[b/r] Add demo slide content and asciinema recording script

Slide content covering overview, architecture, and automation.
Demo script with step-by-step commands and fast-forward notes
for a 10-15 minute asciinema recording.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

Author: stuggi

docs/dev/backup-restore/demo/demo-script.md

@@ -0,0 +1,134 @@
+# RHOSO Backup & Restore - Demo Script
+
+## Prerequisites
+- OpenStack control plane deployed and healthy
+- asciinema installed (`pip install asciinema`)
+
+## Recording
+
+```bash
+asciinema rec demo-backup-restore.cast -t "RHOSO Backup & Restore Demo"
+```
+
+## Demo Flow
+
+### 1. Show the environment (~1 min)
+
+```bash
+# Show the healthy control plane
+oc get openstackcontrolplane -n openstack
+
+# Show the OpenStackBackupConfig (auto-created by the operator)
+oc get openstackbackupconfig -n openstack
+
+# Show labeled resources
+oc get secret -n openstack -l backup.openstack.org/restore=true --no-headers | wc -l
+oc get configmap -n openstack -l backup.openstack.org/restore=true --no-headers | wc -l
+
+# Show labeled PVCs
+oc get pvc -n openstack -l backup.openstack.org/backup=true
+```
+
+### 2. Install dependencies - MinIO & OADP (~2 min, FAST-FORWARD)
+
+```bash
+cd docs/dev/backup-restore/role
+
+# Install MinIO and OADP
+ansible-playbook cifmw_backup_restore_test.yaml \
+  -e backup=false -e cleanup=false -e restore=false
+
+# Show MinIO is running
+oc get pods -n minio
+oc get routes -n minio
+
+# Show OADP is running
+oc get pods -n openshift-adp
+oc get backupstoragelocation -n openshift-adp
+```
+
+### 3. Create backup (~3 min, FAST-FORWARD PVC backup wait)
+
+```bash
+# Run backup
+ansible-playbook cifmw_backup_restore_test.yaml \
+  -e install_deps=false -e cleanup=false -e restore=false
+
+# Show the GaleraBackup CRs were created
+oc get galerabackup -n openstack
+
+# Show the OADP backups
+oc get backup -n openshift-adp
+
+# Note the backup timestamp for restore
+# e.g., 20260325-101234
+```
+
+### 4. Simulate disaster - Cleanup (~1 min, FAST-FORWARD)
+
+```bash
+# Delete the control plane (simulates disaster)
+ansible-playbook cifmw_backup_restore_test.yaml \
+  -e install_deps=false -e backup=false -e restore=false
+
+# Show everything is gone
+oc get openstackcontrolplane -n openstack
+oc get pods -n openstack
+oc get secret -n openstack | wc -l
+```
+
+### 5. Restore (~5 min, FAST-FORWARD waits)
+
+```bash
+# Restore from backup
+ansible-playbook cifmw_backup_restore_test.yaml \
+  -e install_deps=false -e backup=false -e cleanup=false \
+  -e backup_timestamp=<TIMESTAMP>
+
+# --- FAST-FORWARD: PVC restore ---
+# --- FAST-FORWARD: Wait for infrastructure (infra-only annotation) ---
+# --- FAST-FORWARD: Wait for control plane ready ---
+# --- FAST-FORWARD: EDPM deployment ---
+```
+
+### 6. Verify restored environment (~1 min)
+
+```bash
+# Show control plane is back
+oc get openstackcontrolplane -n openstack
+
+# Show pods are running
+oc get pods -n openstack | head -20
+
+# Show databases are restored
+oc get galera -n openstack
+
+# Show secrets are back
+oc get secret osp-secret -n openstack
+
+# Verify an OpenStack endpoint
+oc exec -t openstackclient -- openstack endpoint list | head -10
+```
+
+## Post-recording
+
+```bash
+# Stop recording
+exit
+
+# Play back (can use --speed for fast-forward sections)
+asciinema play demo-backup-restore.cast
+
+# Upload (optional)
+asciinema upload demo-backup-restore.cast
+```
+
+## Fast-forward tips
+
+- Use `asciinema play --speed=10` for fast-forward sections during playback
+- Alternatively, edit the .cast file to compress wait times:
+  - The .cast format is JSON lines with timestamps
+  - Reduce large time gaps between lines to speed up boring sections
+- Or use `agg` to convert to GIF with speed adjustments
+
+---

