Install latest XenServer patches

remibergsma · remibergsma · commit 94725add4faf · 2016-08-05T13:20:47.000+02:00
diff --git a/.gitignore b/.gitignore
@@ -2,4 +2,5 @@
 *.swp
 config
 *.iml
-.idea/
+.idea/
+xenserver_patches/
diff --git a/cloudstackops/xenserver.py b/cloudstackops/xenserver.py
@@ -24,6 +24,7 @@
 import sys
 import time
 import os
+import requests
 
 # Fabric
 from fabric.api import *
@@ -224,7 +225,7 @@ def host_reboot(self, host, halt_hypervisor=False):
 
     # Execute script on hypervisor
     def exec_script_on_hypervisor(self, host, script):
-        print "Note: Executing script %s on host %s.." % (script, host.name)
+        print "Note: Executing script '%s' on host %s.." % (script, host.name)
         try:
             with settings(show('output'), host_string=self.ssh_user + "@" + host.ipaddress):
                 return fab.run("bash /tmp/" + script)
@@ -336,3 +337,65 @@ def get_bond_status(self, host):
                 return fab.run("python /tmp/xenserver_check_bonds.py | awk {'print $1'} | tr -d \":\"")
         except:
             return False
+
+    # Download XenServer patch
+    def download_patch(self, url):
+        filename = url.split("/")[-1]
+
+        directory = "xenserver_patches"
+        if not os.path.exists(directory):
+            os.makedirs(directory)
+
+        destination_file = os.getcwd() + '/' + directory + '/' + filename
+        try:
+            local_length = int(os.path.getsize(destination_file))
+        except:
+            local_length = 0
+
+        print "Note: Executing request.."
+        try:
+            response = requests.get(url, stream=True)
+            remote_length = int(response.headers.get('Content-Length', 0))
+            if not response.ok:
+                return False
+        except:
+            return False
+
+        # Do we need to download?
+        print "Note: The remote length is %s, local length is %s" % (remote_length, local_length)
+
+        if remote_length == local_length:
+            print "Note: Skipping download because file is already downloaded."
+            return True
+
+        with open(destination_file, 'wb') as handle:
+            # Download file
+            print "Note: Downloading file.."
+
+            for block in response.iter_content(1024):
+                handle.write(block)
+            return True
+
+    # Upload patches to poolmaster
+    def put_patches_to_poolmaster(self, host):
+        print "Note: Uploading patches to poolmaster.."
+        try:
+            with settings(host_string=self.ssh_user + "@" + host.ipaddress):
+                run('rm -rf /root/xenserver_patches/')
+                run('mkdir -p /root/xenserver_patches')
+                put('xenserver_patches/*', '/root/xenserver_patches')
+                put('xenserver_upload_patches_to_poolmaster.sh',
+                    '/root/xenserver_patches/xenserver_upload_patches_to_poolmaster.sh', mode=0755)
+            return True
+        except:
+            print "Warning: Could not upload patches to host " + host.name + "."
+            return False
+
+    # Upload patches to XenServer
+    def upload_patches_to_xenserver(self, host):
+        print "Note: We're uploading the patches to XenServer"
+        try:
+            with settings(show('output'), host_string=self.ssh_user + "@" + host.ipaddress):
+                return fab.run("bash /root/xenserver_patches/xenserver_upload_patches_to_poolmaster.sh")
+        except:
+            return False
diff --git a/xenserver_patches_to_install.txt b/xenserver_patches_to_install.txt
diff --git a/xenserver_post_empty_script.sh b/xenserver_post_empty_script.sh
@@ -1,3 +1,56 @@
 #!/usr/bin/env bash
 
