Skip to content

1.20.x to 1.22.x

This guide provides instructions for upgrading a Controller from version 1.20 to 1.22 in a Google Cloud Environment.


Upgrading from version 1.20 to 1.22 does not require the database migration for the GKE Blueprint.

Before Upgrading

Check the following:

  • Check that all clusters under the required projects are running and healthy.
  • Check that the usage of CPU, memory, and other parameters are normal.
  • Check that applications and services that were installed using a custom Blueprint are running.
  • Check that the machine/server has sufficient memory to install a new image.
  • Check that the management VM has at least 30 GB available in the / directory.

Follow these steps before upgrading:

  • Navigate to the tmp folder and remove the folders created by the Rafay Controller package. This step is optional.

    cd /tmp
    sudo rm -rf radm.log rafay-dep rafay-cluster rafay-core istio
  • Delete the rafay-core-upload-agent-config-file. A change in the job spec in the latest version will not patch the upgraded controller.

    kubectl delete job -n rafay-core rafay-core-upload-agent-config-file

Upgrade Services

Install RADM Services

  • Download the new package.

  • Validate the package using md5sum. The example below includes the response.

    md5sum rafay-controller-1.22-09PAN.tar.gz
    4d828596357b6b2dba1acc9365cf929f  rafay-controller-1.22-09PAN.tar.gz
  • Untar the package.

    tar -xf rafay-controller-1.22-09PAN.tar.gz
  • Backup the config.yaml file from the v1.20 Controller package.

    cp -rp config.yaml config.yaml-1.20
  • Navigate to the latest Controller package and run the following command.

    cp -rp config.yaml-gke-tmpl config.yaml
  • Open the config.yaml file and update the values. These should match the v1.20 config.yaml file. With the Vi editor, press i to insert text. To save the file, press Esc, then type :wq and press Enter.

    vi config.yaml

    Example config.yaml file

    kind: InitConfiguration
      name: "RafayAirGapController"
      blueprintVersion: v1
      # networking:         # Interface for core traffic. Default picks the primary interface.
        # interface: ens3
        type: "GKE"   # Supports "airgap", "EKS", "GKE" and "AKS".
        ha: true
        external-database: true
        host: ""
        port: "5432"
        enabled: true
          serviceAccount: "[email protected]"  #format is "<ServiceAccount_Name>@<GCP_PROJECT_ID>"
          hosted_zone_id: "rafay_zone"
        enabled: true
        restore: false
        schedule: "*/10 * * * *"  #"*/10 * * * *" #Takes backup of rafay-core namespace every 10 min
        bucketName: "rafay-bucket" #storage container name
          serviceAccount: "[email protected]"  #format is "<ServiceAccount_Name>@<GCP_PROJECT_ID>"
          path: /home/opc/rafay/rafay-infra-centos.tar.gz
          dir: /tmp
        - name: istio
          path: /home/opc/rafay/istio-1.14.3-blueprint.tar.gz
        - name: rafay-dep
          path: /home/opc/rafay/rafay-dep.tar.gz
        - name: rafay-core
          path: /home/opc/rafay/rafay-core.tar.gz
        - name: rafay-cluster
          path: /home/opc/rafay/rafay-cluster.tar.gz
        generate-self-signed-certs: false         # TRUE creates self-signed certs for all controller endpoints. FALSE will use certs updated at console-certificates.certificate
        console-certificates:                    # add the wildcard cert for the star-domain only when generate-self-signed-certs is false.
          certificate: "RXhhbXBsZSBDZXJ0aWZpY2F0ZQ=="
          key: "RXhhbXBsZSBLZXk="
          user: [email protected]
          password: change123
          star-domain: ""      # Provide the wildcard             # Display logo in UI, Default picks
          name: Rafay GKE
        gloabl.tsdb.gke.bucket: "rafay-bucket"
        global.secrets.tsdb.gke.storage_account_key: "RW50ZXIgU3RvcmFnZSBhY2NvdW50IGtleQ=="
        global.external_lb: "false"
        global.secrets.aws_account_id: "1234567890"       # Used for AWS IAM role based cluster provisioning, Add below secrets after encoding it with Base64.
        global.secrets.aws_access_key_id: "RHVtbXk="
        global.secrets.aws_secret_access_key: "Y2hhbmdlcGx6"
        global.disable_xframe_Cors_policy: "true" # When True, we disable x-frame header and Cors policy in UI
        nfs.server: "" # <IP Address of Filestore Instance>
        nfs.path: "/volumes"
  • Install the Controller dependencies.

    ./radm dependency --config config.yaml --kubeconfig <config file from gke cluster>
  • Install the Application.

    ./radm application --config config.yaml --kubeconfig <config file from gke cluster>
  • Delete the Repository pod for adding new changes.

    kubectl delete po -n rafay-core nexus-0
  • Run the following cluster command.

    ./radm cluster --config config.yaml --kubeconfig <gke cluster config file>

The upgrade is complete.