Merge "High Security Vulnerability Document Updates (r6, r6ds, r7, r7ds)"
This commit is contained in:
Zuul
Gerrit Code Review
commit
281ae61bfa
@ -1,3 +1,4 @@
|
||||
.. Greg updates required for -High Security Vulnerability Document Updates
|
||||
|
||||
.. uzk1552923967458
|
||||
.. _restoring-starlingx-system-data-and-storage:
|
||||
|
||||
@ -1,4 +1,6 @@
|
||||
|
||||
.. Greg updates required for -High Security Vulnerability Document Updates
|
||||
|
||||
.. bqg1571264986191
|
||||
.. _running-ansible-backup-playbook-locally-on-the-controller:
|
||||
|
||||
@ -8,28 +10,28 @@ Run Ansible Backup Playbook Locally on the Controller
|
||||
|
||||
In this method the Ansible Backup playbook is run on the active controller.
|
||||
|
||||
Use the following command to run the Ansible Backup playbook and back up the
|
||||
Use one of the following commands to run the Ansible Backup playbook and back up the
|
||||
|prod| configuration, data, and user container images in registry.local data:
|
||||
|
||||
.. code-block:: none
|
||||
|
||||
~(keystone_admin)]$ ansible-playbook /usr/share/ansible/stx-ansible/playbooks/backup.yml -e "ansible_become_pass=<sysadmin password> admin_password=<sysadmin password>" -e "backup_user_local_registry=true"
|
||||
~(keystone_admin)]$ ansible-playbook /usr/share/ansible/stx-ansible/playbooks/backup.yml --ask-vault-pass -e "override_files_dir=$HOME/override_dir"
|
||||
|
||||
The <admin_password> and <ansible_become_pass> need to be set correctly
|
||||
using the ``-e`` option on the command line, or an override file, or in the
|
||||
Ansible secret file.
|
||||
using the ``-e`` option on the command line, with an override file secured with
|
||||
ansible-vault (recommended).
|
||||
|
||||
An example of override file follows:
|
||||
For example, create your override file with the :command:`ansible-vault create $HOME/override_dir/localhost-backup.yaml`
|
||||
command and copy the following lines into the file. You will be prompted for a
|
||||
password to protect/encrypt the file. Use the :command:`ansible-vault edit $HOME/override_dir/localhost-backup.yaml`
|
||||
command if the file needs to be edited after it is created.
|
||||
|
||||
.. code-block:: none
|
||||
|
||||
cat << EOF > localhost-backup.yaml
|
||||
---
|
||||
ansible_become_pass: "<admin_password>"
|
||||
admin_password: "<admin_password>"
|
||||
backup_user_local_registry: "true"
|
||||
...
|
||||
EOF
|
||||
|
||||
The output files will be named:
|
||||
|
||||
@ -43,8 +45,8 @@ The output files will be named:
|
||||
|
||||
- inventory_hostname_dc_vault_backup_timestamp.tgz
|
||||
|
||||
The variables prefix can be overridden using the ``-e`` option on the command
|
||||
line or by using an override file.
|
||||
The output files' prefixes can be overridden with the following variables
|
||||
using the ``-e`` option on the command line or by using an override file.
|
||||
|
||||
.. _running-ansible-backup-playbook-locally-on-the-controller-ul-rdp-gyh-pmb:
|
||||
|
||||
|
||||
@ -1,5 +1,8 @@
|
||||
|
||||
.. Greg updates required for -High Security Vulnerability Document Updates
|
||||
|
||||
.. kpt1571265015137
|
||||
|
||||
.. _running-ansible-backup-playbook-remotely:
|
||||
|
||||
====================================
|
||||
@ -59,7 +62,7 @@ and target it at controller-0.
|
||||
#. Switch to the <overrides> directory created previously.
|
||||
|
||||
#. Create a new secret file encrypted with Ansible-Vault using the
|
||||
:command:`ansible-vault create secrets.yml` command.
|
||||
:command:`ansible-vault create $HOME/override_dir/secrets.yml` command.
