Upgrading on OpenStack-Helm/MOSK

Note: Run following steps on node from where you have install openstack cloud helm charts. (Master Node)

1] Clone trilio-openstack helm chart code repository [Run on Install Client Node]

ssh to 'installation client node'

'Installation Client Node' is the node from where user has executed helm install command for trilio-openstack helm chart

## Change name of old 'triliovault-cfg-scripts' repository directory.
mv triliovault-cfg-scripts triliovault-cfg-scripts-old
## Clone latest git repository 'triliovault-cfg-scripts'.
git clone -b {{ trilio_branch }} https://github.com/trilioData/triliovault-cfg-scripts.git
cd triliovault-cfg-scripts/openstack-helm/trilio-openstack/
helm dep up
cd ../../../

2] Set container image tags [Run on Install Client Node]

Set updated image tags for trilio-openstack images and other images mentioned in following file.

Edit below file.

vi triliovault-cfg-scripts/openstack-helm/trilio-openstack/values_overrides/2023.2.yaml

Replace content of above 2023.2.yaml file with below YAML block with upgrade image tags.

---
images:
  tags:
    bootstrap: docker.io/openstackhelm/heat:2023.2-ubuntu_jammy
    db_init: docker.io/openstackhelm/heat:2023.2-ubuntu_jammy
    db_drop: docker.io/openstackhelm/heat:2023.2-ubuntu_jammy
    rabbit_init: docker.io/rabbitmq:3.7-management
    ks_user: docker.io/openstackhelm/heat:2023.2-ubuntu_jammy
    ks_service: docker.io/openstackhelm/heat:2023.2-ubuntu_jammy
    ks_endpoints: docker.io/openstackhelm/heat:2023.2-ubuntu_jammy
    dep_check: quay.io/airshipit/kubernetes-entrypoint:v1.0.0
    image_repo_sync: docker.io/docker:17.07.0
    triliovault_wlm_cloud_trust: docker.io/trilio/trilio-wlm-helm:<image-tag>
    triliovault_wlm_api: docker.io/trilio/trilio-wlm-helm:<image-tag>
    triliovault_wlm_cron: docker.io/trilio/trilio-wlm-helm:<image-tag>
    triliovault_wlm_scheduler: docker.io/trilio/trilio-wlm-helm:<image-tag>
    triliovault_wlm_workloads: docker.io/trilio/trilio-wlm-helm:<image-tag>
    triliovault_wlm_db_sync: docker.io/trilio/trilio-wlm-helm:<image-tag>
    triliovault_datamover: docker.io/trilio/trilio-datamover-helm:<image-tag>
    triliovault_datamover_api: docker.io/trilio/trilio-datamover-api-helm:<image-tag>
    triliovault_datamover_db_sync: docker.io/trilio/trilio-datamover-api-helm:<image-tag>

The image values file name for MOSK depends on the MOSK cloud version. For example, if your MOSK cloud version is 25.1, the corresponding image YAML file would be named mosk25.1.yaml

Use the correct YAML file based on your OpenStack Helm Version:

Antelope → 2023.1.yaml
Bobcat (Default)→ 2023.2.yaml
MOSK 25.1 → mosk25.1.yaml

3] Provide trilio-openstack backup target details [Run on Install Client Node]

If your backup target is of type ‘nfs' then you can provide it’s details in nfs.yaml. Your old nfs share details will be available in file ‘triliovault-cfg-scripts-old/openstack-helm/trilio-openstack/values_overrides/nfs.yaml' Copy those details in following file in given format. You need to provide the same share here.

cp triliovault-cfg-scripts-old/openstack-helm/trilio-openstack/values_overrides/nfs.yaml triliovault-cfg-scripts/openstack-helm/trilio-openstack/values_overrides/nfs.yaml

If the backup target for trilio-openstack is of ‘s3' type with S3 backend has TLS enabled with self signed certificates, then user needs store it’s ca certificate in the following file. It will be placed at correct location by deployment scripts. We can copy this certificate from old repo to current one using following command.

cp triliovault-cfg-scripts-old/openstack-helm/trilio-openstack/files/s3-cert.pem triliovault-cfg-scripts/openstack-helm/trilio-openstack/files/s3-cert.pem

4] Provide cloud admin user credentials - keystone.yaml [Run on Install Client Node]

Provide cloud administrator user details in the following file. It should have 'admin' role on cloud domain.

