홈
제품
Red Hat OpenStack Platform
17.1
Framework for upgrades (16.2 to 17.1)
Chapter 12. Upgrading the undercloud operating system

이 콘텐츠는 선택한 언어로 제공되지 않습니다.

Chapter 12. Upgrading the undercloud operating system

You must upgrade the undercloud operating system from Red Hat Enterprise Linux 8.4 to Red Hat Enterprise Linux 9.2. The system upgrade performs the following tasks:

Ensures that network interface naming remains consistent after the system upgrade
Uses Leapp to upgrade RHEL in-place
Reboots the undercloud

12.1. Setting the SSH root permission parameter on the undercloud
링크 복사

The Leapp upgrade checks whether the PermitRootLogin parameter exists in the /etc/ssh/sshd_config file. You must explicitly set this parameter to either yes or no.

For security purposes, set this parameter to no to disable SSH access to the root user on the undercloud.

Procedure

Log in to the undercloud as the stack user.
Check the /etc/ssh/sshd_config file for the PermitRootLogin parameter:
```
sudo grep PermitRootLogin /etc/ssh/sshd_config
```
```
$ sudo grep PermitRootLogin /etc/ssh/sshd_config
```
Copy to Clipboard Toggle word wrap
If the parameter is not in the /etc/ssh/sshd_config file, edit the file and set the PermitRootLogin parameter:
```
PermitRootLogin no
```
```
PermitRootLogin no
```
Copy to Clipboard Toggle word wrap
Save the file.

12.2. Validating your SSH key size
링크 복사

Starting with Red Hat Enterprise Linux (RHEL) 9.1, a minimum SSH key size of 2048 bits is required. If your current SSH key on Red Hat OpenStack Platform (RHOSP) director is less than 2048 bits, you can lose access to the overcloud. You must verify that your SSH key meets the required bit size.

Procedure

Validate your SSH key size:

ssh-keygen -l -f /home/stack/overcloud-deploy/overcloud/ssh_private_key

ssh-keygen -l -f /home/stack/overcloud-deploy/overcloud/ssh_private_key

Copy to Clipboard

Toggle word wrap

Example output:

1024 SHA256:Xqz0Xz0/aJua6B3qRD7VsLr6n/V3zhmnGSkcFR6FlJw stack@director.example.local (RSA)

1024 SHA256:Xqz0Xz0/aJua6B3qRD7VsLr6n/V3zhmnGSkcFR6FlJw stack@director.example.local (RSA)

Copy to Clipboard

Toggle word wrap

If your SSH key is less than 2048 bits, you must rotate out the SSH key before continuing. For more information, see Updating SSH keys in your OpenStack environment in Hardening Red Hat OpenStack Platform.

12.3. Performing the undercloud system upgrade
링크 복사

Upgrade your undercloud operating system to Red Hat Enterprise Linux (RHEL) 9.2. As part of this upgrade, you create a file named system_upgrade.yaml, which you use to enable the appropriate repositories and required Red Hat OpenStack Platform options and content to install Leapp. You use this file to also upgrade your control plane nodes and Compute nodes.

For information about the duration and impact of this upgrade procedure, see Upgrade duration and impact.

Procedure

Create a file named system_upgrade.yaml in your templates directory and include the following content:

parameter_defaults:
  UpgradeLeappDevelSkip: "LEAPP_UNSUPPORTED=1 LEAPP_DEVEL_SKIP_CHECK_OS_RELEASE=1 LEAPP_NO_NETWORK_RENAMING=1 LEAPP_DEVEL_TARGET_RELEASE=9.2 LEAPP_TARGET_PRODUCT_CHANNEL=e4s"
  UpgradeLeappDebug: false
  UpgradeLeappEnabled: true
  LeappActorsToRemove: ['checkifcfg','persistentnetnamesdisable','checkinstalledkernels','biosdevname']
  LeappRepoInitCommand: |
     subscription-manager repos --disable=*
     subscription-manager repos --enable rhel-8-for-x86_64-baseos-aus-rpms --enable rhel-8-for-x86_64-appstream-aus-rpms --enable openstack-17.1-for-rhel-8-x86_64-rpms
     subscription-manager release --set=8.4
  UpgradeLeappCommandOptions: "--enablerepo=rhel-9-for-x86_64-baseos-e4s-rpms --enablerepo=rhel-9-for-x86_64-appstream-e4s-rpms --enablerepo=rhel-9-for-x86_64-highavailability-e4s-rpms --enablerepo=openstack-17.1-for-rhel-9-x86_64-rpms --enablerepo=fast-datapath-for-rhel-9-x86_64-rpms"

parameter_defaults:
  UpgradeLeappDevelSkip: "LEAPP_UNSUPPORTED=1 LEAPP_DEVEL_SKIP_CHECK_OS_RELEASE=1 LEAPP_NO_NETWORK_RENAMING=1 LEAPP_DEVEL_TARGET_RELEASE=9.2 LEAPP_TARGET_PRODUCT_CHANNEL=e4s"
  UpgradeLeappDebug: false
  UpgradeLeappEnabled: true
  LeappActorsToRemove: ['checkifcfg','persistentnetnamesdisable','checkinstalledkernels','biosdevname']
  LeappRepoInitCommand: |
     subscription-manager repos --disable=*
     subscription-manager repos --enable rhel-8-for-x86_64-baseos-aus-rpms --enable rhel-8-for-x86_64-appstream-aus-rpms --enable openstack-17.1-for-rhel-8-x86_64-rpms
     subscription-manager release --set=8.4
  UpgradeLeappCommandOptions: "--enablerepo=rhel-9-for-x86_64-baseos-e4s-rpms --enablerepo=rhel-9-for-x86_64-appstream-e4s-rpms --enablerepo=rhel-9-for-x86_64-highavailability-e4s-rpms --enablerepo=openstack-17.1-for-rhel-9-x86_64-rpms --enablerepo=fast-datapath-for-rhel-9-x86_64-rpms"

