Task:
Perform a containerized AAP 2.5 upgrade to AAP 2.6 containerized.
Container Node Worker Hosts:
cksnode1.mindwatering.net
cksnode2.minwatering.net
cksnode3.minwatering.net
Set-up backup directory target: /local/backup/
The /local/backup/ destination is a NFS mounted disk host container nodes and an administrative workstation
Notes:
- Lightspeed:
This installation skips the AAP Lightspeed feature. If wanting to use it, add Lightspeed inventory variables. It requires a pg_host and a LLM instance.
- SAML Authentication:
Encrypted private keys for SAML configurations are no longer supported. If you still have them from your previous migration/upgrade from 2.4 to 2.5, they will need to be removed. (The Red Hat AAP 2.6 Planning Your Upgrade guide has more information.)
- Upgrade from AAP 2.5 to 2.6 on the latest version of AAP 2.5. So make sure your on the latest AAP 2.5 version beforehand.
- The container topologies supported/tested are the "growth" and "enterprise" topologies. Review: docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.6/html/tested_deployment_models/container-topologies
- If adapting this upgrade to a HA cluster, the REDIS can be deployed as standalone instances or 6 HA instances across the Gateways, Hubs, and EDAs, and cannot be installed w/the Controllers, EEs, nor PostgreDBs.
Steps:
1. Download the Ansible Automation Platform 2.6 Containerized Setup Bundle
2. Perform an AAP backup
3. Confirm Packages Installed on the Host Container Nodes
4. Update the Inventory File with Any new AAP 2.6 Variables
5. Perform the Upgrade
6. Post AAP 2.6 Upgrade Validation
7. Post Migration Backup
1. Download the Ansible Automation Platform 2.6 Containerized Setup Bundle
a. Download from:
access.redhat.com/downloads/content/480/ver=2/rhel---10/2.6/x86_64/product-software
<login>
Typically, we choose the offline bundle that includes all packages. If you have an online connection and your rather not download the ancillary packages, too choose the Ansible Automation Platform 2.6 Containerized Setup.
e.g. ansible-automation-platform-containerized-setup-bundle-2.6-3-x86_64.tar.gz
b. Transfer to the node where 2.5 was installed. For us that is the node running the primary controller.
Node: cksnode1.mindwatering.net
Target folder: /home/myaapadminid/aapinstalltmp/
c. Uncompress the archive:
$ ssh myaapadminid@cksnode1.mindwatering.net
<login>
$ cd /home/myaapadminid/aapinstalltmp/
$ tar xvzf ansible-automation-platform-containerized-setup-bundle-2.6-3-x86_64.tar.gz
<wait>
2. Perform an AAP Backup
a. Login to the node with the controller or the gateway. (The node which installed AAP 2.5 containerized.)
$ ssh myaapadminid@cksnode1.mindwatering.net
<login>
b. Navigate to the original install directory, and perform backup:
$ cd /home/myaapadminid/aapinstalltmp/ansible-automation-platform-containerized-setup-bundle-2.5-20-x86_64/
$ ansible-playbook -i inventory ansible.containerized_installer.backup -e "/local/backup/aap25bkup_yyyymmdd"
3. Confirm Packages Installed on the Host Container Nodes
a. Login:
$ ssh myaapadminid@cksnode1.mindwatering.net
<login>
b. Confirm the following packages are already installed. We did that by simply running dnf upgrade, and were told they were already installed and newest versions.
$ dnf upgrade ansible-core ansible-builder ansible-lint ansible-navigator ansible-sign bash-completion bind-utils curl firewalld man-pages nano openssh-clients psmisc rsync sos tar tpm2-tools zstd libpq podman python3-cryptography python3-psycopg2
c. Confirm system completely up-to-date:
$ dnf upgrade
4. Update the Inventory File with Any new AAP 2.6 Variables
a. Login:
$ ssh myaapadminid@cksnode1.mindwatering.net
<login>
b. Backup the sample 2.6 inventory file:
$ cd /home/myaapadminid/aapinstalltmp/ansible-automation-platform-containerized-setup-bundle-2.6-3-x86_64
$ mv inventory inventory_backup
c. Copy the AAP 2.5 (current source) version of the inventory to the 2.6 installation/extraction folder:
$ cp /home/myaapadminid/aapinstalltmp/ansible-automation-platform-containerized-setup-bundle-2.5-20-x86_64/inventory ./
d. Review the inventory file for any additions.