|
||||
|
||||
Set and confirm a new Ansible-Vault password. Ansible will open an editing
|
||||
window where you can enter your desired contents.
|
||||
@ -82,7 +85,7 @@ and target it at controller-0.
|
||||
|
||||
Save your changes and quit the editor. If you need to make additional
|
||||
changes, you can use the command :command:`ansible-vault edit
|
||||
override_dir/secrets.yml`.
|
||||
$HOME/override_dir/secrets.yml`.
|
||||
|
||||
#. Run Ansible Backup playbook:
|
||||
|
||||
|
||||
@ -1,4 +1,6 @@
|
||||
|
||||
.. Greg updates required for -High Security Vulnerability Document Updates
|
||||
|
||||
.. rmy1571265233932
|
||||
.. _running-restore-playbook-locally-on-the-controller:
|
||||
|
||||
|
||||
@ -1,4 +1,6 @@
|
||||
|
||||
.. Greg updates required for -High Security Vulnerability Document Updates
|
||||
|
||||
.. quy1571265365123
|
||||
.. _system-backup-running-ansible-restore-playbook-remotely:
|
||||
|
||||
|
||||
@ -1,4 +1,6 @@
|
||||
|
||||
.. Greg updates required for -High Security Vulnerability Document Updates
|
||||
|
||||
.. _aio_duplex_install_kubernetes_r6:
|
||||
|
||||
================================================
|
||||
@ -96,19 +98,30 @@ Bootstrap system on controller-0
|
||||
Specify the user configuration override file for the Ansible bootstrap
|
||||
playbook using one of the following methods:
|
||||
|
||||
.. note::
|
||||
|
||||
This Ansible Overrides file for the Bootstrap Playbook ($HOME/localhost.yml)
|
||||
contains security sensitive information, use the
|
||||
:command:`ansible-vault create $HOME/localhost.yml` command to create it.
|
||||
You will be prompted for a password to protect/encrypt the file.
|
||||
Use the :command:`ansible-vault edit $HOME/localhost.yml` command if the
|
||||
file needs to be edited after it is created.
|
||||
|
||||
#. Use a copy of the default.yml file listed above to provide your overrides.
|
||||
|
||||
The default.yml file lists all available parameters for bootstrap
|
||||
configuration with a brief description for each parameter in the file
|
||||
comments.
|
||||
|
||||
To use this method, copy the default.yml file listed above to
|
||||
``$HOME/localhost.yml`` and edit the configurable values as desired.
|
||||
To use this method, run the :command:`ansible-vault create $HOME/localhost.yml`
|
||||
command and copy the contents of the ``default.yml`` file into the
|
||||
ansible-vault editor, and edit the configurable values as required.
|
||||
|
||||
#. Create a minimal user configuration override file.
|
||||
|
||||
To use this method, create your override file at ``$HOME/localhost.yml``
|
||||
and provide the minimum required parameters for the deployment
|
||||
To use this method, create your override file with
|
||||
the :command:`ansible-vault create $HOME/localhost.yml`
|
||||
command and provide the minimum required parameters for the deployment
|
||||
configuration as shown in the example below. Use the OAM IP SUBNET and IP
|
||||
ADDRESSing applicable to your deployment environment.
|
||||
|
||||
@ -189,7 +202,7 @@ Bootstrap system on controller-0
|
||||
|
||||
::
|
||||
|
||||
ansible-playbook /usr/share/ansible/stx-ansible/playbooks/bootstrap.yml
|
||||
ansible-playbook --ask-vault-pass /usr/share/ansible/stx-ansible/playbooks/bootstrap.yml
|
||||
|
||||
Wait for Ansible bootstrap playbook to complete. This can take 5-10 minutes,
|
||||
depending on the performance of the host machine.
