openstack-k8s-operators · openshift-merge-bot · Mar 19, 2025 · Mar 15, 2025
diff --git a/docs_user/adoption-attributes.adoc b/docs_user/adoption-attributes.adoc
@@ -149,7 +149,7 @@ ifeval::["{build}" == "downstream"]
 :telemetry: Telemetry service
 endif::[]
 
-ifeval::["{build}-{build_variant}" == "downstream-ospdo"]
+ifeval::["{build_variant}" == "ospdo"]
 :OpenStackPreviousInstaller: director Operator
 endif::[]
 

diff --git a/docs_user/assemblies/assembly_adopting-the-data-plane.adoc b/docs_user/assemblies/assembly_adopting-the-data-plane.adoc
@@ -8,7 +8,9 @@ ifdef::context[:parent-context: {context}]
 
 Adopting the {rhos_long} data plane involves the following steps:
 
+ifeval::["{build_variant}" != "ospdo"]
 . Stop any remaining services on the {rhos_prev_long} ({OpenStackShort}) {rhos_prev_ver} control plane.
+endif::[]
 . Deploy the required custom resources.
 . Perform a fast-forward upgrade on Compute services from {OpenStackShort} {rhos_prev_ver} to {rhos_acro} {rhos_curr_ver}.
 . Adopt Networker services to the {rhos_acro} data plane.

diff --git a/docs_user/modules/con_adoption-limitations.adoc b/docs_user/modules/con_adoption-limitations.adoc
@@ -29,7 +29,6 @@ The following {compute_service_first_ref} features are Technology Previews:
 * AMD SEV
 * Direct download from Rados Block Device (RBD)
 * File-backed memory
-* `Provider.yaml`
 
 .Unsupported features
 

diff --git a/docs_user/modules/con_adoption-prerequisites.adoc b/docs_user/modules/con_adoption-prerequisites.adoc
@@ -11,6 +11,9 @@ Planning information::
 * Review the adoption-specific networking requirements. For more information, see xref:configuring-network-for-RHOSO-deployment_planning[Configuring the network for the RHOSO deployment].
 * Review the adoption-specific storage requirements. For more information, see xref:storage-requirements_configuring-network[Storage requirements].
 * Review how to customize your deployed control plane with the services that are required for your environment. For more information, see link:{customizing-rhoso}/index[{customizing-rhoso-t}].
+ifeval::["{build_variant}" == "ospdo"]
+* Familiarize yourself with a disconnected environment deployment. For more information, see link:https://docs.redhat.com/en/documentation/red_hat_openstack_platform/17.1/html-single/deploying_an_overcloud_in_a_red_hat_openshift_container_platform_cluster_with_director_operator/index#proc_configuring-an-airgapped-environment_air-gapped-environment[Configuring an airgapped environment] in _Deploying an overcloud in a Red Hat OpenShift Container Platform cluster with director Operator_.
+endif::[]
 * Familiarize yourself with the following {OpenShiftShort} concepts that are used during adoption:
 ** link:{defaultOCPURL}/nodes/overview-of-nodes[Overview of nodes]
 ** link:{defaultOCPURL}/nodes/index#nodes-scheduler-node-selectors-about_nodes-scheduler-node-selectors[About node selectors]

diff --git a/docs_user/modules/con_adoption-process-overview.adoc b/docs_user/modules/con_adoption-process-overview.adoc
@@ -9,6 +9,9 @@ Familiarize yourself with the steps of the adoption process and the optional pos
 . xref:migrating-tls-everywhere_configuring-network[Migrate TLS everywhere (TLS-e) to the Red Hat OpenStack Services on OpenShift (RHOSO) deployment].
 . xref:migrating-databases-to-the-control-plane_configuring-network[Migrate your existing databases to the new control plane].
 . xref:adopting-openstack-control-plane-services_configuring-network[Adopt your Red Hat OpenStack Platform 17.1 control plane services to the new RHOSO 18.0 deployment].
+ifeval::["{build_variant}" == "ospdo"]
+. xref:ospdo-scale-down-pre-database-adoption_configuring-network[Scaling down director Operator resources].
+endif::[]
 . xref:adopting-data-plane_adopt-control-plane[Adopt the RHOSO 18.0 data plane].
 . xref:migrating-the-object-storage-service_adopt-control-plane[Migrate the Object Storage service (swift) to the RHOSO nodes].
 . xref:ceph-migration_adopt-control-plane[Migrate the {Ceph} cluster].

