Upgrade the Virtual Appliance in AWS

Upgrading the Virtual Appliance involves:

  • Backing up and deleting the hard disks of the existing virtual machines.
  • Deploying new virtual machines by using AMI image.
  • Restoring the backup to their hard disks.
  • Attaching the new hard disks to the older virtual machines

Splunk AppDynamics On-Premises Virtual Appliance provides the reference script that helps in upgrading the Virtual Appliance.

Standard Deployment
Sl No Steps
1 Back Up the Virtual Appliance Data
2 Prepare the AWS Environment for the Upgrade
3 Upgrade the Virtual Appliance
4 Verify the Deployment Status
5 Restore Data in the Virtual Appliance
6 Migrate EUM and Synthetic Services Data to MinIO
Hybrid Deployment
Sl No. Steps
1 Back Up the Virtual Appliance Data
2 Prepare the AWS Environment for the Upgrade
3 Upgrade the Virtual Appliance
4 Verify the Deployment Status
5 Restore Data in the Virtual Appliance
6 Migrate EUM and Synthetic Services Data to MinIO
7 Generate the Hybrid Configuration File
Note: This document contains links to AWS documentation. Splunk AppDynamics makes no representation as to the accuracy of AWS documentation because AWS controls its own documentation.

Follow steps to upgrade the Virtual Appliance in AWS.

Back Up the Virtual Appliance Data

Before you begin the upgrade, complete the following steps:

  1. Download the Virtual Appliance upgrade AMI file:
    1. Log in to the Downloads portal using your credentials.
    2. In Downloads, select the Virtual Appliance tab.
    3. Select AMI from the Type list.
    4. Select Download.
    Note: The file available in the downloads portal is used for both installation and upgrade procedures.
  2. Shutdown the Secure Application, Anomaly Detection, and remaining services. Then, shutdown Splunk AppDynamics.
    CODE 
    appdcli stop secapp
appdcli stop aiops
appdcli stop [services]
appdcli stop appd
<<Wait for pods to terminate before deleting operators>>
appdcli stop operators
    Note:

    • Ensure that there are no pods in the running state before you start the data backup.

    • Sometimes, IOException error occurs in the Controller UI. See Troubleshoot Virtual Appliance Issues
    .
  3. Optional: Create a migration script for custom actions. See Migrate Custom Actions.
  4. Generate a backup file.

Migrate Custom Actions

The custom actions path has changed from the previous release. Create and run the following script to migrate custom actions during the upgrade.

  1. Create a migration script for custom actions (custom-actions-migrate.sh) in /var/appd/config .
  2. Edit custom-actions.migrate.sh.
    CODE 
    vi /var/appd/config/custom-actions-migrate.sh
    JSON 
    #!/usr/bin/env bash

set -euo pipefail

# Configuration
OLD=/var/appd/data/custom-actions
NEW=/var/appd/config/custom-actions
ARCHIVE=${2:-custom-actions.tgz}

case "${1:-}" in
    backup)
        test -d "$OLD/actions" || { echo "No custom actions found at $OLD/actions"; exit 1; }
        
        sudo tar -C "$OLD" -czf "$ARCHIVE" actions
        echo "Backup created: $ARCHIVE"
        ;;

    restore)
        test -f "$ARCHIVE" || { echo "Backup file not found: $ARCHIVE"; exit 1; }
        
        sudo mkdir -p "$NEW"
        sudo tar -C "$NEW" -xzf "$ARCHIVE"
        
        # Set permissions
        sudo chown -R appduser:appduser "$NEW/actions"
        sudo find "$NEW/actions" -type d -exec chmod 755 {} \;
        sudo find "$NEW/actions" -type f -exec chmod 755 {} \;
        
        echo "Restored custom actions to $NEW/actions"
        ;;

    *)
        echo "Usage: $0 backup [custom-actions.tgz] | restore <custom-actions.tgz>"
        exit 1
        ;;
esac
  3. Change permissions of the migration script.
    CODE 
    chmod +x /var/appd/config/custom-actions-migrate.sh
  4. Sync custom actions to the running controller.
    CODE 
    appdcli controller actions_sync
  5. Create a custom action archive.
    CODE 
    ./custom-actions-migrate.sh backup custom-actions.tgz
Generate a Backup File

Generate a Backup File

Follow the steps to generate a backup file and save it outside the cluster:
  1. Run the backup command:
    CODE 
    appdcli run backup
    This command generates a <backup_tar> file with all the necessary data.
  2. Copy and paste the <backup_tar> file outside of the cluster. If you have custom certificates, copy them to the same location as the backup file.