|
||||
|
||||
@ -1,6 +1,9 @@
|
||||
|
||||
.. Greg updates required for High Security Vulnerability Document Updates
|
||||
|
||||
.. _aio_simplex_install_kubernetes_r6:
|
||||
|
||||
|
||||
=================================================
|
||||
Install Kubernetes Platform on All-in-one Simplex
|
||||
=================================================
|
||||
@ -96,21 +99,32 @@ Bootstrap system on controller-0
|
||||
Specify the user configuration override file for the Ansible bootstrap
|
||||
playbook using one of the following methods:
|
||||
|
||||
.. note::
|
||||
|
||||
This Ansible Overrides file for the Bootstrap Playbook ($HOME/localhost.yml)
|
||||
contains security sensitive information, use the
|
||||
:command:`ansible-vault create $HOME/localhost.yml` command to create it.
|
||||
You will be prompted for a password to protect/encrypt the file.
|
||||
Use the :command:`ansible-vault edit $HOME/localhost.yml` command if the
|
||||
file needs to be edited after it is created.
|
||||
|
||||
#. Use a copy of the default.yml file listed above to provide your overrides.
|
||||
|
||||
The default.yml file lists all available parameters for bootstrap
|
||||
configuration with a brief description for each parameter in the file
|
||||
comments.
|
||||
|
||||
To use this method, copy the default.yml file listed above to
|
||||
``$HOME/localhost.yml`` and edit the configurable values as desired.
|
||||
To use this method, run the :command:`ansible-vault create $HOME/localhost.yml`
|
||||
command and copy the contents of the ``default.yml`` file into the
|
||||
ansible-vault editor, and edit the configurable values as required.
|
||||
|
||||
#. Create a minimal user configuration override file.
|
||||
|
||||
To use this method, create your override file at ``$HOME/localhost.yml``
|
||||
and provide the minimum required parameters for the deployment
|
||||
configuration as shown in the example below. Use the |OAM| IP SUBNET and
|
||||
IP ADDRESSing applicable to your deployment environment.
|
||||
To use this method, create your override file with
|
||||
the :command:`ansible-vault create $HOME/localhost.yml`
|
||||
command and provide the minimum required parameters for the deployment
|
||||
configuration as shown in the example below. Use the OAM IP SUBNET and IP
|
||||
ADDRESSing applicable to your deployment environment.
|
||||
|
||||
.. include:: /_includes/min-bootstrap-overrides-simplex.rest
|
||||
|
||||
@ -190,7 +204,7 @@ Bootstrap system on controller-0
|
||||
|
||||
::
|
||||
|
||||
ansible-playbook /usr/share/ansible/stx-ansible/playbooks/bootstrap.yml
|
||||
ansible-playbook --ask-vault-pass /usr/share/ansible/stx-ansible/playbooks/bootstrap.yml
|
||||
|
||||
Wait for Ansible bootstrap playbook to complete. This can take 5-10 minutes,
|
||||
depending on the performance of the host machine.
|
||||
|
||||
@ -1,4 +1,6 @@
|
||||
|
||||
.. Greg updates required for -High Security Vulnerability Document Updates
|
||||
|
||||
.. _controller_storage_install_kubernetes_r6:
|
||||
|
||||
===============================================================
|
||||
@ -95,19 +97,30 @@ Bootstrap system on controller-0
|
||||
Specify the user configuration override file for the Ansible bootstrap
|
||||
playbook using one of the following methods:
|
||||
|
||||
.. note::
|
||||
|
||||
This Ansible Overrides file for the Bootstrap Playbook ($HOME/localhost.yml)
|
||||
contains security sensitive information, use the
|
||||
:command:`ansible-vault create $HOME/localhost.yml` command to create it.
|
||||
You will be prompted for a password to protect/encrypt the file.
|
||||
Use the :command:`ansible-vault edit $HOME/localhost.yml` command if the
|
||||
file needs to be edited after it is created.
|
||||
|
||||
#. Use a copy of the default.yml file listed above to provide your overrides.
|
||||
|
||||
The default.yml file lists all available parameters for bootstrap
|
||||
configuration with a brief description for each parameter in the file
|
||||
comments.
|
||||
|
||||
To use this method, copy the default.yml file listed above to
|
||||
``$HOME/localhost.yml`` and edit the configurable values as desired.
