Upgrade Manifests¶
This section will guide you through rebasing your manifests on top of latest pre-release branch.
Contact Arrikto
You should always make sure you apply valid manifests and kustomizations after a rebase. In case of uncertainty do not hesitate to coordinate with the Arrikto Tech Team for support.
Fast Forward
If you already have the latest manifests, expand this box to fast-forward.
Run
keychain
to start the SSH agent and use your SSH identity:root@rok-tools:~/ops/deployments# eval "$(keychain --eval id_rsa)" * keychain 2.8.2 ~ http://www.funtoo.org * Starting ssh-agent... * Adding 1 ssh key(s): /root/.ssh/id_rsa * ssh-add: Identities added: /root/.ssh/id_rsaTroubleshooting
can’t find id_rsa
If the above command shows the following warning message:
Warning: can't find id_rsa; skippingit means that keychain could not find the file
~/.ssh/id_rsa
, which normally contains your private SSH key.To proceed, follow the Configure Git guide to configure your private SSH key.
Cannot find public key for id_rsa
If the above command shows the following warning message:
Warning: Cannot find public key for id_rsait means that keychain clould not find the file
~/.ssh/id_rsa.pub
, which normally contains your public SSH key.To proceed, generate the public SSH key based on your private key:
root@rok-tools:~# ssh-keygen -yf /root/.ssh/id_rsa > /root/.ssh/id_rsa.pubAir Gapped
If you are in an air gapped environment, expand this box.
- Follow the Mirror Images to Internal Registry guide to mirror all new images to your internal Docker registry.
- Follow the Patch All Images for Your Deployment guide to patch all kustomizations to use the mirrored images from your internal Docker registry.
Proceed to the Verify section.
What You’ll Need¶
- An upgraded management environment.
- Your local clone of the Arrikto GitOps repository, tracking the release-1.5 release channel.
Check Your Environment¶
Go to your GitOps repository, inside your
rok-tools
management environment:root@rok-tools:~# cd ~/ops/deploymentsEnsure that you are currently on the
release-1.5
branch:root@rok-tools:~/ops/deployments# git rev-parse --abbrev-ref HEAD release-1.5Ensure that you are currently following the
release-1.5
release channel:root@rok-tools::~/ops/deployments# git rev-parse --abbrev-ref --symbolic-full-name @{u} origin/release-1.5
Procedure¶
Important
Mirror the GitOps repo to a private remote to be able to recover it in case of failure.
Go to your GitOps repository, inside your
rok-tools
management environment:root@rok-tools:/# cd ~/ops/deploymentsRun
keychain
to start the SSH agent and use your SSH identity:root@rok-tools:~/ops/deployments# eval "$(keychain --eval id_rsa)" * keychain 2.8.2 ~ http://www.funtoo.org * Starting ssh-agent... * Adding 1 ssh key(s): /root/.ssh/id_rsa * ssh-add: Identities added: /root/.ssh/id_rsaTroubleshooting
can’t find id_rsa
If the above command shows the following warning message:
Warning: can't find id_rsa; skippingit means that keychain could not find the file
~/.ssh/id_rsa
, which normally contains your private SSH key.To proceed, follow the Configure Git guide to configure your private SSH key.
Cannot find public key for id_rsa
If the above command shows the following warning message:
Warning: Cannot find public key for id_rsait means that keychain clould not find the file
~/.ssh/id_rsa.pub
, which normally contains your public SSH key.To proceed, generate the public SSH key based on your private key:
root@rok-tools:~# ssh-keygen -yf /root/.ssh/id_rsa > /root/.ssh/id_rsa.pubFetch latest upstream changes:
root@rok-tools:~/ops/deployments# git fetch --all -p Fetching originTroubleshooting
Permission denied
If the above command fails with the following error message:
Permission denied (publickey)ensure that you have run
keychain
as specified in the Procedure or the Fast-Forward section of this guide.If the error persists, it means that you do not have access to the Arrikto GitOps repository. To proceed, follow the Configure Git guide to configure your SSH identity.
Rebase on top of the latest pre-release version:
root@rok-tools:~/ops/deployments# git rebase -XtheirsTroubleshooting
CONFLICT (modify/delete)
Rebasing your work may cause conflicts when you have modified a file that has been removed from the latest version of Arrikto manifests. In such a case the rebase process will fail with:
CONFLICT (modify/delete): path/to/file deleted in origin/release-1.5 and modified in HEAD~X. Version HEAD~X of path/to/file left in tree.Go ahead and delete those files:
root@rok-tools:~/ops/deployments# git status --porcelain | \ > awk '{if ($1=="DU") print $2}' | \ > xargs git rmContinue the rebase process:
root@rok-tools:~/ops/deployments# git rebase --continue
Update deployment context.
Ensure that you have the Docker credentials provided by Arrikto committed in your GitOps repository:
root@rok-tools:~/ops/deployments# test -s deploy/dockerconfig.json \ > && echo OK || echo FAIL OKTroubleshooting
The output of the command is FAIL
You are upgrading an old cluster that was created before EKF 1.4-rc1 got released.
Copy the Docker credentials you have under your home directory inside your GitOps repository:
root@rok-tools:~/ops/deployments# cp -v ~/dockerconfig.json deploy/dockerconfig.json '/root/dockerconfig.json' -> 'deploy/dockerconfig.json'Commit your changes:
root@rok-tools:~/ops/deployments# git commit \ > -am "Configure Access to Arrikto's Private Registry"
Air Gapped
If you are in an air gapped environment, expand this box.
- Follow the Mirror Images to Internal Registry guide to mirror all new images to your internal Docker registry.
- Follow the Patch All Images for Your Deployment guide to patch all kustomizations to use the mirrored images from your internal Docker registry.
Verify¶
Go to your GitOps repository, inside your
rok-tools
management environment:root@rok-tools:~# cd ~/ops/deploymentsEnsure that you are currently on the
release-1.5
branch:root@rok-tools:~/ops/deployments# git rev-parse --abbrev-ref HEAD release-1.5Ensure that you are currently following the
release-1.5
release channel:root@rok-tools::~/ops/deployments# git rev-parse --abbrev-ref --symbolic-full-name @{u} origin/release-1.5Fetch changes from the upstream repository:
root@rok-tools:~/ops/deployments:~# git fetch -p originTroubleshooting
Permission denied
If the above command fails with the following error message:
Permission denied (publickey)ensure that you have run
keychain
as specified in the Procedure or the Fast-Forward section of this guide.If the error persists, it means that you do not have access to the Arrikto GitOps repository. To proceed, follow the Configure Git guide to configure your SSH identity.
Get the
HEAD
commit hash of the upstream branch you are tracking:root@rok-tools:~/ops/deployments:~# export COMMIT_HASH=$(git rev-parse @{u})Make sure that this commit hash exists in your local branch:
root@rok-tools:~/ops/deployments:~# git merge-base --is-ancestor ${COMMIT_HASH?} HEAD && echo "OK" || echo "FAIL" OK
Summary¶
You have successfully upgraded your manifests.