finished refining rest of procedure

openstack-k8s-operators · Jul 24, 2024 · bec7b3d · bec7b3d
1 parent fc49aa7
commit bec7b3d
Showing 1 changed file with 34 additions and 30 deletions.
diff --git a/docs_user/modules/proc_migrating-ovn-data.adoc b/docs_user/modules/proc_migrating-ovn-data.adoc
@@ -2,13 +2,13 @@
 
 = Migrating OVN data
 
-Migrate the data in the OVN databases from the original {rhos_prev_long} deployment to `ovsdb-server` instances that are running in the {OpenShift} cluster.
+Migrate the data in the OVN databases from the original {rhos_prev_long} deployment to `ovsdb-server` instances that are running in the {OpenShift} ({OpenShiftShort}) cluster.
 
 .Prerequisites
 
 * The `OpenStackControlPlane` resource is created.
 * `NetworkAttachmentDefinition` custom resources (CRs) for the original cluster are defined. Specifically, the `internalapi` network is defined.
-* Ensure that the original {networking_service_first_ref} and OVN `northd` are not running.
+* Ensure that the original {networking_first_ref} and OVN `northd` are not running.
 * Ensure that there is network routability between the control plane services and the adopted cluster.
 * Define the following shell variables. Replace the example values with values that are correct for your environment:
 +
@@ -21,22 +21,22 @@ ifeval::["{build}" == "downstream"]
 STORAGE_CLASS=local-storage
 OVSDB_IMAGE=registry.redhat.io/rhosp-dev-preview/openstack-ovn-base-rhel9:18.0
 endif::[]
-SOURCE_OVSDB_IP=172.17.1.49
+SOURCE_OVSDB_IP=172.17.0.100
 ----
 +
-To get the value to set `SOURCE_OVSDB_IP`, query the puppet-generated configurations:
+To get the value to set `SOURCE_OVSDB_IP`, query the puppet-generated configurations in a Controller node:
 +
 ----
 $ grep -rI 'ovn_[ns]b_conn' /var/lib/config-data/puppet-generated/
 ----
 
 .Procedure
 
-. Prepare a temporary `PersistentVolume` claim and the helper pod for the OVN backup. Adjust storage requests for a large database, if needed:
+. Prepare a temporary `PersistentVolume` claim and the helper pod for the OVN backup. Adjust the storage requests for a large database, if needed:
 +
 [source,yaml]
 ----
-oc apply -f - <<EOF
+$ oc apply -f - <<EOF
 ---
 apiVersion: cert-manager.io/v1
 kind: Certificate
@@ -122,7 +122,7 @@ $ oc exec ovn-copy-data -- bash -c "ovsdb-client backup --ca-cert=/etc/pki/tls/m
 +
 [source,yaml]
 ----
-$ oc patch openstackcontrolplane openstack --type=merge --patch '
+$ oc patch openstackcontrolplane openstack-galera-network-isolation --type=merge --patch '
 spec:
   ovn:
     enabled: true
@@ -159,46 +159,48 @@ PODIFIED_OVSDB_NB_IP=$(oc get svc --selector "statefulset.kubernetes.io/pod-name
 PODIFIED_OVSDB_SB_IP=$(oc get svc --selector "statefulset.kubernetes.io/pod-name=ovsdbserver-sb-0" -ojsonpath='{.items[0].spec.clusterIP}')
 ----
 
-. Upgrade the database schema for the backup files on an environment without TLS everywhere.
+. Upgrade the database schema for the backup files:
+.. If you did not enable TLS everywhere, use the following command:
 +
 ----
 $ oc exec ovn-copy-data -- bash -c "ovsdb-client get-schema tcp:$PODIFIED_OVSDB_NB_IP:6641 > /backup/ovs-nb.ovsschema && ovsdb-tool convert /backup/ovs-nb.db /backup/ovs-nb.ovsschema"
 $ oc exec ovn-copy-data -- bash -c "ovsdb-client get-schema tcp:$PODIFIED_OVSDB_SB_IP:6642 > /backup/ovs-sb.ovsschema && ovsdb-tool convert /backup/ovs-sb.db /backup/ovs-sb.ovsschema"
 ----
 
-. Alternatively, upgrade database schema for the backup files on a TLS everywhere environment.
+.. If you enabled TLS everywhere, use the following command:
 +
 ----
 $ oc exec ovn-copy-data -- bash -c "ovsdb-client get-schema --ca-cert=/etc/pki/tls/misc/ca.crt --private-key=/etc/pki/tls/misc/tls.key --certificate=/etc/pki/tls/misc/tls.crt ssl:$PODIFIED_OVSDB_NB_IP:6641 > /backup/ovs-nb.ovsschema && ovsdb-tool convert /backup/ovs-nb.db /backup/ovs-nb.ovsschema"
 $ oc exec ovn-copy-data -- bash -c "ovsdb-client get-schema --ca-cert=/etc/pki/tls/misc/ca.crt --private-key=/etc/pki/tls/misc/tls.key --certificate=/etc/pki/tls/misc/tls.crt ssl:$PODIFIED_OVSDB_SB_IP:6642 > /backup/ovs-sb.ovsschema && ovsdb-tool convert /backup/ovs-sb.db /backup/ovs-sb.ovsschema"
 ----
 
