OSDOCS-5274: Restart node when changing mtu value

_topic_maps/_topic_map_ms.yml

@@ -104,8 +104,10 @@ Name: Networking
 Dir: microshift_networking
 Distros: microshift
 Topics:
-- Name: Understanding networking
+- Name: Applying networking settings
   File: microshift-networking
+- Name: Using a firewall
+  File: microshift-firewall
 ---
 Name: Storage
 Dir: microshift_storage

microshift_install/microshift-embed-in-rpm-ostree.adoc

@@ -50,12 +50,12 @@ include::modules/microshift-provisioning-ostree.adoc[leveloffset=+1]
 [role="_additional-resources_microshift-embed-in-rpm-ostree"]
 .Additional resources
 
-. https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html-single/composing_installing_and_managing_rhel_for_edge_images/index[{op-system-ostree} documentation].
-. xref:../microshift_install/microshift-install-rpm.adoc#system-requirements-installing-microshift[System requirements for installing {product-title}].
-. Red Hat Hybrid Cloud Console link:https://console.redhat.com/openshift/install/pull-secret[pull secret].
-. xref:../microshift_networking/microshift-networking.adoc#microshift-firewall-req-settings_microshift-networking[Required firewall settings].
-. link:https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/performing_an_advanced_rhel_8_installation/creating-kickstart-files_installing-rhel-as-an-experienced-user[Creating a Kickstart file].
-. link:https://access.redhat.com/solutions/60959[How to embed a Kickstart file into an ISO image].
+* link:https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html-single/composing_installing_and_managing_rhel_for_edge_images/index[{op-system-ostree} documentation].
+* xref:../microshift_install/microshift-install-rpm.adoc#system-requirements-installing-microshift[System requirements for installing {product-title}].
+* Red Hat Hybrid Cloud Console link:https://console.redhat.com/openshift/install/pull-secret[pull secret].
+* xref:../microshift_networking/microshift-firewall.adoc#microshift-firewall-req-settings_microshift-networking[Required firewall settings].
+* link:https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/performing_an_advanced_rhel_8_installation/creating-kickstart-files_installing-rhel-as-an-experienced-user[Creating a Kickstart file].
+* link:https://access.redhat.com/solutions/60959[How to embed a Kickstart file into an ISO image].
 
 include::modules/microshift-accessing.adoc[leveloffset=+1]
 include::modules/microshift-accessing-cluster-locally.adoc[leveloffset=+2]