|
||||
To use this method, run the :command:`ansible-vault create $HOME/localhost.yml`
|
||||
command and copy the contents of the ``default.yml`` file into the
|
||||
ansible-vault editor, and edit the configurable values as required.
|
||||
|
||||
#. Create a minimal user configuration override file.
|
||||
|
||||
To use this method, create your override file at ``$HOME/localhost.yml``
|
||||
and provide the minimum required parameters for the deployment
|
||||
To use this method, create your override file with
|
||||
the :command:`ansible-vault create $HOME/localhost.yml`
|
||||
command and provide the minimum required parameters for the deployment
|
||||
configuration as shown in the example below. Use the OAM IP SUBNET and IP
|
||||
ADDRESSing applicable to your deployment environment.
|
||||
|
||||
@ -187,7 +200,7 @@ Bootstrap system on controller-0
|
||||
|
||||
::
|
||||
|
||||
ansible-playbook /usr/share/ansible/stx-ansible/playbooks/bootstrap.yml
|
||||
ansible-playbook --ask-vault-pass /usr/share/ansible/stx-ansible/playbooks/bootstrap.yml
|
||||
|
||||
Wait for Ansible bootstrap playbook to complete.
|
||||
This can take 5-10 minutes, depending on the performance of the host machine.
|
||||
|
||||
@ -1,4 +1,5 @@
|
||||
|
||||
.. Greg updates required for -High Security Vulnerability Document Updates
|
||||
|
||||
.. _dedicated_storage_install_kubernetes_r6:
|
||||
|
||||
|
||||
@ -1,4 +1,6 @@
|
||||
|
||||
.. Greg updates required for -High Security Vulnerability Document Updates
|
||||
|
||||
.. _aio_duplex_install_kubernetes_r7:
|
||||
|
||||
================================================
|
||||
@ -222,19 +224,30 @@ Bootstrap system on controller-0
|
||||
Specify the user configuration override file for the Ansible bootstrap
|
||||
playbook using one of the following methods:
|
||||
|
||||
.. note::
|
||||
|
||||
This Ansible Overrides file for the Bootstrap Playbook ($HOME/localhost.yml)
|
||||
contains security sensitive information, use the
|
||||
:command:`ansible-vault create $HOME/localhost.yml` command to create it.
|
||||
You will be prompted for a password to protect/encrypt the file.
|
||||
Use the :command:`ansible-vault edit $HOME/localhost.yml` command if the
|
||||
file needs to be edited after it is created.
|
||||
|
||||
#. Use a copy of the default.yml file listed above to provide your overrides.
|
||||
|
||||
The default.yml file lists all available parameters for bootstrap
|
||||
configuration with a brief description for each parameter in the file
|
||||
comments.
|
||||
|
||||
To use this method, copy the default.yml file listed above to
|
||||
``$HOME/localhost.yml`` and edit the configurable values as desired.
|
||||
To use this method, run the :command:`ansible-vault create $HOME/localhost.yml`
|
||||
command and copy the contents of the ``default.yml`` file into the
|
||||
ansible-vault editor, and edit the configurable values as required.
|
||||
|
||||
#. Create a minimal user configuration override file.
|
||||
|
||||
To use this method, create your override file at ``$HOME/localhost.yml``
|
||||
and provide the minimum required parameters for the deployment
|
||||
To use this method, create your override file with
|
||||
the :command:`ansible-vault create $HOME/localhost.yml`
|
||||
command and provide the minimum required parameters for the deployment
|
||||
configuration as shown in the example below. Use the OAM IP SUBNET and IP
|
||||
ADDRESSing applicable to your deployment environment.
|
||||
|
||||
@ -315,7 +328,7 @@ Bootstrap system on controller-0
|
||||
|
||||
::
|
||||
|
||||
ansible-playbook /usr/share/ansible/stx-ansible/playbooks/bootstrap.yml
|
||||
ansible-playbook --ask-vault-pass /usr/share/ansible/stx-ansible/playbooks/bootstrap.yml
|
||||
|
||||
Wait for Ansible bootstrap playbook to complete. This can take 5-10 minutes,
|
||||
depending on the performance of the host machine.
