Upgrading¶
Warning
These upgrade instructions cover the upgrades of the helm chart only, they do NOT cover any steps necessary to upgrade the Nautobot application. Please see the official core documentation for further details.
Major Version Upgrades¶
To 3.x¶
- The
postgresqlandredissubcharts are no longer deployed by default. They must be explicitly enabled if used.
- The
rabbitmqsubchart was removed. It must be deployed as a separate installation if used. - The
mariadbsubchart was removed. If must be deployed as a separate installation if used. -
The
postgresqlhasubchart was removed. If must be deployed as a separate installation if used. -
The username field is now required in the existing secret if
nautobot.db.existingSecretis used. By default, theusernameandpasswordkeys are used. The following snippets show the sample secret andvalues.yamlsettings:
---
apiVersion: "v1"
kind: "Secret"
metadata:
name: "nautobot-db-credentials"
namespace: "nautobot"
type: "Opaque"
data:
username: "bmF1dG9ib3Q="
password: "cGFzc3dvcmQ="
- The default image was changed to 3.x. Make sure that you explicitly set the value to 2.x if you are not ready to upgrade. Also the registry was changed from
ghcr.iotoregistry-1.docker.io.
- The Nautobot Celery readiness and liveness probes were changed to use files instead of celery pings. This change requires at least Nautobot version
3.0.1. If older version is used disable this feature:
celery:
celery_health_probes_as_files: false
livenessProbe:
enabled: true
exec:
command:
- "bash"
- "-c"
- "nautobot-server celery inspect ping --destination celery@$HOSTNAME"
initialDelaySeconds: 10
periodSeconds: 60
timeoutSeconds: 10
failureThreshold: 3
successThreshold: 1
readinessProbe:
enabled: true
exec:
command:
- "bash"
- "-c"
- "nautobot-server celery inspect ping --destination celery@$HOSTNAME"
initialDelaySeconds: 10
periodSeconds: 60
timeoutSeconds: 10
failureThreshold: 3
successThreshold: 1
-
The configuration for Celery workers includes new options. If the options are currently set with environmental variables, remove those options and enable them through the Celery settings.
- Set the value for
celery.task_acks_lateand remove theCELERY_TASK_ACKS_LATEenvironmental variable. - Set the value for
celery.worker_prefetch_multiplierand remove theNAUTOBOT_CELERY_WORKER_PREFETCH_MULTIPLIERenvironmental variable.
- Set the value for
To 2.x¶
Note
These instructions assume you have followed the very basic installation instructions as described above. If you have utilized existing secrets or advanced options, please see the release notes referenced below for possible additional steps.
-
The
celeryWorkerandceleryBeatvalues change toworkers.defaultandworkers.beatrespectively. -
The PostgreSQL subchart was upgraded from version 10 to version 12, this was a breaking change, see the release notes for more information. At a minimum the following values must change:
postgresql.postgresqlPostgresPasswordchanges topostgresql.auth.postgresPasswordpostgresql.postgresqlUsernamechanges topostgresql.auth.usernamepostgresql.postgresqlPasswordchanges topostgresql.auth.passwordpostgresql.postgresqlDatabasechanges topostgresql.auth.databasepostgresql.existingSecretchanges topostgresql.auth.existingSecretpostgresql.securityContextchanges topostgresql.primary.podSecurityContextpostgresql.containerSecurityContextchanges topostgresql.primary.containerSecurityContext
-
The Redis subchart was upgraded from version 16 to version 17, this was a breaking change, see the release notes for more information. No default values passed to this chart have changed.
-
The PostgreSQL-HA subchart was upgraded from version 8 to version 11, this was a breaking change, see the release notes for more information. At a minimum the following values must change:
postgresqlha.postgresql.securityContextchanges topostgresqlha.postgresql.podSecurityContextpostgresqlha.metrics.securityContextchanges topostgresqlha.metrics.podSecurityContext
-
The MariaDB subchart was upgraded from version 10 to version 11, this is a breaking change, see the release notes for more information. No default values passed to this chart have changed.
