Upgrade Portworx Backup
Portworx Backup supports upgrades to version n
from versions n-1
or n-2
versions. For example, if you are on Portworx Backup version 2.4.0, you can directly upgrade to 2.6.0. Suppose, if you are on 2.2.0 and you wish to upgrade to 2.6.0, you need to upgrade in phased manner. Firstly upgrade from version 2.2.0 to 2.4.0, and then upgrade from version 2.4.0 to 2.6.0.
To upgrade from Portworx Backup version 2.4.x or 2.5.x to 2.6.0, you can just use the px-central
chart.
Upgrade from 2.4.x or 2.5.x to 2.6.0:
To upgrade from Portworx Backup version 2.4.x to 2.6.0:
-
Update your Helm repository:
helm repo update
-
Retrieve all custom values you used during the Portworx Backup installation. Enter the following
helm get values
command to generate a YAML file, replacing the<namespace>
and<release-name>
parameters to match your environment:helm get values --namespace <namespace> <release-name> -o yaml > values.yaml
-
Delete the post install hook job:
kubectl delete job pxcentral-post-install-hook --namespace <namespace>
-
Run the
helm upgrade
command to upgrade Portworx Backup, use the-f
flag to pass the customvalues.yaml
file you generated above and replace<release-name>
and<namespace>
parameters to match your environment:helm upgrade <release-name> portworx/px-central --namespace <namespace> -f values.yaml
noteIf the Portworx Backup version is 2.0.0, then set the administrator password in the above
helm upgrade
command:helm upgrade <release-name> portworx/px-central --namespace <namespace> --set oidc.centralOIDC.defaultPassword=<current-admin-password> -f values.yaml
Consider you installed or upgraded an earlier Portworx Backup version using the values-px-central.yaml
, which you either:
- Generated from the Portworx Central portal (or)
- Cloned from the Portworx Backup Helm repository
In this case, you must specify the changes you made in the earlier version values.yaml
in the new values-px-central.yaml
that you use for installing or upgrading to Portworx Backup 2.6.0.
For example:
In the existing values.yaml
, if the persistentStorage.storageClassName
parameter is set with the value portworx-sc
, then you must the set the same portworx-sc
value in the new values-px-central.yaml
.
Air-gapped upgrade
If you are in air-gapped environment, then follow the steps below to upgrade Portworx Backup from the prior versions to 2.6.0:
-
To pull the Docker images listed in Air-gapped install and push them to an internal registry:
a. Download the
pxcentral-ag-install-backup.sh
air-gapped bootstrap Portworx Backup install script:curl -o pxcentral-ag-install-backup.sh -L
"https://install.portworx.com/pxcentral-air-gapped?px-backup=true"You can also download the install script for a specific release by specifying a version query.
For example:
curl -o pxcentral-ag-install-backup.sh -L "https://install.portworx.com/pxcentral-air-gapped?version=2.6.0&px-backup=true"
b. Provide execute permission for the install script:
chmod +x pxcentral-ag-install-backup.sh
c. Pull the container images using the
pxcentral-ag-install-backup.sh
script:./pxcentral-ag-install-backup.sh pull
d. Push the images to a local registry server, accessible by the air-gapped nodes. Replace
<repo>
with your registry location:./pxcentral-ag-install-backup.sh push <repo>
-
To generate the customized
values-px-central.yaml
for Portworx Backup installation spec (Helm command):
a. Access Portworx Central portal.b. From the home page, navigate to Backup Services under Explore our Products.
c. Click I agree to EULA and go through the Portworx Products Terms of Use carefully.
d. Navigate back to the Portworx Central portal and click Start Free Trial.
e. In the Spec Details provide the following values:
-
Backup Version: select the required version of Portworx Backup from the drop-down
-
Namespace: provide the name of the namespace where you want an instance of Portworx Backup to be installed
-
Install using: choose Helm 3
-
Select your environment: choose On-Premises or Cloud based on your storage environment
-
StorageClass Name: name of the StorageClass, refer tooltip for more details
-
Use your OIDC: Select this option only if your external authorization provider is Auth0 and key in the following fields:
- Endpoint
- Client ID
- Client Secret
These values can be fetched from the Auth0 web console.
-
Use custom registry: for air-gapped environments
- Custom Image Repository Location: path of custom image repository
- Image Pull Secret(s): create a secret only if image pulling from an internal repository requires credentials
noteCreate a secret only if pulling image from an internal repository requires credentials.
-
-
Click Next to navigate to Finish tab.
-
Under Step 2 in the web console, click
values-px-central.yaml
file to download the default options. -
Retrieve all custom values you used during the Portworx Backup installation. Enter the following helm get values command to generate a YAML file, replacing the
<namespace>
and<release-name>
parameters to match your environment:helm get values --namespace <namespace> <release-name> -o yaml> values.yaml
-
Modify the
values-px-central.yaml
downloaded from Portworx Central portal in Step 4 with the changed values fromvalues.yaml
.For example: Replace storage class value in
values-px-central.yaml
with that ofvalues.yaml
. -
Delete the post install hook job:
kubectl delete job pxcentral-post-install-hook --namespace <namespace>
-
From the machine where you run the helm3 command:
a. Download the latest px-central package with the following command.
curl -O https://raw.githubusercontent.com/portworx/helm/master/stable/px-central-2.6.0.tgz
b. Modify the Helm command generated from Step 2 of web console to provide the helm package, instead of providing the repository.
For example:
helm upgrade px-central px-central-2.6.0.tgz --namespace <name of namespace> --create-namespace --version 2.6.0 -f values-px-central.yaml
notePortworx Backup supports object lock from release version 2.2.0. For more information, refer to S3 Object Lock in Portworx Backup. You need the permissions listed below to check if the bucket configured in the backup location supports object lock. If you are upgrading to Portworx Backup 2.2.0 from any lower version, ensure that the following object lock related permissions are enabled in the AWS console:
s3:GetBucketObjectLockConfiguration
s3:GetObjectLegalHold
s3:GetObjectRetention
Access permissions in Portworx Backup 2.x.x
Users with admin role can access the following resources in the Portworx Backup user interface:
- Can view and backup clusters that you added
- Can view all user created backups in the Backups page
- Can view all Portworx backup security objects such as cloud credentials, backup locations, schedule policies, and backup rules of all users
- Cannot view all non-Portworx backup security objects
The access permissions available to a user in case of backup sync are:
- If a user is the owner of a bucket, then the Backups page lists backups of all users who used that bucket.
- If a user is a collaborator, then the user can view own backups only.