Red Hat Bugzilla – Bug 912711
RFE: Upgrade Enhancements for ovirt-node/RHEV-H
Last modified: 2014-01-21 14:26:58 EST
Description of problem: Historically, we've taken a somewhat naive approach to upgrades where we simply lay down the new iso image and that's it. This leads to some problems The most glaring one is that new options, defaults, configurations, etc in the base image can be overridden if the file in the old image is persisted. Example: * 6.3 had no sanlock user (at GA), 6.4 does have a sanlock user. * /etc/passwd is persisted (due to setting passwords for admin) * Upgrade to 6.4 * because the sanlock user is only in 6.4 /etc/passwd, and not in 6.3, it is not in the persisted /etc/passwd Version-Release number of selected component (if applicable): 6.4 How reproducible: always Some thoughts: /etc/passwd and /etc/shadow are pretty easy, just do a diff of the old image vs the new image and apply that diff to the persisted copy (not touching admin or root users). Some other files might be more involved, though perhaps writing out configuration to /etc/default/ovirt and always applying from there would work. Open to suggestions on ways to solve this.
Just a side note: The sanlock specific issue is filed in bug 912348 and will be fixed in either 6.4 or 6.4.z. This bug is to track a more generic issue with upgrades and try to prevent things like bug 912348 from happening in the future.
(In reply to comment #0) > Some other files might be more involved, though perhaps writing out > configuration to /etc/default/ovirt and always applying from there would > work. I believe that this ain't always possible (e.g. admin/rootpw), but it's surely a good idea for other parts. In general I'd appreciate some hook based solution ...
(In reply to comment #2) > > I believe that this ain't always possible (e.g. admin/rootpw), but it's > surely a good idea for other parts. > In general I'd appreciate some hook based solution ... Right, there needs to be some smart logic around this particular fix. it should ignore root and admin in both /etc/shadow and /etc/passwd. In fact, I think it should *only* do pure additive changes. IOW, something like this: get all users in installed/persisted version of /etc/passwd get all users in new version image parse the lists so that you only have the net-new users in the new version add those uses As for hooks, I believe that is in the plans for upgrades to have pre- and post- hooks that plugins can make use of, but I'll let jboggs comment on that
Test version: rhev-hypervisor6-6.5-20130930.0.auto665.el6.iso ovirt-node-3.0.1-3.el6.noarch Test steps: 1. Run command #ovirt-node-upgrade --iso $ISONAME and then reboot host. 2. Run command #ovirt-node-upgrade --iso $ISONAME --reboot 5 3. Run hook scripts in /usr/libexec/ovirt-node/hooks/ ovirt-node-upgrade --iso $ISONAME --skip-existing-hooks 4. Testing stdin as the iso image cat $ISO|ovirt-node-upgrade --iso - --reboot 5 5. Run #ovirt-node-upgrade command twice. Test results: 1. ovirt-node update can successful, no auto reboot. After reboot grub can list the backup version. 2. No error and RHEV-H can start reboot after 5 sec delay. 3. No error and post-upgrade hooks completed. 4. Ovirt-node update can successful and start reboot after 5 sec delay. 5. After the second run, pop-up msg:RuntimeError: Previous upgrade completed, you must reboot So this bug is fixed in rhev-hypervisor6-6.5-20130930.0.auto665.el6.iso. I will recheck it when I got official build.
This bug is currently attached to errata RHBA-2013:15277. If this change is not to be documented in the text for this errata please either remove it from the errata, set the requires_doc_text flag to minus (-), or leave a "Doc Text" value of "--no tech note required" if you do not have permission to alter the flag. Otherwise to aid in the development of relevant and accurate release documentation, please fill out the "Doc Text" field above with these four (4) pieces of information: * Cause: What actions or circumstances cause this bug to present. * Consequence: What happens when the bug presents. * Fix: What was done to fix the bug. * Result: What now happens when the actions or circumstances above occur. (NB: this is not the same as 'the bug doesn't present anymore') Once filled out, please set the "Doc Type" field to the appropriate value for the type of change made and submit your edits to the bug. For further details on the Cause, Consequence, Fix, Result format please refer to: https://bugzilla.redhat.com/page.cgi?id=fields.html#cf_release_notes Thanks in advance.
Test version: rhevh-6.5-20131213.0.0 ovirt-node-3.0.1-9.el6_5.noarch Test steps: 1. Run command #ovirt-node-upgrade --iso $ISONAME and then reboot host. 2. Run command #ovirt-node-upgrade --iso $ISONAME --reboot 5 3. Run hook scripts in /usr/libexec/ovirt-node/hooks/ ovirt-node-upgrade --iso $ISONAME --skip-existing-hooks 4. Testing stdin as the iso image cat $ISO|ovirt-node-upgrade --iso - --reboot 5 5. Run #ovirt-node-upgrade command twice. Test results: 1. ovirt-node update can successful, no auto reboot. After reboot grub can list the backup version. 2. No error and RHEV-H can start reboot after 5 sec delay. 3. No error and post-upgrade hooks completed. 4. Ovirt-node update can successful and start reboot after 5 sec delay. 5. After the second run, pop-up msg:RuntimeError: Previous upgrade completed, you must reboot So the bug is fixed, change bug status to VERIFIED.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2014-0033.html