Work around packaging issue in iptables-services.
When iptables-services is upgraded it restarts the iptables services which breaks connectivity because it looses the current iptables rules. So we add another network workaround. This time around the iptables-services package. The first target is the update process as this is where the problem should arise, but as the framework for network workaround is already is place, we cover upgrade as well. Partial-Bug: #1758291 Change-Id: Ia2f94058bac6cf28b4bd425385ffd629555c9609
This commit is contained in:
parent
b2161d7fe8
commit
19e25fe2fd
|
@ -9,6 +9,7 @@ set -o pipefail
|
|||
UPGRADE_SCRIPT=/root/tripleo_upgrade_node.sh
|
||||
|
||||
declare -f update_os_net_config > $UPGRADE_SCRIPT
|
||||
declare -f special_case_iptables_services_upgrade_if_needed >> $UPGRADE_SCRIPT
|
||||
declare -f special_case_ovs_upgrade_if_needed >> $UPGRADE_SCRIPT
|
||||
declare -f update_network >> $UPGRADE_SCRIPT
|
||||
# use >> here so we don't lose the declaration we added above
|
||||
|
|
|
@ -21,6 +21,7 @@ crudini --set /etc/nova/nova.conf upgrade_levels compute $upgrade_level_nova_co
|
|||
# Special-case OVS for https://bugs.launchpad.net/tripleo/+bug/1669714
|
||||
$(declare -f update_os_net_config)
|
||||
$(declare -f special_case_ovs_upgrade_if_needed)
|
||||
$(declare -f special_case_iptables_services_upgrade_if_needed)
|
||||
$(declare -f update_network)
|
||||
update_network
|
||||
|
||||
|
|
|
@ -24,6 +24,7 @@ function systemctl_swift {
|
|||
}
|
||||
|
||||
$(declare -f update_os_net_config)
|
||||
$(declare -f special_case_iptables_services_upgrade_if_needed)
|
||||
$(declare -f special_case_ovs_upgrade_if_needed)
|
||||
$(declare -f update_network)
|
||||
update_network
|
||||
|
|
|
@ -346,6 +346,33 @@ function special_case_ovs_upgrade_if_needed {
|
|||
|
||||
}
|
||||
|
||||
function special_case_iptables_services_upgrade_if_needed {
|
||||
# Always ensure yum has full cache
|
||||
yum makecache || echo "Yum makecache failed. This can cause failure later on."
|
||||
# Return 0 when no upgrade is needed
|
||||
if yum check-upgrade iptables-services; then
|
||||
echo "Either iptables-services is not installed or a newer version is already there, skipping workaround."
|
||||
fi
|
||||
if rpm -q --scripts iptables-services | awk '/postuninstall/,/*/' | grep "systemctl.*try-restart" ; then
|
||||
echo "Manual upgrade of iptables-services - restart in postun detected"
|
||||
rm -rf ~/IPTABLES_UPGRADE
|
||||
mkdir -p ~/IPTABLES_UPGRADE && pushd ~/IPTABLES_UPGRADE
|
||||
echo "Attempting to download latest iptables-services with yumdownloader"
|
||||
yumdownloader iptables-services # no deps on purpose.
|
||||
pkg="$(ls -1 iptables-services-*.x86_64.rpm)"
|
||||
if [ -z "${pkg}" ]; then
|
||||
echo "Cannot find a valid package for iptables-services, aborting"
|
||||
exit 1
|
||||
fi
|
||||
echo "Updating iptables-services to $pkg with --nopostun --notriggerun --nodeps"
|
||||
rpm -U --replacepkgs --nopostun --notriggerun --nodeps ./${pkg}
|
||||
systemctl daemon-reload
|
||||
popd
|
||||
else
|
||||
echo "Skipping manual upgrade of iptables-services - no restart in postun detected"
|
||||
fi
|
||||
}
|
||||
|
||||
# update os-net-config before ovs see https://bugs.launchpad.net/tripleo/+bug/1695893
|
||||
function update_os_net_config() {
|
||||
set +e
|
||||
|
@ -379,6 +406,7 @@ function update_network() {
|
|||
update_os_net_config
|
||||
# special case https://bugs.launchpad.net/tripleo/+bug/1635205 +bug/1669714
|
||||
special_case_ovs_upgrade_if_needed
|
||||
special_case_iptables_services_upgrade_if_needed
|
||||
}
|
||||
|
||||
# https://bugs.launchpad.net/tripleo/+bug/1704131 guard against yum update
|
||||
|
|
Loading…
Reference in New Issue