search
GitHubCommunityInitiativesWhat's NewContact Us
githubEdit

Deployment Architecture Upgrade

This document outlines the steps required for migrating the deployment architecture from V2 to V3.

hashtag
Step 1: New environment setup with V3 Architecture

This is required for migration from V2 to V3 architecture

  1. Make sure to have all the pre-requisites ready as per the details present in the section pre-requisitesarrow-up-right

  2. Setup Wireguard Bastion hostarrow-up-right

  3. Setup wireguard client in your local and complete the configurationarrow-up-right

  4. Setup Observation K8 clusterarrow-up-right

  5. Configure Observation k8 clusterarrow-up-right

  6. Observation cluster’s nginx setuparrow-up-right

  7. Observation cluster applications setuparrow-up-right

  8. Observation cluster keycloak-rancher integrationarrow-up-right

  9. Setup new MOSIP k8 clusterarrow-up-right

  10. MOSIP k8 cluster configurationarrow-up-right

  11. MOSIP cluster nginx setuparrow-up-right

  12. Setting up Monitoringarrow-up-right for MOSIP cluster

  13. Setting up Alertingarrow-up-right for MOSIP cluster

  14. Setting up Loggingarrow-up-right for MOSIP cluster

hashtag
Step 2: Deployment of external services

(Required for V2 to V3 architecture migration)

  1. Setup postgres serverarrow-up-right

    Note:

    i. Deploy postgres server in a seperate node.

    ii. Make sure postgres initialisation is not done (only install postgres).

  2. Setup Keycloak serverarrow-up-right

    Note: Make sure keycloak initialisation is not done (only install keycloak).

  3. Setup Softhsmarrow-up-right

  4. Setup Minio serverarrow-up-right

  5. Setup ClamAVarrow-up-right

  6. Setup ActiveMQarrow-up-right

  7. Setup Message Gatewayarrow-up-right

  8. Setup docker registry secretsarrow-up-right if you are using private dockers.

    Note: These instructions are only applicable if you need to access Private Docker Registries. You may disregard them if all of your Docker containers are downloaded from the public Docker Hub.

  9. Setup Captchaarrow-up-right for the required domains.

  10. Setup Landing pagearrow-up-right for new MOSIP cluster.

hashtag
Step 3: Backup and restoration of external services

This step is required for V2 to V3 architecture migration.

  1. Softhsm (only required if softhsm is used instead of real HSM)

    i. Backup keysarrow-up-right

    ii. Restore old keyarrow-up-right

    iii. Update softhsm ida and softhsm kernel security pin

  2. Postgres

    i. Exportarrow-up-right

    ii. Importarrow-up-right

    iii. secret creation

    iv. Increase postgres max_connections to 1000

  3. Keycloak

    i. Exportarrow-up-right

    ii. Importarrow-up-right

  4. Minio

    i. Export the existing Minio as directory

    ii. Clone Minioarrow-up-right

  5. Kafka

    i. setup external minio for backup.

    ii. backup kafka

    iii. restore kafka

  6. Conf-secrets

Update the secrets in existing secrets in conf-secrets namspacearrow-up-right.

  1. Packets in landing to be copied from old environment to the upgraded environment or same NFS folder can be mounted to regproc packet server and group 1 stage groups. Refer herearrow-up-right for more details.

  • dmz-sc.yaml

  • dmz-pkt-pv.yaml

  • dmz-pkt-pvc.yaml

  • dmz-landing-pv.yaml

  • dmz-landing-pvc.yaml

PreviousUpgrade RunbookNextPlatform Upgrade

Last updated

Was this helpful?