|
| 1 | +// Module included in the following assemblies: |
| 2 | +// |
| 3 | +// * networking/ovn_kubernetes_network_provider/migrate-from-openshift-sdn.adoc |
| 4 | +// * networking/ovn_kubernetee_network_provider/rollback-to-openshift-sdn.adoc |
| 5 | + |
| 6 | +ifeval::["{context}" == "rollback-to-openshift-sdn"] |
| 7 | +:rollback: |
| 8 | +endif::[] |
| 9 | + |
| 10 | +:_mod-docs-content-type: PROCEDURE |
| 11 | +ifndef::rollback[] |
| 12 | +[id="nw-ovn-kubernetes-ansible-migration-about_{context}"] |
| 13 | += Using an Ansible playbook to migrate to the OVN-Kubernetes network plugin |
| 14 | + |
| 15 | +As a cluster administrator, you can use an Ansible collection, `network.offline_migration_sdn_to_ovnk`, to migrate from the OpenShift SDN Container Network Interface (CNI) network plugin to the OVN-Kubernetes plugin for your cluster. The Ansible collection includes the following playbooks: |
| 16 | + |
| 17 | +* `playbooks/playbook-migration.yml`: Includes playbooks that execute in a sequence where each playbook represents a step in the migration process. |
| 18 | +* `playbooks/playbook-rollback.yml`: Includes playbooks that execute in a sequence where each playbook represents a step in the rollback process. |
| 19 | +endif::rollback[] |
| 20 | +
|
| 21 | +ifdef::rollback[] |
| 22 | +[id="nw-ovn-kubernetes-ansible-rollback_{context}"] |
| 23 | += Using an Ansible playbook to roll back to the OpenShift SDN network plugin |
| 24 | + |
| 25 | +As a cluster administrator, you can use the `playbooks/playbook-rollback.yml` from the `network.offline_migration_sdn_to_ovnk` Ansible collection to roll back from the OVN-Kubernetes plugin to the OpenShift SDN Container Network Interface (CNI) network plugin. |
| 26 | +endif::rollback[] |
| 27 | + |
| 28 | +.Prerequisites |
| 29 | + |
| 30 | +* You installed the `python3` package, minimum version 3.10. |
| 31 | +* You installed the `jmespath` and `jq` packages. |
| 32 | +* You logged in to the {hybrid-console} and opened the link:https://console.redhat.com/ansible/ansible-dashboard[Ansible Automation Platform] web console. |
| 33 | +* You created a security group rule that allows User Datagram Protocol (UDP) packets on port `6081` for all nodes on all cloud platforms. If you do not do this task, your cluster might fail to schedule pods. |
| 34 | +ifndef::rollback[] |
| 35 | +* If the OpenShift-SDN plugin uses the `100.64.0.0/16` and `100.88.0.0/16` address ranges, you patched the address ranges. For more information, see "Patching OVN-Kubernetes address ranges" in the _Additional resources_ section. |
| 36 | +endif::rollback[] |
| 37 | +
|
| 38 | +.Procedure |
| 39 | + |
| 40 | +. Install the `ansible-core` package, minimum version 2.15. The following example command shows how to install the `ansible-core` package on {op-system-base-full}: |
| 41 | ++ |
| 42 | +[source,terminal] |
| 43 | +---- |
| 44 | +$ sudo dnf install -y ansible-core |
| 45 | +---- |
| 46 | + |
| 47 | +. Create an `ansible.cfg` file and add information similar to the following example to the file. Ensure that file exists in the same directory as where the `ansible-galaxy` commands and the playbooks run. |
| 48 | ++ |
| 49 | +[source,ini,subs="attributes+"] |
| 50 | +---- |
| 51 | +$ cat << EOF >> ansible.cfg |
| 52 | +[galaxy] |
| 53 | +server_list = automation_hub, validated |
| 54 | + |
| 55 | +[galaxy_server.automation_hub] |
| 56 | +url=https://console.redhat.com/api/automation-hub/content/published/ |
| 57 | +auth_url=https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token |
| 58 | +token= |
| 59 | + |
| 60 | +#[galaxy_server.release_galaxy] |
| 61 | +#url=https://galaxy.ansible.com/ |
| 62 | + |
| 63 | +[galaxy_server.validated] |
| 64 | +url=https://console.redhat.com/api/automation-hub/content/validated/ |
| 65 | +auth_url=https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token |
| 66 | +token= |
| 67 | +EOF |
| 68 | +---- |
| 69 | + |
| 70 | +. From the Ansible Automation Platform web console, go to the link:https://console.redhat.com/ansible/automation-hub/token/[Connect to Hub] page and complete the following steps: |
| 71 | ++ |
| 72 | +.. In the *Offline token* section of the page, click the *Load token* button. |
| 73 | ++ |
| 74 | +.. After the token loads, click the *Copy to clipboard* icon. |
| 75 | ++ |
| 76 | +.. Open the `ansible.cfg` file and paste the API token in the `token=` parameter. The API token is required for authenticating against the server URL specified in the `ansible.cfg` file. |
| 77 | + |
| 78 | +. Install the `network.offline_migration_sdn_to_ovnk` Ansible collection by entering the following `ansible-galaxy` command: |
| 79 | ++ |
| 80 | +[source,terminal] |
| 81 | +---- |
| 82 | +$ ansible-galaxy collection install network.offline_migration_sdn_to_ovnk |
| 83 | +---- |
| 84 | + |
| 85 | +. Verify that the `network.offline_migration_sdn_to_ovnk` Ansible collection is installed on your system: |
| 86 | ++ |
| 87 | +[source,terminal] |
| 88 | +---- |
| 89 | +$ ansible-galaxy collection list | grep network.offline_migration_sdn_to_ovnk |
| 90 | +---- |
| 91 | ++ |
| 92 | +.Example output |
| 93 | ++ |
| 94 | +[source,terminal] |
| 95 | +---- |
| 96 | +network.offline_migration_sdn_to_ovnk 1.0.2 |
| 97 | +---- |
| 98 | ++ |
| 99 | +The `network.offline_migration_sdn_to_ovnk` Ansible collection is saved in the default path of `~/.ansible/collections/ansible_collections/network/offline_migration_sdn_to_ovnk/`. |
| 100 | ++ |
| 101 | +ifndef::rollback[] |
| 102 | +. Configure migration features in the `playbooks/playbook-migration.yml` file: |
| 103 | ++ |
| 104 | +[source,yaml] |
| 105 | +---- |
| 106 | +# ... |
| 107 | + migration_interface_name: eth0 |
| 108 | + migration_disable_auto_migration: true |
| 109 | + migration_egress_ip: false |
| 110 | + migration_egress_firewall: false |
| 111 | + migration_multicast: false |
| 112 | + migration_mtu: 1400 |
| 113 | + migration_geneve_port: 6081 |
| 114 | + migration_ipv4_subnet: "100.64.0.0/16" |
| 115 | +# ... |
| 116 | +---- |
| 117 | ++ |
| 118 | +`migration_interface_name`:: If you use an `NodeNetworkConfigurationPolicy` (NNCP) resource on a primary interface, specify the interface name in the `migration-playbook.yml` file so that the NNCP resource gets deleted on the primary interface during the migration process. |
| 119 | +`migration_disable_auto_migration`:: Disables the auto-migration of OpenShift SDN CNI plug-in features to the OVN-Kubernetes plugin. If you disable auto-migration of features, you must also set the `migration_egress_ip`, `migration_egress_firewall`, and `migration_multicast` parameters to `false`. If you need to enable auto-migration of features, set the parameter to `false`. |
| 120 | +`migration_mtu`:: Optional parameter that sets a specific maximum transmission unit (MTU) to your cluster network after the migration process. |
| 121 | +`migration_geneve_port`:: Optional parameter that sets a Geneve port for OVN-Kubernetes. The default port is `6081`. |
| 122 | +`migration_ipv4_subnet`:: Optional parameter that sets an IPv4 address range for internal use by OVN-Kubernetes. The default value for the parameter is `100.64.0.0/16`. |
| 123 | + |
| 124 | +. To run the `playbooks/playbook-migration.yml` file, enter the following command: |
| 125 | ++ |
| 126 | +[source,terminal] |
| 127 | +---- |
| 128 | +$ ansible-playbook -v playbooks/playbook-migration.yml |
| 129 | +---- |
| 130 | +endif::rollback[] |
| 131 | +ifdef::rollback[] |
| 132 | +. Configure rollback features in the `playbooks/playbook-migration.yml` file: |
| 133 | ++ |
| 134 | +[source,terminal] |
| 135 | +---- |
| 136 | +# ... |
| 137 | + rollback_disable_auto_migration: true |
| 138 | + rollback_egress_ip: false |
| 139 | + rollback_egress_firewall: false |
| 140 | + rollback_multicast: false |
| 141 | + rollback_mtu: 1400 |
| 142 | + rollback_vxlanPort: 4790 |
| 143 | +# ... |
| 144 | +---- |
| 145 | ++ |
| 146 | +`rollback_disable_auto_migration`:: Disables the auto-migration of OVN-Kubernetes plug-in features to the OpenShift SDN CNI plug-in. If you disable auto-migration of features, you must also set the `rollback_egress_ip`, `rollback_egress_firewall`, and `rollback_multicast` parameters to `false`. If you need to enable auto-migration of features, set the parameter to `false`. |
| 147 | +`rollback_mtu`:: Optional parameter that sets a specific maximum transmission unit (MTU) to your cluster network after the migration process. |
| 148 | +`rollback_vxlanPort`:: Optional parameter that sets a VXLAN (Virtual Extensible LAN) port for use by OpenShift SDN CNI plug-in. The default value for the parameter is `4790`. |
| 149 | + |
| 150 | +. To run the `playbooks/playbook-rollback.yml` file, enter the following command: |
| 151 | ++ |
| 152 | +[source,terminal] |
| 153 | +---- |
| 154 | +$ ansible-playbook -v playbooks/playbook-rollback.yml |
| 155 | +---- |
| 156 | +endif::rollback[] |
| 157 | + |
| 158 | +ifeval::["{context}" == "rollback-to-openshift-sdn"] |
| 159 | +:!rollback: |
| 160 | +endif::[] |
0 commit comments