Upgrading on OpenStack-Helm
Note: Run following steps on node from where you have install openstack cloud helm charts. (Master Node)
1] Clone trilio-openstack helm chart code repository [Run on Install Client Node]
ssh to 'installation client node'
## Change name of old 'triliovault-cfg-scripts' repository directory.
mv triliovault-cfg-scripts triliovault-cfg-scripts-old
## Clone latest git repository 'triliovault-cfg-scripts'.
git clone -b {{ trilio_branch }} https://github.com/trilioData/triliovault-cfg-scripts.git
cd triliovault-cfg-scripts/
cd openstack-helm/trilio-openstack/
helm dep up
cd ../../../
2] Set container image tags [Run on Install Client Node]
Set updated image tags for trilio-openstack images and other images mentioned in following file.
Edit below file.
triliovault-cfg-scripts/openstack-helm/trilio-openstack/values_overrides/2023.2.yaml
Replace content of above 2023.2.yaml file with below YAML block with upgrade image tags.
---
images:
tags:
bootstrap: docker.io/openstackhelm/heat:2023.2-ubuntu_jammy
db_init: docker.io/openstackhelm/heat:2023.2-ubuntu_jammy
db_drop: docker.io/openstackhelm/heat:2023.2-ubuntu_jammy
rabbit_init: docker.io/rabbitmq:3.7-management
ks_user: docker.io/openstackhelm/heat:2023.2-ubuntu_jammy
ks_service: docker.io/openstackhelm/heat:2023.2-ubuntu_jammy
ks_endpoints: docker.io/openstackhelm/heat:2023.2-ubuntu_jammy
dep_check: quay.io/airshipit/kubernetes-entrypoint:v1.0.0
image_repo_sync: docker.io/docker:17.07.0
triliovault_wlm_cloud_trust: docker.io/trilio/trilio-wlm-helm:<image-tag>
triliovault_wlm_api: docker.io/trilio/trilio-wlm-helm:<image-tag>
triliovault_wlm_cron: docker.io/trilio/trilio-wlm-helm:<image-tag>
triliovault_wlm_scheduler: docker.io/trilio/trilio-wlm-helm:<image-tag>
triliovault_wlm_workloads: docker.io/trilio/trilio-wlm-helm:<image-tag>
triliovault_wlm_db_sync: docker.io/trilio/trilio-wlm-helm:<image-tag>
triliovault_datamover: docker.io/trilio/trilio-datamover-helm:<image-tag>
triliovault_datamover_api: docker.io/trilio/trilio-datamover-api-helm:<image-tag>
triliovault_datamover_db_sync: docker.io/trilio/trilio-datamover-api-helm:<image-tag>
3] Provide trilio-openstack backup target details [Run on Install Client Node]
If your backup target is of type ‘nfs' then you can provide it’s details in nfs.yaml. Your old nfs share details will be available in file ‘triliovault-cfg-scripts-old/openstack-helm/trilio-openstack/values_overrides/nfs.yaml' Copy those details in following file in given format. You need to provide the same share here.
cp triliovault-cfg-scripts-old/openstack-helm/trilio-openstack/values_overrides/nfs.yaml triliovault-cfg-scripts/openstack-helm/trilio-openstack/values_overrides/nfs.yaml
If the backup target for trilio-openstack is of ‘s3' type with S3 backend has TLS enabled with self signed certificates, then user needs store it’s ca certificate in the following file. It will be placed at correct location by deployment scripts. We can copy this certificate from old repo to current one using following command.
cp triliovault-cfg-scripts-old/openstack-helm/trilio-openstack/files/s3-cert.pem triliovault-cfg-scripts/openstack-helm/trilio-openstack/files/s3-cert.pem
4] Provide cloud admin user credentials - keystone.yaml [Run on Install Client Node]
Provide cloud administrator user details in the following file. It should have 'admin' role on cloud domain.
