Upgrading Kyvos Manager
Applies to: Kyvos Enterprise Kyvos Cloud (SaaS on AWS) Kyvos AWS Marketplace
Kyvos Azure Marketplace Kyvos GCP Marketplace Kyvos Single Node Installation (Kyvos SNI)
This section provides information to upgrade and rollback Kyvos Manager.
From the Kyvos 2023.1 release onwards, the Derby repository will no longer be supported for Kyvos Manager. The only supported repository will be Postgres (either bundled or external).
In a fresh deployment using the Kyvos 2023.1 release, Postgres will be used as the default repository for Kyvos Manager. However, in cases where older releases were used to deploy the cluster, an upgrade will be mandatory to migrate from Derby to Postgres as the repository for Kyvos Manager.
Pre-upgrade verification
Important for RHEL 8.6 and TLS
Please make sure you have moved or renamed the openssl.cnf file placed at /etc/pki/tls/ location only on Kyvos Manager and the node where Postgres Service is running to another location.
Creating backup
To upgrade the Kyvos Manager to a newer version, you must first create a backup of your existing Kyvos Manager environment.
To create a backup for the Kyvos Manager data, perform the following steps.
Log in to Kyvos Manager machine through the terminal.
Navigate to the Kyvos Manager installation path.
Stop the Kyvos Manager process using the command:
./kyvosmanager/bin/stop-km.shIdentify the location for the used kyvosmanagerdata folder. For this, check the value of KM_DATA_DIR in the set env.sh file in the bin folder.
This folder contains the Kyvos Manager data including the repository.Go to parent folder of the kyvosmanagerdata folder and run the command.
tar -zcvf file_name.tar.gz kyvosmanagerdata
Here file_name is the user backup file name for the Kyvos Manager.Copy the backup file to the local machine.
Rename your current repo folder at the kyvosmanagerdata/server location, such as repo_<oldversion number>. For example, you can name it repo_2020.5.
Upgrade Kyvos Manager from the portal
On the navigation pane, click Application Update > Upgrade. The Upgrade page is displayed with the current version details of Kyvos and Kyvos Manager. By default, the Kyvos option is selected for the Upgrade field.
On the Upgrade Kyvos Manager page, provide the information as:
To see upgrade history, click the Actions menu (...) and select the View History option.
Manually upgrading Kyvos Manager
To upgrade Kyvos to a new version, perform the following steps.
If not stopped already, stop Kyvos Manager from the terminal using the following command.
./kyvosmanager/bin/stop-km.sh
Copy the new Kyvos Manager setup on the machine parallel to the older version of Kyvos Manager is installed.
For this:Log in to the machine using the credentials of the user, which were used for installing the previous version.
Download the setup from the FTP site to the location where you need to install it. For example, /data/kyvosXXXX.YY/
For the older version of Kyvos Manager, we assume:
Installation directory is located at /data/kyvos
Kyvos Manager home directory is located at /data/kyvos/kyvosmanager
Data directory is located at /data/kyvos/kyvosmanagerdata
Extract the Kyvos Manager bundle using the following command:
tar -xvf KyvosManager<version>_ux64.tar.gz
You will get a folder named kyvosmanager_war.Make the following configurations in the setenv.sh file located at $KM_HOME/kyvosmanager_war/kyvosmanager/bin/
Set absolute paths for the following variables, as shown in the examples.
KM_BASE_DIR: Should point to the kyvosmanager_war folder.
KM_DATA_DIR: Should point to kyvosmanagerdata folder of the older installation.
Example: KM_DATA_DIR=/data/kyvosmanager_war/kyvosmanagerdata/JRE_HOME: Should point to the JRE folder in the kayvosmanager_war folder.
Example: /data/kyvosmanager_war/jre/
Copy all the contents of the kyvosmanager_war/kyvosmanagerdata/server/repo/ folder to the KM_DATA_DIR/server/ location.
Merge the contents of your existing conf/kyvosanager.properties file to the conf/kyvosanager.properties of the new version.
Copy the contents of the kyvosmanager_war/kyvosmanagerdata/server/repo/ folder to the KM_DATA_DIR/server/ location.
Start Kyvos Manager from the terminal using the command:
cd
kyvosmanager_war/kyvosmanager/bin
./start-km.sh
Login to Kyvos Manager and check the version from the About page to verify a successful upgrade.
The Kyvos Manager cluster dashboard displays a warning message, prompting you to upgrade your Kyvos version. Click Upgrade. Now you can upgrade Kyvos .
Kyvos Manager Tomcat Server logs
From Kyvos 2023.3 onwards, logs of Kyvos Manager Tomcat Server will be located in the kyvosmanagerdata/server/tomcatLogs path.
Note
Kyvos Manager Tomcat Server logs will be generated in the kyvosmanagerdata/server/tomcatLogs location even after upgrading the Kyvos Manager version.
Post-upgrade steps
Post upgrade steps for upgrading to 2023.2 from 2023.1.x
Redeploying Zookeeper
Note
If you have upgraded to Kyvos 2023.2, you must redeploy the Zookeeper using the Zookeeper configuration page in Kyvos Manager to switch to the latest version of Zookeeper. This is necessary for cloud and on-prem deployments to remove the previous version of Zookeeper.
