Skip to content

Commit

Permalink
Merge pull request #743 from pinikomarov/ospdo_adoption_docs_db_migra…
Browse files Browse the repository at this point in the history 
…tions

ospdo adoption docs db migrations
  • Loading branch information
@jistr
jistr authored Nov 29, 2024
2 parents 0115278 + a085632 commit babbbf6
Show file tree
Hide file tree
Showing 4 changed files with 140 additions and 1 deletion.
3 changes: 3 additions & 0 deletions docs_user/modules/proc_adopting-compute-services-to-the-data-plane.adoc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -126,6 +126,9 @@ endif::[]
ifeval::["{build}" == "downstream"]
$(cat <path_to_SSH_key> | base64 | sed \'s/^/ /')
endif::[]
ifeval::["{OpenStackPreviousInstaller}" == "director_operator"]
$(oc exec -n $<ospdo_namespace> -t openstackclient openstackclient -- cat /home/cloud-admin/.ssh/id_rsa | base64 | sed 's/^/ /')
endif::[]
EOF
----
+
Expand Down
5 changes: 5 additions & 0 deletions docs_user/modules/proc_migrating-databases-to-mariadb-instances.adoc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -172,7 +172,12 @@ EOF
. Restore the databases from `.sql` files into the control plane MariaDB:
+
----
ifeval::["{OpenStackPreviousInstaller}" != "director_operator"]
$ oc rsh mariadb-copy-data << EOF
endif::[]
ifeval::["{OpenStackPreviousInstaller}" == "director_operator"]
$ oc rsh -n $OSPDO_NAMESPACE mariadb-copy-data << EOF
endif::[]
# db schemas to rename on import
declare -A db_name_map
db_name_map['nova']='nova_cell1'
Expand Down
46 changes: 45 additions & 1 deletion docs_user/modules/proc_migrating-ovn-data.adoc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,16 @@ $ grep -rI 'ovn_[ns]b_conn' /var/lib/config-data/puppet-generated/
----

.Procedure

+
ifeval::["{OpenStackPreviousInstaller}" == "director_operator"]
. Get the {OpenShiftShort} master node that contains the {OpenStackShort} Controller:
+
----
$ oc get vmi -n $<ospdo_namespace> -o jsonpath='{.items[0].metadata.labels.kubevirt\.io/nodeName}'
----
+
* Replace `<ospdo_namespace>` with your OSPdO namespace.
endif::[]
. Prepare a temporary `PersistentVolume` claim and the helper pod for the OVN backup. Adjust the storage requests for a large database, if needed:
+
[source,yaml]
Expand All @@ -54,6 +63,9 @@ spec:
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
ifeval::["{OpenStackPreviousInstaller}" == "director_operator"]
namespace: $OSPDO_NAMESPACE
endif::[]
name: ovn-data
spec:
storageClassName: $STORAGE_CLASS
Expand All @@ -69,10 +81,21 @@ metadata:
name: ovn-copy-data
annotations:
openshift.io/scc: anyuid
ifeval::["{OpenStackPreviousInstaller}" != "director_operator"]
k8s.v1.cni.cncf.io/networks: internalapi
endif::[]
ifeval::["{OpenStackPreviousInstaller}" == "director_operator"]
'[{"name": "internalapi-static", "namespace": $<ospdo_namespace>, "ips": ["<internalapi-static-ips>"]}]'
endif::[]
labels:
app: adoption
ifeval::["{OpenStackPreviousInstaller}" == "director_operator"]
namespace: $OSPDO_NAMESPACE
endif::[]
spec:
ifeval::["{OpenStackPreviousInstaller}" == "director_operator"]
nodeName: '{{ <ocp_node_holding_controller> }}'
endif::[]
containers:
- image: $OVSDB_IMAGE
command: [ "sh", "-c", "sleep infinity"]
Expand All @@ -99,11 +122,20 @@ spec:
secretName: ovn-data-cert
EOF
----
ifeval::["{OpenStackPreviousInstaller}" == "director_operator"]
+
* Replace `<ocp_node_holding_controller>` with the {OpenStackShort} node that contains the Controller.
endif::[]

