Fix Backup&Restore when backup is taken on controller-1
There are 2 main problems when restoring a backup from controller-1:
- The certificates that are generated by k8s can only be used on
controller-1. The fix for this is to let k8s regenerate those
when restoring a backup taken from controller-1.
Where the 192.168.205.2 ip is the controller-0-cluster-host.
- The ceph.conf from controller-1 can no longer
be used on controller-0 when restoring.(Due to recent ceph changes).
To fix this, when we take backup on controller-1
we also backup ceph.conf from controller-0 and use it at restore.
Test Plan:
PASS: AIO-SX bootstrap
PASS: AIO-DX bootstrap
PASS: STANDARD bootstrap
PASS: B&R on AIO-SX
PASS: B&R on AIO-DX with backup taken from both controllers
PASS: B&R on STANDARD with backup taken from both controllers
Reviewed: https:/ /review. opendev. org/c/starlingx /ansible- playbooks/ +/822130 /opendev. org/starlingx/ ansible- playbooks/ commit/ 9a790282e588a06 6f28c6a42f76831 46f137b558
Committed: https:/
Submitter: "Zuul (22348)"
Branch: master
commit 9a790282e588a06 6f28c6a42f76831 46f137b558
Author: Mihnea Saracin <email address hidden>
Date: Fri Dec 17 17:36:01 2021 +0200
Fix Backup&Restore when backup is taken on controller-1
There are 2 main problems when restoring a backup from controller-1:
- The certificates that are generated by k8s can only be used on
controller-1. The fix for this is to let k8s regenerate those
when restoring a backup taken from controller-1.
In kube-controller -manager and kube-scheduler I've seen logs like: kube-controller -manager: /192.168. 205.2:6443/ api/v1/ namespaces/ kube-system/ endpoints/ kube-controller -manager? timeout= 10s":
error retrieving resource lock kube-system/
Get
"https:/
x509: certificate is valid for 10.96.0.1, 192.168.205.3, 192.168.205.1,
127.0.0.1, 128.224.49.105, 128.224.48.105, 128.224.48.106, not
192.168.205.2
Where the 192.168.205.2 ip is the controller- 0-cluster- host.
- The ceph.conf from controller-1 can no longer
be used on controller-0 when restoring.(Due to recent ceph changes).
To fix this, when we take backup on controller-1
we also backup ceph.conf from controller-0 and use it at restore.
Test Plan:
PASS: AIO-SX bootstrap
PASS: AIO-DX bootstrap
PASS: STANDARD bootstrap
PASS: B&R on AIO-SX
PASS: B&R on AIO-DX with backup taken from both controllers
PASS: B&R on STANDARD with backup taken from both controllers
Closes-Bug: 1955162 782d91efaaa568d 9b2bdd20672
Change-Id: I2e9c7d81113d04
Signed-off-by: Mihnea Saracin <email address hidden>