Server Upgrade: Verify version and platform

Verify version and platform before upgrade or ipactl start|restart Upgrade: * do not allow upgrade on different platforms * do not allow upgrade data with higher version than build has Start: * do not start services if platform mismatch * do not start services if upgrade is needed * do not start services if data with higher version than build has New ipactl options: --skip-version-check: do not validate IPA version --ignore-service-failures (was --force): ignore if a service start fail and continue with starting other services --force: combine --skip-version-check and --ignore-service-failures https://fedorahosted.org/freeipa/ticket/4904 Reviewed-By: Jan Cholasta <jcholast@redhat.com> Reviewed-By: David Kupka <dkupka@redhat.com>
author: Martin Basti <mbasti@redhat.com> 2015-04-10 15:42:58 +0200
committer: Jan Cholasta <jcholast@redhat.com> 2015-05-04 11:16:26 +0000
commit: 9f049ca14403f3696d54d186e6b1b15181f055df (patch)
tree: 80c4c6d0b2d9e0b584322a931a729560e274c174 /ipaserver/install/installutils.py
parent: 39426966063b3f3deced90ef3f5d0a87801d7eab (diff)
download: freeipa-9f049ca14403f3696d54d186e6b1b15181f055df.tar.gz
freeipa-9f049ca14403f3696d54d186e6b1b15181f055df.tar.xz
freeipa-9f049ca14403f3696d54d186e6b1b15181f055df.zip
1 files changed, 69 insertions, 1 deletions
diff --git a/ipaserver/install/installutils.py b/ipaserver/install/installutils.py
index 787a1207a..8a4f2cada 100644
--- a/ipaserver/install/installutils.py
+++ b/ipaserver/install/installutils.py
@@ -35,6 +35,8 @@ from dns.exception import DNSException
 import ldap
 from nss.error import NSPRError
 
+import ipaplatform
+
 from ipapython import ipautil, sysrestore, admintool, dogtag, version
 from ipapython.admintool import ScriptError
 from ipapython.ipa_log_manager import root_logger, log_mgr
@@ -42,9 +44,10 @@ from ipalib.util import validate_hostname
 from ipapython import config
 from ipalib import errors, x509
 from ipapython.dn import DN
-from ipaserver.install import certs, service
+from ipaserver.install import certs, service, sysupgrade
 from ipaplatform import services
 from ipaplatform.paths import paths
+from ipaplatform.tasks import tasks
 
 # Used to determine install status
 IPA_MODULES = [
@@ -67,6 +70,27 @@ class HostReverseLookupError(HostLookupError):
 class HostnameLocalhost(HostLookupError):
     pass
 
+
+class UpgradeVersionError(Exception):
+    pass
+
+
+class UpgradePlatformError(UpgradeVersionError):
+    pass
+
+
+class UpgradeDataOlderVersionError(UpgradeVersionError):
+    pass
+
+
+class UpgradeDataNewerVersionError(UpgradeVersionError):
+    pass
+
+
+class UpgradeMissingVersionError(UpgradeVersionError):
+    pass
+
+
 class ReplicaConfig:
     def __init__(self, top_dir=None):
         self.realm_name = ""
@@ -1037,3 +1061,47 @@ def load_external_cert(files, subject_base):
     ca_file.flush()
 
     return cert_file, ca_file
+
+
+def store_version():
+    """Store current data version and platform. This is required for check if
+    upgrade is required.
+    """
+    sysupgrade.set_upgrade_state('ipa', 'data_version',
+                                 version.VENDOR_VERSION)
+    sysupgrade.set_upgrade_state('ipa', 'platform', ipaplatform.NAME)
+
+
+def check_version():
+    """
+    :raise UpgradePlatformError: if platform is not the same
+    :raise UpgradeDataOlderVersionError: if data needs to be upgraded
+    :raise UpgradeDataNewerVersionError: older version of IPA was detected than data
+    :raise UpgradeMissingVersionError: if platform or version is missing
+    """
+    platform = sysupgrade.get_upgrade_state('ipa', 'platform')
+    if platform is not None:
+        if platform != ipaplatform.NAME:
+            raise UpgradePlatformError(
+                "platform mismatch (expected '%s', current '%s')" % (
+                platform, ipaplatform.NAME)
+            )
+    else:
+        raise UpgradeMissingVersionError("no platform stored")
+
+    data_version = sysupgrade.get_upgrade_state('ipa', 'data_version')
+    if data_version is not None:
+        parsed_data_ver = tasks.parse_ipa_version(data_version)
+        parsed_ipa_ver = tasks.parse_ipa_version(version.VENDOR_VERSION)
+        if parsed_data_ver < parsed_ipa_ver:
+            raise UpgradeDataOlderVersionError(
+                "data needs to be upgraded (expected version '%s', current "
+                "version '%s')" % (version.VENDOR_VERSION, data_version)
+            )
+        elif parsed_data_ver > parsed_ipa_ver:
+            raise UpgradeDataNewerVersionError(
+                "data are in newer version than IPA (data version '%s', IPA "
+                "version '%s')" % (data_version, version.VENDOR_VERSION)
+            )
+    else:
+        raise UpgradeMissingVersionError("no data_version stored")
author	Martin Basti <mbasti@redhat.com>	2015-04-10 15:42:58 +0200
committer	Jan Cholasta <jcholast@redhat.com>	2015-05-04 11:16:26 +0000
commit	9f049ca14403f3696d54d186e6b1b15181f055df (patch)
tree	80c4c6d0b2d9e0b584322a931a729560e274c174 /ipaserver/install/installutils.py
parent	39426966063b3f3deced90ef3f5d0a87801d7eab (diff)
download	freeipa-9f049ca14403f3696d54d186e6b1b15181f055df.tar.gz freeipa-9f049ca14403f3696d54d186e6b1b15181f055df.tar.xz freeipa-9f049ca14403f3696d54d186e6b1b15181f055df.zip