Migrating from Gravity to K3s#
Due to the suspension of support for Gravity by Teleport, Anaconda highly recommends that Gravity users migrate to a fully supported, up-to-date Kubernetes implementation. To aid you in the process and make it as painless as possible, Anaconda has developed a migration process that allows you to leave your data in place, meaning your cluster will retain its configurations, projects, deployments, and scheduled jobs.
Warning
Do not uninstall Gravity until you are instructed to do so in the process described below.
Prerequisites#
Before starting the Gravity to K3s migration process, ensure your system meets the following requirements:
Verify that you have a functioning Gravity cluster running Workbench.
Verify that you have 300GB disk space available in
var/lib/rancher
.Verify that you have SSH access from the control plane node to all agent nodes.
Tip
Anaconda recommends generating a dedicated SSH key distributed across the nodes of the cluster—separate from the one you may use to access the cluster itself—to facilitate passwordless node-to-node access.
Verify that you have the K3s directory bundle and the image tarball for the latest version of Workbench.
Verify that Docker or Podman is removed from any VMs where K3s will be installed.
Verify that your cluster’s SSL certificates are up to date.
If you have created an
anaconda-persistence
volume, you need the.yaml
file you wrote containing thePersistentVolume
andPersistentVolumeClaim
values. If you don’t have it anymore, recreate the file before you begin the migration process.Review the K3s installation requirements for your operating system and verify that your virtual machines are prepared to receive K3s:
SELinux must be disabled.
Anaconda strongly recommends that built-in firewall software is fully disabled during migration. If this is not possible, ensure that you open the ports listed here.
On RHEL/CentOS, the
NetworkManager
service must be disabled:systemctl disable nm-cloud-setup.service nm-cloud-setup.timer
Note
If Gravity is already successfully running, it is likely that your system already meets these requirements. Even so, Anaconda strongly encourages you to verify the requirements anyway, especially on RHEL.
Pre-installation#
Perform all actions from an administrative account that has sudo
access on all nodes and a non-zero UID:
SSH onto the primary node.
Deliver the latest Workbench image tarball and K3s bundle to the primary node.
Unpack the K3s bundle and
cd
into the directory that it creates.Remove old installations of conda by running the following command:
rm -rf ~/ae5-conda ~/miniconda3
Install and activate the
ae5_conda
environment by running the following commands:bash ae5-conda-latest-Linux-x86_64.sh source ~/ae5-conda/bin/activate
This environment contains all the tools you need to manage Workbench; for more information, see Administration server.
Obtain your current cluster configurations by running the following command:
./extract_config.sh
The
extract_config.sh
script produces two files:helm_values.yaml
andanaconda-enterprise-certs.json
.Back up your current instance by running the following command:
ae_backup.sh
The
ae_backup.sh
script produces two timestamped files:ae5_config_db_<YYYYMMDDHHMM>.tar.gz
andae5_data_<YYYYMMDDHHMM>.tar.gz
.Stage the K3s assets by running the following command:
./k3s_preinstall.sh
The
k3s_preinstall.sh
script produces two files:k3s_values.yaml
andNEXT_STEPS.txt
.The preinstallation script is designed to coach you on the necessary actions you need to take to install if your system is not ready. For example, if you do not have your instance backed up, the
k3s_preinstall.sh
script will inform you that the backups are missing and tell you to perform a backup before proceeding. Once the script has completed, it saves the output to theNEXT_STEPS.txt
file.Note
If you have made an error during the pre-installation process, perform the pre-installation cleanup commands. and start over.
It is safe to run the
./k3s_preinstall.sh
command as many times as is necessary. No destructive actions are performed on your cluster by running the pre-install script.
Verify that all of the files produced by running the pre-installation scripts were successfully generated. If you cannot locate all of the files, stop here and consult your Workbench support team to diagnose the failures and complete pre-installation successfully.
Installation#
The following steps detail the conventional output of what the k3s_preinstall.sh
script will tell you to do. However, the script makes adjustments to these steps based on your local environment and outputs them to the NEXT_STEPS.txt
file. Review the file and, if the output diverges from these instructions, follow the instructions in the file instead.
Log out of the server node, then log back in to pick up the environment changes that were made during the pre-installation process.
Pause the application by running the following command:
ae_pause.sh
Uninstall Gravity and Workbench by running the following commands on each node, starting with the worker nodes and ending with the control plane node:
sudo gravity system uninstall sudo reboot
This removes Gravity and the Workbench application from the cluster, but leaves the Workbench data in place!
Caution
Reboot each time you uninstall a node!
Navigate to the
anaconda-enterprise-k3s-*
directory and install K3s by running the following command:./k3s_install.sh
Note
This script installs and starts K3s, then uploads the Workbench images. The image upload process can take up to 30 minutes to complete, depending on your setup.
Once the image uploads begin, you can continue with installation by opening a second terminal and navigating back to the
anaconda-enterprise-k3s-*
directory, or you can wait until the images are fully uploaded to continue.If your cluster has multiple nodes, add them now by running the following command for each node:
# Replace <PRIVATE_IP> with the nodes private network IP address ./k3s_addnode.sh <PRIVATE_IP>
Install the SSL certificates saved by the
extract_config.sh
script by running the following command:kubectl create -f anaconda-enterprise-certs.json
Verify that the
k3s_values.yaml
contains the expected Workbench configuration values.Tip
Take your time and verify everything is correct!
If necessary, restore your instance’s manually-created
anaconda-persistence
volume at this time by running the following command:# Replace <FILE> with the anaconda-persistence volume file name kubectl create -f <FILE>.yaml
Note
If you have any other volumes, provision them now as well.
Once the Workbench images are fully loaded, install the Workbench application in paused mode by running the following command:
helm install -f k3s_values.yaml --set global.paused=true anaconda-enterprise Anaconda-Enterprise/
Restore the system configurations from the backup you took earlier by running the following command:
ae_restore.sh ae5_config_db_<YYYYMMDDHHMM>.tar.gz
Unpause the backed up deployments and scheduled jobs by running the following command:
ae_unpause.sh
Monitor your cluster’s resources while they stabilize to ensure there are no unexpected issues by running the following command:
watch kubectl get pods
Allow time to pass for the pods to appear and move to the
Ready
andRunning
states.If you are upgrading from
5.5.x
or older, you must complete the manual Keycloak upgrade process at this time.Open a browser and navigate to your instance of Workbench.
Log in to Workbench and explore the platform to verify that all of your projects, deployments, and scheduled jobs are present.