Example Upgrade Procedure¶
Warning
This is only an example based on the most simple default deployment case. Be sure to read the Bitnami PostgreSQL Release Notes before upgrading.
- Please verify if any values in your local
values.yamlfile match the above values you will need to migrate them. If you do not have the originalvalues.yamlthe chart was deployed with you can usehelm get values -n $NAMESPACE -o yamlto get the deployed values. - ALWAYS BACKUP YOUR DATABASE BEFORE UPGRADING!
-
Run the following Commands:
Note
These steps were derived from the Bitnami Release notes from Upgrading PostgreSQL, be sure to check them for any deltas you may have.
export NAMESPACE=nautobot # Be sure to use the correct namespace here export POSTGRES_SECRET_NAME=nautobot-postgresql # If you have changed the default make sure you change it here export STATEFULSET_NAME=nautobot-postgresql # If you have changed the default make sure you change it here export POSTGRESQL_PASSWORD=$(kubectl get secret --namespace $NAMESPACE $POSTGRES_SECRET_NAME -o jsonpath="{.data.postgresql-password}" | base64 --decode) export POSTGRESQL_POSTGRES_PASSWORD=$(kubectl get secret --namespace $NAMESPACE $POSTGRES_SECRET_NAME -o jsonpath="{.data.postgresql-postgres-password}" | base64 --decode) export POSTGRESQL_PVC=$(kubectl get pvc --namespace $NAMESPACE -l app.kubernetes.io/instance=nautobot,app.kubernetes.io/name=postgresql,role=primary -o jsonpath="{.items[0].metadata.name}") export CURRENT_VERSION=$(kubectl exec --namespace $NAMESPACE nautobot-postgresql-0 -- bash -c 'echo $BITNAMI_IMAGE_VERSION') echo $POSTGRESQL_PASSWORD echo $POSTGRESQL_POSTGRES_PASSWORD echo $POSTGRESQL_PVC echo $CURRENT_VERSION -
Ensure the values output above are correct.
-
Update your
values.yamlmoving the values to the new names as described above and in the Bitnami PostgreSQL Release Notes](https://docs.bitnami.com/kubernetes/infrastructure/postgresql/administration/upgrade/). A basic example would take a simple values file such as:celeryBeat: resources: requests: cpu: "1000m" memory: "2G" celeryWorker: replicaCount: 4 postgresql: postgresqlPassword: change-me redis: auth: password: change-meand it would change to:
Note
Make sure to replace the
postgresPassword,tag, andexistingClaimwith the values from above.workers: beat: resources: requests: cpu: "1000m" memory: "2G" default: replicaCount: 4 postgresql: auth: password: change-me postgresPassword: ${POSTGRESQL_POSTGRES_PASSWORD from above} image: tag: ${CURRENT_VERSION from above} primary: persistence: existingClaim: ${POSTGRESQL_PVC from above} redis: auth: password: change-meWarning
The following steps are disruptive and should be executed during a maintenance window.
-
Scale the Nautobot services to 0
-
This would be a good time to get a pristine backup of your database
kubectl delete statefulsets.apps $STATEFULSET_NAME --namespace $NAMESPACE --cascade=orphan kubectl delete secret $POSTGRES_SECRET_NAME --namespace $NAMESPACE kubectl delete pod --namespace default nautobot-postgresql-0 helm repo update nautobot helm upgrade nautobot nautobot/nautobot -f ${New values.yaml file from above}
Note
The instructions above reuse the same PostgreSQL version you were using in your chart release. Otherwise, you will find an error such as the one below when upgrading since the new chart major version also bumps the application version. To workaround this issue you need to upgrade database, please refer to the official PostgreSQL documentation for more information about this.
Minor Version Upgrades¶
Nautobot Versions¶
This chart doesn't always get a new release with a new release of Nautobot, therefore the chart versions do NOT correspond to a Nautobot version. It is possible to deploy newer Nautobot versions with this chart however, to do this simply run a command similar to:
1.0.x to 1.1.x¶
Following the normal helm upgrade procedures is sufficient for upgrading during this release: