Rolling back foundational services fails when upgrading from 1.10.3 to 1.10.4 by using the Red Hat OpenShift web console
When upgrading IBM Security QRadar® Suite Software from 1.10.3 to 1.10.4 by using the Red Hat® OpenShift® web console, foundational services is not rolled back to v3.19.x, which is the long-term service release (LTSR).
Procedure
- Log in to your Red Hat OpenShift Container Platform cluster as a cluster administrator by
typing one of the following commands, where <openshift_url>
is the URL for your Red Hat OpenShift Container Platform
environment.
- Using a username and
password.
oc login <openshift_url> -u <cluster_admin_user> -p <cluster_admin_password> - Using a
token.
oc login --token=<token> --server=<openshift_url>
- Using a username and
password.
- Set the
$CP4S_NAMESPACEenvironment variable by typing the following command, where <cp4s_namespace> is the namespace where you are installing QRadar Suite Software.export CP4S_NAMESPACE=<cp4s_namespace> - Set the
$FS_NAMESPACEenvironment variable to your foundational services namespace by typing the following command.export FS_NAMESPACE=$(oc get cm cp4s-config -o jsonpath="{.data.CSNamespace}" -n $CP4S_NAMESPACE) - Check the startingCSV version by typing the following command.
oc get sub ibm-cp-security-operator -o jsonpath="{.spec.startingCSV}" && echo -
Remove the startingCSV field from the subscription by typing the following command.
oc edit sub ibm-cp-security-operator - Roll foundational services back to an earlier
version and complete the upgrade by typing the following command.
oc exec deploy/cp-serviceability -- /opt/bin/cs_rollback --channel v1.10 $(oc whoami -t) ${CP4S_NAMESPACE} $FS_NAMESPACE -fWhen the output of this command shows
ibm-cp-security-operator updated, the upgrade is complete. The following example output shows that the upgrade is complete.{"level":"info","ibm_datetime":"2022-09-27T12:17:20.509Z","caller":"misc/cleanup.go:332","message":"Deleted","Kind":"operator.ibm.com/v1alpha1, Kind=OperandBindInfo","Name":"ibm-licensing-bindinfo"} ... ... {"level":"info","ibm_datetime":"2022-09-27T12:19:24.882Z","caller":"main/main.go:281","message":"ibm-cp-security-operator updated, waiting for install"} - Verify that foundational services is set to
v3by typing the following command.oc get sub -n $FS_NAMESPACE ibm-common-service-operator -o jsonpath='{.spec.channel}{"\n"}' - Verify that foundational services is version
3.19.x, IBM NamespaceScope Operator is 1.13.3, and that QRadar Suite Software is 1.10.17 by typing the following command.
oc get csv | grep -E "foundations|ibm-cp-security|common-service|namespace"