|
||||
|
||||
@ -1,4 +1,6 @@
|
||||
|
||||
.. Greg updates required for -High Security Vulnerability Document Updates
|
||||
|
||||
.. _aio_simplex_install_kubernetes_r7:
|
||||
|
||||
=================================================
|
||||
@ -117,21 +119,32 @@ Bootstrap system on controller-0
|
||||
Specify the user configuration override file for the Ansible bootstrap
|
||||
playbook using one of the following methods:
|
||||
|
||||
.. note::
|
||||
|
||||
This Ansible Overrides file for the Bootstrap Playbook ($HOME/localhost.yml)
|
||||
contains security sensitive information, use the
|
||||
:command:`ansible-vault create $HOME/localhost.yml` command to create it.
|
||||
You will be prompted for a password to protect/encrypt the file.
|
||||
Use the :command:`ansible-vault edit $HOME/localhost.yml` command if the
|
||||
file needs to be edited after it is created.
|
||||
|
||||
#. Use a copy of the default.yml file listed above to provide your overrides.
|
||||
|
||||
The default.yml file lists all available parameters for bootstrap
|
||||
configuration with a brief description for each parameter in the file
|
||||
comments.
|
||||
|
||||
To use this method, copy the default.yml file listed above to
|
||||
``$HOME/localhost.yml`` and edit the configurable values as desired.
|
||||
To use this method, run the :command:`ansible-vault create $HOME/localhost.yml`
|
||||
command and copy the contents of the ``default.yml`` file into the
|
||||
ansible-vault editor, and edit the configurable values as required.
|
||||
|
||||
#. Create a minimal user configuration override file.
|
||||
|
||||
To use this method, create your override file at ``$HOME/localhost.yml``
|
||||
and provide the minimum required parameters for the deployment
|
||||
configuration as shown in the example below. Use the |OAM| IP SUBNET and
|
||||
IP ADDRESSing applicable to your deployment environment.
|
||||
To use this method, create your override file with
|
||||
the :command:`ansible-vault create $HOME/localhost.yml`
|
||||
command and provide the minimum required parameters for the deployment
|
||||
configuration as shown in the example below. Use the OAM IP SUBNET and IP
|
||||
ADDRESSing applicable to your deployment environment.
|
||||
|
||||
.. include:: /_includes/min-bootstrap-overrides-simplex.rest
|
||||
|
||||
@ -211,7 +224,7 @@ Bootstrap system on controller-0
|
||||
|
||||
::
|
||||
|
||||
ansible-playbook /usr/share/ansible/stx-ansible/playbooks/bootstrap.yml
|
||||
ansible-playbook --ask-vault-pass /usr/share/ansible/stx-ansible/playbooks/bootstrap.yml
|
||||
|
||||
Wait for Ansible bootstrap playbook to complete. This can take 5-10 minutes,
|
||||
depending on the performance of the host machine.
|
||||
|
||||
@ -1,5 +1,7 @@
|
||||
|hideable|
|
||||
|
||||
.. Greg updates required for -High Security Vulnerability Document Updates
|
||||
|
||||
.. _controller_storage_install_kubernetes_r7:
|
||||
|
||||
===============================================================
|
||||
@ -182,19 +184,30 @@ Bootstrap system on controller-0
|
||||
Specify the user configuration override file for the Ansible bootstrap
|
||||
playbook using one of the following methods:
|
||||
|
||||
.. note::
|
||||
|
||||
This Ansible Overrides file for the Bootstrap Playbook ($HOME/localhost.yml)
|
||||
contains security sensitive information, use the
|
||||
:command:`ansible-vault create $HOME/localhost.yml` command to create it.
|
||||
You will be prompted for a password to protect/encrypt the file.
|
||||
Use the :command:`ansible-vault edit $HOME/localhost.yml` command if the
|
||||
file needs to be edited after it is created.
|
||||
|
||||
#. Use a copy of the default.yml file listed above to provide your overrides.
