Upgrading UFM on Docker Container
On This Page
Upgrade the UFM container based on the existing UFM configuration files that are mounted on the server. It is important to use that same directory as a volume for the UFM installation command.
In the below example /opt/ufm_files is used.
Stop the UFM Enterprise service. Run:
systemctl stop ufm-enterprise
Remove the existing docker image. Run:
docker rmi mellanox/ufm-enterprise:latest
Load the new UFM Enterprise docker image. Run:
docker pull mellanox/ufm-enterprise:latest
Run the docker upgrade command:
docker run -it --name=ufm_installer --rm \ -v /var/run/docker.sock:/var/run/docker.sock \ -v /etc/systemd/system/:/etc/systemd_files/ \ -v /opt/ufm/files/:/opt/ufm/shared_config_files/ \ mellanox/ufm-enterprise:latest --upgrade
Reload system manager configuration:
Start UFM Enterprise service:
systemctl start ufm-enterprise
As of UFM version 6.14.0, UFM upgrade on HA supports in-service upgrade, meaning UFM can continue running during the steps of the upgrade, and there is no need to stop UFM before the upgrade (although this is also supported).
Remove the old docker image from the standby server. Run:
Stand-by# docker rmi mellanox/ufm-enterprise:latest
Pull the new UFM Enterprise docker image on the standby server. Run:
docker pull mellanox/ufm-enterprise:latestWarning
At this stage, the UFM container has been updated with the latest code. The UFM data, however, will be updated during the next UFM run.
Perform a failover to start UFM on the upgraded node. On the master node, run:
When UFM starts, it will automatically update the UFM configuration.
Repeat steps 1-2 on the un-upgraded node (previous Master node).
Download and extract the latest UFM HA package. Run:
Install the extracted UFM HA package:Warning
In the below command, please modify the partition name based on the already configured DRBD partition.
Configure HA. There are two methods:
Configure HA with SSH Trust - Requires passwordless SSH connection between the servers.
Configure HA without SSH Trust - Does not require passwordless SSH connection between the servers, but asks you to run configuration commands on both servers.
Configure HA with SSH Trust
On the master server only, configure the HA nodes. To do so, from /tmp, run the configure_ha_nodes.sh command as shown in the below example
The script configure_ha_nodes.sh is is located under /usr/local/bin/, therefore, by default, you do not need to use the full path to run it.Warning
The --cluster-password must be at least 8 characters long.Warning
To set up a Virtual IP for UFM and gain access to UFM through this IP, regardless of which server is running UFM, you may employ the --no-vip OR --virtual-ip command and provide an IP address as an argument. This can be achieved by navigating to https://<Virtual-IP>/ufm on your web browser.Warning
When using back-to-back ports with local IP addresses for HA sync interfaces, ensure that you add your IP addresses and hostnames to the /etc/hosts file. This is needed to allow the HA configuration to resolve hostnames correctly based on the IP addresses you are using.Warning
configure_ha_nodes.sh requires SSH connection to the standby server. If SSH trust is not configured, then you are prompted to enter the SSH password of the standby server during configuration runtime
Depending on the size of your partition, wait for the configuration process to complete and DRBD sync to finish.
Configure HA without SSH Trust
If you cannot establish an SSH trust between your HA servers, you can use ufm_ha_cluster directly to configure HA. To configure HA, follow the below instructions:Warning
Please change the variables in the commands below based on your setup.
[On Standby Server] Run the following command to configure Standby Server:
ufm_ha_cluster config -r standby \ --local-primary-ip
[On Master Server] Run the following command to configure Master Server:
ufm_ha_cluster config -r master --local-primary-ip
12345678\ --local-primary-ip fcfc:fcfc:
224:20c:29ff:fee7:d5f2 \ --peer-primary-ip fcfc:fcfc:
4962\ --local-secondary-ip fe80::
6365\ --peer-secondary-ip fe80::
You must wait until after configuration for DRBD sync to finish depending on the size of your partition.
Start UFM HA cluster. Run: