1. Documentation
×

Migrating Embedded etcd to External etcd

Overview

Until OpenShift Origin 3.6, it was possible to deploy a cluster with an embedded etcd. As of OpenShift Origin 3.7, this is no longer possible. Additionally, the etcd API version since OpenShift Origin 3.6 defaults to v3. Also, since OpenShift Origin 3.7, the v3 is the only version allowed. Therefore, older deployments with embedded etcd with the etcd API version v2 need to migrate to the external etcd first, followed by data migration, before they can be upgraded to OpenShift Origin 3.7.

This migration process performs the following steps:

  1. Stop the master service.

  2. Perform an etcd backup of embedded etcd.

  3. Deploy external etcd (on the master or new host).

  4. Perform a backup of the original etcd master certificates.

  5. Generate new etcd certificates for the master.

  6. Transfer the embedded etcd backup to the external etcd host.

  7. Start the external etcd from the transfered etcd backup.

  8. Re-configure master to use the external etcd.

  9. Start master.

Running the Automated Migration Playbook

Migration to external RPM etcd or external containerized etcd is currently supported.

A migration playbook is provided to automate all aspects of the process; this is the preferred method for performing the migration. You must have access to your existing inventory file with both the master and external etcd host defined in their separate groups.

In order to perform the migration on Red Hat Enterprise Linux Atomic Host, you must be running Atomic Host 7.4 or later.

  1. Pull the latest subscription data from RHSM:

    # subscription-manager refresh

  2. To get the latest playbooks, manually disable the OpenShift Origin 3.6 channel and enable the 3.7 channel on the host you are running the migration from:

    # subscription-manager repos --disable="rhel-7-server-ose-3.6-rpms" \
    --enable="rhel-7-server-ose-3.7-rpms" \
    --enable="rhel-7-server-extras-rpms" \
    --enable="rhel-7-fast-datapath-rpms"
# yum clean all

  3. Add etcd under the [OSEv3:children] section if it does not already exist:

    [OSEv3:children]
masters
nodes
etcd

  4. Your inventory file is expected to have exactly one host in an [etcd] host group. In most scenarios, it is best to use your existing master, as there is no need for a separate host.

    Add an [etcd] host group to your inventory file if it does not already exist, and list the host to migrate your etcd to:

    [etcd]
master1.example.com

  5. Run the embedded2external.yml playbook using your inventory file:

    # ansible-playbook [-i /path/to/inventory] \
    ~/openshift-ansible/playbooks/openshift-etcd/embedded2external.yml

    Successful completion of the playbook will show the following:

    INSTALLER STATUS **************************************
Initialization             : Complete
etcd Install               : Complete

  6. To verify that the migration from embedded to external etcd was successful, run the following on the etcd host and check for an etcd process:

    # ps -aux | grep etcd
etcd      22384  2.1  3.9 5872848 306072 ?      Ssl  10:36   0:02 /usr/bin/etcd --name=master1.example.com --data-dir=/var/lib/etcd/ --listen-client-urls=https://192.168.122.197:2379

Running the Manual Migration

Currently, manual migration is not recommended, as it requires a deployment of the new etcd cluster and re-deployment of etcd master certificates.