If you're currently using the default Zookeeper on the Kyvos Manager node, you'll need to redeploy the ZooKeeper. This applies to any cluster deployed before the managed Zookeeper implementation and still uses the default Zookeeper on the Kyvos Manager node.
For Kyvos Manager: If you are upgrading only Kyvos Manager, it is necessary to redeploy Zookeeper immediately after the upgrade.
For Kyvos: If you are upgrading both Kyvos Manager and Kyvos using either the single click upgrade or the All components upgrade, you must redeploy Zookeeper after upgrading Kyvos Manager.
Upgrading Zookeeper for Kyvos 2023.2
Log onto the Kyvos Manager and navigate to Kyvos and Ecosystem > Zookeeper .
Here, select the External option and click the Save It will undeploy Zookeeper.
Once Zookeeper undeployment is complete, select the Managed by Kyvos option and click the Save This will trigger the deploy Zookeeper operation.
Once Zookeeper deployment is complete, restart all Kyvos services from the Dashboard.
Switching to the previous version of Zookeeper
To access the previous version of the Zookeeper, perform the following steps.
Add the previous Zookeeper version bundle to the Kyvos Manager repository at kyvosmanagerdata/server/repo/ .
Take a backup of the new version 3.7.1 bundle of Zookeeper at a different location outside the Kyvos Manager repo. This bundle will be necessary for switching to the new version 3.7.1 of Zookeeper.
Update the previous version bundle name in the supportedBundles present in the kyvosmanagerdata/server/repo/metadata.Kyvos/zookeeper.json file by deleting the new zookeeper version bundle name and then redeploy the Zookeeper to restore managed Zookeeper to version 3.6.1.
For example, to switch to Zookeeper version 3.6.1, before uninstalling the Zookeeper, a key having a value like supportedBundles : [zookeeper-3.7.1.tar.gz] must be updated with supportedBundles : [zookeeper-3.6.1.tar.gz]
Switching to the default non-managed version of Zookeeper
To restore the default non-managed version of Zookeeper on the Kyvos Manager node, which was removed during the uninstallation of Managed Zookeeper, you will need to manually install Zookeeper on the Kyvos Manager node.
Upgrade Graviton JRE for AWS cluster
To upgrade the Graviton JRE version, perform the following post-upgrade steps.
Create a fresh automated Graviton-based AWS cluster on the Kyvos 2023.1.1 release that contains Kyvos Manager JRE version as Corretto-8.362.08.1
Upgrade Kyvos Manager to Kyvos 2023.2, which contains Kyvos Manager JRE version as Corretto-17.0.7.7.1.
Execute the following command to download the JRE 17.0.7.7.1
curl -o manual_node_creation_graviton_prereq.tar.gz https://s3.amazonaws.com/us-east-1.kyvos/2023.2/latest/prereq/manual_node_creation_graviton_prereq.tar.gzDelete the JRE that is already existing in the following path:
For example, /data/kyvos/installs/kyvosmanager_releases/KyvosManager2023.2War_ux64/kyvosmanager_war/jre/Untar the downloaded tar file and place it on the following path of the Kyvos Manager node:
For example, /data/kyvos/installs/kyvosmanager_releases/KyvosManager2023.2War_ux64/kyvosmanager_war/jre/Start the Kyvos Manager services from the following path.
For example, /data/kyvos/installs/kyvosmanager_releases/KyvosManager2023.2War_ux64/kyvosmanager_war/kyvosmanager/binAfter completing the steps, the Kyvos Manager application will be up and running.
Rollback Kyvos Manager
You can only roll back to an older version of the Kyvos Manager using manual steps, as there is no rollback option for the Kyvos Manager on the UI.
To roll back to a previous version, perform the following steps.
Create a backup for the Kyvos Manager data, and perform the following steps.
Log in to the Kyvos Manager machine through the terminal.
Navigate to the Kyvos Manager installation path.
Stop the Kyvos Manager process using the command:
./kyvosmanager_war/kyvosmanager/bin/stop-km.shIdentify the location for the used kyvosmanagerdata folder. For this, check the value of KM_DATA_DIR in the set env.sh file in the bin folder.
This folder contains the Kyvos Manager data, including the repository.Go to the parent folder of the kyvosmanagerdata folder and run the command.
tar -zcvf file_name.tar.gz kyvosmanagerdata
Here file_name is the user backup file name for the Kyvos Manager.Copy the backup file to the local machine.
Rename your current repo folder at the kyvosmanagerdata/server location, such as repo_<current version number>. For example, you can rename it repo_2022.1
Locate the version to which you want to roll back (for example, 2021.1), and rename its repo folder (such as repo_2021.1) to repo.
Locate the build folder of the Kyvos Manager version to which you want to roll back (for example, 2021.1), and verify the correct value of KM_DATA_DIR in the set env.sh file in the bin folder.
Start the required version of Kyvos Manager using the command:
./kyvosmanager_war/kyvosmanager/bin/start-km.sh
Post-rollback steps
If you have rolled back from 2022.1 or above, and you updated the password or encryption algorithm (feature introduced in version 2022.1), then you need to reconfigure the c luster node password on to the previous Kyvos Manager release.
Copyright Kyvos, Inc. All rights reserved.