MOSIP Docs 1.2.0
GitHubCommunityTech BlogsWhat's New
  • MOSIP
    • Overview
    • License
    • Principles
      • Inclusion
      • Privacy and Security
        • Security
        • Data Protection
        • Privacy
    • Technology
      • Architecture
      • Digital ID DPI Framework
      • Technology Stack
      • API
      • Sandbox Details
    • Standards & Specifications
      • MOSIP Standards
        • 169 - QR Code Specifications
        • 169 - QR Code Specifications 1.0.0
    • Inji
    • eSignet
  • ID Lifecycle Management
    • Identity Issuance
      • Pre-registration
        • Overview
          • Features
        • Develop
          • Developers Guide
          • UI Specifications
        • Test
          • Try It Out
          • End User Guide
          • Pre-registration Collab Guide
      • Registration Client
        • Overview
          • Features
        • Develop
          • Developers Guide
          • UI Specifications
        • Test
          • Try It Out
          • End User Guide
          • Registration Client Collab Guide
        • Deploy
          • Installation Guide
          • Operator Onboarding
          • Configuration Guide
          • Settings page
        • Telemetry from Registration Client
      • Android Registration Client
        • Overview
          • Features
        • Develop
          • Developer Guide
          • UI Specification
          • Technology Stack
        • Test
          • End User Guide
          • Collab Guide
        • Deploy
          • Configuration Guide
      • Registration Processor
        • Overview
          • Features
        • Develop
          • Registration Processor Developers Guide
        • Test
          • Credential Requestor Stage
          • Manual Adjudication and Verification
        • Deploy
          • Configurations Details
          • Deploy
      • ID Repository
        • Credential Request Generator Service Developers Guide
        • Identity Service Developers Guide
        • VID Service Developers Guide
        • .well-known
        • Custom Handle Implementation Guide
    • Identity Verification
      • ID Authentication Services
        • ID Authentication Demographic Data Normalization
        • ID Authentication Service Developers Guide
        • ID Authentication OTP Service Developer Guide
        • ID Authentication Internal Service Developers Guide
        • MOSIP Authentication SDK
      • ID Authentication
    • Identity Management
      • ID Schema
      • Identifiers
      • Resident Portal
        • Overview
          • Features
        • Develop
          • Developers Guide
          • UI Developers Guide
          • UI Specifications
          • Technology Stack
        • Test
          • Functional Overview
          • End User Guide
          • Collab Guide
        • Deploy
          • Deployment Guide
          • Configuration Guide
          • Configuring Resident OIDC Client
          • Browsers Supported
    • Support Systems
      • Administration
        • Develop
          • Admin Services Developers Guide
        • Test
          • Try it out
          • Admin Portal User Guide
          • Admin Portal Collab Guide
        • Masterdata Guide
      • Partner Management System
        • Partners
        • Overview
          • Features
        • Develop
          • Architecture
          • Technology Stack
          • Backend Developers Guide
          • UI Developers Guide
          • Build and Development Guide
          • New Language Support
          • Browsers Supported
        • Test
          • Try It Out
          • Partner Administrator
          • Policy Manager
          • Authentication Partner
          • Device Provider
          • FTM Chip Provider
          • PMS Collab Guide
        • Deploy
          • PMS Configuration Guide
          • API changes with PMS Revamp
        • PMS Legacy
          • Partner Management System
          • Partner Management Portal
          • Auth Partner
          • Device Provider
          • Foundational Trust Provider
          • Partner Management Services Developers Guide
      • Reporting
        • Anonymous Profiling Support
    • Supporting Components
      • Biometrics
        • ABIS
        • ABIS API
        • Biometric SDK
        • Biometric Devices
        • FTM
        • Biometric Specification
        • MDS Specification
        • CBEFF
        • Compliance Tool Kit
      • Commons
        • Commons Developers Guide
        • Audit Manager Developers Guide
        • OpenID-Bridge Developers Guide
        • ID Generator
      • Datashare
      • Keycloak
      • Persistence
        • Postgres DB
        • Object Store
      • Packet Manager
        • Registration Packet Structure
      • Quality Manager
        • Automation
          • API Test Rig Automation
          • DSL Test Rig Automation
          • UI Test Rig Automation
          • Automation Testing
        • Manual
