红帽全球峰会11.2. 升级 Ansible Automation Platform
11.2.1. 拉取 ansible-on-clouds-ops 2.3 容器镜像
复制链接链接已复制到粘贴板!
流程
在云操作容器上拉取 Ansible 的 Docker 镜像,其标签与您要升级到的版本相同。
注意在拉取 docker 镜像前,请确保使用 docker 登录到 registry.redhat.com。使用以下命令登录到 registry.redhat.com。
$ docker login registry.redhat.io有关 registry 登录的更多信息,请参阅 Registry 身份验证
注意Clouds 操作镜像标签上的 Ansible 必须与您要升级到的版本匹配。例如,如果您的基础部署版本为 2.2.20230215,请使用标签 2.3.20230221 拉取操作镜像,以升级到 2.3.20230221 版本。
$ export IMAGE=registry.redhat.io/ansible-on-clouds/ansible-on-clouds-ops-rhel8:2.3.20230221 $ docker pull $IMAGE --platform=linux/amd64
对于 EMEA 区域 (欧洲、中东、非洲) 运行以下命令:
$ export IMAGE=registry.redhat.io/ansible-on-clouds/ansible-on-clouds-ops-emea-rhel8:2.3.20230221
$ docker pull $IMAGE --platform=linux/amd6411.2.2. IAM 最小升级权限
复制链接链接已复制到粘贴板!
您必须具有以下 ASW IAM 权限才能升级堆栈:
required-roles:
ec2:
actions:
- ec2:DescribeInstances
- ec2:GetLaunchTemplateData
- ec2:DescribeAccountAttributes
- ec2:DescribeLaunchTemplates
- ec2:CreateTags
- ec2:RunInstances
- ec2:DescribeInstanceTypes
- ec2:DescribeSubnets
- ec2:DeleteTags
- ec2:DescribeRegions
- ec2:DescribeAvailabilityZones
- ec2:DeleteLaunchTemplate
- ec2:DescribeTags
- ec2:DescribeLaunchTemplateVersions
- ec2:DescribeSecurityGroups
- ec2:CreateLaunchTemplateVersion
- ec2:CreateLaunchTemplate
- ec2:DescribeVpcs
- ec2:ModifyLaunchTemplate
resources:
- "*"
iam:
actions:
- iam:ListRoleTags
- iam:AttachRolePolicy
- iam:PutRolePolicy
- iam:AddRoleToInstanceProfile
- iam:ListAttachedRolePolicies
- iam:GetRole
- iam:GetRolePolicy
- iam:CreateInstanceProfile
- iam:ListInstanceProfilesForRole
- iam:PassRole
- iam:GetInstanceProfile
- iam:CreateServiceLinkedRole
resources:
- "*"
secretsmanager:
actions:
- secretsmanager:DescribeSecret
- secretsmanager:ListSecrets
- secretsmanager:TagResource
- secretsmanager:UntagResource
- secretsmanager:CreateSecret
- secretsmanager:GetSecretValue
- secretsmanager:UpdateSecret
- secretsmanager:GetResourcePolicy
resources:
- "*"
ssm:
actions:
- ssm:StartSession
- ssm:TerminateSession
resources:
- "*"
autoscaling:
actions:
- autoscaling:DescribeAutoScalingGroups
- autoscaling:UpdateAutoScalingGroup
- autoscaling:DescribeInstanceRefreshes
- autoscaling:DeleteTags
- autoscaling:DescribeTags
- autoscaling:CreateOrUpdateTags
- autoscaling:CreateAutoScalingGroup
- autoscaling:DescribeLaunchConfigurations
- autoscaling:DescribeLifecycleHooks
- autoscaling:StartInstanceRefresh
- autoscaling:CreateLaunchConfiguration
- autoscaling:DisableMetricsCollection
- autoscaling:DeleteLaunchConfiguration
resources:
- "*"
s3:
actions:
- s3:DeleteObject
- s3:PutObject
- s3:GetObject
- s3:GetBucketLocation
resources:
- "*"
cloudformation:
actions:
- cloudformation:ListStackResources
- cloudformation:DescribeStacks
- cloudformation:GetTemplate
resources:
- "*"
elasticloadbalancing:
actions:
- elasticloadbalancing:DescribeTargetGroupAttributes
- elasticloadbalancing:DescribeTags
- elasticloadbalancing:DescribeTargetHealth
- elasticloadbalancing:DescribeTargetGroups
- elasticloadbalancing:ModifyTargetGroup
resources:
- "*"11.2.3. 生成升级数据文件
复制链接链接已复制到粘贴板!