docs/dev/backup-restore/demo/slides.md

@@ -0,0 +1,100 @@
+# RHOSO Backup & Restore - Slide Content
+
+## Slide 1: Overview - What & Why
+
+**Title: RHOSO Control Plane Backup & Restore**
+
+- Full backup and restore of the OpenStack control plane on OpenShift
+- Covers: databases (Galera), Kubernetes resources (CRs, Secrets, ConfigMaps), persistent volumes
+- Uses OADP (OpenShift API for Data Protection) / Velero as the backup engine
+- CSI volume snapshots for PVC data (Galera dumps, other persistent data)
+- Goal: recover from catastrophic control plane failure or migrate between clusters
+
+**Key points:**
+- Non-disruptive backup (no downtime during backup)
+- Ordered restore (dependencies respected: secrets -> infrastructure -> control plane)
+- Data plane nodes are untouched during backup/restore
+
+---
+
+## Slide 2: Architecture - How It Works
+
+**Title: Architecture**
+
+```
++-------------------+     +--------------------+
+| OpenStackBackup-  |     | Service Operators  |
+| Config Controller |     | (glance, mariadb,  |
++--------+----------+     |  swift, ...)       |
+         |                +---------+----------+
+  Labels user resources             |
+  (secrets, configmaps,      Label their PVCs
+   NADs, issuers)             and secrets (CA certs)
+         |                   at creation time
+         +----------+---------------+
+                    |
+            +-------+-------+         +------------------+
+            | OADP / Velero +---------+ S3 Storage       |
+            +-------+-------+         | (MinIO/ODF/S3)   |
+                    |                  +------------------+
+             Creates backups
+             (2 Backup CRs):
+             1. PVCs (CSI snapshots)
+             2. Resources (CRs, etc.)
+                    |
++-------------------+---+                     +-------------------------+
+| GaleraBackup CRs      |                     | Ordered Restore         |
+| (mariadb-operator)    |                     | (phases):               |
++-----------------------+                     |  00: PVCs               |
+  Defines backup config                       |  10: User Cfg           |
+  (CronJobs); Jobs                            |  20: Infra CRs          |
+  triggered before OADP                       |  30: CtlPlane            |
+                                              |  40: IPSet, GaleraBackup |
+                                              |  50: Manual (DB, RMQ)    |
+                                              |  60: DataPlane           |
+                                              +-------------------------+
+```
+
+**Labeling responsibilities:**
+- **Operators** (e.g. glance-operator, mariadb-operator): label their own PVCs and secrets (e.g. CA certs) at creation time
+- **BackupConfig controller**: labels user-provided resources (secrets, configmaps, NADs, issuers) that have no ownerReferences
+
+**Backup flow:**
+1. GaleraBackup CRs define backup config; ad-hoc Jobs are triggered from the resulting CronJobs
+2. OADP Backup #1: CSI snapshots of labeled PVCs (includes fresh DB dumps)
+3. OADP Backup #2: All labeled Kubernetes resources
+
+**Restore flow:**
+1. Ordered Velero Restores (PVCs -> Secrets -> Infrastructure -> ControlPlane)
+2. GaleraRestore CRs restore databases from dumps
+3. RabbitMQ credential restore (original credentials from backup)
+4. DataPlane restore and EDPM re-deployment
+
+---
+
+## Slide 3: Automation & CI Integration
+
+**Title: Ansible Automation**
+
+- Three independent Ansible roles:
+  - `deploy_minio` - S3 storage backend (dev/test)
+  - `openshift_adp` - OADP operator installation
+  - `cifmw_backup_restore` - Backup/restore/cleanup lifecycle
+
+- Single test playbook runs full end-to-end:
+  ```
+  ansible-playbook cifmw_backup_restore_test.yaml
+  ```
+
+- Each step independently controllable:
+  ```
+  -e install_deps=false -e backup=false -e cleanup=false -e restore=true
+  ```
+
+- Dynamic discovery: Galera instances and RabbitMQ clusters read from OpenStackControlPlane CR
+
+- BackupConfig controller integrated into openstack-operator:
+  - Auto-created with OpenStackControlPlane
+  - Labels managed automatically, user can override via annotations
+
+---