-. Restore database backup to the new OVN database servers on an environment without TLS everywhere.
+. Restore the database backup to the new OVN database servers:
+.. If you did not enable TLS everywhere, use the following command:
 +
 ----
-oc exec ovn-copy-data -- bash -c "ovsdb-client restore tcp:$PODIFIED_OVSDB_NB_IP:6641 < /backup/ovs-nb.db"
-oc exec ovn-copy-data -- bash -c "ovsdb-client restore tcp:$PODIFIED_OVSDB_SB_IP:6642 < /backup/ovs-sb.db"
+$ oc exec ovn-copy-data -- bash -c "ovsdb-client restore tcp:$PODIFIED_OVSDB_NB_IP:6641 < /backup/ovs-nb.db"
+$ oc exec ovn-copy-data -- bash -c "ovsdb-client restore tcp:$PODIFIED_OVSDB_SB_IP:6642 < /backup/ovs-sb.db"
 ----
 
-. Alternatively, restore database backup to the new OVN database servers on a TLS everywhere environment.
+.. If you enabled TLS everywhere, use the following command:
 +
 ----
-oc exec ovn-copy-data -- bash -c "ovsdb-client restore --ca-cert=/etc/pki/tls/misc/ca.crt --private-key=/etc/pki/tls/misc/tls.key --certificate=/etc/pki/tls/misc/tls.crt ssl:$PODIFIED_OVSDB_NB_IP:6641 < /backup/ovs-nb.db"
-oc exec ovn-copy-data -- bash -c "ovsdb-client restore --ca-cert=/etc/pki/tls/misc/ca.crt --private-key=/etc/pki/tls/misc/tls.key --certificate=/etc/pki/tls/misc/tls.crt ssl:$PODIFIED_OVSDB_SB_IP:6642 < /backup/ovs-sb.db"
+$ oc exec ovn-copy-data -- bash -c "ovsdb-client restore --ca-cert=/etc/pki/tls/misc/ca.crt --private-key=/etc/pki/tls/misc/tls.key --certificate=/etc/pki/tls/misc/tls.crt ssl:$PODIFIED_OVSDB_NB_IP:6641 < /backup/ovs-nb.db"
+$ oc exec ovn-copy-data -- bash -c "ovsdb-client restore --ca-cert=/etc/pki/tls/misc/ca.crt --private-key=/etc/pki/tls/misc/tls.key --certificate=/etc/pki/tls/misc/tls.crt ssl:$PODIFIED_OVSDB_SB_IP:6642 < /backup/ovs-sb.db"
 ----
 
-. Check that data was successfully migrated by issuing some `ovn-nbctl` and `ovn-sbctl` commands against the new database servers, for example:
+. Check that the data was successfully migrated by running the following commands against the new database servers, for example:
 +
 ----
-oc exec -it ovsdbserver-nb-0 -- ovn-nbctl show
-oc exec -it ovsdbserver-sb-0 -- ovn-sbctl list Chassis
+$ oc exec -it ovsdbserver-nb-0 -- ovn-nbctl show
+$ oc exec -it ovsdbserver-sb-0 -- ovn-sbctl list Chassis
 ----
 
-. Start the control plane `ovn-northd` service. It will keep both OVN databases in sync.
+. Start the control plane `ovn-northd` service to keep both OVN databases in sync:
 +
 [source,yaml]
 ----
-oc patch openstackcontrolplane openstack --type=merge --patch '
+$ oc patch openstackcontrolplane openstack-galera-network-isolation --type=merge --patch '
 spec:
   ovn:
     enabled: true
@@ -208,25 +210,27 @@ spec:
 '
 ----
 
-. If you'd like to run OVN gateway services on OCP nodes, also enable the control plane `ovn-controller` service:
+. Optional: To run OVN gateway services on {OpenShiftShort} nodes, enable the control plane `ovn-controller` service:
 +
 [source,yaml]
 ----
-oc patch openstackcontrolplane openstack --type=json -p="[{'op': 'remove', 'path': '/spec/ovn/template/ovnController/nodeSelector'}]"
+$ oc patch openstackcontrolplane openstack-galera-network-isolation --type=json -p="[{'op': 'remove', 'path': '/spec/ovn/template/ovnController/nodeSelector'}]"
 ----
++
+[NOTE]
+Running OVN gateways on {OpenShiftShort} nodes might be prone to data plane downtime during Open vSwitch upgrades. Consider running OVN gateways on dedicated `Networker` data plane nodes for production deployments instead.
 
-Note that running OVN gateways on OCP nodes may be prone to dataplane downtime
-during Open vSwitch upgrades. Consider running OVN gateways on dedicated
-`Networker` data plane nodes for production deployments instead.
-
-. Delete the `ovn-data` helper pod and the temporary `PersistentVolumeClaim` used to store OVN database backup files (consider making a snapshot of it before deleting):
+. Delete the `ovn-data` helper pod and the temporary `PersistentVolumeClaim` that is used to store OVN database backup files:
 +
 ----
-oc delete pod ovn-copy-data
-oc delete pvc ovn-data
+$ oc delete pod ovn-copy-data
+$ oc delete pvc ovn-data
 ----
++
+[NOTE]
+Consider taking a snapshot of the `ovn-data` helper pod and the temporary `PersistentVolumeClaim` before deleting them. For more information, see link:{defaultOCPURL}/storage/index#lvms-about-volume-snapsot_logical-volume-manager-storage[About volume snapshots] in _OpenShift Container Platform storage overview_.
 
-. Stop adopted OVN database servers.
+. Stop the adopted OVN database servers:
 +
 ----
 ServicesToStop=("tripleo_ovn_cluster_north_db_server.service"