Migrating 3.x data to 4.x
The Continuous Delivery for PE 4.x series runs on a managed Kubernetes cluster, so your 3.x series data must be migrated to the new installation.
- Upgrade your existing 3.x installation to version 3.13.8.
- Create a new installation of Continuous Delivery for PE version 4.x.
- From the version 3.x root console, run the migration task.
- Restart the 4.x installation, which is now populated with your 3.x data.
What gets migrated?
The migration task copies and migrates to 4.x:
- The database, which contains all your Continuous Delivery for PE 3.x
installation's information, users, integrations, history, and artifacts
except job commands and job logs. Note: If you've configured your 4.x installation to use an externally managed PostgreSQL database, this step is skipped.
- The object store, which contains all of your 3.x installation's job commands
and job logs. Note: The 4.x series replaces external Artifactory and Amazon S3 object storage with a built-in highly available object storage system. Your 3.x object store will be migrated to the built-in 4.x object store.
- Any of the following configuration settings, if in use on
3.x:
CD4PE_REPO_CACHE_RETRIEVAL_TIMEOUT_MINUTES CD4PE_LDAP_GROUP_SEARCH_SIZE_LIMIT CD4PE_ENABLE_REPO_CACHING CD4PE_HTTP_CONNECTION_TIMEOUT_SEC CD4PE_HTTP_READ_TIMEOUT_SEC CD4PE_HTTP_WRITE_TIMEOUT_SEC CD4PE_HTTP_REQUEST_TIMEOUT_SEC CD4PE_INCLUDE_GIT_HISTORY_FOR_CD4PE_JOBS CD4PE_JOB_GLOBAL_TIMEOUT_MINUTES CD4PE_JOB_HTTP_READ_TIMEOUT_MINUTES
- The webhooks between your source control system and the Continuous Delivery for PEbackend endpoint URL. Note: This step is optional when running the migration task. The migration task is designed to be safely run more than once, so you can make sure your 4.x installation is ready for full-time use before you enable webhook updates.
- The 3.x root user, as you created a new root user when installing 4.x.
- The
JVM_ARGS
configuration setting, if in use on 3.x. - Backup tables created for you by Continuous Delivery for PE during
the 3.x series:
-
app-pipelines-3-0-backup.pfi
- created during the upgrade from 2.x to 3.x -
pe-ia-node-results-cve-2020-7944-backup.pfi
andpe-ia-resource-results-cve-2020-7944-backup.pfi
- created as part of the CVE 2020-7944 remediation in version 3.4.0
-
Migration cautions
A super user or the root user must perform this process.
Migrating from a local database in a 3.x installation to an external database in a 4.x installation is not supported.
New data created in the 3.x installation during the migration process might not be migrated to the 4.x installation. If data created during the migration process is missing after migration is complete, re-run the migration task.
out of memory
error during the migration process, double
the heap size on your 4.x installation by adding Java virtual machine arguments such
as the following on the Config page of the platform admin
console: -Xms512m -Xmx1G
Run the migration task
The migration task uses temporary credentials to establish a connection between your 3.x and 4.x installations, then migrates your 3.x installation data to a new 4.x installation.
- Upgrade your 3.x installation to version 3.13.8. The migration task fails if you run it on any other 3.x version.
- Create a new 4.x installation.
- Review the Puppet Application Manager system requirements.
- Follow the instructions that match your environment to Install Puppet Application Manager.
- According to your environment, either Configure and deploy Continuous Delivery for PE, or Configure and deploy Continuous Delivery for PE in an offline environment.
CAUTION: Do not perform any integrations or create any new data in the 4.x installation until migration is complete. - Make sure that your 3.x installation can reach the Kubernetes API running on your 4.x installation.
- If your new 4.x installation is behind a proxy, set both
HTTP_PROXY
andHTTPS_PROXY
as values for thecd4pe_docker_extra_params
parameter on thecd4pe
class for your 3.x installation, passing in the URL of your proxy.Note: To pass additional arguments to the Docker process running the Continuous Delivery for PE container, you must specify them as an array. For example:"-e HTTPS_PROXY=https://proxy.example.com", "-e HTTP_PROXY=https://proxy.example.com"
Test the new 4.x installation
It's extremely important to thoroughly test the 4.x installation to make sure that the data has been properly migrated and all functionality is working as expected before moving on.
Update webhooks
As a final step in the 3.x to 4.x data migration process, or any time you change the location of your Continuous Delivery for PE installation, update the webhooks that connect Continuous Delivery for PE with your source control provider.
Post-migration next steps and troubleshooting
Once your 3.x data is migrated, the 4.x installation has been thoroughly tested, and webhooks are updated, you're ready to begin using 4.x with your team. However, you should not immediately decommission your 3.x installation, as it may be necessary to roll back to 3.x if issues arise.
Keep your 3.x installation intact until you are fully confident that all features of the new 4.x installation are working as expected. As a precautionary measure, we strongly advise maintaining the inactive 3.x installation for the first two months of using 4.x.
Maintaining the dormant 3.x installation for an extended test period allows you to roll back to 3.x and prevent production environment disruptions in the event that an issue arises with your 4.x migration.
Rolling back to the 3.x installation
- In your 3.x installation, navigate to a control repo's pipeline and click Manage pipelines.
- Select Manage in the web UI and locate the Automation webhook section, where the webhook (including token) for your control repo is printed.
- Copy the webhook and navigate to the corresponding repository in your source control provider. Add the webhook to the repository and remove the webhook that points to the 4.x installation.
- Repeat this process for each control repo and module repo in your 3.x installation.
- Generate a new access token for each PE instance connected with the 3.x installation by navigating to Settings > Puppet Enterprise and clicking Edit credentials .
- Select Basic authorization or API
token and enter the required information:
- For Basic authorization, enter the username and password for your "Continuous Delivery" user. Continuous Delivery for PE uses this information to generate an API token for you. The username and password are not saved.
- For API token, generate a PE access token for
your "Continuous Delivery" user using
puppet-access
or the RBAC v1 API, and paste it into the API token field. For instructions on generating an access token, see Token-based authentication.Note: To avoid unintended service interruptions, create an access token with a multi-year lifespan.
Once the 3.x webhooks and new PE access tokens are in place, you can resume using the 3.x installation.
When you're ready to return to 4.x, repeat the migration process from the beginning.