Upgrade from 8.0 to 8.1

Before starting to upgrade

ThingPark Enterprise 8.1 upgrade require to update several time cluster wide resources (mongo kafka controler and CRD). These operations, marked as CAP required(Cluster Admin Permissions) and needs clusterAdmin permissions.

In any case, it is alway advised to run a manual backup just before starting the upgrade. Please follow the manual backup procedure for the 8.0 ThingPark Enterprise version.

Following STEPS (STEP 1 to STEP 4) must be exectued in sequence.

STEP 1. Thingpark-data-controllers (CAP required)

Update data controllers in following way:

helm upgrade -i tpe-data-controllers -n $NAMESPACE \
  actility/thingpark-data-controllers --version $THINGPARK_DATA_CONTROLLERS_VERSION \
  -f values-data-stack-all.yaml

kubectl apply --force-conflicts --server-side -f \
 $CONFIG_REPO_BASEURL/manifests/upgrade/strimzi-crds-0.45.0.yaml
kubectl apply --force-conflicts --server-side -f \
$CONFIG_REPO_BASEURL/manifests/upgrade/percona-server-mongodb-operator-crds-1.20.1.yaml
kubectl -n $NAMESPACE apply -f \
$CONFIG_REPO_BASEURL/manifests/upgrade/percona-server-mongodb-operator-rbac-1.20.1.yaml

Note

Pod from strimzi-cluster-operator and psmdb-operator deployment will output transient errors in logs until the data chart application upgrade

STEP 2. Thingpark-data

Upgrade data stack

helm  upgrade -i tpe-data -n $NAMESPACE \
  actility/thingpark-data --version $THINGPARK_DATA_VERSION \
  -f values-data-stack-all.yaml

kubectl get -n $NAMESPACE statefulsets.apps,deployments.apps
kubectl get -n $NAMESPACE -w statefulsets.apps
kubectl -n $NAMESPACE get strimzipodsets.core.strimzi.io

STEP 3. Thingpark-data: post-upgrade tasks

3.1 MongoDb

Restart all replicaset members. Identify first the mongo cluster primary

MONGO_CLIENT_IMAGE=$(kubectl -n $NAMESPACE get sts mongo-replicaset-rs0 -o jsonpath='{.spec.template.spec.containers[0].image}')
MONGO_PASSWORD=$(kubectl -n $NAMESPACE get secrets mongo-replicaset -o jsonpath='{.data.MONGODB_CLUSTER_ADMIN_PASSWORD}'| base64 -d)

kubectl run -n $NAMESPACE mongo-client -it --rm --restart='Never' \
--overrides='{ "spec": { "imagePullSecrets": [{"name": "thingpark-image-pull-secret"}] } }' \
--env="MONGO_PASSWORD=$MONGO_PASSWORD" --image $MONGO_CLIENT_IMAGE --command -- bash -c \
"mongosh -u clusterAdmin -p $MONGO_PASSWORD mongodb://mongo-replicaset-rs0/admin?replicaSet=rs0 --eval 'rs.isMaster().primary'| tail -n 1"

Upgrade arbiter and secondary members of the replica set. Delete each pod one by one and check that the mongodb member stateStr back to respectively ARBITER and SECONDARY before delete next pod

kubectl -n $NAMESPACE delete pod mongo-replicaset-rs0-arbiter-0
kubectl run -n $NAMESPACE mongo-client -it --rm --restart='Never' \
--overrides='{ "spec": { "imagePullSecrets": [{"name": "thingpark-image-pull-secret"}] } }' \
--env="MONGO_PASSWORD=$MONGO_PASSWORD" --image $MONGO_CLIENT_IMAGE --command -- bash -c \
"mongosh -u clusterAdmin -p $MONGO_PASSWORD mongodb://mongo-replicaset-rs0/admin?replicaSet=rs0 --eval 'rs.status().members'"

kubectl -n $NAMESPACE delete pod mongo-replicaset-rs0-<secondary pod id>
kubectl run -n $NAMESPACE mongo-client -it --rm --restart='Never' \
--overrides='{ "spec": { "imagePullSecrets": [{"name": "thingpark-image-pull-secret"}] } }' \
--env="MONGO_PASSWORD=$MONGO_PASSWORD" --image $MONGO_CLIENT_IMAGE --command -- bash -c \
"mongosh -u clusterAdmin -p $MONGO_PASSWORD mongodb://mongo-replicaset-rs0/admin?replicaSet=rs0 --eval 'rs.status().members'"

Upgrade the primary

kubectl run -n $NAMESPACE mongo-client -it --rm --restart='Never' \
--overrides='{ "spec": { "imagePullSecrets": [{"name": "thingpark-image-pull-secret"}] } }' \
--env="MONGO_PASSWORD=$MONGO_PASSWORD" --image $MONGO_CLIENT_IMAGE --command -- bash -c \
"mongosh -u clusterAdmin -p $MONGO_PASSWORD mongodb://mongo-replicaset-rs0-<primary pod id>.mongo-replicaset-rs0/admin?replicaSet=rs0 --eval 'rs.stepDown()'"

kubectl -n $NAMESPACE delete pod mongo-replicaset-rs0-<primary pod id>
kubectl run -n $NAMESPACE mongo-client -it --rm --restart='Never' \
--overrides='{ "spec": { "imagePullSecrets": [{"name": "thingpark-image-pull-secret"}] } }' \
--env="MONGO_PASSWORD=$MONGO_PASSWORD" --image $MONGO_CLIENT_IMAGE --command -- bash -c \
"mongosh -u clusterAdmin -p $MONGO_PASSWORD mongodb://mongo-replicaset-rs0/admin?replicaSet=rs0 --eval 'rs.status().members'"

Verify that perconaservermongodb mongo-replicaset state back to ready

kubectl -n $NAMESPACE get psmdb mongo-replicaset -o jsonpath='{.status.state}'
ready

3.2 MariaDb

Run the mariadb-upgrade command on each node

kubectl -n $NAMESPACE exec -it mariadb-galera-0 -- mysql_upgrade -u root -p
kubectl -n $NAMESPACE exec -it mariadb-galera-1 -- mysql_upgrade -u root -p
kubectl -n $NAMESPACE exec -it mariadb-galera-2 -- mysql_upgrade -u root -p

STEP 4. ThingPark Enterprise upgrade

4.1. Thingpark-application-controllers

Upgrade the thingpark-application-controllers chart:

helm upgrade -i tpe-controllers -n $NAMESPACE \
  actility/thingpark-application-controllers --version $THINGPARK_APPLICATION_CONTROLLERS_VERSION \
  -f  values-thingpark-stack-all.yaml

4.2. Thingpark-enterprise

Finally upgrade the thingpark-enterprise chart using your customization

helm upgrade -i tpe --debug --timeout 20m -n $NAMESPACE \
  actility/thingpark-enterprise --version $THINGPARK_ENTERPRISE_VERSION \
  -f  values-thingpark-stack-all.yaml

Verifications

See generic verification procedure

Before starting to upgrade​

STEP 1. Thingpark-data-controllers (CAP required)​

STEP 2. Thingpark-data​

STEP 3. Thingpark-data: post-upgrade tasks​

3.1 MongoDb​

3.2 MariaDb​

STEP 4. ThingPark Enterprise upgrade​

4.1. Thingpark-application-controllers​

4.2. Thingpark-enterprise​

Verifications​