-echo "This is the post_empty script you could customise."
+echo "This is the post_empty script you could customise."
+
+#echo "Downgrading openvswitch RPM to the XenServer default"
+#rpm -Uvh http://10.200.10.10/software/xenserver/openvswitch-1.4.6-143.9926.i386.rpm --force --nodeps
+
+echo "Applying patches"
+HOST_UUID=$(xe host-list name-label=${HOSTNAME} --minimal)
+
+# Check for 6.5
+cat /etc/redhat-release | grep "6.5"
+if [ $? -eq 0 ]; then
+    SERVICE_PACK_PATCH=XS65ESP1
+fi
+# Check for 6.2
+cat /etc/redhat-release | grep "6.2"
+if [ $? -eq 0 ]; then
+    SERVICE_PACK_PATCH=XS62ESP1
+fi
+
+# First apply SP1
+xe patch-list name-label=${SERVICE_PACK_PATCH} params=hosts --minimal | tr ',' '\n' | grep ${HOST_UUID}
+if [ $? -eq 0 ]; then
+   echo Service Pack ${SERVICE_PACK_PATCH} is already installed, skipping.
+else
+   echo Installing ${SERVICE_PACK_PATCH}...
+   PATCH_UUID=$(xe patch-list name-label=${SERVICE_PACK_PATCH} | grep uuid | sed -e 's/^.*: //g')
+   if [ ${PATCH_UUID} ]; then
+       xe patch-apply uuid=${PATCH_UUID} host-uuid=${HOST_UUID}
+   fi
+fi
+
+# Apply any other available patch
+XEN_ALL_PATCHES=$(xe patch-list params=name-label --minimal | tr ',' '\n' )
+XEN_INSTALLED_PATCHES=$(xe patch-list hosts:contains=${HOST_UUID} params=name-label --minimal | tr ',' '\n' )
+
+for patch in ${XEN_ALL_PATCHES}; do
+    echo "Checking patch " ${patch}
+
+    # Check if already included
+    echo ${XEN_INSTALLED_PATCHES} | grep ${patch} 2>&1 >/dev/null
+    if [ $? -eq 0 ]; then
+       echo Patch ${patch} is already installed, skipping.
+    else
+       echo Installing $patch...
+       PATCH_UUID=$(xe patch-list name-label=${patch}| grep uuid | sed -e 's/^.*: //g')
+       if [ ${PATCH_UUID} ]; then
+           xe patch-apply uuid=${PATCH_UUID} host-uuid=${HOST_UUID}
+       fi
+    fi
+done
+
+echo "Upgrading drivers"
+yum -y install bnx2x-* fnic* qla2* glnic* qlge* tg3* hpsa* openvswitch-modules-xen*
+yum -y upgrade nicira-ovs-hypervisor-node
diff --git a/xenserver_pre_empty_script.sh b/xenserver_pre_empty_script.sh
@@ -1,3 +1,3 @@
 #!/usr/bin/env bash
 
-echo "This is the pre_empty script you could customise."
+echo "This is the pre_empty script you could customise."
diff --git a/xenserver_rolling_reboot.py b/xenserver_rolling_reboot.py
@@ -61,6 +61,8 @@ def handleArguments(argv):
     pre_empty_script = 'xenserver_pre_empty_script.sh'
     global post_empty_script
     post_empty_script = 'xenserver_post_empty_script.sh'
+    global patch_list_file
+    patch_list_file = 'xenserver_patches_to_install.txt'
     # Usage message
     help = "Usage: ./" + os.path.basename(__file__) + ' [options]' + \
         '\n  --config-profile -c <profilename>\t\tSpecify the CloudMonkey profile name to ' \
@@ -74,6 +76,7 @@ def handleArguments(argv):
         '\n  --pre-empty-script\t\t\t\tBash script to run on hypervisor before starting the live migrations to empty ' \
         'hypervisor (expected in same folder as this script)' + \
         '\n  --post-empty-script\t\t\t\tBash script to run on hypervisor after a hypervisor has no more VMs running' \
+        '\n  --patch-list-file\t\t\t\tText file with URLs of patches to download and install. One per line. ' \
         '(expected in same folder as this script)' + \
         '\n  --debug\t\t\t\t\tEnable debug mode' + \
         '\n  --exec\t\t\t\t\tExecute for real' + \
@@ -83,7 +86,7 @@ def handleArguments(argv):
         opts, args = getopt.getopt(
             argv, "hc:n:t:p", [
                 "credentials-file=", "clustername=", "ignore-hosts=", "threads=", "pre-empty-script=",
-                "post-empty-script=", "halt", "debug", "exec", "prepare"])
+                "post-empty-script=", "patch-list-file=", "halt", "debug", "exec", "prepare"])
     except getopt.GetoptError as e:
         print "Error: " + str(e)
         print help
@@ -107,6 +110,8 @@ def handleArguments(argv):
             pre_empty_script = arg
         elif opt in ("--post-empty-script"):
             post_empty_script = arg
+        elif opt in ("--patch-list-file"):
+            patch_list_file = arg
         elif opt in ("--debug"):
             DEBUG = 1
         elif opt in ("--exec"):
@@ -137,7 +142,7 @@ def handleArguments(argv):
 c = cloudstackops.CloudStackOps(DEBUG, DRYRUN)
 
