Chapter 4. Preparing for the undercloud upgrade

Before you perform the undercloud upgrade, you must complete some preparation steps so that the undercloud upgrade runs successfully.

4.1. New memory requirements

In Red Hat OpenStack Platform 16.1, the undercloud has new memory requirements:

Red Hat OpenStack Platform 13Red Hat OpenStack Platform 16.1

16 GB RAM

24 GB RAM

Ensure that your undercloud meets these new requirements before you proceed with the upgrade.

4.2. Using predictable NIC names for the undercloud node

Before you run the Leapp upgrade on the undercloud node, you must check for kernel-based NIC names, which usually contain a eth prefix. These NIC names are usually unpredictable in terms of NIC assignments. The Leapp upgrade fails if any NICs on the node use the eth prefix.

Procedure

  1. Log in to the undercloud as the stack user.
  2. Create an Ansible playbook named playbook-nics.yaml and copy the following content into the playbook:

    ---
    - name: Rename eth devices
      hosts: all
      become: yes
      vars:
        prefix: "em"
      tasks:
        - name: Update udev rules
          lineinfile:
            line: "SUBSYSTEM==\"net\", ACTION==\"add\", DRIVERS==\"?*\", ATTR{address}==\"{{ ansible_facts[item]['perm_macaddress'] | default(ansible_facts[item]['macaddress']) }}\", NAME=\"{{ item|replace('eth',prefix) }}\""
            path: /etc/udev/rules.d/70-rhosp-persistent-net.rules
            create: True
          with_items: "{{ ansible_interfaces }}"
          when: item.startswith("eth")
        - name: Rename eth files
          block:
            - name: Check that eth files exists
              stat:
                path: /etc/sysconfig/network-scripts/ifcfg-{{ item }}
              register: nic_result
              with_items: "{{ ansible_interfaces }}"
              when: item.startswith("eth")
            - name: Copy nic files using the new prefix
              copy:
                remote_src: True
                src: "{{ item.stat.path }}"
                dest: "{{ item.stat.path|replace('eth',prefix) }}"
              with_items: "{{ nic_result.results }}"
              when: item.item.startswith("eth") and item.stat.exists
            - name: Edit NAME in new network-script files
              lineinfile:
                regexp: "^NAME=.*"
                line: "NAME={{ item.item|replace('eth',prefix) }}"
                path: "{{ item.stat.path|replace('eth',prefix) }}"
              with_items: "{{ nic_result.results }}"
              when: item.item.startswith("eth") and item.stat.exists
            - name: Edit DEVICE in new network-script files
              lineinfile:
                regexp: "^DEVICE=.*"
                line: "DEVICE={{ item.item|replace('eth',prefix) }}"
                path: "{{ item.stat.path|replace('eth',prefix) }}"
              with_items: "{{ nic_result.results }}"
              when: item.item.startswith("eth") and item.stat.exists
            - name: Backup old eth network-script files
              copy:
                remote_src: True
                src: "{{ item.stat.path }}"
                dest: "{{ item.stat.path }}.bak"
              with_items: "{{ nic_result.results }}"
              when: item.item.startswith("eth") and item.stat.exists
            - name: Remove old eth network-script files
              file:
                path: "{{ item.stat.path }}"
                state: absent
              with_items: "{{ nic_result.results }}"
              when: item.item.startswith("eth") and item.stat.exists
        - name: Rename route files
          block:
            - name: Check that route files exists
              stat:
                path: /etc/sysconfig/network-scripts/route-{{ item }}
              register: route_result
              with_items: "{{ ansible_interfaces }}"
              when: item.startswith("eth")
            - name: Copy route files using the new prefix
              copy:
                remote_src: True
                src: "{{ item.stat.path }}"
                dest: "{{ item.stat.path|replace('eth',prefix) }}"
              with_items: "{{ route_result.results }}"
              when: item.item.startswith("eth") and item.stat.exists
            - name: Update prefix in route files that use IP command arguments format
              replace:
                regexp: "eth"
                replace: "{{ prefix }}"
                path: "{{ item.stat.path|replace('eth',prefix) }}"
              with_items: "{{ route_result.results }}"
              when: item.item.startswith("eth") and item.stat.exists
            - name: Backup old route files
              copy:
                remote_src: True
                src: "{{ item.stat.path }}"
                dest: "{{ item.stat.path }}.bak"
              with_items: "{{ route_result.results }}"
              when: item.item.startswith("eth") and item.stat.exists
            - name: Remove old route files
              file:
                path: "{{ item.stat.path }}"
                state: absent
              with_items: "{{ route_result.results }}"
              when: item.item.startswith("eth") and item.stat.exists
    Note

    You will use this playbook to rename the overcloud NICs at a later stage in the upgrade process.

  3. Run the playbook-nics.yaml playbook on the undercloud:

    $ ansible-playbook -c local -i localhost, playbook-nics.yaml

    The playbook sets the new NIC prefix to em. To set a different NIC prefix, set the prefix variable when running the playbook:

    $ ansible-playbook -c local -i localhost, -e prefix="mynic" ~/playbook-nics.yaml
  4. Reboot the undercloud node using the standard reboot procedures. For more information, see "Rebooting nodes".

4.3. Setting the SSH root permission parameter on the undercloud

The Leapp upgrade checks whether the PermitRootLogin parameter exists in the /etc/ssh/sshd_config file. You must explicitly set this parameter to either yes or no.

For security purposes, set this parameter to no to disable SSH access to the root user on the undercloud.

Procedure

  1. Log in to the undercloud as the stack user.
  2. Check the /etc/ssh/sshd_config file for the PermitRootLogin parameter:

    $ sudo grep PermitRootLogin /etc/ssh/sshd_config
  3. If the parameter is not in the /etc/ssh/sshd_config file, edit the file and set the PermitRootLogin parameter:

    PermitRootLogin no
  4. Save the file.