diff --git a/docs_user/modules/con_comparing-configuration-files-between-deployments.adoc b/docs_user/modules/con_comparing-configuration-files-between-deployments.adoc
@@ -3,6 +3,10 @@
 = Comparing configuration files between deployments
 
 To help you manage the configuration for your {OpenStackPreviousInstaller} and {rhos_prev_long} ({OpenStackShort}) services, you can compare the configuration files between your {OpenStackPreviousInstaller} deployment and the {rhos_long} cloud by using the os-diff tool.
+ifeval::["{build_variant}" == "ospdo"]
+[NOTE]
+ Os-diff does not currently support director Operator.
+endif::[]
 
 .Prerequisites
 

diff --git a/docs_user/modules/proc_adopting-compute-services-to-the-data-plane.adoc b/docs_user/modules/proc_adopting-compute-services-to-the-data-plane.adoc
@@ -125,9 +125,6 @@ endif::[]
 ifeval::["{build}" == "downstream"]
 $(cat <path_to_SSH_key> | base64 | sed \'s/^/        /')
 endif::[]
-ifeval::["{build_variant}" == "ospdo"]
-      $(oc exec -n $<ospdo_namespace> -t openstackclient openstackclient -- cat /home/cloud-admin/.ssh/id_rsa | base64 | sed \'s/^/        /')
-endif::[]
 EOF
 ----
 +

diff --git a/docs_user/modules/proc_adopting-image-service-with-ceph-backend.adoc b/docs_user/modules/proc_adopting-image-service-with-ceph-backend.adoc
@@ -55,6 +55,11 @@ EOF
 If you backed up your {rhos_prev_long} ({OpenStackShort}) services configuration file from the original environment, you can compare it with the confgiuration file that you adopted and ensure that the configuration is correct.
 For more information, see xref:pulling-configuration-from-tripleo-deployment_adopt-control-plane[Pulling the configuration from a {OpenStackPreviousInstaller} deployment].
 
+ifeval::["{build_variant}" == "ospdo"]
+[NOTE]
+Os-diff does not currently support director Operator.
+endif::[]
+
 ----
 os-diff diff /tmp/collect_tripleo_configs/glance/etc/glance/glance-api.conf glance_patch.yaml --crd
 ----

diff --git a/docs_user/modules/proc_deploying-backend-services.adoc b/docs_user/modules/proc_deploying-backend-services.adoc
@@ -92,13 +92,6 @@ make input
 ----
 endif::[]
 
-ifeval::["{build_variant}" == "ospdo"]
-+
-----
-$ oc get secret tripleo-passwords -o jsonpath='{.data.*}' | base64 -d>~/tripleo-standalone-passwords.yaml
-----
-endif::[]
-
 ifeval::["{build}" == "downstream"]
 . Create the {OpenStackShort} secret. For more information, see link:https://docs.redhat.com/en/documentation/red_hat_openstack_services_on_openshift/{rhos_curr_ver}/html-single/deploying_red_hat_openstack_services_on_openshift/index#proc_providing-secure-access-to-the-RHOSO-services_preparing[Providing secure access to the Red Hat OpenStack Services on OpenShift services] in _Deploying Red Hat OpenStack Services on OpenShift_.
 endif::[]

diff --git a/docs_user/modules/proc_migrating-databases-to-mariadb-instances.adoc b/docs_user/modules/proc_migrating-databases-to-mariadb-instances.adoc
@@ -26,6 +26,11 @@ $ STORAGE_CLASS=local-storage
 $ MARIADB_IMAGE=registry.redhat.io/rhoso/openstack-mariadb-rhel9:18.0
 endif::[]
 