 # Init XenServer class
-x = xenserver.xenserver('root', threads)
+x = xenserver.xenserver('root', threads, pre_empty_script, post_empty_script)
 c.xenserver = x
 
 # make credentials file known to our class
@@ -212,7 +217,10 @@ def handleArguments(argv):
     print "  - Turn OFF XenServer poolHA for " + clustername
     print "  - For any hypervisor it will do this (poolmaster " + poolmaster.name + " first):"
     print "      - put it to Disabled aka Maintenance in XenServer"
+    print "      - download the patches in file --patch-list-file '" + patch_list_file + "'"
+    print "      - execute the --pre-empty-script script '" + pre_empty_script + "' on the hypervisor"
     print "      - live migrate all VMs off of it using XenServer evacuate command"
+    print "      - execute the --post-empty-script script '" + post_empty_script + "' on the hypervisor"
     print "      - when empty, it will reboot the hypervisor (halting is " + str(halt_hypervisor) + ")"
     print "      - will wait for it to come back online (checks SSH connection)"
     print "      - set the hypervisor to Enabled in XenServer"
@@ -261,6 +269,19 @@ def handleArguments(argv):
         disconnect_all()
         sys.exit(1)
 
+    # Download all XenServer patches
+    print "Note: Reading patches list '%s'" % patch_list_file
+    with open(patch_list_file) as file_pointer:
+        patches = file_pointer.read().splitlines()
+
+    for patch_url in patches:
+        print "Note: Processing patch '%s'" % patch_url
+        x.download_patch(patch_url)
+
+    # Upload the patches to poolmaster, then to XenServer
+    x.put_patches_to_poolmaster(poolmaster)
+    x.upload_patches_to_xenserver(poolmaster)
+
     # Migrate all VMs off of pool master
     vm_count = x.host_get_vms(poolmaster)
     if vm_count:
diff --git a/xenserver_upload_patches_to_poolmaster.sh b/xenserver_upload_patches_to_poolmaster.sh
@@ -0,0 +1,35 @@
+#!/usr/bin/env bash
+
+if [ "$(xe host-list name-label=$HOSTNAME --minimal)" == "$(xe pool-list params=master --minimal)" ]
+then
+    echo "We are the poolmaster, so let's process the patches."
+
+    echo "Unzipping patches"
+    cd /root/xenserver_patches
+    for file in $(ls /root/xenserver_patches/*.zip); do unzip ${file}; done
+
+    echo "Deleting what we don't need"
+    rm -f /root/xenserver_patches/*.zip /root/xenserver_patches/*.bz2
+
+    # Check if already included
+    XEN_ALL_PATCHES=$(xe patch-list params=name-label --minimal | tr ',' '\n' )
+    for patch in $(ls *.xsupdate)
+    do
+        echo "Processing patch file ${patch}"
+
+        patchname=${patch%.*}
+        echo "Checking if ${patchname} from file ${patch} is already uploaded"
+        echo ${XEN_ALL_PATCHES} | tr ' ' '\n' | grep ^${patchname}$ 2>&1 >/dev/null
+        if [ $? -eq 0 ]; then
+           echo Patch ${patch} is already installed, skipping.
+        else
+            echo "Uploading patch ${patchname}"
+            xe patch-upload file-name=${patch}
+            if [ $? -gt 0 ]; then
+                echo "Uploading failed, continuing with other patches"
+            fi
+        fi
+    done
+else
+    echo "We are NOT poolmaster, so skipping uploading patches"
+fi

-Original file line number
+Diff line change
 *.swp
 config
 *.iml
 -.idea/
 +.idea/
 +xenserver_patches/
Original file line number	Diff line number	Diff line change
`@@ -1,3 +1,3 @@`
`1`	`1`	`#!/usr/bin/env bash`
`2`	`2`
`3`		`-echo "This is the pre_empty script you could customise."`
	`3`	`+echo "This is the pre_empty script you could customise."`