microshift_networking/ingress-operator-microshift.adoc

@@ -1,87 +0,0 @@
-:_content-type: ASSEMBLY
-[id="configuring-ingress-microshift"]
-= Ingress Operator in {product-title}
-include::_attributes/attributes-microshift.adoc[]
-:context: configuring-ingress
-
-toc::[]
-include::modules/nw-ne-openshift-ingress.adoc[leveloffset=+1]
-include::modules/nw-installation-ingress-config-asset.adoc[leveloffset=+1]
-include::modules/nw-ingress-controller-configuration-parameters.adoc[leveloffset=+1]
-
-[id="configuring-ingress-controller-tls"]
-=== Ingress Controller TLS security profiles
-
-TLS security profiles provide a way for servers to regulate which ciphers a connecting client can use when connecting to the server.
-
-// Understanding TLS security profiles
-include::modules/tls-profiles-understanding.adoc[leveloffset=+3]
-
-// Configuring the TLS profile for the Ingress Controller
-include::modules/tls-profiles-ingress-configuring.adoc[leveloffset=+3]
-
-include::modules/nw-mutual-tls-auth.adoc[leveloffset=+3]
-
-include::modules/nw-ingress-view.adoc[leveloffset=+1]
-
-include::modules/nw-ingress-operator-status.adoc[leveloffset=+1]
-
-include::modules/nw-ingress-operator-logs.adoc[leveloffset=+1]
-
-include::modules/nw-ingress-controller-status.adoc[leveloffset=+1]
-
-[id="configuring-ingress-controller"]
-== Configuring the Ingress Controller
-
-include::modules/nw-ingress-setting-a-custom-default-certificate.adoc[leveloffset=+2]
-
-include::modules/nw-ingress-custom-default-certificate-remove.adoc[leveloffset=+2]
-
-include::modules/nw-autoscaling-ingress-controller.adoc[leveloffset=+2]
-
-include::modules/nw-scaling-ingress-controller.adoc[leveloffset=+2]
-
-include::modules/nw-configure-ingress-access-logging.adoc[leveloffset=+2]
-
-include::modules/nw-ingress-setting-thread-count.adoc[leveloffset=+2]
-
-include::modules/nw-ingress-sharding.adoc[leveloffset=+2]
-
-include::modules/nw-ingress-sharding-route-labels.adoc[leveloffset=+3]
-
-include::modules/nw-ingress-sharding-namespace-labels.adoc[leveloffset=+3]
-
-include::modules/nw-ingress-setting-internal-lb.adoc[leveloffset=+2]
-
-include::modules/nw-ingress-controller-configuration-gcp-global-access.adoc[leveloffset=+2]
-
-include::modules/nw-ingress-controller-config-tuningoptions-healthcheckinterval.adoc[leveloffset=+2]
-
-include::modules/nw-ingress-default-internal.adoc[leveloffset=+2]
-
-include::modules/nw-route-admission-policy.adoc[leveloffset=+2]
-
-include::modules/using-wildcard-routes.adoc[leveloffset=+2]
-
-include::modules/nw-using-ingress-forwarded.adoc[leveloffset=+2]
-
-include::modules/nw-http2-haproxy.adoc[leveloffset=+2]
-
-include::modules/nw-ingress-controller-configuration-proxy-protocol.adoc[leveloffset=+2]
-
-include::modules/nw-ingress-configuring-application-domain.adoc[leveloffset=+2]
-
-include::modules/nw-ingress-converting-http-header-case.adoc[leveloffset=+2]
-
-include::modules/nw-configuring-router-compression.adoc[leveloffset=+2]
-
-include::modules/nw-customize-ingress-error-pages.adoc[leveloffset=+2]
-//include::modules/nw-ingress-select-route.adoc[leveloffset=+2]
-
-include::modules/nw-ingress-setting-max-connections.adoc[leveloffset=+2]
-
-//[role="_additional-resources"]
-//== Additional resources
-
-//* xref:../networking/configuring-a-custom-pki.adoc#configuring-a-custom-pki[Configuring a custom PKI]
-

microshift_networking/microshift-firewall.adoc

@@ -0,0 +1,23 @@
+:_content-type: ASSEMBLY
+[id="microshift-using-a-firewall"]
+= Using a firewall
+include::_attributes/attributes-microshift.adoc[]
+:context: microshift-firewall
+
+toc::[]
+
+Firewalls are not required in {product-title}, but using a firewall can prevent undesired access to the {product-title} API.
+
+include::modules/microshift-firewall-config.adoc[leveloffset=+1]
+include::modules/microshift-firewalld-install.adoc[leveloffset=+1]
+include::modules/microshift-firewall-req-settings.adoc[leveloffset=+1]
+include::modules/microshift-firewall-opt-settings.adoc[leveloffset=+1]
+include::modules/microshift-firewall-allow-traffic.adoc[leveloffset=+1]
+include::modules/microshift-firewall-apply-settings.adoc[leveloffset=+1]
+include::modules/microshift-firewall-verify-settings.adoc[leveloffset=+1]
+include::modules/microshift-firewall-known-issue.adoc[leveloffset=+1]
+
+[role="_additional-resources"]
+[id="additional-resources_microshift-using-a-firewall"]
+.Additional resources
+* xref:../microshift_troubleshooting/microshift-troubleshooting.adoc#microshift-ki-cni-iptables-deleted[Troubleshooting iptables deleted].

microshift_networking/microshift-networking.adoc

@@ -1,6 +1,6 @@
 :_content-type: ASSEMBLY
-[id="microshift-understanding-networking"]
-= Understanding networking
+[id="microshift-applying-networking-settings"]
+= Understanding networking settings
 include::_attributes/attributes-microshift.adoc[]
 :context: microshift-networking
 
