Post upgrade steps for upgrading to 2023.2 from 2023.1.x
Deploying Zookeeper
If you have upgraded to Kyvos 2023.2, you must redeploy the Zookeeper using the Zookeeper configuration page in Kyvos Manager to switch to the latest version of Zookeeper. This is necessary for cloud deployments (AWS, GCP, and Azure) and on-prem deployments to remove the previous version of Zookeeper.
To upgrade to the latest version, switching to managed Zookeeper is mandatory.
If you are upgrading both Kyvos Manager and Kyvos using either the single click upgrade or the All components upgrade, you must redeploy Zookeeper after upgrading Kyvos Manager.
Panel | ||||||
---|---|---|---|---|---|---|
| ||||||
Note You must restart Kyvos services once the redeployment of Zookeeper has been completed. |
...
Navigate to the following Kyvos path:
/data/kyvos/installs/kyvosmanager_war/kyvosmanagerdata/server/repoExecute the following command to download JRE 8.372.07.1
curl -o manual_node_creation_graviton_prereq.tar.gz https://s3.amazonaws.com/us-east-1.kyvos/2023.2/latest/prereq/manual_node_creation_graviton_prereq.tar.gzUntar the Kyvos2023.2_Build000x_ux64.tar.gz tar file at the above location. The kyvos folder folder is extracted.
Navigate to the kyvos folder and delete the existing jre folder folder, and copy the downloaded JRE (refer to step 2).
Rename the Kyvos2023.2_Build000x_ux64.tar.gz tar tar file to Kyvos2023.2_Build000x_ux64_old.tar.gz
Create a new tar in the kyvos folder folder by executing the following command:
tar -cvzf Kyvos2023.2_Build000x_ux64.tar.gz kyvos/Go to Kyvos Manager, navigate to the Upgrade page, and then upgrade Kyvos.
...
To increase or decrease BI Server or Query Engine nodes, following permissions need to be added in IAM roles:
Code Block { "Sid": "LaunchTemplateAndTerminateInstances", "Effect": "Allow", "Action": [ "ec2:GetLaunchTemplateData", "ec2:TerminateInstances" ], "Resource": "*", "Condition": { "StringEqualsIgnoreCase": { "ec2:ResourceTag/UsedBy": "Kyvos" } } }, { "Sid": "CreateLaunchTemplate", "Effect": "Allow", "Action": [ "ec2:RunInstances", "ec2:CreateLaunchTemplate", "ec2:DeleteLaunchTemplate" ], "Resource": "*" }
The ‘CreateTags’ permission needs to be removed. Hence, to create a separate policy for creating tags. Replace the following existing policy.
Code Block "Condition": { "StringEqualsIgnoreCase": { "ec2:ResourceTag/UsedBy": "Kyvos" } }, "Action": [ "ec2:DeleteTags", "ec2:CreateTags", "ec2:DescribeInstanceStatus" ], "Resource": "*", "Effect": "Allow", "Sid": "Ec2tagsPermissionKM" },
After replacing the policy mentioned in Step-2, update the following policy.
Code Block { "Sid": "Ec2tagsPermissionKM", "Effect": "Allow", "Action": [ "ec2:DeleteTags", "ec2:DescribeInstanceStatus" ], "Resource": "*", "Condition": { "StringEqualsIgnoreCase": { "ec2:ResourceTag/UsedBy": "Kyvos" } } }, { "Sid": "Ec2tagsPermissionKM2", "Effect": "Allow", "Action": [ "ec2:CreateTags" ], "Resource": "*" }
...
To increase or decrease BI Server or Query Engine nodes, following permissions need to be added in IAM roles:
Code Block { "Sid": "LaunchTemplateAndTerminateInstances", "Effect": "Allow", "Action": [ "ec2:GetLaunchTemplateData", "ec2:TerminateInstances" ], "Resource": "*", "Condition": { "StringEqualsIgnoreCase": { "ec2:ResourceTag/UsedBy": "Kyvos" } } }, { "Sid": "CreateLaunchTemplate", "Effect": "Allow", "Action": [ "ec2:RunInstances", "ec2:CreateLaunchTemplate", "ec2:DeleteLaunchTemplate" ], "Resource": "*" }
The ‘CreateTags’ permission needs to be removed. Hence, to create a separate policy for creating tags. Replace the following existing policy.
Code Block { "Condition": { "StringEqualsIgnoreCase": { "ec2:ResourceTag/UsedBy": "Kyvos" } }, "Action": [ "ec2:DeleteTags", "ec2:CreateTags", "ec2:DescribeInstanceStatus" ], "Resource": "*", "Effect": "Allow", "Sid": "Ec2tagsPermissionKM" },
After replacing the policy mentioned in Step-2, update the following policy.
Code Block { "Sid": "Ec2tagsPermissionKM", "Effect": "Allow", "Action": [ "ec2:DeleteTags", "ec2:DescribeInstanceStatus" ], "Resource": "*", "Condition": { "StringEqualsIgnoreCase": { "ec2:ResourceTag/UsedBy": "Kyvos" } } }, { "Sid": "Ec2tagsPermissionKM2", "Effect": "Allow", "Action": [ "ec2:CreateTags" ], "Resource": "*" }
Add a tag on all Query Engine and BI Server as cloudformation:stack-name and its value must be the stack name you provide.
Remove the following existing policy for a condition.
Code Block { "Sid": "Ec2StartStopKyvos", "Effect": "Allow", "Action": [ "ec2:StopInstances", "ec2:StartInstances", "ec2:DescribeInstanceStatus" ], "Resource": "*", "Condition": { "StringEqualsIgnoreCase": { "ec2:ResourceTag/aws:cloudformation:stack-name": { "Fn::Sub": "${AWS::StackName}" } } } },
After removing the policy mentioned in step-5 (as mentioned above) for a condition, update the following policy.
Code Block { "Sid": "Ec2StartStopKyvos", "Effect": "Allow", "Action": [ "ec2:StopInstances", "ec2:StartInstances", "ec2:DescribeInstanceStatus" ], "Resource": "*", "Condition": { "StringEqualsIgnoreCase": { "ec2:ResourceTag/cloudformation:stack-name": { "Fn::Sub": "${AWS::StackName}" } } } },
...