refined orchestration procedure #621
Conversation
|
|
||
| . A {OpenStackPreviousInstaller} environment (the source Cloud) is running on one side; | ||
| . A {rhocp_long} environment is running on the other side. | ||
| After you complete the adoption process, you have CRs for `Heat`, `HeatAPI`, `HeatEngine`, and `HeatCFNAPI`, and endpoints within the {identity_service_first_ref} to facilitate these services. |
There was a problem hiding this comment.
What do we mean by the endpoints “facilitate” the services? Connect to the services?
There was a problem hiding this comment.
Maybe: "After you complete the adoption process, you have CRs and endpoints within the {identity_service_first_ref} for Heat, HeatAPI, HeatEngine, and HeatCFNAPI." ?
There was a problem hiding this comment.
@bshephar What do we mean by the endpoints “facilitate” the services? Connect to the services?
|
|
||
| .Procedure | ||
| ifeval::["{build}" != "downstream"] | ||
| As already done for https://github.com/openstack-k8s-operators/data-plane-adoption/blob/main/keystone_adoption.md[Keystone], the Heat Adoption follows a similar pattern. | ||
| endif::[] | ||
|
|
||
| . Patch the `osp-secret` to update the `HeatAuthEncryptionKey` and `HeatPassword`. This needs to match what you have configured in the existing {OpenStackPreviousInstaller} {orchestration} configuration. | ||
| You can retrieve and verify the existing `auth_encryption_key` and `service` passwords via: | ||
| . Retrieve the existing `auth_encryption_key` and `service` passwords. You use these passwords to patch the `osp-secret`: | ||
| + | ||
| ---- | ||
| [stack@rhosp17 ~]$ grep -E 'HeatPassword|HeatAuth' ~/overcloud-deploy/overcloud/overcloud-passwords.yaml | ||
| HeatAuthEncryptionKey: Q60Hj8PqbrDNu2dDCbyIQE2dibpQUPg2 | ||
| HeatPassword: dU2N0Vr2bdelYH7eQonAwPfI3 |
There was a problem hiding this comment.
Should this step say, "Retrieve the existing HeatAuthEncryptionKey and HeatPassword..." so that it matches the code below it?
There was a problem hiding this comment.
@bshephar Can you address the question above?
klgill
force-pushed
the
Docs-Refine-Orchestration-Procedure
branch
from
10bcd00
to
9574e05
Compare
| + | ||
| ---- | ||
| [stack@rhosp17 ~]$ ansible -i overcloud-deploy/overcloud/config-download/overcloud/tripleo-ansible-inventory.yaml overcloud-controller-0 -m shell -a "grep auth_encryption_key /var/lib/config-data/puppet-generated/heat/etc/heat/heat.conf | grep -Ev '^#|^$'" -b | ||
| overcloud-controller-0 | CHANGED | rc=0 >> | ||
| auth_encryption_key=Q60Hj8PqbrDNu2dDCbyIQE2dibpQUPg2 | ||
| ---- | ||
|
|
||
| . This password needs to be base64 encoded and added to the `osp-secret` | ||
| . Base64 encode the password: |
There was a problem hiding this comment.
| . Base64 encode the password: | |
| . Encode the password to Base64 format: |
This is something very minor, maybe I'm being too pedantic here.
There was a problem hiding this comment.
not pedantic, I wouldn't say "Base64 encode" either. Why was "and added to the osp-secret" dropped?
There was a problem hiding this comment.
I split this step into 2 steps. Step 3 is converting to base64 format, and step 4 is patching the osp-secret.
| * The source {OpenStackPreviousInstaller} environment is running. | ||
| * The target {rhocp_long} environment is running. | ||
| * You adopted MariaDB and the {identity_service}. | ||
| * If your existing {orchestration} stacks contain resources from other services such as {networking_first_ref}, {compute_service_first_ref}, {object_storage_first_ref}, and so on, adopt those sevices before adopting the {orchestration}. | ||
|
|
||
| .Procedure | ||
| ifeval::["{build}" != "downstream"] | ||
| As already done for https://github.com/openstack-k8s-operators/data-plane-adoption/blob/main/keystone_adoption.md[Keystone], the Heat Adoption follows a similar pattern. |
There was a problem hiding this comment.
Maybe: "The Heat Adoption is a similar workflow to https://github.com/openstack-k8s-operators/data-plane-adoption/blob/main/keystone_adoption.md[Keystone]."
|
|
||
| .Procedure | ||
| ifeval::["{build}" != "downstream"] | ||
| As already done for https://github.com/openstack-k8s-operators/data-plane-adoption/blob/main/keystone_adoption.md[Keystone], the Heat Adoption follows a similar pattern. | ||
| endif::[] | ||
|
|
||
| . Patch the `osp-secret` to update the `HeatAuthEncryptionKey` and `HeatPassword`. This needs to match what you have configured in the existing {OpenStackPreviousInstaller} {orchestration} configuration. |
There was a problem hiding this comment.
was this line deleted and not replaced?
There was a problem hiding this comment.
It was moved to step 4.
| @@ -78,10 +71,10 @@ spec: | |||
|
|
|||
| .Verification | |||
|
|
|||
| . Ensure all of the CRs reach the "Setup Complete" state: | |||
| . Ensure that the status of all the CRs is `Setup complete`: | |||
There was a problem hiding this comment.
Maybe "statuses"? Could also say "Ensure that the STATUS of all the CRs is Setup complete:" to match the output? Although judging by the output, the STATUS is True and the MESSAGE is Setup complete...
| @@ -132,10 +125,10 @@ heatcfnapi.heat.openstack.org/heat-cfnapi True Setup complete | |||
| URL: http://heat-api-internal.openstack-operators.svc:8004/v1/%(tenant_id)s | |||
| ---- | |||
|
|
|||
| . Check the {orchestration} engine services are up: | |||
| . Check that the {orchestration} engine services are up: | |||
https://issues.redhat.com/browse/RHOSPDOC-2027