@@ -18,21 +18,17 @@ By default, Kubernetes allocates each pod an internal IP address for application
 
 include::modules/microshift-cni.adoc[leveloffset=+1]
 include::modules/microshift-configuring-ovn.adoc[leveloffset=+1]
+include::modules/microshift-restart-ovnkube-master.adoc[leveloffset=+1]
 //include::modules/microshift-man-config-ovs-bridge.adoc[leveloffset=+1]
 include::modules/microshift-http-proxy.adoc[leveloffset=+1]
 include::modules/microshift-cri-o-container-runtime.adoc[leveloffset=+1]
 include::modules/microshift-ovs-snapshot.adoc[leveloffset=+1]
 include::modules/microshift-mDNS.adoc[leveloffset=+1]
 
-include::modules/microshift-firewall-config.adoc[leveloffset=+1]
-include::modules/microshift-firewalld-install.adoc[leveloffset=+1]
-include::modules/microshift-firewall-req-settings.adoc[leveloffset=+1]
-include::modules/microshift-firewall-opt-settings.adoc[leveloffset=+1]
-include::modules/microshift-firewall-allow-traffic.adoc[leveloffset=+1]
-include::modules/microshift-firewall-apply-settings.adoc[leveloffset=+1]
-include::modules/microshift-firewall-verify-settings.adoc[leveloffset=+1]
-include::modules/microshift-firewall-known-issue.adoc[leveloffset=+1]
-
 [role="_additional-resources"]
+[id="additional-resources_microshift-applying-networking-settings"]
 .Additional resources
-* xref:../microshift_troubleshooting/microshift-troubleshooting.adoc#microshift-version[Troubleshooting].
+
+. xref:../microshift_troubleshooting/microshift-troubleshooting.adoc#microshift-version[Troubleshooting]
+. xref:../microshift_troubleshooting/microshift-troubleshooting.adoc#microshift-troubleshooting-nodeport[Troubleshooting the NodePort service].
+. xref:../microshift_troubleshooting/microshift-troubleshooting.adoc#microshift-nodeport-unreachable-workaround[NodePort unreachable workround].

modules/microshift-configuring-ovn.adoc

@@ -2,9 +2,9 @@
 //
 // * microshift_networking/microshift-networking.adoc
 
-:_content-type: PROCEDURE
+:_content-type: CONCEPT
 [id="microshift-config-OVN-K_{context}"]
-= Configuring OVN-Kubernetes
+= OVN-Kubernetes configuration options
 
 An OVN-Kubernetes config file can be written to `/etc/microshift/ovn.yaml`. {product-title} will use default OVN-Kubernetes configuration values if an OVN-Kubernetes config file is not customized.
 
@@ -20,7 +20,7 @@ mtu: 1400
 <1> Default value is an empty string, which means "not-specified." The CNI network plugin auto-detects to interface with the default route.
 <2> Default value is an empty string, which means disabled.
 
-To customize your configuration, use the following table to find valid values that you can use in your `ovn.yaml` config file.
+To customize your configuration, use the following table to find valid values that you can use in your `ovn.yaml` config file:
 
 .Supported optional OVN-Kubernetes configurations for {product-title}.
 
@@ -36,7 +36,7 @@ To customize your configuration, use the following table to find valid values th
 |bool
 |false
 |Skip configuring OVS bridge `br-ex` in `microshift-ovs-init.service`
-|true <1>
+|true ^1^
 
 |`ovsInit.gatewayInterface`
 |Alpha
@@ -56,8 +56,7 @@ To customize your configuration, use the following table to find valid values th
 |MTU value used for the pods
 |1300
 |===
-
-<1> The OVS bridge is required. When `disableOVSInit` is true, OVS bridge `br-ex` must be configured manually.
+^1^ The OVS bridge is required. When `disableOVSInit` is true, OVS bridge `br-ex` must be configured manually.
 