本节中的命令会创建一个目录,并在升级过程中使用空数据模板填充空数据模板。
运行以下命令以生成所需的数据文件。
流程
创建用于存放配置文件的文件夹。
$ mkdir command_generator_data使用配置文件模板填充
command_generator_data文件夹。$ docker run --rm -v $(pwd)/command_generator_data:/data $IMAGE \ command_generator_vars aws_upgrade \ --output-data-file /data/extra_vars.yml运行这些命令后,会创建一个
command_generator_data/extra_vars.yml模板文件。此模板文件类似于以下内容:aws_upgrade: ansible_config_path: cloud_credentials_path: deployment_name: extra_vars: aws_region: aws_ssm_bucket_name:
11.2.4. 更新数据文件
复制链接链接已复制到粘贴板!
在触发升级前,您必须填充数据文件。以下变量是数据文件中列出的参数。
-
ansible_config_path(可选)仅在使用自定义ansible_config覆盖时使用。 -
cloud_credentials_path是 AWS 凭证文件的路径。 -
DEPLOYMENT_NAME是基础部署的名称。这是部署基础时使用的相同名称。 -
aws_region是基础部署所在的区域。 -
aws_ssm_bucket_name是存储 AWS SSM 的 S3 存储桶的名称。您可以使用现有存储桶或创建新存储桶。存储桶名称不得包含大写字母。
填充数据文件后,它应类似于以下内容:
以下示例提供了以下值:
aws_upgrade:
ansible_config_path:
cloud_credentials_path: ~/.aws/credentials
deployment_name: AnsibleAutomationPlatform
extra_vars:
aws_region: us-east-1
aws_ssm_bucket_name: ansibleautomationplatform-bucket要运行升级,请运行命令生成器来生成 upgrade CLI 命令:
$ docker run --rm -v $(pwd)/command_generator_data:/data $IMAGE command_generator --data-file /data/extra_vars.yml这会生成以下 upgrade 命令:
----------------------------------------------- docker run --rm --env PLATFORM=AWS -v ~/.aws/credentials:/home/runner/.aws/credentials:ro --env ANSIBLE_CONFIG=../aws-ansible.cfg --env DEPLOYMENT_NAME=AnsibleAutomationPlatform --env GENERATE_INVENTORY=true $IMAGE redhat.ansible_on_clouds.aws_upgrade -e 'aws_foundation_stack_name=AnsibleAutomationPlatform aws_region=us-east-1 aws_ssm_bucket_name=AnsibleAutomationPlatform-bucket' ===============================================运行给定的 upgrade 命令以触发升级。
$ docker run --rm --env PLATFORM=AWS -v ~/.aws/credentials:/home/runner/.aws/credentials:ro \ --env ANSIBLE_CONFIG=../aws-ansible.cfg --env DEPLOYMENT_NAME=AnsibleAutomationPlatform \ --env GENERATE_INVENTORY=true $IMAGE redhat.ansible_on_clouds.aws_upgrade \ -e 'aws_foundation_stack_name=AnsibleAutomationPlatform aws_region=us-east-1 \ aws_ssm_bucket_name=AnsibleAutomationPlatform-bucket'升级可能需要一些时间才能完成,但根据系统中的扩展节点数量,可能需要更长的时间。以下日志会标记成功升级。
TASK [redhat.ansible_on_clouds.standalone_aws_upgrade : [upgrade] [LOG] upgrade version] *** ok: [localhost] => { "msg": "Successfully upgraded from '2.2.20230215-00' -> '2.3.20230221-00'." }- 来自 AWS Marketplace 部署的 Ansible Automation Platform 现在已升级到更新的版本,您可以使用部署凭证登录到 Red Hat Ansible Automation Platform 自动化控制器和自动化中心。
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}