Red Hat Summit Red Hat SummitSupportKonsoleEntwicklerDemo startenKontakt

Dieser Inhalt ist in der von Ihnen ausgewählten Sprache nicht verfügbar.

Chapter 12. Upgrading the undercloud operating system

You must upgrade the undercloud operating system from Red Hat Enterprise Linux 8.4 to Red Hat Enterprise Linux 9.2. The system upgrade performs the following tasks:

  • Ensures that network interface naming remains consistent after the system upgrade
  • Uses Leapp to upgrade RHEL in-place
  • Reboots the undercloud

12.1. Setting the SSH root permission parameter on the undercloud
Link kopieren

The Leapp upgrade checks whether the PermitRootLogin parameter exists in the /etc/ssh/sshd_config file. You must explicitly set this parameter to either yes or no.

For security purposes, set this parameter to no to disable SSH access to the root user on the undercloud.

Procedure

  1. Log in to the undercloud as the stack user.

  2. Check the /etc/ssh/sshd_config file for the PermitRootLogin parameter: 

    $ sudo grep PermitRootLogin /etc/ssh/sshd_config

  3. If the parameter is not in the /etc/ssh/sshd_config file, edit the file and set the PermitRootLogin parameter: 

    PermitRootLogin no
  4. Save the file.

12.2. Validating your SSH key size
Link kopieren

Starting with Red Hat Enterprise Linux (RHEL) 9.1, a minimum SSH key size of 2048 bits is required. If your current SSH key on Red Hat OpenStack Platform (RHOSP) director is less than 2048 bits, you can lose access to the overcloud. You must verify that your SSH key meets the required bit size.

Procedure

  1. Validate your SSH key size: 

    ssh-keygen -l -f /home/stack/overcloud-deploy/overcloud/ssh_private_key

    Example output: 

    1024 SHA256:Xqz0Xz0/aJua6B3qRD7VsLr6n/V3zhmnGSkcFR6FlJw stack@director.example.local (RSA)
  2. If your SSH key is less than 2048 bits, you must rotate out the SSH key before continuing. For more information, see Updating SSH keys in your OpenStack environment in Hardening Red Hat OpenStack Platform.

12.3. Performing the undercloud system upgrade
Link kopieren

Upgrade your undercloud operating system to Red Hat Enterprise Linux (RHEL) 9.2. As part of this upgrade, you create a file named system_upgrade.yaml, which you use to enable the appropriate repositories and required Red Hat OpenStack Platform options and content to install Leapp. You use this file to also upgrade your control plane nodes and Compute nodes.

For information about the duration and impact of this upgrade procedure, see Upgrade duration and impact.

Procedure

  1. Log in to the undercloud as the stack user.

  2. Create a file named system_upgrade.yaml in your templates directory and include the following content: 

    parameter_defaults:
  UpgradeLeappDevelSkip: "LEAPP_UNSUPPORTED=1 LEAPP_DEVEL_SKIP_CHECK_OS_RELEASE=1 LEAPP_NO_NETWORK_RENAMING=1 LEAPP_DEVEL_TARGET_RELEASE=9.2 LEAPP_TARGET_PRODUCT_CHANNEL=e4s"
  UpgradeLeappDebug: false
  UpgradeLeappEnabled: true
  LeappActorsToRemove: ['checkifcfg','persistentnetnamesdisable','checkinstalledkernels','biosdevname']
  LeappRepoInitCommand: |
     subscription-manager repos --disable=*
     subscription-manager repos --enable rhel-8-for-x86_64-baseos-aus-rpms --enable rhel-8-for-x86_64-appstream-aus-rpms --enable openstack-17.1-for-rhel-8-x86_64-rpms
     subscription-manager release --set=8.4
  UpgradeLeappCommandOptions: "--enablerepo=rhel-9-for-x86_64-baseos-e4s-rpms --enablerepo=rhel-9-for-x86_64-appstream-e4s-rpms --enablerepo=rhel-9-for-x86_64-highavailability-e4s-rpms --enablerepo=openstack-17.1-for-rhel-9-x86_64-rpms --enablerepo=fast-datapath-for-rhel-9-x86_64-rpms"
    Note