 .Example `ovn.yaml` config file:
 
@@ -71,4 +70,11 @@ mtu: 1300
 ----
 
 [IMPORTANT]
+====
 When `disableOVSInit` is set to true in the `ovn.yaml` config file, the OVS bridge br-ex must be manually configured.
+====
+
+[IMPORTANT]
+====
+If you change the `mtu` configuration value in the `ovn.yaml` file, you must restart the host that {product-title} is running on for the updated setting to apply.
+====

modules/microshift-cri-o-container-runtime.adoc

@@ -4,11 +4,12 @@
 
 :_content-type: PROCEDURE
 [id="microshift-CRI-O-container-engine_{context}"]
-= CRI-O container runtime
+= Using a proxy in the CRI-O container runtime
 
 To use an HTTP(S) proxy in `CRI-O`, you need to set the `HTTP_PROXY` and `HTTPS_PROXY` environment variables. You can also set the `NO_PROXY` variable to exclude a list of hosts from being proxied.
 
 .Procedure
+
 . Add the following settings to the `/etc/systemd/system/crio.service.d/00-proxy.conf` file:
 +
 [source, config]

modules/microshift-firewall-allow-traffic.adoc

@@ -1,6 +1,6 @@
 // Module included in the following assemblies:
 //
-// * microshift_networking/microshift-networking.adoc
+// * microshift_networking/microshift-firewall.adoc
 
 :_content-type: PROCEDURE
 [id="microshift-firewall-network-traffic_{context}"]
@@ -9,6 +9,7 @@
 You can allow network traffic through the firewall by first configuring the IP address range with either default or custom values, and then allow internal traffic from pods through the network gateway by inserting the DNS server.
 
 .Procedure
+
 Set the default values or a custom IP address range. After setting the IP address range, allow internal traffic from the pods through the network gateway.
 
 . To set the IP address range:

modules/microshift-firewall-apply-settings.adoc

@@ -1,6 +1,6 @@
 // Module included in the following assemblies:
 //
-// * microshift_networking/microshift-networking.adoc
+// * microshift_networking/microshift-firewall.adoc
 
 :_content-type: PROCEDURE
 [id="microshift-firewall-applying-settings_{context}"]

modules/microshift-firewall-config.adoc

@@ -1,12 +1,12 @@
 // Module included in the following assemblies:
 //
-// * microshift_networking/microshift-networking.adoc
+// * microshift_networking/microshift-firewall.adoc
 
 :_content-type: CONCEPT
 [id="microshift-firewall-config_{context}"]
-= Using a firewall
+= About network traffic through the firewall
 
-Firewalls are not required in {product-title}, but using a firewall can prevent undesired access to the {product-title} API. When using a firewall, you must explicitly allow the following OVN-Kubernetes traffic when the `firewalld` service is running:
+When using a firewall, you must explicitly allow the following OVN-Kubernetes traffic when the `firewalld` service is running:
 
 CNI pod to CNI pod::
 CNI pod to Host-Network pod

modules/microshift-firewall-opt-settings.adoc

@@ -1,17 +1,16 @@
 // Module included in the following assemblies:
 //
-// * microshift_networking/microshift-networking.adoc
+// * microshift_networking/microshift-firewall.adoc
 
 :_content-type: PROCEDURE
-
 [id="microshift-firewall-optional-settings_{context}"]
-= Optional port settings
+= Using optional port settings
 
 The {product-title} firewall service allows optional port settings.
 
 .Procedure
 
-. To add customized ports to your firewall configuration, use the following command syntax:
+* To add customized ports to your firewall configuration, use the following command syntax:
 +
 [source,terminal]
 ----

modules/microshift-firewall-req-settings.adoc

@@ -1,6 +1,6 @@
 // Module included in the following assemblies:
 //
-// * microshift_networking/microshift-networking.adoc
+// * microshift_networking/microshift-firewall.adoc
 
 :_content-type: CONCEPT
 [id="microshift-firewall-req-settings_{context}"]

modules/microshift-firewall-verify-settings.adoc

@@ -1,6 +1,6 @@
 // Module included in the following assemblies:
 //
-// * microshift_networking/microshift-networking.adoc
+// * microshift_networking/microshift-firewall.adoc
 