|
||||
|
||||
The default.yml file lists all available parameters for bootstrap
|
||||
configuration with a brief description for each parameter in the file
|
||||
comments.
|
||||
|
||||
To use this method, copy the default.yml file listed above to
|
||||
``$HOME/localhost.yml`` and edit the configurable values as desired.
|
||||
To use this method, run the :command:`ansible-vault create $HOME/localhost.yml`
|
||||
command and copy the contents of the ``default.yml`` file into the
|
||||
ansible-vault editor, and edit the configurable values as required.
|
||||
|
||||
#. Create a minimal user configuration override file.
|
||||
|
||||
To use this method, create your override file at ``$HOME/localhost.yml``
|
||||
and provide the minimum required parameters for the deployment
|
||||
To use this method, create your override file with
|
||||
the :command:`ansible-vault create $HOME/localhost.yml`
|
||||
command and provide the minimum required parameters for the deployment
|
||||
configuration as shown in the example below. Use the OAM IP SUBNET and IP
|
||||
ADDRESSing applicable to your deployment environment.
|
||||
|
||||
@ -274,7 +287,7 @@ Bootstrap system on controller-0
|
||||
|
||||
::
|
||||
|
||||
ansible-playbook /usr/share/ansible/stx-ansible/playbooks/bootstrap.yml
|
||||
ansible-playbook --ask-vault-pass /usr/share/ansible/stx-ansible/playbooks/bootstrap.yml
|
||||
|
||||
Wait for Ansible bootstrap playbook to complete.
|
||||
This can take 5-10 minutes, depending on the performance of the host machine.
|
||||
|
||||
@ -68,54 +68,54 @@ Install Software on Controller-0
|
||||
|
||||
|
||||
.. .. only:: starlingx
|
||||
..
|
||||
..
|
||||
.. .. --------
|
||||
.. .. Overview
|
||||
.. .. --------
|
||||
..
|
||||
..
|
||||
.. .. .. include:: /shared/_includes/installation-prereqs.rest
|
||||
.. .. :start-after: begin-install-prereqs-ded
|
||||
.. .. :end-before: end-install-prereqs-ded
|
||||
..
|
||||
..
|
||||
.. ---------------------
|
||||
.. Hardware Requirements
|
||||
.. ---------------------
|
||||
..
|
||||
..
|
||||
.. .. include:: /shared/_includes/prepare-servers-for-installation-91baad307173.rest
|
||||
.. :start-after: begin-min-hw-reqs-common-intro
|
||||
.. :end-before: end-min-hw-reqs-common-intro
|
||||
..
|
||||
..
|
||||
.. .. include:: /shared/_includes/prepare-servers-for-installation-91baad307173.rest
|
||||
.. :start-after: begin-min-hw-reqs-sx
|
||||
.. :end-before: end-min-hw-reqs-sx
|
||||
..
|
||||
..
|
||||
.. The following requirements must be met for worker nodes.
|
||||
..
|
||||
..
|
||||
.. .. include:: /shared/_includes/prepare-servers-for-installation-91baad307173.rest
|
||||
.. :start-after: begin-worker-hw-reqs
|
||||
.. :end-before: end-worker-hw-reqs
|
||||
..
|
||||
..
|
||||
.. The following requirements must be met for storage nodes.
|
||||
..
|
||||
..
|
||||
.. .. include:: /shared/_includes/prepare-servers-for-installation-91baad307173.rest
|
||||
.. :start-after: begin-storage-hw-reqs
|
||||
.. :end-before: end-storage-hw-reqs
|
||||
..
|
||||
..
|
||||
.. .. include:: /shared/_includes/prepare-servers-for-installation-91baad307173.rest
|
||||
.. :start-after: start-prepare-servers-common
|
||||
.. :end-before: end-prepare-servers-common
|
||||
..
|
||||
..
|
||||
.. -------------------
|
||||
.. Create bootable USB
|
||||
.. -------------------
|
||||
..
|
||||
..