Prepare the AWS Environment for the Upgrade

To upgrade virtual machines in AWS, you must create the image and snapshot from the new AMI.

Note:

To use AWS CLI, you require reference scripts. Download these script from the Splunk AppDynamics GitHub repository. In config.cfg, ensure to update or verify the configuration details such as tags, deployment configuration, and IP addresses. Run the scripts in the given order. For more information about AWS CLI, see AWS CLI Documentation.

You must use the same AWS profile, VPC, S3 Bucket, and IAM role that you created at the time of deployment. See Deploy and Configure Virtual Machines in AWS.

AWS Resources Description Reference Scripts
1 Image

Upload the Splunk AppDynamics image in the S3 bucket that generates the AMI for Virtual Appliance. See Uploading objects.

 05-aws-upload-image.sh
2 Snapshot

Snapshots help in using the AMI that you have uploaded to S3 bucket. Complete the following steps to obtain an AMI ID:

  1. Import the snapshot.
  2. Register the snapshot.
Note: The AMI ID is used to create virtual machines.

06-aws-import-snapshot.sh

07-aws-register- snapshot.sh

Upgrade the Virtual Appliance

Run the upgrade scripts in the given order:

Step Filename
1 Obtain the details of the virtual machine. 01-aws-get-vm-details.sh
2 Shutdown the virtual machine. 02-aws-terminate-vms.sh
3 Check status of the virtual machine.

Ensure that all three virtual machines are terminated. If any of the virtual machines are not terminated, run the script again until all virtual machines are terminated.

 03-aws-get-vm-status.sh
4 Create a virtual machine. 04-aws-create-vms.sh

Verify the Deployment Status

Verify the deployment of virtual machines:

  1. Verify whether the deployment of virtual machines are successful on each virtual machine:
    CODE 
    appdctl show boot
    Sample Output:
    CODE 
    NAME              | STATUS    | ERROR 
-------------------+-----------+-------
 firewall-setup    | Succeeded | --    
 hostname          | Succeeded | --    
 netplan           | Succeeded | --    
 ssh-setup         | Succeeded | --    
 storage-setup     | Succeeded | --    
 cert-setup        | Succeeded | --    
 enable-time-sync  | Succeeded | --    
 microk8s-setup    | Succeeded | --    
 cloud-init-config | Succeeded | --
    Note: Ensure the status of the services in each node. If any service appears as Failed, restart that virtual machine. You might have to redeploy the virtual machine if it is still failing.
  2. Create a three-node cluster:
    1. Run the following command in the primary node and specify the IP address of the peer nodes:
      CODE 
      appdctl cluster init <Node-2-IP> <Node-3-IP>
    2. Run the following command to verify the node status:
      CODE 
      appdctl show cluster
microk8s status
      Ensure that the output displays the Running status as true for the nodes that are part of the cluster.

      Sample Output

      CODE 
      NODE           | ROLE  | RUNNING 
----------------+-------+---------
 10.0.0.1:19001 | voter | true    
 10.0.0.2:19001 | voter | true    
 10.0.0.3:19001 | voter | true
      Note: You must re-login to the terminal if the following error appears:
      CODE 
      Insufficient Permissions to Access Microk8s

