Upgrading a container via a cloud or local repository - BlueCat Integrity - 26.1.0

Address Manager Administration Guide
ft:locale
en-US
Product name
BlueCat Integrity
Version
26.1.0

Perform the following upgrade process for containers running on BlueCat DNS/DHCP Server appliances that are routable to a cloud or local repository.

  • If pulling an image from a cloud repository, you must set a DNS resolver on the BDDS. For more information, refer to DNS resolver.
  • If pulling images from a cloud repository, you must modify the BDDS firewall rules to allow the BDDS to reach the repository. For details, refer to articles 17871 and 16200 on BlueCat Customer Care.
  • If pulling images from a local repository (with the BDDS behind an internet firewall), you must set the necessary routing to allow the BDDS to reach the repository.

To upgrade the container via a cloud/local repository:

  1. Stop the Gateway container:
    1. Select the Servers tab in the sidebar, then select Servers.
    2. Select the name of a server.
    3. Select the Services tab.
    4. Under Core services, locate the Gateway service panel.
    5. Select Actions > Stop.
  2. Disable the Gateway service and remove the image.
    1. From the Gateway service panel, select Edit service.
    2. Select the Delete image on disable checkbox.
    3. (Optional) Select the Delete mount point on disable checkbox only if you wish to remove all unused local volumes and the configured data and logs bind mounts. Leave the Delete mount point on disable unselected if you would like the data and logs bind mounts to persist on the DNS/DHCP Server during the upgrade.
      Attention: If you select Delete mount point on disable the mounted data and logs directories will be deleted from the DNS/DHCP Server permanently. This is an irrevocable step.
    4. Deselect the Enabled checkbox.
    5. Select Save. Gateway Service removes the image from the BDDS appliance and stops.
  3. Re-enable the Gateway service with the new repository image.
    1. From the Gateway service panel, select Edit service.
    2. Under General, set the following parameters:
      • Enabled—select this check box to enable BlueCat Gateway service.
      • Select Repository and enter Gateway image repository information:
        • Gateway image—enter the repository address and version tag for the new image, for example quay.io/bluecat/gateway:24.3.1. Do not enter latest as the image tag.
          Tip: BAM will display an error if you enter latest. As a best practice, BlueCat recommends using an image tag to ensure you know which specific image you are using.
        • Repository username—(optional) enter your docker username if the image is on a private repository, for example, if pulling a BlueCat Adaptive Application.
        • Repository password—(optional) enter your docker password. This can either be your Docker password or an encrypted password.
    3. On the Port mapping tab, set the following parameters:
      • Host port and Container port—enter a list of ports to configure for BlueCat Gateway. Select the Add (+) button to add a port.
    4. On the Environment variables tab, set the following parameters:
      • Name and Value—enter a list of environment variables to pull to a container during startup. Select the Add (+) button to add a variable.
        Note: Enter only the required environment variable(s) in this field. Do not include the -e flag. For example, SESSION_COOKIE_SECURE=False.
    5. On the Volume mounts tab, set the following parameters:
      • Source and Container path——set the directories that will be bind mounted to the container for data and logging.
        Note: If you left the mounted data and logs directories on the DNS/DHCP Server when disabling the service, ensure that the directories match the previous bind mounts so the new service can access the existing data.
        If you deleted the bind mounts when disabling the service, note the following for configuring new directories: to ensure data persistence when patching or upgrading DNS/DHCP servers, BlueCat recommends using the default directory configuration or designated custom directory location. The recommended default configuration is /root/gwdata/:/bluecat_gateway/ and /var/log/gateway/:/logs/. To set custom directories, click Remove to remove the existing directories, then add the custom data and logs directories.
        Attention: When configuring custom data and logs directories:
        • Specify only two directories, one for data and one for logs.
        • Use the format [SOURCE:]TARGET.
          • The SOURCE is the DNS/DHCP Server directory that will be bind mounted to the container. Custom source directories must be located in /root/gwmount/ (i.e. /root/gwmount/customdir/) to ensure data persistence when patching or upgrading DNS/DHCP servers. For a basic configuration of the Gateway on BDDS service, the TARGET portion determines if the directory is for data and logs, and should be either /bluecat_gateway/ for data, or /logs/ for logs.
          • Example: /root/gwmount/mydata1/:/bluecat_gateway/
          • Example: /root/gwmount/customlogsdir/:/logs/
        Warning: Ensure that the service is configured as detailed above using either the default directories (/root/gwdata/:/bluecat_gateway/ and /var/log/gateway/:/logs/) or designated custom directory location (/root/gwmount/). Data located outside of these directories will be lost upon patch or upgrade of the DNS/DHCP Server.
    6. Select Save.
      After you select Save, the Gateway service initializes, pulls the image from the cloud or local repository (or transfers the uploaded image file), and initiates the container. Allow some time for the configuration to register, after which Address Manager will redirect you to the server Services tab.