|
||||
.. Refer to :ref:`Bootable USB <bootable_usb>` for instructions on how to
|
||||
.. create a bootable USB with the StarlingX ISO on your system.
|
||||
..
|
||||
..
|
||||
.. --------------------------------
|
||||
.. Install software on controller-0
|
||||
.. --------------------------------
|
||||
..
|
||||
..
|
||||
.. .. include:: /shared/_includes/inc-install-software-on-controller.rest
|
||||
.. :start-after: incl-install-software-controller-0-standard-start
|
||||
.. :end-before: incl-install-software-controller-0-standard-end
|
||||
|
||||
@ -1,4 +1,6 @@
|
||||
|
||||
.. Greg updates required for -High Security Vulnerability Document Updates
|
||||
|
||||
.. xvn1592596490325
|
||||
.. _changing-the-admin-password-on-distributed-cloud:
|
||||
|
||||
|
||||
@ -1,3 +1,4 @@
|
||||
.. Greg updates required for -High Security Vulnerability Document Updates
|
||||
|
||||
.. pek1594745988225
|
||||
.. _distributed-upgrade-orchestration-process-using-the-cli:
|
||||
|
||||
@ -69,6 +69,8 @@ subcloud, the subcloud installation has these phases:
|
||||
files that are referenced in the ``bootstrap.yml`` file must exist on both
|
||||
controllers (for example, ``/home/sysadmin/docker-registry-ca-cert.pem``).
|
||||
|
||||
.. Greg updates required for -High Security Vulnerability Document Updates
|
||||
|
||||
.. _increase-subcloud-platform-backup-size:
|
||||
|
||||
----------------------------------------------------
|
||||
|
||||
@ -1,4 +1,6 @@
|
||||
|
||||
.. Greg updates required for -High Security Vulnerability Document Updates
|
||||
|
||||
.. pja1558616715987
|
||||
|
||||
|hideable|
|
||||
|
||||
@ -64,6 +64,8 @@ Manually Migrate a Subcloud from AIO-SX to AIO-DX.
|
||||
|
||||
.. _use-ansible-playbook-to-migrate-a-subcloud-from-AIO-SX-to-AIO-DX:
|
||||
|
||||
.. Updates required for -High Security Vulnerability Document Updates
|
||||
|
||||
================================================================
|
||||
Use Ansible Playbook to Migrate a Subcloud from AIO-SX to AIO-DX
|
||||
================================================================
|
||||
@ -80,10 +82,10 @@ using the ansible playbook.
|
||||
|
||||
.. rubric:: |proc|
|
||||
|
||||
#. Create a configuration file and specify the |OAM| unit IP addresses and
|
||||
the ansible ssh password in the **migrate-subcloud1-overrides-EXAMPLE.yml**
|
||||
file. The existing |OAM| IP address of the |AIO-SX| system will be used as
|
||||
the |OAM| floating IP address of the new |AIO-DX| system.
|
||||
#. Use the :command:`ansible-vault create migrate-subcloud1-overrides-EXAMPLE.yml`
|
||||
command to securely specify the |OAM| unit IP addresses and the ansible
|
||||
ssh password. The existing |OAM| IP address of the |AIO-SX| system will be
|
||||
used as the |OAM| floating IP address of the new |AIO-DX| system.
|
||||
|
||||
In the following example, 10.10.10.13 and 10.10.10.14 are the new |OAM| unit
|
||||
IP addresses for controller-0 and controller-1 respectively.
|
||||
@ -96,6 +98,9 @@ using the ansible playbook.
|
||||
"external_oam_node_1_address": "10.10.10.14",
|
||||
}
|
||||
|
||||
Use the :command:`ansible-vault edit migrate-subcloud1-overrides-EXAMPLE.yml`
|
||||
command if the file needs to be edited after it is created.
|
||||
|
||||
#. On the system controller, run the ansible playbook to migrate the |AIO-SX|
|
||||
subcloud to an |AIO-DX|.
|
||||
|
||||
@ -103,7 +108,7 @@ using the ansible playbook.
