...
- OLD_LDAP_SERVER_NAME → Name of the server from Openstack → you can find the name from openstack server list command
- OLD_LDAP_PRIVATE_IP → logging in Morpheus → Provisioning → Instances, check your OLD LDAP VM IP address
- OLD_LDAP_HOSTNAME → logging in Morpheus → Tools → Cypher and check the following secret → secret/ldap_hostname
- NEW_LDAP_SERVER_NAME → Name of the server from Openstack → you can find the name from openstack server list command
- NEW_LDAP_PRIVATE_IP → logging in Morpheus → Provisioning → Instances, check your new LDAP VM IP address
- NEW_LDAP_HOSTNAME → <name-of-the-machine>.<tenancy-domain> where tenancy-domain → logging in Morpheus → Tools → Cypher and check the following secret → secret/ldap_domain (e.g. ldap-test-rocky.eumetsat.sandbox.ewc)
- DNS_HOSTED_ZONE→ logging in Morpheus → Tools → Cypher and check the following secret → secret/ldap_hostname
Start user procedure:
- Create LDAP DNS Reverse zone (see );
- Edit LDAP Security Group (see );
- Backup existing LDAP machine using the following documentation: EWC - How to create and restore backups from VMs
- Check the Operating System of your LDAP (either from Morpheus, Provisioning → Instances → select LDAP machine
;- If your LDAP is rocky 8 based → jump to step 8.
- If your LDAP is centos7 based → continue to step 4.
- If your LDAP is rocky 8 based → jump to step 8.
- Create LDAP replica instance type to move from centos7 to rocky 8 (see MigratefromCentos7toRocky8);
- Prepare new LDAP machine (see PreparenewLDAPmachine );
- Switch IP interfaces between LDAPs (see SwitchIPinterfacesbetweenLDAP );
- Update Morpheus (see UpdateMorpheus );
- Check everything is fine (see Tests);
- Create LDAP replica instance type to move from rocky 8 to rocky 9 (see MigratefromRocky8toRocky9)
- Prepare new LDAP machine (see PreparenewLDAPmachine );
- Switch IP interfaces between LDAPs (see SwitchIPinterfacesbetweenLDAP );
- Update Morpheus (see UpdateMorpheus );
- Check everything is fine (see Tests);
- Delete old LDAP machine/s to free resources (see Delete a VM from Morpheus).
Tasks
Create LDAP DNS reverse zone
- SSH into the OLD LDAP machine (your current one) and create DNS reverse zone (NAME_FROM_IP = LDAP IP or using IP range ) (https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/7/html/linux_domain_identity_authentication_and_policy_guide/managing-reverse-dns-zones)
Code Block ipa dnszone-add --name-from-ip=NAME_FROM_IP
Edit LDAP security group
- ssh to the VM with Openstack Client and run the following commands (see EWC - OpenStack Command-Line client for more details):
- List ldap security group rule
Code Block openstack security group rule list ldap
- add port 636 TCP.749 TCP,464 UDP to ldap security group if they are missing
Code Block openstack security group rule create ldap --protocol tcp --ingress --dst-port 636 --remote-ip 0.0.0.0/0 --ethertype IPv4 openstack security group rule create ldap --protocol tcp --ingress --dst-port 749 --remote-ip 0.0.0.0/0 --ethertype IPv4 openstack security group rule create ldap --protocol udp --ingress --dst-port 464 --remote-ip 0.0.0.0/0 --ethertype IPv4
- Backup existing LDAP machine using the following documentation: EWC - How to create and restore backups from VMs
- List ldap security group rule
- Check the Operating System of your LDAP (either from Morpheus, Provisioning → Instances → select LDAP machine ;
- If your LDAP is rocky 8 based → jump to step 8.
- If your LDAP is centos7 based → continue to step 4.
- If your LDAP is rocky 8 based → jump to step 8.
- Create LDAP replica instance type to move from centos7 to rocky 8 (see MigratefromCentos7toRocky8);
- Prepare new LDAP machine (see);
- Switch IP interfaces between LDAPs (see SwitchIPinterfacesbetweenLDAP );
- Update Morpheus (see UpdateMorpheus );
- Check everything is fine (see Tests);
- Create LDAP replica instance type to move from rocky 8 to rocky 9 (see MigratefromRocky8toRocky9)
- Prepare new LDAP machine (see);
- Switch IP interfaces between LDAPs (see SwitchIPinterfacesbetweenLDAP );
- Update Morpheus (see UpdateMorpheus );
- Check everything is fine (see Tests);
- Remove old LDAPs machines to free resources (from Morpheus)
...
Migrate from Centos7 to Rocky 8
...