Copy to Clipboard

Toggle word wrap

Note

If your deployment includes Red Hat Ceph Storage nodes, you must add the CephLeappRepoInitCommand parameter and specify the source OS version of your Red Hat Ceph Storage nodes. For example:

CephLeappRepoInitCommand:
...
  subscription-manager release --set=8.6

CephLeappRepoInitCommand:
...
  subscription-manager release --set=8.6

Copy to Clipboard

Toggle word wrap

Add the LeappInitCommand parameter to your system_upgrade.yaml file to specify additional requirements applicable to your environment, for example, if you need to define role-based overrides:
```
  LeappInitCommand: |
    subscription-manager repos --disable=*
    subscription-manager release --unset
    subscription-manager repos --enable=rhel-9-for-x86_64-baseos-e4s-rpms --enable=rhel-9-for-x86_64-appstream-e4s-rpms --enable=rhel-9-for-x86_64-highavailability-e4s-rpms --enable=openstack-17.1-for-rhel-9-x86_64-rpms --enable=fast-datapath-for-rhel-9-x86_64-rpms
    leapp answer --add --section check_vdo.confirm=True

    dnf -y remove ruby-irb
```
```
  LeappInitCommand: |
    subscription-manager repos --disable=*
    subscription-manager release --unset
    subscription-manager repos --enable=rhel-9-for-x86_64-baseos-e4s-rpms --enable=rhel-9-for-x86_64-appstream-e4s-rpms --enable=rhel-9-for-x86_64-highavailability-e4s-rpms --enable=openstack-17.1-for-rhel-9-x86_64-rpms --enable=fast-datapath-for-rhel-9-x86_64-rpms
    leapp answer --add --section check_vdo.confirm=True

    dnf -y remove ruby-irb
```
Copy to Clipboard Toggle word wrap
Important
Removing the ruby-irb package is mandatory to avoid a conflict between the RHEL 8 ruby-irb directory and the RHEL 9 symlink. For more information, see the Red Hat Knowledgebase solution leapp upgrade RHEL8 to RHEL9 fails with error "rubygem-irb-1.3.5-160.el9_0.noarch conflicts with file from package ruby-irb-2.5.9-110.module+el8.6.0+15956+aa803fc1.noarch".
Note
If your environment previously ran RHOSP 13.0 or earlier, during the system upgrade, a known issue causes GRUB to contain RHEL 7 entries instead of RHEL 8 entries. For more information, including a workaround, see the Red Hat Knowledgebase solution Openstack 16 to 17 FFU - During LEAPP upgrade UEFI systems do not boot due to invalid /boot/grub2/grub.cfg.

If you are upgrading Red Hat Ceph Storage nodes that originated in RHOSP 16.1 and earlier, add the CephStorageLeappInitCommand parameter to remove fencing agents:

  LeappInitCommand: |
    ...

    dnf -y remove ruby-irb

  CephStorageLeappInitCommand: |
    ...

    dnf -y remove ruby-irb fence-agents-common

  LeappInitCommand: |
    ...

    dnf -y remove ruby-irb

  CephStorageLeappInitCommand: |
    ...

    dnf -y remove ruby-irb fence-agents-common

Copy to Clipboard

Toggle word wrap

If you use kernel-based NIC names, add the following parameter to the system_upgrade.yaml file to ensure that the NIC names persist throughout the upgrade process:
```
parameter_defaults:
  NICsPrefixesToUdev: ['en']
...
```
```
parameter_defaults:
  NICsPrefixesToUdev: ['en']
...
```
Copy to Clipboard Toggle word wrap
Run the Leapp upgrade:
```
openstack undercloud upgrade --yes --system-upgrade \
/home/stack/system_upgrade.yaml
```
```
$ openstack undercloud upgrade --yes --system-upgrade \
/home/stack/system_upgrade.yaml
```
Copy to Clipboard Toggle word wrap
Note
If you need to run the Leapp upgrade again, you must first reset the repositories to RHEL 8.
Reboot the undercloud:
```
sudo reboot
```
```
$ sudo reboot
```
Copy to Clipboard Toggle word wrap

맨 위로 이동

이 콘텐츠는 선택한 언어로 제공되지 않습니다.

Chapter 12. Upgrading the undercloud operating system

12.1. Setting the SSH root permission parameter on the undercloud
링크 복사

12.2. Validating your SSH key size
링크 복사

12.3. Performing the undercloud system upgrade
링크 복사

자세한 정보

평가판, 구매 및 판매

커뮤니티

Red Hat 문서 정보

보다 포괄적 수용을 위한 오픈 소스 용어 교체

Red Hat 소개

Theme

Red Hat legal and privacy links

Red Hat legal and privacy links

이 콘텐츠는 선택한 언어로 제공되지 않습니다.

Chapter 12. Upgrading the undercloud operating system

12.1. Setting the SSH root permission parameter on the undercloud링크 복사링크가 클립보드에 복사되었습니다!

12.2. Validating your SSH key size링크 복사링크가 클립보드에 복사되었습니다!

12.3. Performing the undercloud system upgrade링크 복사링크가 클립보드에 복사되었습니다!

자세한 정보

평가판, 구매 및 판매

커뮤니티

Red Hat 문서 정보

보다 포괄적 수용을 위한 오픈 소스 용어 교체

Red Hat 소개

Theme

Red Hat legal and privacy links

Red Hat legal and privacy links

12.1. Setting the SSH root permission parameter on the undercloud
링크 복사

12.2. Validating your SSH key size
링크 복사

12.3. Performing the undercloud system upgrade
링크 복사