXX/{print $1" "$2}'\
|
|
| while read line; do
|
|
cinder-manage {{ openrc_insecure |default(false) |bool |ternary('--insecure','') }} service remove $line;
|
|
done
|
|
args:
|
|
executable: /bin/bash
|
|
- name: Move the cinder volumes running in containers to new hostnames
|
|
shell: |
|
|
. /openstack/venvs/cinder-{{openstack_release}}/bin/activate
|
|
cinder-manage {{ openrc_insecure |default(false) |bool |ternary('--insecure','') }} service list \
|
|
| awk '/volume.*_container.*XXX/{print $2 }'\
|
|
| while IFS=@ read cinderhost cinderbackend; do
|
|
cinder-manage {{ openrc_insecure |default(false) |bool |ternary('--insecure','') }} volume update_host \
|
|
--currenthost $cinderhost@$cinderbackend \
|
|
--newhost ${cinderhost//_/-}@$cinderbackend;
|
|
done
|
|
args:
|
|
executable: /bin/bash
|
|
|
|
- name: Cleanup layer2 ports
|
|
gather_facts: no
|
|
hosts: utility_all[0]
|
|
tasks:
|
|
- name: disable and delete new ports
|
|
# list all the ports, sort them by network and then state in the reverse order.
|
|
# Save the network if there is an old dhcp port to migrate. Check if there are
|
|
# dhcp ports in the same network that are active. Print them for deletion.
|
|
shell: |
|
|
. {{ ansible_env.HOME }}/openrc
|
|
neutron {{ openrc_insecure |default(false) |bool |ternary('--insecure','') }} port-list -c id -c device_owner -c binding:host_id -c status \
|
|
-c network_id -f value | sort -k 5 -k 4 -r | \
|
|
awk '/dhcp.*BUILD/{net=$5}; /dhcp.*ACTIVE/{if(net==$5){print $1}}' | \
|
|
while read portid; do
|
|
neutron {{ openrc_insecure |default(false) |bool |ternary('--insecure','') }} port-update --admin-state-up False $portid
|
|
sleep 1
|
|
neutron {{ openrc_insecure |default(false) |bool |ternary('--insecure','') }} port-delete $portid
|
|
done
|
|
args:
|
|
executable: /bin/bash
|