+ifeval::["{build_variant}" == "ospdo"]
+$ OSPDO_MARIADB_CLIENT_ANNOTATIONS='[{"name": "internalapi-static","ips": ["172.17.0.99/24"]}]'
+$ MARIADB_RUN_OVERRIDES="$OSPDO_MARIADB_CLIENT_ANNOTATIONS"
+endif::[]
+
 $ CELLS="default" <1>
 $ DEFAULT_CELL_NAME="cell1"
 $ RENAMED_CELLS="$DEFAULT_CELL_NAME"
@@ -139,10 +144,18 @@ metadata:
   name: mariadb-copy-data
   annotations:
     openshift.io/scc: anyuid
+ifeval::["{build_variant}" != "ospdo"]
     k8s.v1.cni.cncf.io/networks: internalapi
+endif::[]
+ifeval::["{build_variant}" == "ospdo"]
+    k8s.v1.cni.cncf.io/networks: '[{"name": internalapi-static, "ips": ["10.2.120.9/24"]}]'
+endif::[]
   labels:
     app: adoption
 spec:
+ifeval::["{build_variant}" == "ospdo"]
+  nodeName: <$CONTROLLER_NODE>
+endif::[]
   containers:
   - image: $MARIADB_IMAGE
     command: [ "sh", "-c", "sleep infinity"]

diff --git a/docs_user/modules/proc_migrating-ovn-data.adoc b/docs_user/modules/proc_migrating-ovn-data.adoc
@@ -26,11 +26,24 @@ SOURCE_OVSDB_IP=172.17.0.100 # For IPv4
 SOURCE_OVSDB_IP=[fd00:bbbb::100] # For IPv6
 ----
 +
+ifeval::["{build_variant}" == "ospdo"]
+Update the IP address value for `SOURCE_OVSDB_IP` to the internalApi IP address that is associated with the remaining RHOSP 17 controller VM. The IP address can be retrieved by using the following command:
+----
+$ $CONTROLLER_SSH ip a s enp4s0
+** Select the non /32 IP address
+----
+[NOTE]
+If you use a disconnected environment director Operator deployment, use
+`OVSDB_IMAGE=registry.redhat.io/rhoso/openstack-ovn-base-rhel9@sha256:967046c6bdb8f55c236085b5c5f9667f0dbb9f3ac52a6560dd36a6bfac051e1f`.
+For more information, see link:https://docs.redhat.com/en/documentation/red_hat_openstack_platform/17.1/html-single/deploying_an_overcloud_in_a_red_hat_openshift_container_platform_cluster_with_director_operator/index#proc_configuring-an-airgapped-environment_air-gapped-environment[Configuring an airgapped environment] in _Deploying an overcloud in a Red Hat OpenShift Container Platform cluster with director Operator_.
+endif::[]
+ifeval::["{build_variant}" != "ospdo"]
 To get the value to set `SOURCE_OVSDB_IP`, query the puppet-generated configurations in a Controller node:
 +
 ----
 $ grep -rI 'ovn_[ns]b_conn' /var/lib/config-data/puppet-generated/
 ----
+endif::[]
 
 .Procedure
 ifeval::["{build_variant}" == "ospdo"]
@@ -299,28 +312,42 @@ ServicesToStop=("tripleo_ovn_cluster_north_db_server.service"
 
 echo "Stopping systemd OpenStack services"
 for service in ${ServicesToStop[*]}; do
+ifeval::["{build_variant}" != "ospdo"]
     for i in {1..3}; do
         SSH_CMD=CONTROLLER${i}_SSH
+endif::[]
+ifeval::["{build_variant}" == "ospdo"]
+        SSH_CMD=CONTROLLER_SSH
+endif::[]
         if [ ! -z "${!SSH_CMD}" ]; then
             echo "Stopping the $service in controller $i"
             if ${!SSH_CMD} sudo systemctl is-active $service; then
                 ${!SSH_CMD} sudo systemctl stop $service
             fi
         fi
+ifeval::["{build_variant}" != "ospdo"]
     done
+endif::[]
 done
 
 echo "Checking systemd OpenStack services"
 for service in ${ServicesToStop[*]}; do
+ifeval::["{build_variant}" != "ospdo"]
     for i in {1..3}; do
         SSH_CMD=CONTROLLER${i}_SSH
+endif::[]
+ifeval::["{build_variant}" == "ospdo"]
+        SSH_CMD=CONTROLLER_SSH
+endif::[]
         if [ ! -z "${!SSH_CMD}" ]; then
             if ! ${!SSH_CMD} systemctl show $service | grep ActiveState=inactive >/dev/null; then
                 echo "ERROR: Service $service still running on controller $i"
             else
                 echo "OK: Service $service is not running on controller $i"
             fi
         fi
+ifeval::["{build_variant}" != "ospdo"]
     done
+endif::[]
 done
 ----
diff --git a/docs_user/modules/proc_ospdo-scale-down-pre-database-adoption.adoc b/docs_user/modules/proc_ospdo-scale-down-pre-database-adoption.adoc
@@ -1,18 +1,98 @@
-[id="ospdo_scale_down_pre_database_adoption_{context}"]
+[id="ospdo-scale-down-pre-database-adoption_{context}"]
 
