Prepare your Kubernetes environment, create your API Connect secrets, install
v10.
About this task
Follow this task along with the Kubernetes installation instructions:
Deploying on Kubernetes. The installation of v10 for v2018 form
factor migration differs from a standard v10 installation as follows:
- You must use the v2018 Management encryption secret from your v2018 source deployment (a new key
will be generated for the Portal subsystem).
- You must not use the same Management subsystem backup location and path as you use for your
v2018 source deployment.
- You can use the same Portal subsystem backup location and path as you use for your v2018 source
deployment. Reuse the v2018 portal backup path if you want to restore your v2018 portal site backups
- to migrate your site customizations.
- Ensure that any network route between the target installation and the
source system is disabled. The target system must not be able to communicate with the source
system.
This task describes the steps of the standard v10 installation that must be followed, and at
which points in the process to apply the v2018 extracted data.
Note: It is recommended that you keep the console output of all python scripts that
are run. On most MacOS and Linux environments, appending the following to the end of the command
saves the output to the specified file:
2>&1 | tee <output filename>
Procedure
-
Obtain the API Connect v10 product files: Obtaining product files.
- Create your v10 namespaces, deploy the API Connect v10 operators, and
cert-manager. The steps differ depending on whether you use one namespace for all API Connect subsystems, or whether
you want different namespaces for each subsystem. In both cases, complete all steps on these pages
except for the last step of installing your API Connect subsystems:
- Create the secrets based on your v2018 extracted data.
- Create the secrets by running the
create_secrets_in_target.py
script:
When the script detects more than one portal subsystem, it prompts you to select the portal
subsystem name that you want to create the secrets for. For the remaining portal subsystems, specify
the different portal namespace and name with the -ptl_ns
and
-ptl_subsys_name
arguments:
python3 create_secrets_in_target.py -skip_mgmt -ptl_ns <portal_x_namespace> -ptl_subsys_name <portal subsystem name>
- Verify that the secrets were created.
Run the kubectl get secrets
command as in the following example:
# kubectl get secrets -n <namespace>
NAME TYPE DATA AGE
...
<mgmt deployment name>-enc-key Opaque 1 2m47s
<portal deployment name>-enc-key Opaque 1 2m47s
management-backup-secret Opaque 2 2m47s
portal-backup-secret Opaque 2 2m47s
- Delete the v2018 Portal database encryption secret
<ptl_deployment_name>-enc-key
.
Run the following command to delete the
secret:
# kubectl -n <namespace> delete secret <portal deployment name>-enc-key
Note: The v2018 Portal database encryption secret is not compatible with v10. After you delete the
<ptl_deployment_name>-enc-key
, a new secret will be generated
when you apply the subsystem CR in a later step.
- Edit the subsystem YAML files as described in Installing the API Connect subsystems. You must update the following properties with the
data that is extracted from your source v2018 deployment, which can be found in
data/config.yaml
for the Management subsystem, and
data/config_portal.yaml
for the Portal.
Important: If you do not use the configuration from the source system, the migration
fails.
- Continue with the installation of the subsystems, as described in Installing the API Connect subsystems.
Note: To migrate all your v2018 data, install at least as many Portal and Gateway
subsystems as you have on your v2018 source deployment. If you want to do a staged migration, you
can install any remaining subsystems later.
Postinstallation verification and v10 toolkit CLI
download.
- Log in to the Cloud
Manager UI: Login to
Cloud Manager UI.
- Download the v10 toolkit CLI (CLI only) and
credentials.json
file, see Installing the
v10 toolkit.
- Unpack the v10 toolkit CLI, and copy the
apic-slim
and credentials.json
files to your
apicv10install
directory. Rename apic-slim
to
apic
.
- Ensure that your v10 toolkit CLI
apic
command is in your PATH variable:
EXPORT PATH=<apicv10install directory>:$PATH
- Set your toolkit CLI credentials
with:
apic client-creds:set <apicv10install directory>/credentials.json
- Verify you can log in to your Management subsystem with the toolkit CLI. Use the same
password as you used to log in to the Cloud
Manager
UI.
apic login --server <platform_api_endpoint> --username admin --realm admin/default-idp-1
where
<platform_api_endpoint> is the FQDN of the platform api endpoint that is
defined for your v10 Management subsystem, as returned by this
command:
kubectl get ingress -n <namespace> | grep platform-api
For
more information, see
v10 toolkit CLI login
What to do next
Restore your v2018 source data to your v10 target deployment: Restoring the v2018 data to the v10 target deployment.