Installing major updates for BAM and BDDS within a Distributed DDNS system - Adaptive Applications - BlueCat Gateway - 23.2.3

BlueCat Distributed DDNS Administration Guide

Locale
English
Product name
BlueCat Gateway
Version
23.2.3
Note: This information is collected here for convenience only. For more complete details about installing and updating BlueCat Address Manager, see the appropriate Integrity Guides.

The following instructions summarize how to apply major updates to systems with installations of BlueCat Address Manager (BAM) that connect to BlueCat DNS/DHCP Servers (BDDS) that are running Distribted DDNS.

Upgrade steps differ slightly depending on whether you're applying a major update (such as from BAM/BDDS 9.3.x to BAM/BDDS 9.5.x), a minor update (such as from BAM/BDDS 9.5.0 to BAM/BDDS 9.5.1), or a Hotfix (where the version number does not necessarily change).

Important:

When updating BDDSes for Data Nodes and the Service Node, you must back up several docker files to an external location. These backup copies must preserve ownership, permission, and attribute details. Otherwise, docker containers cannot be restarted.

To make sure these settings are preserved, make sure that you back up your files to another, external BDDS that is running the same version of Integrity. We recommend that you prepare this external BDDS ahead of time, before starting the upgrade process.

When performing a major upgrade of Integrity, you'll perform the following steps:

  1. Apply the BAM update for the new version.

  2. After the BAM update is complete and BAM is running the new version, update your BDDS servers in this order:

    1. Apply the BDDS update to the BDDS running the Distributed DDNS Application Node.

    2. Apply the BDDS update to the BDDSes running Distributed DDNS Data Nodes, one at a time.

    3. Apply the BDDS update to the BDDS running the Distributed DDNS Service Node.

1. Apply the Integrity update to BlueCat Address Manager (BAM)

Update the instance BlueCat Address Manager (that connects to the BDDS and D-DDNS system) as follows:

  1. From Address Manager, apply the BlueCat Address Manager update as described in the Address Manager Administration Guide.

  2. For more details, see Applying patches, hotfixes, or software updates.

  3. When the update completes, start Address Manager and confirm that it is running the new version.

2. Apply the Integrity update to each BlueCat DNS/DHCP Server (BDDS)

When applying the Integrity update to each BDDS, you must do so in the following order:

  • The Distributed DDNS Application Node

  • The Distributed DDNS Data Nodes (one by one)

  • The Distributed DDNS Service Node

To apply the update to a BDDS node:

  1. Determine the next target BDDS node you need to update.

    You must update BDDS on the Application Node, then on each Data Node one by one, then on the Service Node, in that order.

    CAUTION:
    While you must apply the BDDS update to the Application Node before the Data Nodes, it does not matter which Data Node you update first. However, you must update only one Data Node at a time. Do not try to apply the update to multiple data nodes simultaneously.
  2. If you are updating the Application Node: From BlueCat Address Manager (BAM), in the Servers page, stop the DDNS Application Node:

    1. In BAM, if you haven't done so already, select the appropriate Configuration in the Configuration drop-down menu.

    2. Select the Servers tab.

      Tabs remember the page you last worked on, so click the tab again to make sure you're on the Configuration information page.

    3. Under Servers, click the name of the BDDS with the DDNS Application Node.

    4. In the Details window, do the following:

      • In the server name menu, select Service Configuration.

      • In Service Type, select BlueCat Gateway.

      • In General Settings, clear the Enable Gateway Service checkbox.

      • Click Update. The Gateway Service is disabled and the Application Node is stopped.

    5. Under Change Control, add comments if you want, then click Yes.

    6. Click Yes.

  3. If you are updating a Data Node: Switch any connections to the target Data Node (that you want to update) to use other Data Nodes.

  4. If you are updating a Data Node or the Service Node: Do the following:

    1. Make sure that the target BDDS is isolated from the Production environment so that no DNS/DHCP update messages can be sent to it.

    2. From a console window on the node that you're updating, stop the docker container.

      For a Data Node, use the following command to stop the container gracefully, giving the MariaDB process time to properly close:

      docker stop -t 90 <Data Node container name>
      For a Service Node, use the following command:
      docker stop <Service Node container name>

      Where the Node container name is the name of the docker container for the node that you're currently updating.

  5. If you are updating a Data Node or the Service Node: Back up the docker files from the target BDDS, preserving the file's ownership, permissions, and attributes. You must back up these files before you apply the update.

    Important: If you do not not preserve these permissions during the backup, the docker container can't be restarted when you restore them. To make sure these settings are preserved, use the rsync command (as described below) and back up your files to a separate, external BDDS that is running the same version of Integrity.

