- Full upgrade path
- New Sanity monitoring service
- Elasticsearch performance enhancements
- Support for changing the IBM Cloud private user credentials
- MongoDB now uses Intermediate CA for internal communication
I did a new installation as well as an upgrade and would like to share my experience in this blog post.Installation
I had some difficulties installing Component Pack 188.8.131.52 as mentioned in the Knowledge Center.
You either can provide your Connections hostname using “–set_ic_host” parameter or let the installer asking you for it. The script will try to access that URL and will also the check the HTTP response code as well as the size of the response. In an environment without an HTTP Proxy, the response code will be 200 which unfortunately will break the installation because of a missing “https://” in one of the installation scripts.
You can easily fix that by editing the 00-all-config.sh script and adding the missing “https://” as mentioned below:
After changing the file you can install IBM Cloud private as usual. Please be aware that you either need to include the “–development_mode” parameter to skip the checksum check or generate a new md5sum and customize the manifest.md5 file before.
Update: IBM released a Technote on this topic.
The downsizing script I created for Component Pack 184.108.40.206 some weeks ago is still working. You will find it here. Still without any support.
IBM did some great work here. All the manually changes which were needed with Component Pack 220.127.116.11 are gone. Just install it and it will work. You will find the updated documentation here.
Please don’t miss to update following two parameters in the connections-env Configmap:
You need to recreate the mw-proxy pods afterward. Some more information and insights are listed in my last Connections Customizer post. I also suggest tuning your Nginx configuration!
I only did one upgrade to Component Pack 18.104.22.168 yet. So my issues might be related to my environment but I would like to share them with you.
Some tips below:
- Change your default namespace back to “default” in case you changed it to “connections”. Some scripts will not work with the changed namespace.
- Include all deploy.cfc parameters you used in your previous installation!
- The upgrade reconfigured my Docker from direct-lvm to loop-lvm. Therefore I would suggest using the “–skip_docker_deployment” parameter to be sure that nothing gets changed. Update: You need to include “–docker_storage_block_device” in case you configured Docker to use direct-lvm. Be sure to reuse the same device!
- Include “–skip_ssh_key_generation”, “–set_ic_host” and all other password and secrets parameter to be sure the process is running without asking all that stuff.
Use the same passwords! If not you will need to reconfigure the Redis configuration on WebSphere.(Update: The upgrade will take care of this)
The upgrade process created new Elasticsearch certificates which the documentation does not mention. Therefore you need to copy the new chain file as well as the certificate to a Websphere Node and redo the merge. Either using the enableSslForMetrics wsadmin command or the ISC:
IBM Cloud private update
I had a strange issue while updating IBM Cloud private. It looks like the upgrade process has issues recreating the Kubernetes mongo secret. I fixed it by customizing the B-23-master-configure-cfc.sh script and removing the following two links:
It looks like this issue occurred because of a previous problem which forced me to rerun the upgrade process. You can manually fix it by removing the /opt/mongo-secret/yamlContent directory. This is a known issue by IBM. They will publish a technote soon.
After installing the updates some of my Kubernetes services where mapped to different ports (which wasn’t the same in a new installation). Therefore I needed to remap my IBM HTTP Server configuration.
You can fix this by executing following lines within the /microservices/hybridcloud directory:
helm upgrade community-suggestions helmbuilds/community-suggestions/community-suggestions-0.1.0-20180207-181337.tgz –values=bin/common_values.yaml –set service.nodePort=32200 helm upgrade itm-services helmbuilds/itm-services/itm-services-0.1.0-20180213-003437.tgz –values=bin/common_values.yaml –set service.nodePort=31100 helm upgrade orient-web-client helmbuilds/orient-web-client/orient-web-client-0.1.0-20180222-120221.tgz –values=bin/common_values.yaml –set service.nodePort=30001 helm upgrade mail-service helmbuilds/mail-service/mail-service-0.1.0-20171205-071234.tgz –values=bin/common_values.yaml –set service.nodePort=32721
Thanks to Conall Ó Cofaigh who provided those commands.
I’m not sure if those are real issues or only related to my environment. Please let me know :)