 = Scaling down director Operator resources
 
 Before you migrate your databases to the control plane, you must scale down and remove OpenStack director Operator (OSPdO) resources in order to use the {rhos_long} resources.
 
+You must perform the following actions:
+
+* Dump selected data from the existing {OpenStackShort} {rhos_prev_ver} cluster. You use this data to build the custom resources for the data plane adoption.
+* After you extract and save the data, remove the OSPdO control plane and operator.
+
 .Procedure
+. Download the NIC templates:
++
+----
+    # Make temp directory if doesn't exist
+    mkdir -p temp
+    cd temp
+    echo "Extract nic templates"
+    oc get -n "${OSPDO_NAMESPACE}" cm tripleo-tarball -ojson | jq -r '.binaryData."tripleo-tarball.tar.gz"' | base64 -d | tar xzvf -
+    # Revert back to original directory
+    cd -
+----
+. Get the SSH key for accessing the data plane nodes:
++
+----
+    # Make temp directory if doesn't exist
+    mkdir -p temp
+    # Get the SSH key from the openstackclient (osp 17)
+    # to be used later to create the SSH secret for dataplane adoption
+    $OS_CLIENT cat /home/cloud-admin/.ssh/id_rsa > temp/ssh.private
+    $OS_CLIENT cat /home/cloud-admin/.ssh/id_rsa.pub > temp/ssh.pub
+    echo "SSH private and public keys saved in temp/ssh.private and temp/ssh.pub"
+----
+. Get the OVN configuration from each Compute node role, `OpenStackBaremetalSet`. This configuration is  used later to build the `OpenStackDataPlaneNodeSet`(s). Repeat the following step for each `OpenStackBaremetalSet`:
++
+----
+    # Make temp directory if doesn't exist
+    mkdir -p temp
+        #
+        # Query the first node in OSBMS
+        #
+    IP=$(oc -n "${OSPDO_NAMESPACE}" get openstackbaremetalsets.osp-director.openstack.org <<OSBMS-NAME>> -ojson |           jq -r '.status.baremetalHosts| keys[] as $k | .[$k].ipaddresses["ctlplane"]'| awk -F'/' '{print $1}')
+    # Get the OVN parameters
+    oc -n "${OSPDO_NAMESPACE}" exec -c openstackclient openstackclient -- \
+        ssh cloud-admin@${IP} sudo ovs-vsctl -f json --columns=external_ids list Open |
+        jq -r '.data[0][0][1][]|join("=")' | sed -n -E 's/^(ovn.*)+=(.*)+/edpm_\1: \2/p' |
+        grep -v -e ovn-remote -e encap-tos -e openflow -e ofctrl > temp/<<OSBMS-NAME>>.txt
+----
++
+----
+    # Create temp directory if it does not exist
+    mkdir -p temp
+    for name in $(oc -n "${OSPDO_NAMESPACE}" get openstackbaremetalsets.osp-director.openstack.org | awk 'NR > 1 {print $1}'); do
+      oc -n "${OSPDO_NAMESPACE}" get openstackbaremetalsets.osp-director.openstack.org $name -ojson |
+          jq -r '.status.baremetalHosts| "nodes:", keys[] as $k | .[$k].ipaddresses as $a |
+           "  \($k):",
+           "    hostName: \($k)",
+           "    ansible:",
+           "      ansibleHost: \($a["ctlplane"] | sub("/\\d+"; ""))",
+           "    networks:", ($a | to_entries[] | "    - name: \(.key) \n      fixedIP: \(.value | sub("/\\d+"; ""))\n      subnetName: subnet1")' > temp/${name}-nodes.txt
+    done
+----
+. Remove the conflicting repositories and packages from all Compute hosts. Define the OSPdO and {OpenStackShort} {rhos_prev_ver} Pacemaker services that must be stopped:
++
+----
+PacemakerResourcesToStop_dataplane=(
+                "galera-bundle"
+                "haproxy-bundle"
+                "rabbitmq-bundle")
 
