Merge pull request #72734 from jab-rh/OCPBUGS-30311

jab-rh · web-flow · commit e77cba33b732 · 2024-03-19T16:09:31.000-04:00
OCPBUGS-30311: Remove unused IPsec config from Butane
diff --git a/modules/nw-ovn-ipsec-north-south-enable.adoc b/modules/nw-ovn-ipsec-north-south-enable.adoc
@@ -67,7 +67,7 @@ spec:
 <2> Specifies the name of the interface to create on the host.
 <3> Specifies the host name of the cluster node that terminates the IPsec tunnel on the cluster side. The name should match SAN `[Subject Alternate Name]` from your supplied PKCS#12 certificates.
 <4> Specifies the external host name, such as `host.example.com`. The name should match the SAN `[Subject Alternate Name]` from your supplied PKCS#12 certificates.
-<5> Specifies the IP address of the external host, such as `10.1.2.3.4/32`.
+<5> Specifies the IP address of the external host, such as `10.1.2.3/32`.
 
 .Example NMState IPsec tunnel configuration
 [source,yaml]
@@ -100,7 +100,7 @@ spec:
 <2> Specifies the name of the interface to create on the host.
 <3> Specifies the host name of the cluster node that terminates the IPsec tunnel on the cluster side. The name should match SAN `[Subject Alternate Name]` from your supplied PKCS#12 certificates.
 <4> Specifies the external host name, such as `host.example.com`. The name should match the SAN `[Subject Alternate Name]` from your supplied PKCS#12 certificates.
-<5> Specifies the IP address of the external host, such as `10.1.2.3.4/32`.
+<5> Specifies the IP address of the external host, such as `10.1.2.3/32`.
 --
 
 .. To configure the IPsec interface, enter the following command:
@@ -117,9 +117,9 @@ $ oc create -f ipsec-config.yaml
 * `ca.pem`: The certificate authority that you signed your certificates with
 --
 
-. Create a machine config to apply the IPsec configuration to your cluster by using the following two steps:
+. Create a machine config to add your certificates to the cluster:
 
-.. To add the IPsec configuration, create Butane config files for the control plane and worker nodes with the following contents:
+.. To create Butane config files for the control plane and worker nodes, enter the following command:
 +
 [source,terminal,subs="attributes+"]
 ----
@@ -128,7 +128,7 @@ $ for role in master worker; do
   variant: openshift
   version: {product-version}.0
   metadata:
-    name: 99-$\{role}-import-certs-enable-svc-os-ext
+    name: 99-$\{role}-import-certs
     labels:
       machineconfiguration.openshift.io/role: $role
   systemd:
@@ -150,11 +150,6 @@ $ for role in master worker; do
         WantedBy=multi-user.target
   storage:
     files:
-    - path: /etc/ipsec.d/ipsec-endpoint-config.conf
-      mode: 0400
-      overwrite: true
-      contents:
-        local: ipsec-endpoint-config.conf
     - path: /etc/pki/certs/ca.pem
       mode: 0400
       overwrite: true