$ cd /home/myaapadminid/aapinstalltmp/ansible-automation-platform-containerized-setup-bundle-2.6-3-x86_64
- Verify no SAML private keys to remediate, and if using Lightspeed, add those variables now.
$ vi inventory
<review and make any changes>
<esc>:wq (to save updates)
5. Perform the Upgrade
a. Login:
$ ssh myaapadminid@cksnode1.mindwatering.net
<login>
b. Perform upgrade:
$ cd /home/myaapadminid/aapinstalltmp/ansible-automation-platform-containerized-setup-bundle-2.6-3-x86_64
$ ansible-playbook -i inventory ansible.containerized_installer.install
6. Post AAP 2.6 Upgrade Validation
a. Check Authentication and Role Access:
- Test user authentication with the local admin account and a few domain-based login accounts to confirm working.
- Test RBAC roles that rights across Organization, Projects, Inventories, Job Templates, etc.
- Confirm team (groups) memberships are intact.
- Test external API access. Look also for any old AAP 2.4/2.5 external apps/services that were never updated to point to the Gateway endpoint APIs.
- If using SSO integration, verify SSO working.
b. Verify Gateway login again:
- Login to the gateway webUI for AAP
web browser --> aapgwdev.mindwatering.net --> login
- - Dashboard loads
- - No HTTP 500 errors
- - Controller connected
c. Verify Automation Controller:
- Login to the gateway webUI for AAP
web browser --> aapgwdev.mindwatering.net --> login - -> Automation Execution -->
- - Verify Organizations all exist
- - Verify Projects all exist
- - Verify Projects Sync successfully
- - Verify Inventories all exist
- - Verify Credentials all exist
- - Verify Job Templates all exist
- - Verify running Jobs running and confirm finishing successfully
- - Confirm non-default EEs that have been migrated, and Jobs using custom EEs are running and finishing successfully
- - Verify jobs running can access target inventory servers, and external systems (e.g. DNS, AD/LDAP, etc) are accessed okay
d. Verify Automation Hub:
- Login to the gateway webUI for AAP
web browser --> aapgwdev.mindwatering.net --> login - -> Automation Content -->
- - Confirm Collections exist
- - Confirm Namespaces appear and are correct
- - Test a Sync and a Publish as needed
e. Verify Event-Driven Ansible:
- Login to the gateway webUI for AAP
web browser --> aapgwdev.mindwatering.net --> login - -> Automation Execution --> Decisions
- - Confirm Rulebooks migrated
- - Confirm Activations migrated
- - Confirm Rule Audits migrated
f. Scan the podman logs for each container:
$ ssh myaapadminid@cksnode1.mindwatering.net
$ podman logs -f <aap-container>
<review logs>
7. Post Migration Backup
a. Take a post database import backup:
$ ssh myaapadminid@cksnode1.mindwatering.net
$ cd /home/myaapadminid/aapinstalltmp/ansible-automation-platform-containerized-setup-bundle-2.6-3-x86_64
$ ansible-playbook -i inventory ansible.containerized_installer.backup
<complete and wait>
or for a specific location for the backup:
$ ansible-playbook -i inventory ansible.containerized_installer.backup -e "/local/backup/aap25bkup_yyyymmdd"
b. Confirm configuration of your backup software to the new container environment
- Complete any set-up needed to backup the new AAP 2.5 container environment
- Discontinue back-ups of the old source environment
c. Confirm new backups running on schedule
d. Confirm a restoration to an isolated network segment of your current new AAP 2.5 containerized environment
previous page
|