OCP 3 to 4 migration #17415
OCP 3 to 4 migration #17415
Conversation
openshift-ci-robot
added
the
size/XL
| * *Replication repository name* | ||
| * *S3 bucket name* | ||
| * *S3 bucket region*: Required for AWS S3 if the bucket region is not *us-east-1*. Optional for a generic S3 repository. | ||
| * *S3 endpoint*: Required for a generic S3 repository. This is the URL of the S3 service, not the bucket, for example, `http://_<minio-gpte-minio.apps.cluster.com>_`. |
There was a problem hiding this comment.
We will want to update this to reference an example NooBaa endpoint instead of minio
I am working on other updates to show an example of how to setup the S3 pre-reqs.
Will share later today.
There was a problem hiding this comment.
Changed URL to http://s3-noobaa.apps.cluster.com
| * You must have `cluster-admin` privileges. | ||
| * You must have `podman` installed. | ||
| * The source cluster(s) must be {product-title} 3.7 or later. | ||
| * The target cluster must be {product-title} 3.9 or later. |
There was a problem hiding this comment.
Suggest we change to:
"The target cluster is recommended to be the latest released version of {product-title}."
For background...
This will technically work on 3.7 or later for both source and destination.
Recommendation is customer migrate to latest released OpenShift for the destination.
There was a problem hiding this comment.
I suggest we leave this as is. We should treat these situations with a support exception.
This will be confusing if you look at this with the lifecycle.
There was a problem hiding this comment.
@sferich888 when you say leave as-is, I just want to confirm.
Right now doc says: "The target cluster must be {product-title} 3.9 or later."
I think it should say:
"The target cluster is recommended to be the latest released version of {product-title}."
Then we can address 3->3 migrations on a case-by-case basis. Do you agree?
| * You must have `podman` installed. | ||
| * The source cluster(s) must be {product-title} 3.7 or later. | ||
| * The target cluster must be {product-title} 3.9 or later. | ||
| * The replication repository object storage must support the S3 API, for example, Red Hat NooBaa Storage, AWS S3, and generic S3 storage providers. |
There was a problem hiding this comment.
I assume we need to change "Red Hat NooBaa Storage".
Upstream: NooBaa
Downstream: MCG
For this immediate release we will use upstream NooBaa as an example, after OCS4 releases we will change to leverage an operator for MCG.
I will ask product management for their recommendation of what to call this now.
There was a problem hiding this comment.
Confirmed with product management.
Let's change 'Red Hat NooBaa Storage' to 'NooBaa'
Suggest we reword to something like below.
"An object storage provider is required, we refer to this object store as a ‘Replication Repository’. The Replication Repository needs to support the S3 API, for example, NooBaa, AWS S3, and generic S3 storage providers. In addition, the source and destination clusters must both be able to read and write to this object store."
There was a problem hiding this comment.
Do we need to call this out as "upstream" and possibly include a note / call out (warning) about support not being provided for upstream projects?
There was a problem hiding this comment.
Changed Red Hat NooBaa Storage to NooBaa.
|
|
||
| * You must have `cluster-admin` privileges. | ||
| * You must have `podman` installed. | ||
| * The source cluster(s) must be {product-title} 3.7 or later. |
There was a problem hiding this comment.
Add an additional prerequisite
"The migration controller must be able to communicate with both the source and destination clusters, we recommend the migration controller be installed on the destination cluster."
There was a problem hiding this comment.
That's a recommendation, not a prerequisite. The default installation is on the target cluster, so I'm not sure it's necessary to mention this. The user would have to go out of their way to install it on another cluster.
| + | ||
| ---- | ||
| corsAllowedOrigins: | ||
| - (?i)//migration-openshift-migration\.apps\.cluster\.com(:|\z) |
There was a problem hiding this comment.
I saw some folks confused by this, thinking literally (?i)//migration-openshift-migration\.apps\.cluster\.com(:|\z) is the string that they should use.
I think prior to "Configuring cross-origin resource sharing on OpenShift Container Platform 3 clusters", we need a section that explains how to get the UI's Origin, and we need to make it clear that the docs will continue with (?i)//migration-openshift-migration\.apps\.cluster\.com(:|\z) as an example Origin, but this value will be different for every user.
You enable communication with the CAM by configuring cross-origin resource sharing on OpenShift Container Platform 3 and 4 (if the OpenShift Container Platform 4 cluster is not hosting the CAM).
# Obtaining the UI's Origin
First, you must obtain the UI's Origin value to be whitelisted across all of the clusters involved in a migration.
1) You must log into the cluster that is hosting the web UI.
2) The following command will export the encoded `corsAllowedOrigin` for your cluster: `oc get -n openshift-migration route/migration -o go-template='(?i}//{{ .spec.host }}(:|\z){{ println }}' | sed 's,\.,\\.,g'`
3) This output string should be used where an allowed origin must be whitelisted. As an example, we'll use `(?i)//migration-openshift-migration\.apps\.cluster\.com(:|\z)`, but this will differ for your cluster.
There was a problem hiding this comment.
The instructions in the upstream README contains a command to obtain the value for the master-config.yaml in this section. https://github.com/fusor/mig-operator/blob/master/README.md#openshift-3. It may be helpful to add similar to the docs.
There was a problem hiding this comment.
I've added the steps for obtaining the CAM host URL and marked (?i)//migration-openshift-migration\.apps\.cluster\.com(:|\z) with a callout saying that it needs to be replaced with the user's CAM host URL.
| * You must have `cluster-admin` privileges. | ||
| * You must have `podman` installed. | ||
| * The source cluster(s) must be {product-title} 3.7 or later. | ||
| * The target cluster must be {product-title} 3.9 or later. |
There was a problem hiding this comment.
I suggest we leave this as is. We should treat these situations with a support exception.
This will be confusing if you look at this with the lifecycle.
| * You must have `podman` installed. | ||
| * The source cluster(s) must be {product-title} 3.7 or later. | ||
| * The target cluster must be {product-title} 3.9 or later. | ||
| * The replication repository object storage must support the S3 API, for example, Red Hat NooBaa Storage, AWS S3, and generic S3 storage providers. |
There was a problem hiding this comment.
Do we need to call this out as "upstream" and possibly include a note / call out (warning) about support not being provided for upstream projects?
|
Reviewed, LGTM. |
|
I want to make some updates, so I am forking this branch and will create a new PR. Have the comments been addressed? |
|
New doc preview: http://file.tlv.redhat.com/~apinnick/ocp-migration-new/migration/migrating-openshift-3-to-4.html New PR: #17516 |
|
@apinnick Looks like you addressed the comments in your new PR, so I will close this PR in favor if your new one. |
10 participants
Continuation of #16890 t be released in 4.2.z stream next week