You can copy these details from old repository file ‘triliovault-cfg-scripts-old/openstack-helm/trilio-openstack/values_overrides/keystone.yaml'
vi triliovault-cfg-scripts/openstack-helm/triliovault/values_overrides/keystone.yaml
conf:
triliovault:
cloud_admin_user_name: "admin"
cloud_admin_project_name: "admin"
cloud_admin_domain_name: "default"
## Keystone endpoint interface that triliovault workloadmgr services will use to communicate to other openstack services
## Valid values: internal, public, admin
interface: "internal"
## Provide any role name as your preference.
## Significance: To run any backups in triliovault an openstack user needs to have this role on given project.
trustee_role: "creator"
5] Keystone, rabbitmq and database creds - admin_creds.yaml [Run on Install Client Node]
Copy following files from old repository to current one as it is. [No changes from triliovault install side]
If you do not have these old files, then you need to perform the same step from 'TrilioVault install document on Openstack Helm'
cp triliovault-cfg-scripts-old/openstack-helm/trilio-openstack/values_overrides/admin_creds.yaml triliovault-cfg-scripts/openstack-helm/trilio-openstack/values_overrides/admin_creds.yaml
cp triliovault-cfg-scripts-old/openstack-helm/trilio-openstack/templates/bin/_triliovault-nova-compute.conf.tpl triliovault-cfg-scripts/openstack-helm/trilio-openstack/templates/bin/_triliovault-nova-compute.conf.tpl
6] ceph.yaml changes [Run on Install Client Node]
You can copy ceph.yaml from old repository to current repository as it is. [No changes from triliovault install side]
cp triliovault-cfg-scripts-old/openstack-helm/trilio-openstack/values_overrides/ceph.yaml triliovault-cfg-scripts/openstack-helm/trilio-openstack/values_overrides/ceph.yaml
cp triliovault-cfg-scripts-old/openstack-helm/trilio-openstack/templates/bin/_triliovault-ceph.conf.tpl triliovault-cfg-scripts/openstack-helm/trilio-openstack/templates/bin/_triliovault-ceph.conf.tpl
7] Docker registry credentials secret. [Run on Install Client Node]
No changes here. So old registry credentials should work fine. Just ensure that it exists.
# kubectl get secrets | grep triliovault-image-registry
triliovault-image-registry kubernetes.io/dockerconfigjson 1 89d
If user credentials are changed or old secret does not exist; then we need to recreate it. In that case follow this step from installation document.
8] Review and edit upgrade.sh script [Run on Install Client Node]
User need to edit following file and review all the yaml files and options provide in command.
If any option is not valid for your Openstack Helm setup, you need to edit it.
Yaml files that user has used in install.sh should be available in upgrade.sh too.
Make sure that nfs.yaml/s3.yaml(Both not required- select as per backup target type) and keystone.yaml should be available in upgrade.sh.
db_drop.yaml file should not be included in upgrade.sh
If your keystone’s public endpoint is on TLS then include yaml file 'tls_public_endpoint.yaml' from upgrade.sh
If your keystone’s all endpoints are on non TLS (http only) then you need to remove yaml file tls_public_endpoint.yaml from upgrade.sh
vi triliovault-cfg-scripts/openstack-helm/trilio-openstack/utils/upgrade.sh
#!/bin/bash -x
cd ../../
helm upgrade trilio-openstack ./trilio-openstack --namespace=trilio-openstack \
--values=./trilio-openstack/values_overrides/image_pull_secrets.yaml \
--values=./trilio-openstack/values_overrides/keystone.yaml \
--values=./trilio-openstack/values_overrides/nfs.yaml \
--values=./trilio-openstack/values_overrides/2023.2.yaml \
--values=./trilio-openstack/values_overrides/admin_creds.yaml \
--values=./trilio-openstack/values_overrides/tls_public_endpoint.yaml \
--values=./trilio-openstack/values_overrides/ceph.yaml \
--values=./trilio-openstack/values_overrides/ingress.yaml \
--values=./trilio-openstack/values_overrides/triliovault_passwords.yaml
echo -e "Waiting for triliovault pods to get into running state"
./trilio-openstack/utils/wait_for_pods.sh trilio-openstack
kubectl get pods -n trilio-openstack
9] Run upgrade script to upgrade Trilio for Openstack [Run on Install Client Node]
cd triliovault-cfg-scripts/openstack-helm/trilio-openstack/utils
./upgrade.sh
10] Verify that trilio-openstack upgrade finished well using following steps [Run on Install Client Node]
## Check trilio-openstack helm chart version. It should be latest, mentioned in file 'triliovault-cfg-scripts/openstack-helm/trilio-openstack/Chart.yaml'
