Chapter 3. Standalone upgrade
In general, Red Hat Quay supports upgrades from a prior (N-1) minor version only. For example, upgrading directly from Red Hat Quay 3.8 to the latest version of 3.13 is not supported. Instead, users would have to upgrade as follows:
-
3.8.z
3.9.z -
3.9.z
3.10.z -
3.10.z
3.11.z -
3.11.z
3.12.z -
3.12.z
3.13.z
This is required to ensure that any necessary database migrations are done correctly and in the right order during the upgrade.
In some cases, Red Hat Quay supports direct, single-step upgrades from prior (N-2, N-3) minor versions. This exception to the normal, prior minor version-only, upgrade simplifies the upgrade procedure for customers on older releases. The following upgrade paths are supported for Red Hat Quay 3.13:
-
3.10.z
3.13.z -
3.11.z
3.13.z -
3.12.z
3.13.z
For users wanting to upgrade the Red Hat Quay Operator, see Upgrading the Red Hat Quay Operator Overview.
This document describes the steps needed to perform each individual upgrade. Determine your current version and then follow the steps in sequential order, starting with your current version and working up to your desired target version.
See the Red Hat Quay Release Notes for information on features for individual releases.
The general procedure for a manual upgrade consists of the following steps:
- Stop the Quay and Clair containers.
- Backup the database and image storage (optional but recommended).
- Start Clair using the new version of the image.
- Wait until Clair is ready to accept connections before starting the new version of Quay.
3.1. Accessing images
Red Hat Quay image from version 3.4.0 and later are available from registry.redhat.io and registry.access.redhat.com, with authentication set up as described in Red Hat Container Registry Authentication.
3.2. Upgrading the Clair PostgreSQL database
If you are upgrading Red Hat Quay to version 13, you must migrate your Clair PostgreSQL database version from PostgreSQL version 13
Use the following procedure to upgrade your Clair PostgreSQL database from version 13
Clair security scans might become temporarily disrupted after the migration procedure has succeeded.
Procedure
Stop the Red Hat Quay container by entering the following command:
$ sudo podman stop <quay_container_name>
Stop the Clair container by running the following command:
$ sudo podman stop <clair_container_id>
Run the following Podman process from SCLOrg’s Data Migration procedure, which allows for data migration from a remote PostgreSQL server:
$ sudo podman run -d --name <clair_migration_postgresql_database> 1 -e POSTGRESQL_MIGRATION_REMOTE_HOST=<container_ip_address> \ 2 -e POSTGRESQL_MIGRATION_ADMIN_PASSWORD=remoteAdminP@ssword \ -v </host/data/directory:/var/lib/pgsql/data:Z> \ 3 [ OPTIONAL_CONFIGURATION_VARIABLES ] registry.redhat.io/rhel8/postgresql-15
- 1
- Insert a name for your Clair PostgreSQL 15 migration database.
- 2
- Your new Clair PostgreSQL 15 database container IP address. Can obtained by running the following command:
sudo podman inspect -f "{{.NetworkSettings.IPAddress}}" postgresql-quay. - 3
- You must specify a different volume mount point than the one from your initial Clair PostgreSQL 13 deployment, and modify the access control lists for said directory. For example:
$ mkdir -p /host/data/clair-postgresql15-directory
$ setfacl -m u:26:-wx /host/data/clair-postgresql15-directory
This prevents data from being overwritten by the new container.
Stop the Clair PostgreSQL 13 container:
$ sudo podman stop <clair_postgresql13_container_name>
After completing the PostgreSQL migration, run the Clair PostgreSQL 15 container, using the new data volume mount from Step 3, for example,
</host/data/clair-postgresql15-directory:/var/lib/postgresql/data>:$ sudo podman run -d --rm --name <postgresql15-clairv4> \ -e POSTGRESQL_USER=<clair_username> \ -e POSTGRESQL_PASSWORD=<clair_password> \ -e POSTGRESQL_DATABASE=<clair_database_name> \ -e POSTGRESQL_ADMIN_PASSWORD=<admin_password> \ -p 5433:5432 \ -v </host/data/clair-postgresql15-directory:/var/lib/postgresql/data:Z> \ registry.redhat.io/rhel8/postgresql-15Start the Red Hat Quay container by entering the following command:
$ sudo podman run -d --rm -p 80:8080 -p 443:8443 --name=quay \ -v /home/<quay_user>/quay-poc/config:/conf/stack:Z \ -v /home/<quay_user>/quay-poc/storage:/datastorage:Z \ {productrepo}/{quayimage}:{productminv}Start the Clair container by entering the following command:
$ sudo podman run -d --name clairv4 \ -p 8081:8081 -p 8088:8088 \ -e CLAIR_CONF=/clair/config.yaml \ -e CLAIR_MODE=combo \ registry.redhat.io/quay/clair-rhel8:{productminv}
For more information, see Data Migration.
3.3. Upgrade to 3.13.z from 3.12.z
3.3.1. Target images
- Quay: registry.redhat.io/quay/quay-rhel8:v3.13.1
- Clair: registry.redhat.io/quay/clair-rhel8:v3.13.1
- PostgreSQL: registry.redhat.io/rhel8/postgresql-13
- Redis: registry.redhat.io/rhel8/redis-6:1-110
- Clair-PosgreSQL: registry.redhat.io/rhel8/postgresql-15
3.4. Upgrade to 3.13.z from 3.11.z
3.4.1. Target images
- Quay: registry.redhat.io/quay/quay-rhel8:v3.13.1
- Clair: registry.redhat.io/quay/clair-rhel8:v3.13.1
- PostgreSQL: registry.redhat.io/rhel8/postgresql-13
- Redis: registry.redhat.io/rhel8/redis-6:1-110
- Clair-PosgreSQL: registry.redhat.io/rhel8/postgresql-15
3.5. Upgrade to 3.13.z from 3.10.z
3.5.1. Target images
- Quay: registry.redhat.io/quay/quay-rhel8:v3.13.1
- Clair: registry.redhat.io/quay/clair-rhel8:v3.13.1
- PostgreSQL: registry.redhat.io/rhel8/postgresql-13
- Redis: registry.redhat.io/rhel8/redis-6:1-110
- Clair-PosgreSQL: registry.redhat.io/rhel8/postgresql-15