+# Stop these PCM services after adopting control
+# plane, but before starting deletion of OSPD0 (osp17) env
+    echo "Stopping pacemaker OpenStack services"
+    SSH_CMD=CONTROLLER_SSH
+    if [ -n "${!SSH_CMD}" ]; then
+        echo "Using controller 0 to run pacemaker commands "
+        for resource in "${PacemakerResourcesToStop_dataplane[@]}"; do
+            if ${!SSH_CMD} sudo pcs resource config "$resource" &>/dev/null; then
+                echo "Stopping $resource"
+                ${!SSH_CMD} sudo pcs resource disable "$resource"
+            else
+                echo "Service $resource not present"
+            fi
+        done
+    fi
+----
 . Scale down the {rhos_acro} OpenStack Operator `controller-manager` to 0 replicas and temporarily delete the `OpenStackControlPlane` `OpenStackClient` pod, so that you can use the OSPdO `controller-manager` to clean up some of its resources. The cleanup is needed to avoid a pod name collision between the OSPdO OpenStackClient and the {rhos_acro} OpenStackClient.
 +
 ----
-$ oc patch csv -n openstack-operators openstack-operator.v0.0.1 --type json   -p="[{"op": "replace", "path": "/spec/install/spec/deployments/0/spec/replicas", "value": "0"}]"
+$ oc patch csv -n openstack-operators openstack-operator.v1.0.5 --type json   -p="[{"op": "replace", "path": "/spec/install/spec/deployments/0/spec/replicas", "value": "0"}]"
 $ oc delete openstackclients.client.openstack.org --all
 ----
 +
+* Replace the CSV version with the CSV version that is deployed in the cluster.
 . Delete the OSPdO `OpenStackControlPlane` custom resource (CR):
 +
 ----
@@ -192,8 +272,19 @@ $ oc delete openstackprovisionservers.osp-director.openstack.org -n openstack --
 +
 ----
 $ compute_bmh_list=$(oc get bmh -n openshift-machine-api |grep compute|awk '{printf $1 " "}')
-$ for bmh_compute in $compute_bmh_list;do oc annotate bmh -n openshift-machine-api $bmh_compute baremetalhost.metal3.io/detached="";done
-$ oc delete bmh -n openshift-machine-api $bmh_compute;done
+$ for bmh_compute in $compute_bmh_list;do oc annotate bmh -n openshift-machine-api $bmh_compute baremetalhost.metal3.io/detached="";\
+     oc -n openshift-machine-api wait bmh/$bmh_compute --for=jsonpath='{.status.operationalStatus}'=detached --timeout=30s || {
+         echo "ERROR: BMH did not enter detatched state"
+         exit 1
+       }
+done
+----
+. Delete the `BareMetalHost` resource after its operational status is detached:
++
+----
+    for bmh_compute in $compute_bmh_list;do \
+       oc -n openshift-machine-api delete bmh $bmh_compute; \
+    done
 ----
 
 . Delete the OSPdO Operator Lifecycle Manager resources to remove OSPdO:

diff --git a/docs_user/modules/proc_preparing-RHOSO-for-director-operator-adoption.adoc b/docs_user/modules/proc_preparing-RHOSO-for-director-operator-adoption.adoc
@@ -306,15 +306,8 @@ $ oc get secret tripleo-passwords -n $OSPDO_NAMESPACE -o json | jq -r '.data["tr
 }
 ----
 
-. Install the {rhos_acro} operators:
+. Install the {rhos_acro} operators. For more information, see link:{deploying-rhoso}/index#assembly_installing-and-preparing-the-Operators[Installing and preparing the Operators] in _{deploying-rhoso-t}_.
 +
-----
-$ git clone https://github.com/openstack-k8s-operators/install_yamls.git
-cd install_yamls
-BMO_SETUP=false NETWORK_ISOLATION=false NAMESPACE=${RHOSO18_NAMESPACE} make openstack
-BMO_SETUP=false NETWORK_ISOLATION=false NAMESPACE=${RHOSO18_NAMESPACE} make openstack_init
-BMO_SETUP=false NETWORK_ISOLATION=false make metallb
-----
 