helm ls | grep trilio-openstack
## Check status of trilio-openstack helm chart release
helm status trilio-openstack
## Check if all pods are in running/Completed state.
kubectl get pods -n trilio-openstack
Sample Output:
----------------------
# kubectl get pods -n trilio-openstack
NAME READY STATUS RESTARTS AGE
triliovault-datamover-api-5877ff9b48-49wsq 1/1 Running 0 6d
triliovault-datamover-api-5877ff9b48-8zfmh 1/1 Running 0 6d
triliovault-datamover-api-5877ff9b48-xx4rm 1/1 Running 0 6d
triliovault-datamover-db-init-r4j9w 0/1 Completed 0 6d
triliovault-datamover-db-sync-c254n 0/1 Completed 0 6d
triliovault-datamover-ks-endpoints-8qnt8 0/3 Completed 0 6d
triliovault-datamover-ks-service-hps97 0/1 Completed 0 6d
triliovault-datamover-ks-user-sgrz6 0/1 Completed 0 6d
triliovault-datamover-openstack-compute-node-2s7k7 1/1 Running 0 6d
triliovault-datamover-openstack-compute-node-64sm5 1/1 Running 0 6d
triliovault-wlm-api-5bbc74cb4b-69b2b 1/1 Running 0 6d
triliovault-wlm-api-5bbc74cb4b-hbzfj 1/1 Running 0 6d
triliovault-wlm-api-5bbc74cb4b-zxlcl 1/1 Running 0 6d
triliovault-wlm-cloud-trust-hnxj8 0/1 Completed 0 6d
triliovault-wlm-cron-764658cb59-b8jx6 1/1 Running 0 6d
triliovault-wlm-db-init-rbpw2 0/1 Completed 0 6d
triliovault-wlm-db-sync-p97z8 0/1 Completed 0 6d
triliovault-wlm-ks-endpoints-tx65s 0/3 Completed 0 6d
triliovault-wlm-ks-service-9mkkt 0/1 Completed 0 6d
triliovault-wlm-ks-user-x5xrx 0/1 Completed 0 6d
triliovault-wlm-rabbit-init-qqzwr 0/1 Completed 0 6d
triliovault-wlm-scheduler-6c85688899-55tz7 1/1 Running 0 6d
triliovault-wlm-workloads-f9dc944db-5w7s9 1/1 Running 0 6d
triliovault-wlm-workloads-f9dc944db-84wj7 1/1 Running 0 6d
triliovault-wlm-workloads-f9dc944db-ccdvz 1/1 Running 0 6d
## Check if jobs finished well
kubectl get jobs -n trilio-openstack
Sample Output:
--------------
NAME COMPLETIONS DURATION AGE
triliovault-datamover-db-init 1/1 4s 6d
triliovault-datamover-db-sync 1/1 8s 6d
triliovault-datamover-ks-endpoints 1/1 19s 6d
triliovault-datamover-ks-service 1/1 8s 6d
triliovault-datamover-ks-user 1/1 21s 6d
triliovault-wlm-cloud-trust 1/1 3m10s 6d
triliovault-wlm-db-init 1/1 4s 6d
triliovault-wlm-db-sync 1/1 13s 6d
triliovault-wlm-ks-endpoints 1/1 20s 6d
triliovault-wlm-ks-service 1/1 7s 6d
triliovault-wlm-ks-user 1/1 20s 6d
triliovault-wlm-rabbit-init 1/1 9s 6d
## If you are using NFS backup target, check if nfs pvc got into Bound state
kubectl get pvc -n trilio-openstack
Sample Output:
-------------
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
triliovault-nfs-pvc-172-25-0-10-mnt-tvault-42424 Bound triliovault-nfs-pv-172-25-0-10-mnt-tvault-42424 20Gi RWX nfs 6d
Trilio For Openstack Helm Chart Upgrade is Done!
11] Upgrade Trilio horizon plugin
Follow this documentation #id-13-Install Trilio for Openstack Horizon Plugin from section 12.2 to section 12.3 and update the trilio horizon plugin image tag.
Set correct image tag for horizon plugin image.
Follow further steps from above doc to complete the upgrade of Trilio horizon plugin
Last updated
Was this helpful?