Skip to main content

Migrate Bastion to New Machine

Warning

Chef Automate 4.10.1 released on 6th September 2023 includes improvements to the deployment and installation experience of Automate HA. Please read the blog to learn more about key improvements. Refer to the pre-requisites page (On-Premises, AWS) and plan your usage with your customer success manager or account manager.

Pre-requisite

  • Have a working HA cluster with Bastion.
  • New VM for a replacement Bastion with necessary hardware requirement for bastion (recommended to have same OS as the original bastion) - AWS Deployment Prerequisites

Note

The replacement bastion should also be in the same VPC. To avoid any surprises, having the VM in the same subnet as the original Bastion with a similar configuration is suggested.

Step-1: In Original/Old Bastion

  1. Copy the artifacts directory to the user directory of the Replacement/New Bastion.

    scp -i <ssh_key_file> -r /hab/cache/artifacts <USER>@<NEW_BASTION_PUBLIC/PRIVATE_IP>:/home/<USER>/
    
  2. Copy the /hab/a2_deploy_workspace directory to the user directory of the Replacement/New Bastion.

    scp -i <ssh_key_file> -r /hab/a2_deploy_workspace <USER>@<NEW_BASTION_PUBLIC/PRIVATE_IP>:/home/<USER>/
    
  3. Copy SSH_KEY_FILE used to connect to all frontend and backend nodes to the user directory of the Replacement/New Bastion.

    scp -i <ssh_key_file> <ssh_key_file> <USER>@<NEW_BASTION_PUBLIC/PRIVATE_IP>:/home/<USER>/
    

Step-2: In Replacement/New Bastion

  1. Install hab

    curl https://raw.githubusercontent.com/habitat-sh/habitat/master/components/hab/install.sh \ | sudo bash
    

Updating Permissions for Files

  1. Give root permissions to the file inside artifacts and a2_deploy_workspace directory in the home directory of the Replacement/New Bastion machine.

    cd /home/<USER>/
    chown -RL root:root artifacts/*
    chown -RL root:root a2_deploy_workspace/*
    
  2. Move those files into their respective places.

    mv -r artifacts/* /hab/cache/artifacts/
    mv -r a2_deploy_workspace/* /hab/a2_deploy_workspace/
    
  3. Place the ssh_user_key in the same directory as it was in the Original/Old Bastion machine.

    Eg: If the key is ~/.ssh/id_rsa, then in the Replacement/New Bastion also place it in ~/.ssh/id_rsa

  4. Give proper permission for the ssh_key_file.

    chmod 600 <ssh_key_file>
    

Install Packages

  1. Identify the same CLI and Deployment package version used in the Original/Old Bastion machine.

    • For CLI
    ls -la /hab/cache/artifacts/*cli*
    
    • For deployment package.
    ls -la /hab/cache/artifacts/*automate-ha-deployment*
    

    Note

    • If there is more than one CLI package available, use the latest one.
    • If more than one deployment package is available, identify the version used in the Original/Old Bastion machine and use the same version. Run ls -la /hab/ in the Original/Old Bastion machine to find the version.
  2. Install CLI and add it to the /bin.

    hab pkg install -bf <path to .hart file for CLI>
    
  3. Install the Automate Deployment Package.

    hab pkg install -bf <path to .hart file for deployment>
    

Note

  • Verify if chef-automate commands are working.
  • Once the commands are verified, you can clean up the Old Bastion Original/Old Bastion.
Edit this page on GitHub

Thank you for your feedback!

×