Skip to main content
A newer release of this product is available.

Upgrade Astra Control Center

Contributors netapp-dbagwell
PDFs

To upgrade Astra Control Center, download the installation bundle from the NetApp Support Site and complete these instructions. You can use this procedure to upgrade Astra Control Center in internet-connected or air-gapped environments.

Before you begin

  • Before you upgrade, refer to operational environment requirements to ensure your environment still meets the minimum requirements for Astra Control Center deployment. Your environment should have the following:

    • A supported Astra Trident version
      To determine the version you are running, run the following command against your existing Astra Control Center:

      kubectl get tridentversion -n trident

      Refer to Astra Trident documentation to upgrade from an older version.

      Warning You must upgrade to Astra Trident 22.10 PRIOR to upgrading to Kubernetes 1.25.

    • A supported Kubernetes distribution
      To determine the version you are running, run the following command against your existing Astra Control Center: kubectl get nodes -o wide

    • Sufficient cluster resources
      To determine cluster resources, run the following command in your existing Astra Control Center cluster: kubectl describe node <node name>

    • A registry you can use to push and upload Astra Control Center images

    • A default storage class
      To determine your default storage class, run the following command against your existing Astra Control Center: kubectl get storageclass

  • (OpenShift only) Ensure all cluster operators are in a healthy state and available.

    kubectl get clusteroperators

  • Ensure all API services are in a healthy state and available.

    kubectl get apiservices

  • Log out of your Astra Control Center UI before you begin the upgrade.

About this task

The Astra Control Center upgrade process guides you through the following high-level steps:

Important Do not delete the Astra Control Center operator (for example, kubectl delete -f astra_control_center_operator_deploy.yaml) at any time during the Astra Control Center upgrade or operation to avoid deleting pods.
Tip Perform upgrades in a maintenance window when schedules, backups, and snapshots are not running.

Download and extract Astra Control Center

  1. Go to the Astra Control Center product downloads page on the NetApp Support Site. You can select the latest version or another version you want from the drop-down menu.

  2. Download the bundle containing Astra Control Center (astra-control-center-[version].tar.gz).

  3. (Recommended but optional) Download the certificates and signatures bundle for Astra Control Center (astra-control-center-certs-[version].tar.gz) to verify the signature of the bundle:

    tar -vxzf astra-control-center-certs-[version].tar.gz
    openssl dgst -sha256 -verify certs/AstraControlCenter-public.pub -signature certs/astra-control-center-[version].tar.gz.sig astra-control-center-[version].tar.gz

    The output will show Verified OK after successful verification.

  4. Extract the images from the Astra Control Center bundle:

    tar -vxzf astra-control-center-[version].tar.gz

Remove the NetApp Astra kubectl plugin and install it again

You can use the NetApp Astra kubectl command line plugin to push images to a local Docker repository.

  1. Determine if you have the plug-in installed:

    kubectl astra

  2. Take one of these actions:

    • If the plugin is installed, the command should return the kubectl plugin help. To remove an existing version of kubectl-astra, run this command: delete /usr/local/bin/kubectl-astra.

    • If the command returns an error, the plugin is not installed and you can proceed to the next step to install it.

  3. Install the plugin:

    1. List the available NetApp Astra kubectl plugin binaries, and note the name of the file you need for your operating system and CPU architecture:

      Note The kubectl plugin library is part of the tar bundle and is extracted into the folder kubectl-astra. 
      ls kubectl-astra/

    2. Move the correct binary into the current path and rename it to kubectl-astra:

      cp kubectl-astra/<binary-name> /usr/local/bin/kubectl-astra

Add the images to your local registry

  1. Complete the appropriate step sequence for your container engine:

Docker

  1. Change to the root directory of the tarball. You should see this file and directory:

    acc.manifest.bundle.yaml
    acc/

  2. Push the package images in the Astra Control Center image directory to your local registry. Make the following substitutions before running the push-images command:

    • Replace <BUNDLE_FILE> with the name of the Astra Control bundle file (acc.manifest.bundle.yaml).

