VMware NSX Container Plugin 4.2

4.2 4.1 4.0 3.2 3.1 3.0
简体中文 Deutsch Español Français Italiano 日本語 한국어 繁體中文 English

Migrating Shared Resources

The instructions in this section are optional for TKGI users because the steps are automated in TKGI.
The first step in the Manager to Policy migration process is to migrate the NSX resources that are shared among clusters such as Logical Routers, IP blocks and pools, NsGroups, and so on. These NSX resources are created by the user. They are specified in the mp2p-user-spec YAML manually by the user when migrating vanilla Kubernetes clusters. They cannot be specified in TKGI as they are auto-inferred. They are specified in the VMware NSX-T Tile under
MP to Policy Migration
 config pane in Ops Manager in TAS.
In TKGI and vanilla Kubernetes cluster migration, Shared Resources are migrated to Policy with a policy ID that is derived from their display names in the following way:
  • Each space (' ') literal is replaced with underscore ('_')
  • Each forward slash ('/') is replaced with underscore ('_')
  • If the display name has only periods (for example, '.', '.....', etc.) it is prepended with one underscore ('_')
Examples:
  • "mp display name" becomes policy id: "mp_display_name"
  • "mp display/name" becomes policy id: "mp_display_name"
  • "....." becomes policy id: "_....."
So you must ensure that all the NSX resources that you created have unique display names.
In TAS, Shared Resources are migrated to Policy with a policy ID that is same as the MP ID.
NOTE: After migrating a Vanilla Kubernetes cluster, update the ncp.ini based on the above rules wherever the config reads the ID of the NSX resource.

How to specify shared resources in user-spec YAML

While migrating a vanilla Kubernetes cluster, you can edit
scripts/user-spec.yaml
 if you are running NCP 4.1.0 or earlier. Otherwise, use the config map nsx-ncp-migrate-mp2p-user-spec to specify which user-created NSX resources should be migrated. You can specify:
  • The resource using either display_name or ID in the Manager API. If the resource is not found in Manager API, it is ignored.
  • The IP-Allocations to be imported for any IP Pool in the user-spec.yaml under "ip-allocations". Two scenarios:
    1. With custom IpPoolAllocations from this IpPool
      If you have created some IpAllocations manually, please specify them under here. Key is the allocation_id of the IpPoolAllocation and value is its expected policy ID. Do not import any other resources such as IpBlock, Tier0, etc. with it. Once they are imported, run the script again to import shared resources but as specified in step 2 below.
    2. Without custom IpPoolAllocations from this IpPool (default)
      Do not edit/specify ip-allocations under any IpPool and add all the other resources like IpBlock, Tier0, etc in the spec to be imported.
  • Static routes and router ports to be imported for a tier 1 router.
    Do not change the `key` and `value` identifier in the spec, but only their assigned values. `Key` is the manager ID and value is the expected policy ID.
See Sample user-spec.yaml to see the list of NSX resources that can be specified and how to specify them.

Steps to import only shared resources

NCP 4.1.1 or Earlier

  1. Fill in the appropriate information in config.yaml and set import_shared_resources_only to True. See Sample user-spec.yaml.
  2. Fill in the shared resources info in user-spec.yaml. See Sample user-spec.yaml.
  3. Run the mp_to_policy_importer using either the config file or command line arguments. For example:
    python3 mp_to_policy_importer.py --config-file config.yaml

NCP 4.1.2 or Later

  1. Fill in the shared resources info in nsx-ncp-migrate-mp2p-user-spec config map. See Sample user-spec.yaml.
  2. Do not specify any Kubernetes cluster name under the key "k8s-clusters".
  3. Apply the file
    migrate-mp2p-job.yaml
     to run the migration job.
Follow these steps on the OpsManager UI:
  1. Navigate to the
    MP to Policy Migration
     config pane.
  2. Specify the NSX resources to be migrated.
  3. Enable the checkbox
    Migrate only manually created NSX resources. If this option is selected, then NCP created NSX resources for this foundation will not be migrated to Policy
    .
  4. Select the radio button
    Perform Migration to NSX Policy
    . All user-specified NSX resources specified in this configuration pane and NCP-created NSX resources are migrated to Policy. This is done by deploying a new VM in the VMware-NSX-T deployment and running an errand on it.
  5. Click
    Save
    .
  6. Click
    Installation Dashboard
    .
  7. Click
    Review Pending Changes
    .
  8. Under
    VMware NSX-T Tile
     Errands, enable
    Perform MP2P Migration
    .
  9. Click
    Apply Changes
    .

Content feedback and comments