. Wait for the pod to be ready:
+
----
ifeval::["{OpenStackPreviousInstaller}" != "director_operator"]
$ oc wait --for=condition=Ready pod/ovn-copy-data --timeout=30s
endif::[]
ifeval::["{OpenStackPreviousInstaller}" == "director_operator"]
$ oc wait --for=condition=Ready -n $OSPDO_NAMESPACE pod/ovn-copy-data --timeout=30s
endif::[]
----

. If the podified internalapi cidr is different than the source internalapi cidr, add an iptables accept rule on the Controller nodes:
Expand All @@ -117,8 +149,14 @@ $ $CONTROLLER1_SSH sudo iptables -I INPUT -s {PODIFIED_INTERNALAPI_NETWORK} -p t
* If you did not enable TLS everywhere, run the following command:
+
----
ifeval::["{OpenStackPreviousInstaller}" != "director_operator"]
$ oc exec ovn-copy-data -- bash -c "ovsdb-client backup tcp:$SOURCE_OVSDB_IP:6641 > /backup/ovs-nb.db"
$ oc exec ovn-copy-data -- bash -c "ovsdb-client backup tcp:$SOURCE_OVSDB_IP:6642 > /backup/ovs-sb.db"
endif::[]
ifeval::["{OpenStackPreviousInstaller}" == "director_operator"]
$ oc exec -n $OSPDO_NAMESPACE ovn-copy-data -- bash -c "ovsdb-client backup tcp:$SOURCE_OVSDB_IP:6641 > /backup/ovs-nb.db"
$ oc exec -n $OSPDO_NAMESPACE ovn-copy-data -- bash -c "ovsdb-client backup tcp:$SOURCE_OVSDB_IP:6642 > /backup/ovs-sb.db"
endif::[]
----
* If you enabled TLS everywhere, run the following command:
+
Expand Down Expand Up @@ -193,8 +231,14 @@ $ oc exec ovn-copy-data -- bash -c "ovsdb-client get-schema --ca-cert=/etc/pki/t
.. If you did not enable TLS everywhere, use the following command:
+
----
ifeval::["{OpenStackPreviousInstaller}" != "director_operator"]
$ oc exec ovn-copy-data -- bash -c "ovsdb-client restore tcp:$PODIFIED_OVSDB_NB_IP:6641 < /backup/ovs-nb.db"
$ oc exec ovn-copy-data -- bash -c "ovsdb-client restore tcp:$PODIFIED_OVSDB_SB_IP:6642 < /backup/ovs-sb.db"
endif::[]
ifeval::["{OpenStackPreviousInstaller}" == "director_operator"]
$ oc exec -n $RHOSO_NAMESPACE ovn-copy-data -- bash -c "ovsdb-client restore tcp:$PODIFIED_OVSDB_NB_IP:6641 < /backup/ovs-nb.db"
$ oc exec -n $RHOSO_NAMESPACE ovn-copy-data -- bash -c "ovsdb-client restore tcp:$PODIFIED_OVSDB_SB_IP:6642 < /backup/ovs-sb.db"
endif::[]
----