You can copy these details from old repository file ‘triliovault-cfg-scripts-old/openstack-helm/trilio-openstack/values_overrides/keystone.yaml'

vi triliovault-cfg-scripts/openstack-helm/trilio-openstack/values_overrides/keystone.yaml
conf:
  triliovault:
    cloud_admin_user_name: "admin"
    cloud_admin_project_name: "admin"
    cloud_admin_domain_name: "default"
    ## Keystone endpoint interface that triliovault workloadmgr services will use to communicate to other openstack services
    ## Valid values: internal, public, admin
    interface: "internal"
    ## Provide any role name as your preference.
    ## Significance: To run any backups in triliovault an openstack user needs to have this role on given project.
    trustee_role: "creator"

5] Keystone, rabbitmq and database creds - admin_creds.yaml [Run on Install Client Node]

[For OpenStack Helm]:

If Separate RabbitMQ is not present, install it using following script:

cd triliovault-cfg-scripts/openstack-helm/trilio-openstack/utils
./create_rabbitmq.sh

Fetch Internal and Public Domain Names of the Kubernetes Cluster
Generate the admin credentials file using the previously retrieved domain names

./get_admin_creds.sh <internal_domain_name> <public_domain_name>
Example:
./get_admin_creds.sh cluster.local triliodata.demo

[For MOSK]:

Copy following files from old repository to current one as it is. [No changes from triliovault install side]
If you do not have these old files, then you need to perform the same step from 'TrilioVault install document on Openstack MOSK'

cp triliovault-cfg-scripts-old/openstack-helm/trilio-openstack/values_overrides/admin_creds.yaml triliovault-cfg-scripts/openstack-helm/trilio-openstack/values_overrides/admin_creds.yaml
cp triliovault-cfg-scripts-old/openstack-helm/trilio-openstack/templates/bin/_triliovault-nova-compute.conf.tpl triliovault-cfg-scripts/openstack-helm/trilio-openstack/templates/bin/_triliovault-nova-compute.conf.tpl

Fetch Internal and Public Domain Names of the Kubernetes Cluster
Generate the admin credentials file using the previously retrieved domain names in step 8.1 of this documentation

cd triliovault-cfg-scripts/openstack-helm/trilio-openstack/utils
./get_admin_creds_mosk.sh <internal_domain_name> <public_domain_name>
Example:
./get_admin_creds_mosk.sh cluster.local setup.triliodata.demo

6] ceph.yaml changes [Run on Install Client Node]

You can copy ceph.yaml from old repository to current repository as it is. [No changes from triliovault install side]

cp triliovault-cfg-scripts-old/openstack-helm/trilio-openstack/values_overrides/ceph.yaml triliovault-cfg-scripts/openstack-helm/trilio-openstack/values_overrides/ceph.yaml
cp triliovault-cfg-scripts-old/openstack-helm/trilio-openstack/templates/bin/_triliovault-ceph.conf.tpl triliovault-cfg-scripts/openstack-helm/trilio-openstack/templates/bin/_triliovault-ceph.conf.tpl

7] Docker registry credentials secret. [Run on Install Client Node]

No changes here. So old registry credentials should work fine. Just ensure that it exists.

# kubectl get secrets | grep triliovault-image-registry
triliovault-image-registry                                 kubernetes.io/dockerconfigjson        1      89d

If user credentials are changed or old secret does not exist; then we need to recreate it. In that case follow this step from installation document.

8] Review and edit upgrade.sh script [Run on Install Client Node]

User need to edit following file and review all the yaml files and options provide in command.
If any option is not valid for your Openstack Helm setup, you need to edit it.
Yaml files that user has used in install.sh should be available in upgrade.sh too.
Make sure that nfs.yaml/s3.yaml(Both not required- select as per backup target type) and keystone.yaml should be available in upgrade.sh.
db_drop.yaml file should not be included in upgrade.sh
If your keystone’s public endpoint is on TLS then include yaml file 'tls_public_endpoint.yaml' from upgrade.sh
If your keystone’s all endpoints are on non TLS (http only) then you need to remove yaml file tls_public_endpoint.yaml from upgrade.sh

vi triliovault-cfg-scripts/openstack-helm/trilio-openstack/utils/upgrade.sh

#!/bin/bash -x
cd ../../
helm upgrade trilio-openstack ./trilio-openstack --namespace=trilio-openstack \
--values=./trilio-openstack/values_overrides/image_pull_secrets.yaml \
--values=./trilio-openstack/values_overrides/keystone.yaml \
--values=./trilio-openstack/values_overrides/nfs.yaml \
--values=./trilio-openstack/values_overrides/2023.2.yaml \
--values=./trilio-openstack/values_overrides/admin_creds.yaml \
--values=./trilio-openstack/values_overrides/tls_public_endpoint.yaml \
--values=./trilio-openstack/values_overrides/ceph.yaml \
--values=./trilio-openstack/values_overrides/ingress.yaml \
--values=./trilio-openstack/values_overrides/triliovault_passwords.yaml
echo -e "Waiting for triliovault pods to get into running state"
./trilio-openstack/utils/wait_for_pods.sh trilio-openstack
kubectl get pods -n trilio-openstack

9] Run upgrade script to upgrade Trilio for Openstack [Run on Install Client Node]

cd triliovault-cfg-scripts/openstack-helm/trilio-openstack/utils
./upgrade.sh

10] Verify that trilio-openstack upgrade finished well using following steps [Run on Install Client Node]

