Upgrade from 4.2.0.x to 4.2.1.3
This section describes how customers can upgrade from version 4.2.0.x to 4.2.1.3 on Docker.
Before upgrade
- We recommend to back up volumes data. You can find path of volumes by using inspect command
[root@172-104-202-242 ~]# docker inspect vault_seal_storage[{"CreatedAt": "2022-11-24T14:50:40Z","Driver": "local","Labels": null,"Mountpoint": "/var/lib/docker/volumes/vault_seal_storage/_data","Name": "vault_seal_storage","Options": null,"Scope": "local"}]
As you can see volumes are located in /var/lib/docker/volumes/. You can zip/tar this directory and store it unless you be sure upgrade was successful.
- If you still don't have your own branch in openiam-docker-compose repository you should create one and commit your changes into local branch. For this: change directory to your git local repository (typically it should be /usr/local/openiam/openiam-docker-compose/) and run:
git statusgit checkout -b 'qa_branch' // do this step only if you do not have our branch yetgit add .git commit -am 'pre update to 4.2.1.3'git statusgit co RELEASE-4.2.0.12 // or whatever version you used before the upgadegit pullgit checkout 'qa_branch' // or whatver name of your branch isgit merge RELEASE-4.2.1.3git status....resolve confilicts in merged files if you have any conflicts....git commit -am 'after update to 4.2.1.3'git status
Make sure env.sh has
export OPENIAM_VERSION_NUMBER="4.2.1.3"export BUILD_ENVIRONMENT="prod"
Upgrade
- Shutdown OpenIAM application. Run shutdown.sh and make sure all containers are stopped
- Download new docker images. Run setup.sh and make sure all new images are loaded
[root@172-104-202-242 ~]# docker image ls |grep 4.2.1.3-prodopeniamdocker/rproxy debian-4.2.1.3-prod b887973684b4 27 hours ago 1.87GBopeniamdocker/ldap-connector-rabbitmq debian-4.2.1.3-prod e0a06dd36922 44 hours ago 827MBopeniamdocker/ui debian-4.2.1.3-prod f2bb61c829c6 44 hours ago 2.85GBopeniamdocker/reconciliation debian-4.2.1.3-prod 282193edd2c4 45 hours ago 886MBopeniamdocker/workflow debian-4.2.1.3-prod 18f582a8b6a0 45 hours ago 1.05GBopeniamdocker/business-rule-manager debian-4.2.1.3-prod 5f9718f1027e 45 hours ago 887MBopeniamdocker/groovy-manager debian-4.2.1.3-prod ceee0902072f 45 hours ago 2.45GBopeniamdocker/synchronization debian-4.2.1.3-prod c1ec0f642499 45 hours ago 879MBopeniamdocker/device-manager debian-4.2.1.3-prod e291463472b8 45 hours ago 1.05GBopeniamdocker/auth-manager debian-4.2.1.3-prod f897df9c13d6 45 hours ago 879MBopeniamdocker/idm debian-4.2.1.3-prod 7cae965a5353 45 hours ago 887MBopeniamdocker/esb debian-4.2.1.3-prod 847763962ab3 45 hours ago 904MBopeniamdocker/email-manager debian-4.2.1.3-prod af66d4bdcfe2 45 hours ago 879MBopeniamdocker/flyway debian-4.2.1.3-prod 3f4a91c98e6d 2 days ago 904MBopeniamdocker/janusgraph debian-4.2.1.3-prod ba4e0789b51d 2 days ago 1.11GBopeniamdocker/mariadb debian-4.2.1.3-prod 8948da500d72 2 days ago 353MBopeniamdocker/openiam-metadata alpine-4.2.1.3-prod 1727425a5915 2 days ago 321MBopeniamdocker/elasticsearch debian-4.2.1.3-prod 8dc999ea90e9 2 days ago 703MBopeniamdocker/rabbitmq alpine-4.2.1.3-prod f51482c9024c 2 days ago 118MBopeniamdocker/redis debian-4.2.1.3-prod b275ed556ec9 2 days ago 102MBopeniamdocker/vault alpine-4.2.1.3-prod e2a1aedc757a 2 days ago 224MBopeniamdocker/vault-bootstrap alpine-4.2.1.3-prod 2273c37923ff 2 days ago 25.3MB
- Start OpenIAM application. Run startup.sh
- Prepare for upgrade actions. After startup releases console we need to stop openiam services and prepare infrastructure changes first, run:
docker stack rm uidocker stack rm openiam
- Upgrade RabbitMQ data. You will need to rebuild RabbitMQ volume, because new version has new hosts defined. Remove the volume, and startup.sh will re-create it.
docker volume rm openiam-rabbitmq-storage_storage
- Rebuild Elasticsearch indices. New version of OpenIAM contains changes of Elasticsearch document type, which forces us to reindex all user docs. If you have decent number of users (>10K) it may take time (4 and more hours) to complete reindex process. Once elasticsearch container is up and healthy you should run:
docker ps |grep elastic // get container id of the output for ex.: 4744be66a185docker exec -it 4744be66a185 curl -XDELETE localhost:9200/users
- Upgrade Activiti XML files. New version of OpenIAM contains changes of Activiti workflow XML files. If you didn't change/customize XML files in volume openiam-activiti-storage_storage you should delete the volume and startup script will recreate it based on new files in release. If you had customization, you should put updated files into the volume (by using volume option in docker compose or by locating files in the volume mount point) and restart workflow container after. To volume run:
docker volume rm openiam-activiti-storage_storage
- Check if flyway completed job with success exit code (0)
docker ps -a |grep flyway
Actually it shouldn't because new version has changed in already applied scripts. You have to run flyway in repair mode, see Flyway in repair mode You should continue to deploy flyway with repair command commented out. Unless you see Exited (0) code of flyway container
[root@172-104-202-242 ~]# docker ps -a |grep flyway5f04d9367d08 openiamdocker/flyway:debian-4.2.1.3-prod "/usr/local/bin/init…" 20 hours ago Exited (0) 20 hours ago
- run startup.sh again to deploy openiam and ui services.
After upgrade
- Make sure you are able to log in. Once you are in webconsole you should visit each content provider configuration and click 'Add default patterns'.
- There are new groovy scripts were introduced between in 4.2.1.3 version. We recommend to connection with our team to get needed groovy scripts
- After you have all scripts, you should run 'Compile all groovy scripts' in groovy manager.