    To back up these files and preserve their attributes, on the target BDDS, do the following:

    1. If you will be copying files via SSH, open port 22 on the BDDS. To do so, you can use the following commands:

      iptables -A INPUT -p tcp --dport 22 -j ACCEPT
      iptables -A INPUT -p tcp --sport 22 -j ACCEPT
      iptables -A OUTPUT -p tcp --sport 22 -j ACCEPT
      iptables -A OUTPUT -p tcp --dport 22 -j ACCEPT
    2. Copy the target BDDS's /var partition to your external BDDS using the rsync command. This partition contains the BDDS's docker files (among other things). Use the rsync command to preserve ownership, permission, and file attributes:

      rsync -av -e ssh /var <user@remote_server>:<path to backup destination>

      Where:

      • <user@remote_server> is a user account on the external BDDS with appropriate permissions.

      • <path to backup destination> is the path on the external BDDS where you want to back up the files. You can back up multiple BDDS docker files to the same BDDS, as long as you use a different path for each BDDS.

    3. Copy any custom files that aren't within the /var partition and that you also want to restore to the new version. Use the rsync command here, too.

      Custom files that you might want to back up depend on your system. They could be SSH keys (stored in the user's .ssh/home directory), DHCP hooks, and DNS hooks. You can back up multiple sets of custom files to the same BDDS, as long as you use a different path for each BDDS.

      Tip: We strongly recommend you document the list of backed up files and folders for later reference, listing both the set of files and the BDDS and path to which they should be restored later.

      For more details, see Copying files to the new version in the Address Manager Administration Guide.

  6. From BlueCat Address Manager (BAM), in the Servers page, apply the BDDS update to the target node:

    1. If you haven't done so already, select the appropriate Configuration in the Configuration drop-down menu.

    2. Select the Servers tab.

    3. Under Server, select the check box of the BDDS for the node that you're currently upgrading.

    4. Click Action and select Upgrade Servers.

    5. Under Change Control, add comments if you want, then click Yes.

    6. Click Yes.

    For more details, see DNS/DHCP multi-version upgrade support in the Address Manager Administration Guide.

  7. Wait until the upgrade finishes. Do not continue to the next step until the BDDS is running with the new version.

    You can monitor the status of an update from the Servers tab in Address Manager. Under Server, select the check box for the BDDS that you're upgrading, click Action, then click Server Upgrade Status.

    For more details, see Viewing the upgrade status in the Address Manager Administration Guide.

  8. If you are updating a Data Node or the Service Node: Restore the files that you backed up earlier from that BDDS:

    Copy the /var/lib/docker content from the backup on your external BDDS using the rsync command. The rsync command makes sure that ownership, permission, and file attributes are properly restored:

    rsync -av -e ssh <path to backup destination>/lib/docker/* <user@bdds_server>:/var/lib/docker

    Where:

    • <path to backup destination> is the path on the external BDDS where you backed up the /var directory for that specific Data Node.

    • <user@bdds_server> is a user account with appropriate permissions on the BDDS that you're updating.

    For example, if you backed up the BDDS's docker files to /root/backup-data3/var on the external BDDS using an account named myadmin@mybdds, you would use the following command:

    rsync -av -e ssh /root/backup-data3/var/lib/docker/* myadmin@mybdds:/var/lib/docker

    If you also backed up custom files, restore those to the same location on the updated BDDS. Refer to the notes that you took when you backed up the custom files.

  9. If you are updating the Application Node: From BlueCat Address Manager (BAM), in the Servers page, restart the node:

    1. In BAM, if you haven't done so already, select the appropriate Configuration in the Configuration drop-down menu.

    2. Select the Servers tab.

      Tabs remember the page you last worked on, so click the tab again to make sure you're on the Configuration information page.

    3. Under Servers, click the name of the BDDS node you just upgraded.

    4. In the Details window, do the following:

      • In the server name menu, select Service Configuration.

      • In Service Type, select BlueCat Gateway.

      • In General Settings, tick the Enable Gateway Service checkbox.

        Note: Previously, you cleared this checkbox to stop the service. This time, you tick it.
      • Click Update. The Gateway Service is disabled and the node is restarted.

  10. If you are updating a Data Node or the Service Node: Restart the docker service and container as follows:

    1. Restart the docker service:

      systemctl restart docker
    2. From a console window on the Data Node you're updating, restart the docker container. You can use the following command:

      docker start <docker container name>

      Where <docker container name> is the name of the docker container for the target BDDS.

    3. If you are updating a Data Node, wait for it to successfully join the cluster before upgrading other data notes.

  11. You can now repeat these instructions for the next BDDS node.

    If you just upgraded the Application node, you can now proceed to upgrade the first Data Node. Upgrade each Data Node one by one. After you upgrade the last Data Node, you can upgrade the Service Node.