## Check trilio-openstack helm chart version. It should be latest, mentioned in file 'triliovault-cfg-scripts/openstack-helm/trilio-openstack/Chart.yaml'
helm ls | grep trilio-openstack

## Check status of trilio-openstack helm chart release
helm status trilio-openstack

## Check if all pods are in running/Completed state.
kubectl get pods -n trilio-openstack
Sample Output:
----------------------
# kubectl get pods -n trilio-openstack
NAME                                                 READY   STATUS      RESTARTS   AGE
triliovault-datamover-api-5877ff9b48-49wsq           1/1     Running     0          6d
triliovault-datamover-api-5877ff9b48-8zfmh           1/1     Running     0          6d
triliovault-datamover-api-5877ff9b48-xx4rm           1/1     Running     0          6d
triliovault-datamover-db-init-r4j9w                  0/1     Completed   0          6d
triliovault-datamover-db-sync-c254n                  0/1     Completed   0          6d
triliovault-datamover-ks-endpoints-8qnt8             0/3     Completed   0          6d
triliovault-datamover-ks-service-hps97               0/1     Completed   0          6d
triliovault-datamover-ks-user-sgrz6                  0/1     Completed   0          6d
triliovault-datamover-openstack-compute-node-2s7k7   1/1     Running     0          6d
triliovault-datamover-openstack-compute-node-64sm5   1/1     Running     0          6d
triliovault-wlm-api-5bbc74cb4b-69b2b                 1/1     Running     0          6d
triliovault-wlm-api-5bbc74cb4b-hbzfj                 1/1     Running     0          6d
triliovault-wlm-api-5bbc74cb4b-zxlcl                 1/1     Running     0          6d
triliovault-wlm-cloud-trust-hnxj8                    0/1     Completed   0          6d
triliovault-wlm-cron-764658cb59-b8jx6                1/1     Running     0          6d
triliovault-wlm-db-init-rbpw2                        0/1     Completed   0          6d
triliovault-wlm-db-sync-p97z8                        0/1     Completed   0          6d
triliovault-wlm-ks-endpoints-tx65s                   0/3     Completed   0          6d
triliovault-wlm-ks-service-9mkkt                     0/1     Completed   0          6d
triliovault-wlm-ks-user-x5xrx                        0/1     Completed   0          6d
triliovault-wlm-rabbit-init-qqzwr                    0/1     Completed   0          6d
triliovault-wlm-scheduler-6c85688899-55tz7           1/1     Running     0          6d
triliovault-wlm-workloads-f9dc944db-5w7s9            1/1     Running     0          6d
triliovault-wlm-workloads-f9dc944db-84wj7            1/1     Running     0          6d
triliovault-wlm-workloads-f9dc944db-ccdvz            1/1     Running     0          6d

## Check if jobs finished well
kubectl get jobs -n trilio-openstack
Sample Output:
--------------
NAME                                 COMPLETIONS   DURATION   AGE
triliovault-datamover-db-init        1/1           4s         6d
triliovault-datamover-db-sync        1/1           8s         6d
triliovault-datamover-ks-endpoints   1/1           19s        6d
triliovault-datamover-ks-service     1/1           8s         6d
triliovault-datamover-ks-user        1/1           21s        6d
triliovault-wlm-cloud-trust          1/1           3m10s      6d
triliovault-wlm-db-init              1/1           4s         6d
triliovault-wlm-db-sync              1/1           13s        6d
triliovault-wlm-ks-endpoints         1/1           20s        6d
triliovault-wlm-ks-service           1/1           7s         6d
triliovault-wlm-ks-user              1/1           20s        6d
triliovault-wlm-rabbit-init          1/1           9s         6d

## If you are using NFS backup target, check if nfs pvc got into Bound state


kubectl get pvc -n trilio-openstack
Sample Output:
-------------
NAME                                               STATUS   VOLUME                                            CAPACITY   ACCESS MODES   STORAGECLASS   AGE
triliovault-nfs-pvc-172-25-0-10-mnt-tvault-42424   Bound    triliovault-nfs-pv-172-25-0-10-mnt-tvault-42424   20Gi       RWX            nfs            6d

Trilio For Openstack Helm Chart Upgrade is Done!

11] For OpenStack Helm - Upgrade Trilio horizon plugin

Follow this documentation from section 12.2 to section 12.3 and update the trilio horizon plugin image tag.
Set correct image tag for horizon plugin image.
Follow further steps from above doc to complete the upgrade of Trilio horizon plugin.

12] For MOSK - Upgrade Trilio horizon plugin

Follow this documentation from section 12 to section 12.5 and update the trilio horizon plugin image tag.
Set correct image tag for horizon plugin image.
Follow further steps from above doc to complete the upgrade of Trilio horizon plugin.

PreviousUpgrading on RHOSO NextSwitching NFS Backing file

Last updated 25 days ago

Was this helpful?