The OpenShift® Container Platform cluster that is connected
in a disaster recovery relationship or a Backup & Restore
service with Hub and Spoke can face disasters, leading to a temporary
unusable state. After recovery, it can still display an Unhealthy
or
UnManaged
status in remote clusters. In such instances, this cluster must be
reconnected to its corresponding
connections.
About this task
If the cluster recovers before the expiration time, the cluster rejoins the connection
automatically and no action is needed. However, if the cluster recovers after the expiration of the
client cert, the connection must be cleaned and setup to rejoin the recovered cluster.
Procedure
- Run the following example command to login to cluster-a and list the connection
names.
- List the connection names.
oc get connections
It lists all connection CRs that are used for
Backup & Restore and disaster recovery. The following example
shows connections among clusters:
- If cluster-a is in a DR relationship, a connection exists for the other cluster.
- If cluster-a is a Backup & Restore hub, there exists
a connection for each spoke.
- If cluster-a is a Backup & Restore spoke, one
connection to the hub exists.
The output includes the API endpoint of cluster-b.
Example output
NAME API_ENDPOINT PHASE HEALTHY_TO HEALTHY_FROM AGE
connection-8414b9c84d https://api.cluster-b.mydomain:6443 InProgress Unhealthy Unknown 25d
%
- Save the name of connection CR in cluster-a (a cluster in the hub and spoke or DR
clusters) in
connection-<id>
format.
- Clean the connection.
- Setup the connection between clusters.
- Log in to the cluster-b and get the bootstrap token for cluster-b.
oc login to cluster-b
oc create token isf-application-operator-cluster-bootstrap -n <Fusion Namespace of cluster-b>
Note: The version of oc command line must be greater or equal to 4.11.
- Log in to cluster-a.
- Create init secret on cluster-a with the bootstrap token and API endpoint of
cluster-b.
For example:
apiVersion: v1
kind: Secret
metadata:
name: <Init Secret Name>
namespace: <Fusion Namespace of cluster-a>
stringData:
apiserver: <cluster-b API Endpoint>
bootstrapToken: <cluster-b Token Generated in Step 3.a>
- Create connection CR on cluster-a with this init secret in spec:
apiVersion: application.isf.ibm.com/v1
kind: Connection
metadata:
name: <Connection Name Saved in Step 1>
namespace: <Fusion Namespace of cluster-a>
spec:
remoteCluster:
apiEndpoint: <cluster-b API Endpoint>
initSecretName: <Init Secret Name>
connectionOperatorNamespace: <Fusion Namespace of cluster-b>