Passive hub
hub-dr
hub-dr is the standby management restore hub. It is prepared for a controlled ACM activation path, but it should remain passive until drill gates are clean and ownership risk is explicitly accepted.
Status
Recorded current state
- Role
- Passive management restore hub.
- ACM/MCE
- MCH recorded
Running; MCE recordedAvailable. - GitOps
- Uses local
hub-dr-cluster-configApplication rather than hub-propagated managed pull GitOps. - Restore posture
- No active
BackupScheduleorRestoreshould exist during passive state. - Storage
- LVMS retained with pinned devices
/dev/vdb,/dev/vdc, and/dev/vdd. - User workload metrics
- Disabled by
cluster-monitoring-config; no user workload monitoring pods should run on this hub.
Blockers
Before activation
- Fresh active-hub backup: prove all critical ACM backup streams meet the agreed RPO.
- Image readiness: mirror or pre-pull ACM/MCE images that were previously slow to pull.
- Dry-run restore: server-side dry-run restore manifests before real activation.
- Ownership check: confirm no managed cluster will be dual-owned after activation.
Image risk
Known slow pull classes
Prior recovery exposed slow startup for large ACM/MCE images. The durable fix is a DR-reachable mirror with IDMS/ITMS, CatalogSource, registry CA, and pull-secret handling committed to desired state. A temporary pre-pull DaemonSet can reduce drill risk while the mirror is built.
acm-cli-rhel9hive-rhel9assisted-service-9-rhel9hypershift-cli-rhel9
Validation
Useful read-only checks
export KUBECONFIG=<hub-dr-kubeconfig>
oc -n open-cluster-management get mch
oc get mce
oc -n open-cluster-management-backup get dpa,bsl,backupschedule,restore
oc get imagedigestmirrorset,imagetagmirrorset,imagecontentsourcepolicy
oc get ds -A | egrep -i 'pre.?pull|warm|mirror|acm|mce'