.. If you enabled TLS everywhere, use the following command:
Expand Down
87 changes: 87 additions & 0 deletions docs_user/modules/proc_retrieving-topology-specific-service-configuration.adoc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ Before you migrate your databases to the {rhos_long} control plane, retrieve the
* Define the following shell variables. Replace the example values with values that are correct for your environment:
+
----
ifeval::["{OpenStackPreviousInstaller}" != "director_operator"]
ifeval::["{build}" != "downstream"]
CONTROLLER1_SSH="ssh -i ~/install_yamls/out/edpm/ansibleee-ssh-key-id_rsa [email protected]"
MARIADB_IMAGE=quay.io/podified-antelope-centos9/openstack-mariadb:current-podified
Expand Down Expand Up @@ -42,26 +43,107 @@ $ sudo grep -rI 'listen mysql' -A10 /var/lib/config-data/puppet-generated/ | gre
. Export the shell variables for the following outputs and test the connection to the {OpenStackShort} database:
+
----
ifeval::["{OpenStackPreviousInstaller}" != "director_operator"]
export PULL_OPENSTACK_CONFIGURATION_DATABASES=$(oc run mariadb-client ${MARIADB_CLIENT_ANNOTATIONS} -q --image ${MARIADB_IMAGE} -i --rm --restart=Never -- \
endif::[]
ifeval::["{OpenStackPreviousInstaller}" == "director_operator"]
export PULL_OPENSTACK_CONFIGURATION_DATABASES=$(oc run mariadb-client --overrides="$RUN_OVERRIDES" -n $OSPDO_NAMESPACE -q --image ${MARIADB_IMAGE} -i --rm --restart=Never -- \
endif::[]
mysql -rsh "$SOURCE_MARIADB_IP" -uroot -p"$SOURCE_DB_ROOT_PASSWORD" -e 'SHOW databases;')
echo "$PULL_OPENSTACK_CONFIGURATION_DATABASES"
----
ifeval::["{OpenStackPreviousInstaller}" == "director_operator"]
----
export CONTROLLER1_SSH="oc -n $OSPDO_NAMESPACE rsh -c openstackclient openstackclient ssh controller-0.ctlplane"
----
* With OSPdO, the `mariadb-client` needs to run on the same {rhocp_long} node where the {OpenStackShort} Controller node is running. In addition, the `internalapi-static` network needs to be attached to the pod.
----
export PASSWORD_FILE="tripleo-passwords.yaml"
export OSPDO_NAMESPACE="openstack"
----
. Get the passwords file:
+
----
$ oc get secret tripleo-passwords -n $OSPDO_NAMESPACE -o json | jq -r '.data["tripleo-overcloud-passwords.yaml"]' |
base64 -d >"${PASSWORD_FILE}"
----

. Get the name of the {OpenShiftShort} node where the {OpenStackShort} Controller virtual machine is running:
+
----
$ export CONTROLLER_NODE=$(oc get vmi -ojson | jq -r '.items[0].status.nodeName')
$ export SOURCE_OVN_OVSDB_IP=172.17.0.160 # get this from the source OVN DB
$ export SOURCE_DB_ROOT_PASSWORD=$(grep <"${PASSWORD_FILE}" ' MysqlRootPassword:' | awk -F ': ' '{ print $2; }') || {
echo "Failed to get the source DB root password"
exit 1
}
----
. Find the mysql service IP in the `ctlplane-export.yaml` section of the `tripleo-exports-default` ConfigMap:
+
----
$ cpexport=$(oc -n "${OSPDO_NAMESPACE}" get cm tripleo-exports-default -o json | jq -r '.data["ctlplane-export.yaml"]')
$ export SOURCE_MARIADB_IP=$(echo "$cpexport" | sed -e '0,/ MysqlInternal/d' | sed -n '0,/host_nobrackets/s/^.*host_nobrackets\:\s*\(.*\)$/\1/p')
+
$ export MARIADB_IMAGE='quay.io/podified-antelope-centos9/openstack-mariadb:current-podified'
+
$ RUN_OVERRIDES='{
"apiVersion": "v1",
"metadata": {
"annotations": {
"k8s.v1.cni.cncf.io/networks": "[{\"name\": \"internalapi-static\",\"namespace\": \"openstack\", \"ips\":[\"172.17.0.99/24\"]}]"
}
},
"spec": {
"nodeName": "'"$CONTROLLER_NODE"'",
"securityContext": {
"allowPrivilegeEscalation": false,
"capabilities": {
"drop": ["ALL"]
},
"runAsNonRoot": true,
"seccompProfile": {
"type": "RuntimeDefault"
}
}
}
}'
----
.Procedure

. Export the shell variables for the following outputs and test the connection to the {OpenStackShort} database:
+
----
$ export PULL_OPENSTACK_CONFIGURATION_DATABASES="$(oc run mariadb-client -q --image "${MARIADB_IMAGE}" \
-i --rm --restart=Never {pod_annotations} -- mysql -rsh "$SOURCE_MARIADB_IP" -uroot -p"$SOURCE_DB_ROOT_PASSWORD" -e 'SHOW databases;')"
----
endif::[]
+
[NOTE]
The `nova`, `nova_api`, and `nova_cell0` databases are included in the same database host.