|
||||
|
||||
.. code-block:: none
|
||||
|
||||
~(keystone_admin)$ ansible-playbook /usr/share/ansible/stx-ansible/playbooks/migrate_sx_to_dx.yml -e @migrate-subcloud1-overrides-EXAMPLE.yml -i subcloud1, -v
|
||||
~(keystone_admin)$ ansible-playbook --ask-vault-pass /usr/share/ansible/stx-ansible/playbooks/migrate_sx_to_dx.yml -e @migrate-subcloud1-overrides-EXAMPLE.yml -i subcloud1, -v
|
||||
|
||||
The ansible playbook will lock the subcloud's controller-0, if it not
|
||||
already locked, apply the configuration changes to convert the subcloud to
|
||||
|
||||
@ -1,3 +1,5 @@
|
||||
.. Greg updates required for -High Security Vulnerability Document Updates
|
||||
|
||||
.. _prestage-subcloud-orchestration-eb516473582f:
|
||||
|
||||
===============================
|
||||
|
||||
@ -1,4 +1,6 @@
|
||||
|
||||
.. Greg updates required for -High Security Vulnerability Document Updates
|
||||
|
||||
.. _rehoming-a-subcloud:
|
||||
|
||||
=================
|
||||
|
||||
@ -1,5 +1,7 @@
|
||||
|
||||
|
||||
.. Greg updates required for -High Security Vulnerability Document Updates
|
||||
|
||||
.. _reinstalling-a-subcloud-with-redfish-platform-management-service:
|
||||
|
||||
=============================================================
|
||||
|
||||
@ -1,4 +1,6 @@
|
||||
|
||||
.. Greg updates required for -High Security Vulnerability Document Updates
|
||||
|
||||
.. _restoring-subclouds-from-backupdata-using-dcmanager:
|
||||
|
||||
=========================================================
|
||||
|
||||
@ -1,3 +1,4 @@
|
||||
.. Greg updates required for -High Security Vulnerability Document Updates
|
||||
|
||||
.. vco1593176327490
|
||||
.. _upgrading-the-systemcontroller-using-the-cli:
|
||||
|
||||
@ -1,3 +1,7 @@
|
||||
.. Greg updates required for -High Security Vulnerability Document Updates
|
||||
.. Is this the target file that the rest of the updates need to point to??
|
||||
|
||||
|
||||
.. _migrate-platform-certificates-to-use-cert-manager-c0b1727e4e5d:
|
||||
|
||||
========================================================
|
||||
|
||||
@ -1,3 +1,4 @@
|
||||
.. Greg updates required for -High Security Vulnerability Document Updates
|
||||
|
||||
.. rzp1584539804482
|
||||
.. _configure-an-external-netapp-deployment-as-the-storage-backend:
|
||||
@ -93,8 +94,10 @@ procedure.
|
||||
|
||||
You can make changes-in-place to your existing localhost.yml file
|
||||
or create another in an alternative location. In either case, you
|
||||
also have the option of using an ansible vault named secrets.yml
|
||||
for sensitive data. The alternative must be named localhost.yaml.
|
||||
also have the option of using an ansible vault to secure/encrypt the
|
||||
localhost.yaml file containing sensitive data, i.e, using
|
||||
:command:`ansible-vault create $HOME/localhost.yml` or :command:`ansible-vault edit $HOME/localhost.yml`
|
||||
commands.
|
||||
|
||||
The following parameters are mandatory:
|
||||
|
||||
@ -225,7 +228,7 @@ procedure.
|
||||
|
||||
.. code-block:: none
|
||||
|
||||
ansible-playbook /usr/share/ansible/stx-ansible/playbooks/install_netapp_backend.yml -e "override_files_dir=</home/sysadmin/mynetappconfig>"
|
||||
ansible-playbook --ask-vault-pass /usr/share/ansible/stx-ansible/playbooks/install_netapp_backend.yml -e "override_files_dir=</home/sysadmin/mynetappconfig>"
|
||||
|
||||
Upon successful launch, there will be one Trident pod running on
|
||||
each node, plus an extra pod for the REST API running on one of the
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user