    • Supporting Services
      • Mock Services
      • Key Manager
        • Keys
        • Hadware Security Module (HSM)
        • Key Manager Developers Guide
      • Module Configurations
      • WebSub
        • WebSub Developers Guide
  • Setup
    • Deployment
      • Getting Started
        • Helm Charts
        • Versioning
        • Wireguard
          • Wireguard Bastion Host
          • Wireguard Administrator's Guide
          • Wireguard Client Installation Guide
        • Production
          • Server Hardware Requirements
          • Production Hardening Guide
          • Administration Using Rancher
      • V3 installation
        • On-Prem Installation Guidelines
        • On-Prem without DNS Installation Guidelines
        • AWS Installation Guidelines
        • Testrig
        • MOSIP External Dependencies
        • MOSIP Modules Deployment
    • Implementations
      • Implementations
      • Reference Implementations
    • Upgrade
      • Adopting LTS 1.2.0
        • Upgrade Runbook
          • Deployment Architecture Upgrade
          • Platform Upgrade
          • Additional Information
            • Handling Duplicate Entries
            • Adapting Changes in Administration Roles
            • Identifying Applicant Type
            • Changes in Camel Route
            • Changes in Role Management based on Client IDs
            • Handling Case Insensitive Duplicated User Details
            • Managing Unequal Certificates
            • Update Identity Mapping file in Configuration
            • New Datashare Properties
            • Handling Non-Recoverable Packets
            • Partners' Certificate Expired
            • Handling Partner Organization Name Mismatch Issue
            • Pre-Registration UI Upgrade
            • Registration Client Upgrade
            • Guide to Reprocess Packets Manually
        • Documentation for 1.1.5
      • Java 21 Migration Guide
  • Interoperability
    • Integrations
      • MOSIP - CRVS
        • Scope
        • Approach
          • Technical Details
        • Existing Integrations
          • OpenCRVS
      • MOSIP e-Manas
      • Digital Signature
      • MOSIP Token Seeder
        • MTS Versions
          • Version 1.0.0
          • Version 1.0.1
          • Version 1.1.0 (WIP)
        • MTS Developer Guides
          • Developer Guide 1.0
          • Developer Guide 1.1
        • MTS Connector
        • OpenG2P-registry MTS Connector
      • MOSIP eSignet
        • ID Authentication
        • Partner Management
        • Configuring eSignet
      • Print Service Integration
        • Verified Credentials
  • Community
    • Contributions
    • Code Contributions
      • Code of Conduct
      • MOSIP Release Process
        • Go/No Go Release Checklist
      • MOSIP Branching Strategy
    • Community Calendars
    • Documentation Credits
  • Roadmap and Releases
    • Roadmap
      • Roadmap 2025
      • Roadmap 2024
      • Roadmap 2023
    • Releases
      • Partner Management System Revamp (Patch)
      • Registration v1.2.1.1
      • PMS Revamp Release 1.2.2.1 (Patch)
      • v1.2.1.0 - Registration Processor
        • Test Report
      • Android Registration Client v0.11.0
        • Test Report
      • API Test Commons Releases
        • v1.3.2
        • v1.3.1
        • v1.3.0
      • 1.2.1.0-beta.1 (Part 3)
        • Test Report
      • Partner Management System 1.2.2.0
        • Test Report
      • Resident Services v0.9.1
        • Test Report
      • 1.2.0.2 - Reg Processor & ID Repo
        • Test Report
      • 1.2.1.0-beta.1 (Part 2)
        • Enhancements and Bug Fixes
        • Test Report
      • 1.2.1.0-beta.1(Part 1)
      • Android Registration Client 0.11.0-beta.1
        • Test Report
      • Partner Management System 1.3.0-dp.1
        • Test Report
      • 1.2.2.0 (Mosip - Config)
      • Api Test Commons Releases
      • Android Registration Client v0.10.0
        • Test Report
      • Resident Services 0.9.0
        • Test Report
      • 1.2.1.0 (ID Authentication)
        • Functional Test Report
      • 1.2.0.2
        • Test Report
      • 1.2.0.1
        • Enhancements and Bug Fixes
        • Test Report
      • Android Registration Client 0.9.0
        • Test Report
      • 1.2.0.1-B4 (Beta)
        • Test Report
      • Android Registration Client DP1
      • Resident Services DP1
      • 1.2.0.1-B3 (Beta)
        • Test Report
      • 1.2.0.1-B2 (Beta)
      • 1.2.0.1-B1 (Beta)
        • Functional Test Report
        • Sonar Report
      • 1.2.0
        • Enhancements
        • Functional Test Report
        • Sonar Scan Report
        • Performance Test Report
        • Security Test Report
        • Feature Health Report
  • General
    • Glossary
    • Resources
    • MOSIP Support Policy
    • Collab Environment Guides
      • Use Cases
        • Loan Application
      • Generating Demo Credentials
    • MOSIP Documentation Style Guide
Powered by GitBook