. Run `mysqlcheck` on the {OpenStackShort} database to check for inaccuracies:
+
----
ifeval::["{OpenStackPreviousInstaller}" != "director_operator"]
export PULL_OPENSTACK_CONFIGURATION_MYSQLCHECK_NOK=$(oc run mariadb-client ${MARIADB_CLIENT_ANNOTATIONS} -q --image ${MARIADB_IMAGE} -i --rm --restart=Never -- \
endif::[]
ifeval::["{OpenStackPreviousInstaller}" == "director_operator"]
export PULL_OPENSTACK_CONFIGURATION_MYSQLCHECK_NOK=$(oc run mariadb-client --overrides="$RUN_OVERRIDES" -n $OSPDO_NAMESPACE -q --image ${MARIADB_IMAGE} -i --rm --restart=Never -- \
endif::[]
mysqlcheck --all-databases -h $SOURCE_MARIADB_IP -u root -p"$SOURCE_DB_ROOT_PASSWORD" | grep -v OK)
echo "$PULL_OPENSTACK_CONFIGURATION_MYSQLCHECK_NOK"
----

. Get the {compute_service_first_ref} cell mappings:
+
----
ifeval::["{OpenStackPreviousInstaller}" != "director_operator"]
export PULL_OPENSTACK_CONFIGURATION_NOVADB_MAPPED_CELLS=$(oc run mariadb-client ${MARIADB_CLIENT_ANNOTATIONS} -q --image ${MARIADB_IMAGE} -i --rm --restart=Never -- \
endif::[]
ifeval::["{OpenStackPreviousInstaller}" == "director_operator"]
export PULL_OPENSTACK_CONFIGURATION_NOVADB_MAPPED_CELLS=$(oc run mariadb-client --overrides="$RUN_OVERRIDES" -n $OSPDO_NAMESPACE -q --image ${MARIADB_IMAGE} -i --rm --restart=Never -- \
endif::[]
mysql -rsh "${SOURCE_MARIADB_IP}" -uroot -p"${SOURCE_DB_ROOT_PASSWORD}" nova_api -e \
'select uuid,name,transport_url,database_connection,disabled from cell_mappings;')
echo "$PULL_OPENSTACK_CONFIGURATION_NOVADB_MAPPED_CELLS"
Expand All @@ -70,7 +152,12 @@ echo "$PULL_OPENSTACK_CONFIGURATION_NOVADB_MAPPED_CELLS"
. Get the hostnames of the registered Compute services:
+
----
ifeval::["{OpenStackPreviousInstaller}" != "director_operator"]
export PULL_OPENSTACK_CONFIGURATION_NOVA_COMPUTE_HOSTNAMES=$(oc run mariadb-client ${MARIADB_CLIENT_ANNOTATIONS} -q --image ${MARIADB_IMAGE} -i --rm --restart=Never -- \
endif::[]
ifeval::["{OpenStackPreviousInstaller}" == "director_operator"]
export PULL_OPENSTACK_CONFIGURATION_NOVA_COMPUTE_HOSTNAMES=$(oc run mariadb-client --overrides="$RUN_OVERRIDES" -n $OSPDO_NAMESPACE -q --image ${MARIADB_IMAGE} -i --rm --restart=Never -- \
endif::[]
mysql -rsh "$SOURCE_MARIADB_IP" -uroot -p"$SOURCE_DB_ROOT_PASSWORD" nova_api -e \
"select host from nova.services where services.binary='nova-compute';")
echo "$PULL_OPENSTACK_CONFIGURATION_NOVA_COMPUTE_HOSTNAMES"
Expand Down

0 comments on commit babbbf6

Please sign in to comment.