    • Replace <MY_FULL_REGISTRY_PATH> with the URL of the Docker repository; for example, "https://<docker-registry>".

    • Replace <MY_REGISTRY_USER> with the user name.

    • Replace <MY_REGISTRY_TOKEN> with an authorized token for the registry.

      kubectl astra packages push-images -m <BUNDLE_FILE> -r <MY_FULL_REGISTRY_PATH> -u <MY_REGISTRY_USER> -p <MY_REGISTRY_TOKEN>
Podman

  1. Change to the root directory of the tarball. You should see this file and directory:

    acc.manifest.bundle.yaml
    acc/

  2. Log in to your registry:

    podman login <YOUR_REGISTRY>

  3. Prepare and run one of the following scripts that is customized for the version of Podman you use. Substitute <MY_FULL_REGISTRY_PATH> with the URL of your repository that includes any sub-directories.

    Podman 4
    export REGISTRY=<MY_FULL_REGISTRY_PATH>
export PACKAGENAME=acc
export PACKAGEVERSION=23.04.2-7
export DIRECTORYNAME=acc
for astraImageFile in $(ls ${DIRECTORYNAME}/images/*.tar) ; do
astraImage=$(podman load --input ${astraImageFile} | sed 's/Loaded image: //')
astraImageNoPath=$(echo ${astraImage} | sed 's:.*/::')
podman tag ${astraImageNoPath} ${REGISTRY}/netapp/astra/${PACKAGENAME}/${PACKAGEVERSION}/${astraImageNoPath}
podman push ${REGISTRY}/netapp/astra/${PACKAGENAME}/${PACKAGEVERSION}/${astraImageNoPath}
done
    Podman 3
    export REGISTRY=<MY_FULL_REGISTRY_PATH>
export PACKAGENAME=acc
export PACKAGEVERSION=23.04.2-7
export DIRECTORYNAME=acc
for astraImageFile in $(ls ${DIRECTORYNAME}/images/*.tar) ; do
astraImage=$(podman load --input ${astraImageFile} | sed 's/Loaded image: //')
astraImageNoPath=$(echo ${astraImage} | sed 's:.*/::')
podman tag ${astraImageNoPath} ${REGISTRY}/netapp/astra/${PACKAGENAME}/${PACKAGEVERSION}/${astraImageNoPath}
podman push ${REGISTRY}/netapp/astra/${PACKAGENAME}/${PACKAGEVERSION}/${astraImageNoPath}
done
    Note The image path the script creates should resemble the following, depending on your registry configuration: 
    https://netappdownloads.jfrog.io/docker-astra-control-prod/netapp/astra/acc/23.04.2-7/image:version

Install the updated Astra Control Center operator

  1. Change the directory:

    cd manifests

  2. Edit the Astra Control Center operator deployment yaml (astra_control_center_operator_deploy.yaml) to refer to your local registry and secret.

    vim astra_control_center_operator_deploy.yaml

    1. If you use a registry that requires authentication, replace or edit the default line of imagePullSecrets: [] with the following:

      imagePullSecrets: [{name: astra-registry-cred}]

    2. Change [your_registry_path] for the kube-rbac-proxy image to the registry path where you pushed the images in a previous step.

    3. Change [your_registry_path] for the acc-operator image to the registry path where you pushed the images in a previous step.