 :_content-type: PROCEDURE
 [id="microshift-firewall-verifying-settings_{context}"]

modules/microshift-firewalld-install.adoc

@@ -1,6 +1,6 @@
 // Module included in the following assemblies:
 //
-// * microshift_configuring/microshift-networking.adoc
+// * microshift_networking/microshift-firewall.adoc
 
 :_content-type: PROCEDURE
 [id="microshift-firewall-install_{context}"]

modules/microshift-install-rpm-preparing.adoc

@@ -2,6 +2,7 @@
 //
 // microshift/microshift-install-rpm.adoc
 
+:_content-type: PROCEDURE
 [id="preparing-install-microshift-from-rpm-package_{context}"]
 = Preparing to install {product-title} from an RPM package
 

modules/microshift-install-system-requirements.adoc

@@ -2,6 +2,7 @@
 //
 // microshift/microshift-install-rpm.adoc
 
+:_content-type: REFERENCE
 [id="system-requirements-installing-microshift"]
 = System requirements for installing {product-title}
 

modules/microshift-ki-cni-iptables-deleted.adoc

@@ -1,6 +1,7 @@
 // Module included in the following assemblies:
 //
 // * microshift_troubleshooting/microshift-known-issues.adoc
+
 :_content-type: PROCEDURE
 [id="microshift-ki-cni-iptables-deleted_{context}"]
 = Reloading the firewall deletes iptable rules
@@ -22,7 +23,7 @@ To troubleshoot this issue, delete the ovnkube-master pod to restart the ovnkube
 
 Run the commands listed in each step that follows to restore the iptable rules.
 
-. Stop the ovn-master application:
+. Find the name of the ovnkube-master pod that you want to restart by running the following command:
 +
 [source, terminal]
 ----

modules/microshift-ovs-snapshot.adoc

@@ -6,8 +6,11 @@
 [id="microshift-OVS-snapshot_{context}"]
 = Getting a snapshot of OVS interfaces from a running cluster
 
+A snapshot represents the state and data of OVS interfaces at a specific point in time.
+
 .Procedure
-To see a snapshot of OVS interfaces from a running {product-title} cluster, use the following command:
+
+* To see a snapshot of OVS interfaces from a running {product-title} cluster, use the following command:
 
 [source, terminal]
 ----

modules/microshift-restart-ovnkube-master.adoc

@@ -0,0 +1,51 @@
+// Module included in the following assemblies:
+//
+// * microshift_networking/microshift-networking.adoc
+
+:_content-type: PROCEDURE
+[id="microshift-restart-ovnkube-master_{context}"]
+= Restarting the ovnkube-master pod
+
+The following procedure restarts the `ovnkube-master` pod.
+
+.Prerequisites
+
+* The OpenShift CLI (`oc`) is installed.
+* Access to the cluster as a user with the `cluster-admin` role.
+* A cluster installed on infrastructure configured with the OVN-Kubernetes network plugin.
+* The KUBECONFIG environment variable is set.
+
+.Procedure
+
+Use the following steps to restart the `ovnkube-master` pod.
+
+. Access the remote cluster by running the following command:
++
+[source, terminal]
+----
+$ export KUBECONFIG=$PWD/kubeconfig
+----
+
+. Find the name of the `ovnkube-master` pod that you want to restart by running the following command:
++
+[source, terminal]
+----
+$ pod=$(oc get pods -n openshift-ovn-kubernetes | awk -F " " '/ovnkube-master/{print $1}')
+----
+
+. Delete the `ovnkube-master` pod by running the following command:
++
+[source, terminal]
+----
+$ oc -n openshift-ovn-kubernetes delete pod $pod
+----
+
+. Confirm that a new `ovnkube-master` pod is running by using the following command:
++
+[source, terminal]
+----
+$ oc get pods -n openshift-ovn-kubernetes
+----
+The listing of the running pods shows a new `ovnkube-master` pod name and age.
+
+//.Example output needs to be added here