...
- SSH into the OLD LDAP machine (your current one) and create DNS reverse zone (NAME_FROM_IP = LDAP IP or using IP range ) (https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/7/html/linux_domain_identity_authentication_and_policy_guide/managing-reverse-dns-zones)
Code Block ipa dnszone-add --name-from-ip=NAME_FROM_IP
- ssh to the VM with Openstack Client and run the following commands (see EWC - OpenStack Command-Line client for more details):
- List ldap security group rule
Code Block openstack security group rule list ldap
- add port 636 TCP.749 TCP,464 UDP to ldap security group if they are missing
Code Block openstack security group rule create ldap --protocol tcp --ingress --dst-port 636 --remote-ip 0.0.0.0/0 --ethertype IPv4 openstack security group rule create ldap --protocol tcp --ingress --dst-port 749 --remote-ip 0.0.0.0/0 --ethertype IPv4 openstack security group rule create ldap --protocol udp --ingress --dst-port 464 --remote-ip 0.0.0.0/0 --ethertype IPv4
- Backup existing LDAP machine using the following documentation: EWC - How to create and restore backups from VMs
- List ldap security group rule
- If your LDAP is rocky 8 based, jump to step 7., if it is centos7 based continue the procedure normally.
- Create LDAP replica instance type to move from centos7 to rocky 8 (see MigratefromCentos7toRocky8);
- Switch IP interfaces between LDAPs (see RunworkflowtoswitchIPinterfacesbetweenLDAP SwitchIPinterfacesbetweenLDAP );
- Check everything is fine (see Tests);
- Create LDAP replica instance type to move from rocky 8 to rocky 9 (see MigratefromRocky8toRocky9)
- Switch IP interfaces between LDAPs (see RunworkflowtoswitchIPinterfacesbetweenLDAP SwitchIPinterfacesbetweenLDAP );
- Check everything is fine (see Tests);
- Remove old LDAPs machines to free resources (from Morpheus)
...