My experiences with Connections Component Pack 6.0.0.5

connections cnx

IBM released Connections Pack 6.0.0.5 earlier this week. With this new release, IBM added new features and improvements:

  • Full upgrade path
  • New Sanity monitoring service
  • Elasticsearch performance enhancements
  • Support for changing the IBM Cloud private user credentials
  • MongoDB now uses Intermediate CA for internal communication

I did a new installation as well as an upgrade and would like to share my experience in this blog post.Installation

I had some difficulties installing Component Pack 6.0.0.5 as mentioned in the Knowledge Center.

You either can provide your Connections hostname using “–set_ic_host” parameter or let the installer asking you for it. The script will try to access that URL and will also the check the HTTP response code as well as the size of the response. In an environment without an HTTP Proxy, the response code will be 200 which unfortunately will break the installation because of a missing “https://” in one of the installation scripts.

You can easily fix that by editing the 00-all-config.sh script and adding the missing “https://” as mentioned below:

After changing the file you can install IBM Cloud private as usual. Please be aware that you either need to include the “–development_mode” parameter to skip the checksum check or generate a new md5sum and customize the manifest.md5 file before.

Update: IBM released a Technote on this topic.

Downsizing

The downsizing script I created for Component Pack 6.0.0.4 some weeks ago is still working. You will find it here. Still without any support.

Connections Customizer

IBM did some great work here. All the manually changes which were needed with Component Pack 6.0.0.4 are gone. Just install it and it will work. You will find the updated documentation here.

Please don’t miss to update following two parameters in the connections-env Configmap:

  • customizer-interservice-host
  • customizer-interservice-port

You need to recreate the mw-proxy pods afterward. Some more information and insights are listed in my last Connections Customizer post. I also suggest tuning your Nginx configuration!

IBM also released a new version of Visual Update 1 which now includes some more apps as well as Orient Me. It is the perfect start to work with Connections Customizer. Find more information here.

Upgrade

I only did one upgrade to Component Pack 6.0.0.5 yet. So my issues might be related to my environment but I would like to share them with you.

Some tips below:

  • Change your default namespace back to “default” in case you changed it to “connections”. Some scripts will not work with the changed namespace.
  • Include all deploy.cfc parameters you used in your previous installation!
  • The upgrade reconfigured my Docker from direct-lvm to loop-lvm. Therefore I would suggest using the “–skip_docker_deployment” parameter to be sure that nothing gets changed. Update: You need to include “–docker_storage_block_device” in case you configured Docker to use direct-lvm. Be sure to reuse the same device!
  • Include “–skip_ssh_key_generation”, “–set_ic_host” and all other password and secrets parameter to be sure the process is running without asking all that stuff.
  • Use the same passwords! If not you will need to reconfigure the Redis configuration on WebSphere. (Update: The upgrade will take care of this)

Elasticsearch

The upgrade process created new Elasticsearch certificates which the documentation does not mention. Therefore you need to copy the new chain file as well as the certificate to a Websphere Node and redo the merge. Either using the enableSslForMetrics wsadmin command or the ISC:

IBM Cloud private update

I had a strange issue while updating IBM Cloud private. It looks like the upgrade process has issues recreating the Kubernetes mongo secret. I fixed it by customizing the B-23-master-configure-cfc.sh script and removing the following two links:

Update:
It looks like this issue occurred because of a previous problem which forced me to rerun the upgrade process. You can manually fix it by removing the /opt/mongo-secret/yamlContent directory. This is a known issue by IBM. They will publish a technote soon.

Service ports

After installing the updates some of my Kubernetes services where mapped to different ports (which wasn’t the same in a new installation). Therefore I needed to remap my IBM HTTP Server configuration.

Update:
You can fix this by executing following lines within the /microservices/hybridcloud directory:

helm upgrade community-suggestions helmbuilds/community-suggestions/community-suggestions-0.1.0-20180207-181337.tgz –values=bin/common_values.yaml –set service.nodePort=32200
helm upgrade itm-services helmbuilds/itm-services/itm-services-0.1.0-20180213-003437.tgz –values=bin/common_values.yaml –set service.nodePort=31100
helm upgrade orient-web-client helmbuilds/orient-web-client/orient-web-client-0.1.0-20180222-120221.tgz –values=bin/common_values.yaml –set service.nodePort=30001
helm upgrade mail-service helmbuilds/mail-service/mail-service-0.1.0-20171205-071234.tgz –values=bin/common_values.yaml –set service.nodePort=32721

Thanks to Conall Ó Cofaigh who provided those commands.

I’m not sure if those are real issues or only related to my environment. Please let me know :)

6 thoughts on “My experiences with Connections Component Pack 6.0.0.5”

  1. Nico, thank you so much for your valuable feedback. I am investigating all of these issues now. A few questions….

    – Change your default namespace back to “default” in case you changed it to “connections”. Some scripts will not work with the changed namespace.
    What namespace did you use in your original 6004 install? Did you use the –set_namespace to change it during upgrade? It is not supported to change the namespace when upgrading, but I guess we should of added a check for that.

    – The upgrade reconfigured my Docker from devicemapper to loop-lvm. Therefore I would suggest using the “–skip_docker_deployment” parameter to be sure that nothing gets changed.
    loop-lvm is devicemapper. This was the default docker configuration in 6004 (If using block device direct-lvm devicemapper is the default). Nothing changed in 6005 for this.

    – Use the same passwords! If not you will need to reconfigure the Redis configuration on WebSphere.
    The B-26-master-configure-redis.sh will reconfigure the Redis configuration on WebSphere with the new password so you can change as long as you don’t use –skip_configure_redis flag

    The issue in B-23 with the mongo keys. What was the error you got? Was it:
    error: cannot add key b64_intermediate.key.pem, another key by that name already exists: map[user_admin.pem:[45]
    This is a known issue that is currently being tech noted, but it only happens when you run an upgrade ontop of an already deployed 6005 upgrade (same version upgrade). If you did a straight upgrade from 6004 -> 6005, the B-23 script should not fail. Can you confirm the error?

  2. Hey Nico,
    Regarding the ports changing after upgrade, this should not happen. You should not have to update your HTTP conf file – doing this will not fix service to service communication. It is a bug in our upgrade code. To workaround the issue, you can run the below command after upgrading (This is getting added to our documentation today):

    1. On the boot/master node, change directory:
    cd /microservices/hybridcloud

    2. Run a Helm upgrade on community-suggestions:
    helm upgrade community-suggestions helmbuilds/community-suggestions/community-suggestions-0.1.0-20180207-181337.tgz –values=bin/common_values.yaml –set service.nodePort=32200

    3. Run a Helm upgrade on itm-services:
    helm upgrade itm-services helmbuilds/itm-services/itm-services-0.1.0-20180213-003437.tgz –values=bin/common_values.yaml –set service.nodePort=31100

    4. Run a Helm upgrade on orient-web-client:
    helm upgrade orient-web-client helmbuilds/orient-web-client/orient-web-client-0.1.0-20180222-120221.tgz –values=bin/common_values.yaml –set service.nodePort=30001

    5. Run a Helm upgrade on mail-service:
    helm upgrade mail-service helmbuilds/mail-service/mail-service-0.1.0-20171205-071234.tgz –values=bin/common_values.yaml –set service.nodePort=32721

Leave a Reply

Your email address will not be published. Required fields are marked *