Upgrades
Overview of how to perform TileDB Cloud Enterprise upgrades

Process

When new releases of TileDB Cloud Enterprises are announced you can easily upgrade your installation by first updating the helm repository:
helm repo update tiledb
After the repository is updated you can run the helm upgrade:
helm upgrade --install \
--namespace tiledb-cloud \
--values values.yaml \
tiledb-cloud \
tiledb/tiledb-cloud-enterprise

Specific Version Upgrade Notes

Chart version 1.x.x - 2.x.x

Starting from version 2.x.x a newer version of JupyterHub is used. Jupyterhub Chart version 1.2.0 is used including support for JupyterHub 1.5.0. With the nwe version of JupyterHub there are a number of changes needed in your values.yaml file. Below we highlight the specific sections requiring changes.
  • Add imagePullSecret key under jupyterhub section.
#########################################
# TileDB Cloud Hosted Notebook Settings #
#########################################
jupyterhub:
# REQUIRED: Set the private registry credentials, these are the same as the `imageCredentials` above
imagePullSecret:
password: ""
  • Remove imagePullSecret key from singleuser section.
singleuser:
# REQUIRED: Set the private registry credentials, these are the same as the `imageCredentials` above
imagePullSecret:
password: ""
  • Please copy and page in a notepad the contents of jupyterhub.auth key, then remove it completely. You will need the values in client_secret and cryptoKey fields.
auth:
type: custom
custom:
className: 'oauthenticator.tiledb.TileDBCloud'
config:
# REQUIRED: Set the oauth2 secret, this should be a secure value
# We recommend creating a random value with `openssl rand -hex 32`
client_secret: "Secret"
# REQUIRED: Set the domain for the jupyterhub and the oauth2 service
# it is likely you just need to replace `example.com` with your own internal domain
# This should match the ingress settings above and the hydra settings below
oauth_callback_url: "https://jupyterhub.tiledb.example.com/hub/oauth_callback"
token_url: "https://oauth2.tiledb.example.com/oauth2/token"
auth_url: "https://oauth2.tiledb.example.com/oauth2/auth"
userdata_url: "https://oauth2.tiledb.example.com/userinfo"
state:
# REQUIRED: Set the jupyterhub auth secret for persistence, this should be a secure value
# We recommend creating a random value with `openssl rand -hex 32`
cryptoKey: "Secret"
  • Replace jupyterhub.ingress.tls key with the following.
tls:
# REQUIRED: set the TLS information for hosted notebooks
- hosts:
- jupyterhub.tiledb.example.com
secretName: jupyterhub-tls
# optional TLS
tls: []
  • Replace initial contents of jupyterhub.hub key with the following:
hub:
# REQUIRED: Set the private registry credentials, these are the same as the `imageCredentials` above
imagePullSecret:
password: ""
config:
CryptKeeper:
# REQUIRED: Set the jupyterhub auth secret for persistence, this should be a secure value
# We recommend creating a random value with `openssl rand -hex 32`
keys:
- "Secret"
JupyterHub:
authenticator_class: oauthenticator.tiledb.TileDBCloud
TileDBCloud:
# REQUIRED: Set the oauth2 secret, this should be a secure value
# We recommend creating a random value with `openssl rand -hex
client_secret: "Secret"
# REQUIRED: Set the domain for the jupyterhub and the oauth2 service
# it is likely you just need to replace `example.com` with your own internal domain
# This should match the ingress settings above and the hydra settings below
oauth_callback_url: "http://jupyterhub.tiledb.example.com/hub/oauth_callback"
token_url: "http://oauth2.tiledb.example.com/oauth2/token"
auth_url: "http://oauth2.tiledb.example.com/oauth2/auth"
userdata_url: "http://oauth2.tiledb.example.com/userinfo"
In this step you need to fill-in the Keys and client_secret fields with values from the field jupyterhub.auth that earlier were saved in a notepad.
  • In hydra section please replace the following fields as noted here:
# tls:
# allow_termination_from:
# Set to cluster IP
# - 172.20.0.0/12
# serve:
# tls:
# allow_termination_from:
# Set to cluster IP
# - 172.20.0.0/12
secrets:
# REQUIRED: Set the oauth2 secret, this should be a secure value
# We recommend creating a random value with `openssl rand -hex 32`
system: secret
cookie: secret
system:
- "secret"
cookie:
- "Secret"
dsn: "mysql://tiledb_user:[email protected](tiledb-cloud-mariadb.tiledb-cloud.svc.cluster.local:3306)/tiledb_rest"
dsn: "mysql://tiledb_user:[email protected](tiledb-cloud-mariadb.tiledb-cloud.svc.cluster.local:3306)/tiledb_rest?parseTime=true"
# Configure ingress for oauth2 service
ingress:
public:
annotations:
# Configure any needed annotations. For instance if you are using a different ingress besides nginx set that here
kubernetes.io/ingress.class: nginx
hosts:
# REQUIRED: set the ingress domain for oauth2 service
- host: "oauth2.tiledb.example.com"
paths: ["/"]
tls:
# REQUIRED: set the TLS information for oauth2 service
- hosts:
- "oauth2.tiledb.example.com"
secretName: hydra-tls
paths:
- path: /
pathType: ImplementationSpecific
# optional TLS
tls: []
Export as PDF
Copy link
Outline
Process
Specific Version Upgrade Notes