 
 . Apply the `IPAddressPool` resource that matches the new OpenStack 18 deployment to configure which IPs can be used as virtual IPs (VIPs):

diff --git a/...ser/modules/proc_preparing-controller-nodes-for-director-operator-adoption.adoc b/...ser/modules/proc_preparing-controller-nodes-for-director-operator-adoption.adoc
@@ -50,8 +50,8 @@ $ export CONTROLLER_NODE=$(oc -n $OSPDO_NAMESPACE get vmi -ojson | jq -r '.items
 .. Disable stonith:
 +
 ----
-$ stonith_resources=$(sudo pcs stonith status|grep Started|awk '{print $2}')
-for in stonith_resources ;do CONTROLLER1_SSH sudo pcs stonith disable ;done
+$ stonith_resources=$($CONTROLLER1_SSH sudo pcs stonith status|grep Started|awk '{print $2}')
+for resource in stonith_resources ;do $CONTROLLER1_SSH sudo pcs stonith disable $resource;done
 ----
 .. Put non-Controller nodes in maintenance:
 +
@@ -76,6 +76,40 @@ $CONTROLLER1_SSH sudo systemctl restart corosync
 $CONTROLLER1_SSH sudo pcs cluster stop
 $CONTROLLER1_SSH sudo pcs cluster start
 ----
++
+.. Check that only Controller-0 is started and that the other 2 Controllers are stopped:
++
+----
+$CONTROLLER_SSH sudo pcs status
+----
+.. Check if the {OpenStackShort} control plane is still operational:
++
+----
+$OS_CLIENT openstack compute service list
+----
++
+[NOTE]
+You might need to wait a few minutes for the control plane to get operational. The control plane response slows down after this point.
+.. When Pacemaker is only managing one of the Controllers, delete 2 of the Controller VMs. The following example specifies Controller-1 and Controller-2 VMs for deletion:
++
+----
+$ oc -n openstack annotate vm controller-1 osp-director.openstack.org/delete-host=true
+$ oc -n openstack annotate vm controller-2 osp-director.openstack.org/delete-host=true
+----
+.. Reduce the `roleCount` for the Controller role in the `OpenStackControlPlane` CR to `1`:
++
+----
+$ oc -n openstack patch OpenStackControlPlane overcloud --type json -p '[{"op": "replace", "path":"/spec/virtualMachineRoles/controller/roleCount", "value": 1}]'
+----
+.. Ensure that the `OpenStackClient` pod is running on the same {OpenShiftShort} nodes as the remaining Controller VM. If the `OpenStackClient` pod is not on the same node, then move it by cordoning off the two nodes that have been freed up for {rhos_acro}. Then you delete the `OpenStackClient` pod so that it gets rescheduled on the {OpenShiftShort} node that has the remaining Controller VM. After the pod is moved to the correct node, uncordon all the nodes:
++
+----
+$ oc adm cordon $OSP18_NODE1
+$ oc adm cordon $OSP18_NODE2
+$ oc delete pod openstackclient
+$ oc adm uncordon $OSP18_NODE1
+$ oc adm uncordon $OSP18_NODE2
+----
 .. Remove the OSPdO node network configuration policies from the other two nodes that are not running the Controller VM by placing a `nodeSelector` on the {OpenShiftShort} node that contains the Controller VM:
 +
 ----

diff --git a/.../modules/proc_retrieving-network-information-from-your-existing-deployment.adoc b/.../modules/proc_retrieving-network-information-from-your-existing-deployment.adoc
@@ -62,3 +62,7 @@ consumed and are not available for the new control plane services until the adop
 
 . Repeat this procedure for each isolated network and each host in the
 configuration.
+
+ifeval::["{build_variant}" == "ospdo"]
+For more information about director Operator network configurations, see link:https://docs.redhat.com/en/documentation/red_hat_openstack_platform/17.1/html-single/deploying_an_overcloud_in_a_red_hat_openshift_container_platform_cluster_with_director_operator/index#assembly_creating-networks-with-director-operator[Creating networks with director Operator] in _Deploying an overcloud in a Red Hat OpenShift Container Platform cluster with director Operator_.
+endif::[]