    If your deployment includes Red Hat Ceph Storage nodes, you must add the CephLeappRepoInitCommand parameter and specify the source OS version of your Red Hat Ceph Storage nodes. For example: 

    CephLeappRepoInitCommand:
...
  subscription-manager release --set=8.6

  3. Add the LeappInitCommand parameter to your system_upgrade.yaml file to specify additional requirements applicable to your environment, for example, if you need to define role-based overrides: 

      LeappInitCommand: |
    subscription-manager repos --disable=*
    subscription-manager release --unset
    subscription-manager repos --enable=rhel-9-for-x86_64-baseos-e4s-rpms --enable=rhel-9-for-x86_64-appstream-e4s-rpms --enable=rhel-9-for-x86_64-highavailability-e4s-rpms --enable=openstack-17.1-for-rhel-9-x86_64-rpms --enable=fast-datapath-for-rhel-9-x86_64-rpms
    leapp answer --add --section check_vdo.confirm=True

    dnf -y remove ruby-irb
    Important

    Removing the ruby-irb package is mandatory to avoid a conflict between the RHEL 8 ruby-irb directory and the RHEL 9 symlink. For more information, see the Red Hat Knowledgebase solution leapp upgrade RHEL8 to RHEL9 fails with error "rubygem-irb-1.3.5-160.el9_0.noarch conflicts with file from package ruby-irb-2.5.9-110.module+el8.6.0+15956+aa803fc1.noarch".

    Note

    If your environment previously ran RHOSP 13.0 or earlier, during the system upgrade, a known issue causes GRUB to contain RHEL 7 entries instead of RHEL 8 entries. For more information, including a workaround, see the Red Hat Knowledgebase solution Openstack 16 to 17 FFU - During LEAPP upgrade UEFI systems do not boot due to invalid /boot/grub2/grub.cfg.

  4. If you are upgrading Red Hat Ceph Storage nodes that originated in RHOSP 16.1 and earlier, add the CephStorageLeappInitCommand parameter to remove fencing agents: 

      LeappInitCommand: |
    ...

    dnf -y remove ruby-irb

  CephStorageLeappInitCommand: |
    ...

    dnf -y remove ruby-irb fence-agents-common

  5. If you use kernel-based NIC names, add the following parameter to the system_upgrade.yaml file to ensure that the NIC names persist throughout the upgrade process: 

    parameter_defaults:
  NICsPrefixesToUdev: ['en']
...

  6. Run the Leapp upgrade: 

    $ openstack undercloud upgrade --yes --system-upgrade \
/home/stack/system_upgrade.yaml
    Note

    If you need to run the Leapp upgrade again, you must first reset the repositories to RHEL 8.

  7. Reboot the undercloud: 

    $ sudo reboot
Red Hat logoGithubredditYoutubeTwitter

Lernen

Testen, kaufen und verkaufen

Communitys

Über Red Hat Dokumentation

Wir helfen Red Hat Benutzern, mit unseren Produkten und Diensten innovativ zu sein und ihre Ziele zu erreichen – mit Inhalten, denen sie vertrauen können. Entdecken Sie unsere neuesten Updates.

Mehr Inklusion in Open Source

Red Hat hat sich verpflichtet, problematische Sprache in unserem Code, unserer Dokumentation und unseren Web-Eigenschaften zu ersetzen. Weitere Einzelheiten finden Sie in Red Hat Blog.

Über Red Hat

Wir liefern gehärtete Lösungen, die es Unternehmen leichter machen, plattform- und umgebungsübergreifend zu arbeiten, vom zentralen Rechenzentrum bis zum Netzwerkrand.

Theme

© 2026 Red HatNach oben