    4. Add the following values to the env section:

      - name: ACCOP_HELM_UPGRADETIMEOUT
  value: 300m
      apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    control-plane: controller-manager
  name: acc-operator-controller-manager
  namespace: netapp-acc-operator
spec:
  replicas: 1
  selector:
    matchLabels:
      control-plane: controller-manager
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        control-plane: controller-manager
    spec:
      containers:
      - args:
        - --secure-listen-address=0.0.0.0:8443
        - --upstream=http://127.0.0.1:8080/
        - --logtostderr=true
        - --v=10
        image: [your_registry_path]/kube-rbac-proxy:v4.8.0
        name: kube-rbac-proxy
        ports:
        - containerPort: 8443
          name: https
      - args:
        - --health-probe-bind-address=:8081
        - --metrics-bind-address=127.0.0.1:8080
        - --leader-elect
        env:
        - name: ACCOP_LOG_LEVEL
          value: "2"
        - name: ACCOP_HELM_UPGRADETIMEOUT
          value: 300m
        image: [your_registry_path]/acc-operator:23.04.36
        imagePullPolicy: IfNotPresent
        livenessProbe:
          httpGet:
            path: /healthz
            port: 8081
          initialDelaySeconds: 15
          periodSeconds: 20
        name: manager
        readinessProbe:
          httpGet:
            path: /readyz
            port: 8081
          initialDelaySeconds: 5
          periodSeconds: 10
        resources:
          limits:
            cpu: 300m
            memory: 750Mi
          requests:
            cpu: 100m
            memory: 75Mi
        securityContext:
          allowPrivilegeEscalation: false
      imagePullSecrets: []
      securityContext:
        runAsUser: 65532
      terminationGracePeriodSeconds: 10

  3. Install the updated Astra Control Center operator:

    kubectl apply -f astra_control_center_operator_deploy.yaml

    Sample response:

    namespace/netapp-acc-operator unchanged
customresourcedefinition.apiextensions.k8s.io/astracontrolcenters.astra.netapp.io configured
role.rbac.authorization.k8s.io/acc-operator-leader-election-role unchanged
clusterrole.rbac.authorization.k8s.io/acc-operator-manager-role configured
clusterrole.rbac.authorization.k8s.io/acc-operator-metrics-reader unchanged
clusterrole.rbac.authorization.k8s.io/acc-operator-proxy-role unchanged
rolebinding.rbac.authorization.k8s.io/acc-operator-leader-election-rolebinding unchanged
clusterrolebinding.rbac.authorization.k8s.io/acc-operator-manager-rolebinding configured
clusterrolebinding.rbac.authorization.k8s.io/acc-operator-proxy-rolebinding unchanged
configmap/acc-operator-manager-config unchanged
service/acc-operator-controller-manager-metrics-service unchanged
deployment.apps/acc-operator-controller-manager configured

  4. Verify pods are running:

    kubectl get pods -n netapp-acc-operator

Upgrade Astra Control Center

  1. Edit the Astra Control Center custom resource (CR):

    kubectl edit AstraControlCenter -n [netapp-acc or custom namespace]

  2. Change the Astra version number (astraVersion inside of spec) to the version you are upgrading to:

    spec:
  accountName: "Example"
  astraVersion: "[Version number]"

  3. Verify that your image registry path matches the registry path you pushed the images to in a previous step. Update imageRegistry inside of spec if the registry has changed since your last installation.

      imageRegistry:
    name: "[your_registry_path]"

  4. Add the following to your crds configuration inside of spec:

    crds:
  shouldUpgrade: true

  5. Add the following lines within additionalValues inside of spec in the Astra Control Center CR:

    additionalValues:
    nautilus:
      startupProbe:
        periodSeconds: 30
        failureThreshold: 600

  6. Save and exit the file editor. The changes will be applied and the upgrade will begin.

  7. (Optional) Verify that the pods terminate and become available again:

    watch kubectl get pods -n [netapp-acc or custom namespace]

  8. Wait for the Astra Control status conditions to indicate that the upgrade is complete and ready (True):

    kubectl get AstraControlCenter -n [netapp-acc or custom namespace]

    Response:

    NAME    UUID                                      VERSION     ADDRESS         READY
astra   9aa5fdae-4214-4cb7-9976-5d8b4c0ce27f      23.04.2-7   10.111.111.111  True
    Note To monitor upgrade status during the operation, run the following command: kubectl get AstraControlCenter -o yaml -n [netapp-acc or custom namespace]
    Note To inspect the Astra Control Center operator logs, run the following command:
    kubectl logs deploy/acc-operator-controller-manager -n netapp-acc-operator -c manager -f

Verify system status

  1. Log in to Astra Control Center.

  2. Verify that the version has been upgraded. See the Support page in the UI.

  3. Verify that all your managed clusters and apps are still present and protected.