Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Minor

This article describes how to upgrade Smart ID Digital Access component from version 6.0.2 and above to 6.0.5.

This article is only for simple upgrade in case of all nodes running in the same machine. If you need to upgrade a distributed or high availability DA version, refer to: Upgrade high availability or distributed mode for Digital Access component 6.0.2 or above to 6.0.5.


Expandall

Prerequisites

Expand
titlePrerequisites

The following is needed

  • Docker Engine version 1.13.1 or higher. This setup will anyways install/upgrade latest version of docker engine.

  • Configuration Files: upgrade.tgz

  • System Requirements: 4cpu with 8GB RAM and 100 GB physical space is recommended.

  • Before upgrading Digital Access component, make sure that the following things apply:

    • In order for the online upgrade to work, this remote server must be reachable through the firewall (port 443)
    • There is a service window planned, since the upgrade will result in a short downtime
    • There is a backup or snapshot of the current release

See also "Preparations" below.

Preparations

Expand
titlePreparations
  • Download the upgrade.tgz file on system from the support portal.
  • In case you have multiple network interfaces, note down the name of the network interface which will be used by docker swarm.

Step-by-step instruction

Expand
titleRun the upgrade
  1. Copy upgrade.tgz to your working directory

  2. Extract the file using tar command.

    Code Block
    titleExtract file
    tar -xf upgrade.tgz


  3. Navigate to the scripts folder inside the setup folder.

    Code Block
    titleNavigate to scripts folder
    cd upgrade/scripts


  4. Run the script upgrade.sh.

    Code Block
    titleRun the script
    sudo bash upgrade.sh


  5. To set up docker swarm, provide the below mentioned inputs.
    1. If you have only one network interface, then docker swarm will be initialized using that as default. Else you will be prompted to select a network interface from the displayed list.

      Code Block
      titleselect NIC
      ####################################################
      setting up docker swarm...
      ####################################################
      eth0
      eth1
      Select network interface form list displayed above to setup docker swarm:eth0


    2. If PostgreSQL is already running on your system, then the script will automatically update it. Else you will be asked to setup PostgreSQL.
      If you answer Yes then you will be prompted to set the PostgreSQL password.

      Code Block
      titlepostgreSQL setup
      ####################################################
      setting up PostgreSQL...
      ####################################################
      New Password:password
      Verify New Password:password
      password is set.
      Removing old password secret and creating new


    3. You ill will be asked if you want to setup reporting database using PostgreSQL.

      Code Block
      titleSet up reporting database
      ####################################################
      setting up reporting database...
      ####################################################
      Do you want to setup PostgreSQL as reporting database [Y/n] Y
      Yes
      customize.conf does not exist. Creating a new one and setting up reporting db
      
      IP address of reporting db: 192.168.253.139
      password for PostgreSQL reporting database: password


    4. After successful script execution, you must wait for all the images to get downloaded.

      Code Block
      titleWait for images to get downloaded
      ####################################################
      starting Digital Access...
      ####################################################
      Creating network da_da-overlay
      Creating service da_admin
      Creating service da_authentication
      Creating service da_distribution
      Creating service da_policy
      Creating service da_accesspoint
      ####################################################
      setup script execution completed successfully...
      Please wait...downloading of images is in progress...
      To check the status of download run: sudo docker images
      ########################################################


    5. After all the images are downloaded from repository, the containers will start automatically.

      Note

      It can take few minutes to start all the containers.


    6. To check the container status use this command. Make sure the status of each container is healthy.

      Code Block
      titleCheck images
      Sudo docker ps 
      docker service list



Expand
titleDo settings in Digital Access Admin
  1. Log in to Digital Access Admin and make changes for database configuration.

    1. In Manage System > Database Service, change Host to PostgreSQL IP address/DNS name and password.

    2. In Manage System > OATH Configuration, change database Host to PostgreSQL IP address/DNS name and password.

    3. In Manage System > Open ID Connect database configuration, change Host to PostgreSQL IP address/DNS name and password.

  2. Publish the configuration in Digital Access Admin.
Note
If the services are not connected in the first publish, follow the restart commands below and try to publish again.



Expand
titleRestart services

If the services are not connected in the first publish, follow these commands to restart the services and try to publish again.

  1. Stop and remove the stack.

    Code Block
    titleStop and remove stack
    sudo docker stack rm da


  2. Deploy the stack again. To run the command your working directory should be /Upgrade/docker-compose/

    Code Block
    titleDeploy stack again
    sudo docker stack deploy --compose-file docker-compose.yml -c network.yml -c versiontag.yml da


    • Where:

      • docker stack deploy is the command to deploy services as stack.

      • --compose file flag is used to provide the file name of base docker-compose file.

      • -c is short for –compose-file flag. It is used to provide override files for docker -compose.

      • da is the name of the stack. You can change it based on requirements.


Expand
titleDo offline upgrade

Offline upgrade consist of two steps:

First step

For the first step you need a system with network connectivity. We will download docker images on this system.

  1. Make sure docker is installed.

  2. Download the images using the command docker pull.

    Code Block
    titlepull images
    sudo docker pull nexusimages.azurecr.io/smartid-digitalaccess/administration-service:6.0.5.60259
    sudo docker pull nexusimages.azurecr.io/smartid-digitalaccess/policy-service:6.0.5.60259
    sudo docker pull nexusimages.azurecr.io/smartid-digitalaccess/authentication-service:6.0.5.60259
    sudo docker pull nexusimages.azurecr.io/smartid-digitalaccess/distribution-service:6.0.5.60259
    sudo docker pull nexusimages.azurecr.io/smartid-digitalaccess/access-point:6.0.5.60259


  3. To check if all images are downloaded or not run this command.

    Code Block
    titleCheck container status
    sudo docker images


  4. Save all images in tar files. Run these commands:

    Code Block
    titleSave images to tar
    sudo docker save nexusimages.azurecr.io/smartid-digitalaccess/administration-service:6.0.5.60259 > admin.tar
    sudo docker save nexusimages.azurecr.io/smartid-digitalaccess/authentication-service:6.0.5.60259 > authentication.tar
    sudo docker save nexusimages.azurecr.io/smartid-digitalaccess/distribution-service:6.0.5.60259 > distribution.tar
    sudo docker save nexusimages.azurecr.io/smartid-digitalaccess/policy-service:6.0.5.60259 > policy.tar
    sudo docker save nexusimages.azurecr.io/smartid-digitalaccess/access-point:6.0.5.60259 > accesspoint.tar


  5. Copy all the tar files onto the system where you want to upgrade Digital Access.

Second step

  1. On the system where the Digital Access upgrade has to be done:
    1. Run the upgrade process following the steps mentioned in "Step-by-step instruction" section above.
    2. Go to the folder where all the tar files are copied.
    3. Load the images to a local docker repository using the command:

      Code Block
      titleLoad images
      sudo ls -1 *.tar | xargs --no-run-if-empty -L 1 sudo  docker load -i



This article is valid for Digital Access 6.0.5 and later.