Skip to content

Instantly share code, notes, and snippets.

@slyness

slyness/upgrade_script.md

Last active August 8, 2023 22:03
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save slyness/11243123 to your computer and use it in GitHub Desktop.
Save slyness/11243123 to your computer and use it in GitHub Desktop.
Download ZIP
Chef 1.4 to Chef 11 single server instance upgrade script
Raw
upgrade_script.md

Upgrade Procedure:

  • Chef system has enough resources to perform the upgrade. 8GB ram, 4 CPUs confirmed to work
  • private-chef must be version 1.4.6 and above. If 1.4.4 is still installed upgrade to 1.4.9
  • Log on to system
  • Create working directory
  • Download private-chef-11.1.3-1.el6.x86_64.rpm to working directory ** http://172.31.56.93/downloads/private-chef-11.1.3-1.el6.x86_64.rpm
  • Install Gems needed for system cleanup
/opt/opscode/embedded/bin/gem install knife-cookbook-cleanup --no-ri --no-rdoc
/opt/opscode/embedded/bin/gem install knife-opc --no-ri --no-rdoc
/opt/opscode/embedded/bin/gem install parallel --no-ri --no-rdoc
/opt/opscode/embedded/bin/gem install ruby-progressbar --no-ri --no-rdoc
  • Install tools
yum install patch

yum install screen
  • Download script to delete older cookbook versions
curl https://gist.githubusercontent.com/slyness/08fbd882ee72038e68a7/raw/0d07289ba9eae952fcb4ec2ebcb55207cb4696b7/gistfile1.txt -o clean-cookbooks.rb

chmod 755 clean-cookbooks.rb
  • Create .chef/knife.rb to configure knife-opc
mkidr .chef

echo 'node_name "[* HOSTNAME *]"\nchef_server_root "https://localhost/"\nchef_server_url "https://localhost"' > .chef/knife.rb
  • Example of knife.rb content
node_name "hw-chef-cowbell"
chef_server_root "https://localhost/"
chef_server_url "https://localhost"
  • If your working directory is different than youre home directory
cp -R .chef/ ~/.chef/
  • Check to make sure knife-opc is working properly
/opt/opscode/embedded/bin/knife opc org list -k /etc/opscode/pivotal.pem -u pivotal | wc -l
  • Run cookbook cleanup script
./clean-cookbooks.rb
  • Check opscode syslog log directory for permissions errors (a known issue when upgrading between versions of Chef)
chown -R opscode:opscode /var/log/opscode
  • Reconfigure current private-chef instance
private-chef-ctl reconfigure
  • Verify that runsvdir processes are running properly (you will have to do this multiple times)
ps -eaf | grep runsv
  • The output from ps should not list any errors. If it does you must stop and restart runsvdir until there are no errors. The output from the above ps command should be similar to this
runsvdir -P /opt/opscode/service log: ............................................................................
  • Commands to restart these services are BEFORE Chef 11 (while you're still in 1.4.9)
private-chef-ctl stop
stop opscode-runsvdir
chmod -R opscode:opscode /var/log/opscode
start opscode-runsvdir
private-chef-ctl start
ps -eaf | grep runsvdir
  • After runsvdir is configured correctly for the 1.4.9 configuration you need to remove runit services that will no longer be used in Chef 11
private-chef-ctl stop

stop opscode-runsvdir

cd /opt/opscode/service

rm -f fcgiwrap nagios nrpe opscode-chef php-fpm redis

start opscode-runsvdir

ps -eaf | grep runsvdir (make sure you have ........................ and no log file errors)
  • Note: You DO NOT need to run private-chef-ctl start at this point
  • Install Chef 11
rpm -Uvh private-chef-11.1.3-1.el6.x86_64.rpm
  • Check runsvdir status
  • Update timeout setting to 10 hours
vi /opt/opscode/embedded/cookbooks/private-chef/recipes/bookshelf.rb
  • add 'timeout 36000' to execute "cookbook migration" do block
execute "cookbook migration" do
  command cookbook_migration
  timeout 36000
  user owner
  not_if { File.exist?("#{data_path}/_%_BOOKSHELF_DISK_FORMAT") }
end
  • Replace upgrade.rb script
curl https://gist.githubusercontent.com/slyness/e232b389a54a78858d90/raw/e74a98660f745ccd02eece0f364a769291f5a163/gistfile1.txt -o upgrade.rb

cp upgrade.rb /opt/opscode/embedded/service/omnibus-ctl/upgrade.rb
  • Download and patch file for known issue OC-11490
curl https://gist.githubusercontent.com/slyness/4e52bc1569672e1f4c50/raw/abbd30bc223a247c4b69e0d752d24dca954ddf6b/gistfile1.txt -o OC-11490.patch

PATCH_LOCATION=/DIRECTORY/OC-11490.patch
cd /opt/opscode/embedded/cookbooks
patch --dry-run --verbose -p3 <$PATCH_LOCATION
patch -p3 <$PATCH_LOCATION
  • Check runsvdir status
  • Do not start the upgrade unless ps -eaf | grep runsvdir shows ...................... and no log file errors
  • Start a screen session attached to a named socket
  • Note: next phase is a long running process make sure to execute within a screen session to easily detach and reattach with out stopping the upgrade. When the upgrade reaches the execute [cookbook migration] step it will be processing data for quite a while.
screen -S upgrade
  • Run the Upgrade to Chef 11
private-chef-ctl upgrade
  • If you would like to detach from the screen session
ctl + a + d
  • To attach to the screen
screen -r upgrade
  • Steps to monitor the upgrade progress
ls /var/opt/opscode/bookshelf/data/bookshelf | wc -l

** Bookself count will grow to at least a value of 515093

  • Monitor upgrade process for success or failure

If upgrade fails make sure that runsvdir is in a stable state before restarting upgrade process.. (it will often not be)

After completing successful upgrade you can run the following command to verify it's state

  • View web portal and confirm you are able to log on and view an organizations data
http://IPADDRESS/
  • Run the private-chef tests
private-chef-ctl test
  • Check to make sure all organizations are migrated this should mach original count
/opt/opscode/embedded/bin/knife opc org list -k /etc/opscode/pivotal.pem -u pivotal | wc -l
  • After system has been completely verified run
private-chef-ctl cleanup
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment