[openstack-dev] [TripleO] Package updates strategy

Zane Bitter zbitter at redhat.com
Wed May 27 22:49:21 UTC 2015


Steve is working on a patch to allow package-based updates of overcloud 
nodes[1] using the distro's package manager (yum in the case of RDO, but 
conceivable apt in others). Note we're talking exclusively about minor 
updates, not version-to-version upgrades here.

Dan mentioned at the summit that this approach fails to take into 
account the complex ballet of service restarts required to update 
OpenStack services. (/me shakes fist at OpenStack services.) And 
furthermore, that the Puppet manifests already encode the necessary 
relationships to do this properly. (Thanks Puppeteers!) Indeed we'd be 
doing the Wrong Thing by Puppet if we changed this stuff from under it.

The problem of course is that neither Puppet nor yum/apt has a view of 
the entire system. Yum doesn't know about the relationships between 
services and Puppet doesn't know about all of the _other_ packages that 
they depend on.

One solution proposed was to do a yum update first but specifically 
exclude any packages that Puppet knows about (the --excludes flag 
appears sufficient for this); then follow that up with another Puppet 
run using ensure -> latest.

A problem with that approach is that it still fails to restart services 
which have had libraries updated but have not themselves been updated. 
That's no worse than the pure yum approach though. We might need an 
additional way to just manually trigger a restart of services.

What do folks think of this plan? Anybody got better ideas?

thanks,
Zane.

[1] https://review.openstack.org/#/c/179974



More information about the OpenStack-dev mailing list