systemvmtemplate: new 4.11.2 template and fixes#2799
Conversation
yadvr
changed the title
|
@blueorangutan package |
|
@rhtyd a Jenkins job has been kicked to build packages. I'll keep you posted as I make progress. |
|
Packaging result: ✔centos6 ✔centos7 ✔debian. JID-2240 |
| } | ||
| // update template ID of system Vms | ||
| try (PreparedStatement update_templ_id_pstmt = conn | ||
| .prepareStatement("update `cloud`.`vm_instance` set vm_template_id = ? where type <> 'User' and hypervisor_type = ?");) { |
There was a problem hiding this comment.
Can you change the update statement to affect only the non-destroyed system VMs entries in the database. Then we preserve the history of old/deleted system VMs that were destroyed and the respective template they were using.
| final Map<Hypervisor.HypervisorType, String> newTemplateChecksum = new HashMap<Hypervisor.HypervisorType, String>() { | ||
| { | ||
| put(Hypervisor.HypervisorType.KVM, "6019c2ed1a13669dcf334fe380c776b0"); | ||
| put(Hypervisor.HypervisorType.XenServer, "f2245e912c856ab610d91f88c362a1f9"); |
There was a problem hiding this comment.
Is the template already generated? I mean, how do we know the hash of the template?
There was a problem hiding this comment.
I'll update the hashes soon.
There was a problem hiding this comment.
We would want to build/publish the 4.11.2.0 systemvmtemplate just before RC1 is cut, so I'll keep the hashes for now and update them before RC1 is cut when we have the latest systemvmtemplates.
|
@blueorangutan package |
|
@rhtyd a Jenkins job has been kicked to build packages. I'll keep you posted as I make progress. |
|
Packaging result: ✔centos6 ✔centos7 ✔debian. JID-2244 |
| sync | ||
| sysctl -p | ||
|
|
||
| export TYPE=$(grep -Po 'type=\K[a-zA-Z]*' $CMDLINE) |
There was a problem hiding this comment.
I do not think this is an improvemnet over the very legible function used before. Even when being less code it is not as clear and it seems less relyable to me
There was a problem hiding this comment.
this is about 10x-20x faster (based on time output) than the for-loop before which is why I'm using it.
There was a problem hiding this comment.
patch is using TYPE, so it currently doesn't extract agent.zip on ssvm and console-proxy
There was a problem hiding this comment.
You're right @fmaximus, not sure why smoketests passed. /cc @PaulAngus looks like we'll need rc2.
| do | ||
| logger -t cloud "Starting $svc" | ||
| systemctl enable --no-block --now $svc | ||
| systemctl enable --now --no-block $svc |
There was a problem hiding this comment.
is the change in the order of the arguments significant?
There was a problem hiding this comment.
no, I think I made all of them do --now first... does not make any difference
| setup_router() { | ||
| log_it "Setting up virtual router system vm" | ||
| check_reboot() { | ||
| if [ "$HYPERVISOR" != "vmware" ]; then |
There was a problem hiding this comment.
We can skip this check and reboot whenever mngmt net is not available.
There was a problem hiding this comment.
copy will fix, I added this as it was very specific to vmware.
There was a problem hiding this comment.
I checked this check is very specific to vmware which uses the private/mgmt nic for programming VR over port 3922, therefore we don't need to do it for other hypervisors.
DaanHoogland
left a comment
DaanHoogland
left a comment
There was a problem hiding this comment.
some style comments
| else | ||
| systemctl disable --now conntrackd | ||
| systemctl disable --now keepalived | ||
| systemctl enable dnsmasq |
There was a problem hiding this comment.
Why do we no longer disable these services by default?
There was a problem hiding this comment.
@wido it's duplicated here, we do that in the cloud-postinit service now based on the enabled/disabled svcs file. See the postinit.sh file.
There was a problem hiding this comment.
Ah, ok! I couldn't see that from this change. Thanks for the feedback
|
PR is on hold to receive confirmaion of the VR/vmware reboot fix from a production env, we probably can update the checksums just before RC1 cut to avoid creating a systemvmtemplate that gets outdated in next few weeks |
yadvr
force-pushed
the
systemvm-tmpl-fixes
branch
from
480dc7f to
f36f3d0
Compare
|
@blueorangutan package |
|
@rhtyd a Jenkins job has been kicked to build packages. I'll keep you posted as I make progress. |
yadvr
force-pushed
the
systemvm-tmpl-fixes
branch
from
f36f3d0 to
5a1f25a
Compare
|
Packaging result: ✔centos6 ✔centos7 ✔debian. JID-2263 |
VMware router will be rebooted based on apache#2794, per current config the VRs on reboot will go through fsck checks slowing down the deployment process by few seconds. This will ensure that fsck checks are done on every 3rd boot of the VR. The `4` is used because 1st boot is done during the build of systemvmtemplate appliance. Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
… 7.5 Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
enable passive ftp by enabling nf_conntrack_helper This is change in behaviour since linux 4.7 Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
yadvr
force-pushed
the
systemvm-tmpl-fixes
branch
from
5a1f25a to
44a3227
Compare
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
|
@blueorangutan package |
|
@rhtyd a Jenkins job has been kicked to build packages. I'll keep you posted as I make progress. |
|
Packaging result: ✔centos6 ✔centos7 ✔debian. JID-2290 |
|
@blueorangutan test matrix |
|
@rhtyd a Trillian-Jenkins matrix job (centos6 mgmt + xs71, centos7 mgmt + vmware65, centos7 mgmt + kvmcentos7) has been kicked to run smoke tests |
|
@blueorangutan test matrix |
|
@rhtyd a Trillian-Jenkins matrix job (centos6 mgmt + xs71, centos7 mgmt + vmware65, centos7 mgmt + kvmcentos7) has been kicked to run smoke tests |
|
@blueorangutan test matrix |
|
@rhtyd a Trillian-Jenkins matrix job (centos6 mgmt + xs71, centos7 mgmt + vmware65, centos7 mgmt + kvmcentos7) has been kicked to run smoke tests |
|
Trillian test result (tid-3003)
|
|
Trillian test result (tid-3004)
|
|
@blueorangutan test centos7 vmware-65 |
|
@rhtyd a Trillian-Jenkins test job (centos7 mgmt + vmware-65) has been kicked to run smoke tests |
|
Trillian test result (tid-3005)
|
|
All tests were ran against a new systemvmtemplate, they all LGTM. |
This fixes a regression introduced in apache#2799, by exporting $TYPE before the `patch` is called to patch/extract archives for ssvm/cpvm. Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
This fixes a regression introduced in #2799, by exporting $TYPE before the `patch` is called to patch/extract archives for ssvm/cpvm. Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
Correção do processamento de tarifa de tipo `SNAPSHOT` quando a _snapshot_ foi removida Closes apache#2799 See merge request scclouds/scclouds!1232
7 participants
This adds upgrade path for a new 4.11.2 systemvmtemplate that will include latest
ca certs, linux kernel and strongswan security fixes. This also adds support for XS 7.5 release.
VMware router will be rebooted based on #2794, per current config
the VRs on reboot will go through fsck checks slowing down the deployment
process by few seconds. This will ensure that fsck checks are done
on every 3rd boot of the VR. The
4is used because 1st boot is doneduring the build of systemvmtemplate appliance.
Signed-off-by: Rohit Yadav rohit.yadav@shapeblue.com
Types of changes
GitHub Issue/PRs
Screenshots (if appropriate):
How Has This Been Tested?
Checklist:
Testing