Copyright © 2021 MOSIP. This work is licensed under a Creative Commons Attribution (CC-BY-4.0) International License unless otherwise noted.

On this page
  • Step 1: New environment setup with V3 Architecture
  • Step 2: Deployment of external services
  • Step 3: Backup and restoration of external services

Was this helpful?

Edit on GitHub
Export as PDF
  1. Setup
  2. Upgrade
  3. Adopting LTS 1.2.0
  4. Upgrade Runbook

Deployment Architecture Upgrade

This document outlines the steps required for migrating the deployment architecture from V2 to V3.

Step 1: New environment setup with V3 Architecture

This is required for migration from V2 to V3 architecture

  1. Make sure to have all the pre-requisites ready as per the details present in the section pre-requisites

  2. Setup Wireguard Bastion host

  3. Setup wireguard client in your local and complete the configuration

  4. Setup Observation K8 cluster

  5. Configure Observation k8 cluster

  6. Observation cluster’s nginx setup

  7. Observation cluster applications setup

  8. Observation cluster keycloak-rancher integration

  9. Setup new MOSIP k8 cluster

  10. MOSIP k8 cluster configuration

  11. MOSIP cluster nginx setup

  12. Setting up Monitoring for MOSIP cluster

  13. Setting up Alerting for MOSIP cluster

  14. Setting up Logging for MOSIP cluster

Step 2: Deployment of external services

(Required for V2 to V3 architecture migration)

  1. Setup postgres server

    Note:

    i. Deploy postgres server in a seperate node.

    ii. Make sure postgres initialisation is not done (only install postgres).

  2. Setup Keycloak server

    Note: Make sure keycloak initialisation is not done (only install keycloak).

  3. Setup Softhsm

  4. Setup Minio server

  5. Setup ClamAV

  6. Setup ActiveMQ

  7. Setup Message Gateway

  8. Setup docker registry secrets if you are using private dockers.

    Note: These instructions are only applicable if you need to access Private Docker Registries. You may disregard them if all of your Docker containers are downloaded from the public Docker Hub.

  9. Setup Captcha for the required domains.

  10. Setup Landing page for new MOSIP cluster.

Step 3: Backup and restoration of external services

This step is required for V2 to V3 architecture migration.

  1. Softhsm (only required if softhsm is used instead of real HSM)

    i. Backup keys

    ii. Restore old key

    iii. Update softhsm ida and softhsm kernel security pin

  2. Postgres

    i. Export

    ii. Import

    iii. secret creation

    iv. Increase postgres max_connections to 1000

  3. Keycloak

    i. Export

    ii. Import

  4. Minio

    i. Export the existing Minio as directory

    ii. Clone Minio

  5. Kafka

    i. setup external minio for backup.

    ii. backup kafka

    iii. restore kafka

  6. Conf-secrets

Update the secrets in existing secrets in conf-secrets namspace.

  1. Packets in landing to be copied from old environment to the upgraded environment or same NFS folder can be mounted to regproc packet server and group 1 stage groups. Refer here for more details.

  • dmz-sc.yaml

  • dmz-pkt-pv.yaml

  • dmz-pkt-pvc.yaml

  • dmz-landing-pv.yaml

  • dmz-landing-pvc.yaml

PreviousUpgrade RunbookNextPlatform Upgrade

Last updated 1 year ago

Was this helpful?