Deployment Architecture Upgrade

This document outlines the steps required for migrating the deployment architecture from V2 to V3.

Step 1: New environment setup with V3 Architecture

This is required for migration from V2 to V3 architecture
  1. 1.
    Make sure to have all the pre-requisites ready as per the details present in the section pre-requisites
  2. 2.
    Setup Wireguard Bastion host
  3. 3.
    Setup wireguard client in your local and complete the configuration
  4. 5.
  5. 6.
    Observation cluster’s nginx setup
  6. 7.
    Observation cluster applications setup
  7. 8.
    Observation cluster keycloak-rancher integration
  8. 9.
    Setup new MOSIP k8 cluster
  9. 10.
    MOSIP k8 cluster configuration
  10. 11.
    MOSIP cluster nginx setup
  11. 12.
    Setting up Monitoring for MOSIP cluster
  12. 13.
    Setting up Alerting for MOSIP cluster
  13. 14.
    Setting up Logging for MOSIP cluster

Step 2: Deployment of external services

(Required for V2 to V3 architecture migration)
  1. 1.
    i. Deploy postgres server in a seperate node.
    ii. Make sure postgres initialisation is not done (only install postgres).
  2. 2.
    Note: Make sure keycloak initialisation is not done (only install keycloak).
  3. 3.
    Setup Softhsm
  4. 4.
    Setup Minio server
  5. 5.
    Setup ClamAV
  6. 6.
    Setup ActiveMQ
  7. 7.
  8. 8.
    Setup docker registry secrets if you are using private dockers.
    Note: These instructions are only applicable if you need to access Private Docker Registries. You may disregard them if all of your Docker containers are downloaded from the public Docker Hub.
  9. 9.
    Setup Captcha for the required domains.
  10. 10.
    Setup Landing page for new MOSIP cluster.

Step 3: Backup and restoration of external services

This step is required for V2 to V3 architecture migration.
  1. 1.
    Softhsm (only required if softhsm is used instead of real HSM)
    iii. Update softhsm ida and softhsm kernel security pin
  2. 2.
    i. Export
    ii. Import
    iii. secret creation
    iv. Increase postgres max_connections to 1000
  3. 3.
    i. Export
    ii. Import
  4. 4.
    i. Export the existing Minio as directory
  5. 5.
    i. setup external minio for backup.
    ii. backup kafka
    iii. restore kafka
  6. 6.
Update the secrets in existing secrets in conf-secrets namspace.
  1. 7.
    Packets in landing to be copied from old environment to the upgraded environment or same NFS folder can be mounted to regproc packet server and group 1 stage groups. Refer here for more details.
  • dmz-sc.yaml
  • dmz-pkt-pv.yaml
  • dmz-pkt-pvc.yaml
  • dmz-landing-pv.yaml
  • dmz-landing-pvc.yaml
Last modified 1mo ago
Copyright © 2021 MOSIP. This work is licensed under a Creative Commons Attribution (CC-BY-4.0) International License unless otherwise noted.