Restore Data in the Virtual Appliance

The data directories exist in the /var/appd/data location. Follow the steps to restore data in Virtual Appliance:
  1. Copy the <backup_tar> file to one of the cluster nodes that is generated earlier. See Prerequisites.
  2. Run the following command to restore the persistent volumes specifications:
    CODE 
    appdcli run restore <backup_tar>
  3. Restore custom actions to a new location.
    CODE 
    ./custom-actions-migrate.sh restore custom-actions.tgz
  4. Verify all PVCs are in the Bound state by running the following command:
    CODE 
    kubectl get pvc -A
  5. Start the following services and operators:
    1. Splunk AppDynamics Services.
      CODE 
      appdcli start appd [Profile]
    2. Anomaly Detection Service.
      CODE 
      appdcli start aiops [Profile]
    3. Secure Application Service.
      CODE 
      appdcli start secapp [Profile]
    4. Start the remaining services.
      CODE 
      appdcli start [Services] [Profile]
    Note: Sometimes, the MySQL Router pods might fail to start. See MySQL Router Pods Fail to Start.
After the upgrade, the cluster uses the existing data disk and becomes functional.

Migrate EUM and Synthetic Services Data to MinIO

If you are running EUM and Synthetic services, you must migrate the existing data in these services to MinIO. To migrate data, you must run the migration script. Complete the following steps to enable data migration:
  1. Log in to the Virtual Appliance node and edit the globals.yaml.gotmpl file.
    CODE 
    cd /var/appd/config
vi globals.yaml.gotmpl
  2. Enable data migration for Minio, set the minio.migration.enable parameter to true.
    CODE 
    minio:
  migration:
    enable: true
  3. Sync the changes across all the cluster nodes.
    CODE 
    appdcli sync appd <profile>

Generate the Hybrid Configuration File

You require to generate hybrid configuration file only if you are not using custom certificates for Ingress and Kafka clusters.

Ensure that you have the latest CA certificates obtained after installing services. If not, update the CA certificates and regenerate the hybrid configuration file after restarting the service.

  1. Run the script to connect the Kafka node ports with the standalone Controller:
    CODE 
    ~/appd-charts/utils$ bash prepare-hybrid.sh

    Sample output:

    CODE 
    Writing Kafka CA Cert
Writing Schema registry CA Cert
Writing AnomalyDetectionKafkaSSLProducer
Writing AnomalyDetectionKafkaConsumerSSL
Writing configure script
Creating archive of hybrid config
hybrid-config/
hybrid-config/kafka-ca.crt
hybrid-config/AnomalyDetectionKafkaConsumerSSL
hybrid-config/configure.sh
hybrid-config/schema-registry-ca.crt
hybrid-config/AnomalyDetectionKafkaSSLProducer
Completed

    This script generates the hybrid-config.tar file that includes the required configuration files.

  2. Copy the hybrid-config.tar file to your standalone Controller instance.
  3. Log in to the standalone Controller.
    1. Locate and extract the hybrid-config.tar file contents.
      CODE 
      tar -xvf hybrid-config.tar
    2. Run the configure.sh script to provision the Controller with certificates and secrets to connect to the Kubernetes cluster:

      The following script is extracted from the hybrid-config.tar file.

      CODE 
      $ ./configure.sh
      Output:
      CODE 
      Using controller home as /home/appdynamics/appdynamics and keystore password as changeit
Do you want to proceed? (y/n): y

Creating Kafka truststore
Certificate was added to keystore

Creating schema registry truststore
Certificate was added to keystore
Certificate was added to keystore

Writing obfuscated producer config
Writing obfuscated consumer config

Configure MySQL for SSL
Using controller ip as <IP>
Is this IP address correct? (y/n): y

DNS name should match the Virtual Appliance cluster hybrid dbHost configuration
Please enter the DNS name (default: 10.0.0.1.nip.io): <DNS_Name_of_Classic_On_Premises_Controller>

Using controller IP as 10.0.0.1
Updating certs at /home/appdynamics/appdynamics/platform/controller/db/data using CA key file ca-key.pem and cert file ca.pem
Certificate request self-signature ok
subject=CN = mysql
MySQL certificate generated successfully: server-cert.pem
Completed
    Note:

    Certificates in the Virtual Appliance expire after 60 days. To maintain connectivity, you must copy the updated certificates from the Virtual Appliance to your Splunk AppDynamics On-Premises Classic Controller. To do this, regenerate the hybrid configuration file on the Virtual Appliance and then copy it to your Standalone Controller.