Preparing for upgrade
Perform the following tasks before upgrading BMC Helix IT Operations Management (BMC Helix ITOM):
| Task | Action | Reference |
|---|---|---|
| 1 | Make sure you have created the URLs required to access BMC Helix ITOM applications. | For more information, see Creating URLs to access BMC Helix IT Operations Management applications. |
| 2 | Upgrade to the latest version of BMC Discovery 24.3.x. Important: BMC Discovery is not mandatory if you only use BMC Helix Continuous Optimization. | To install BMC Discovery, see Installingin the BMC Discovery documentation. To upgrade to BMC Discovery, see Upgrading in the BMC Discovery documentation. |
| 3 | Back up all the PersistentVolumeClaim (PVC) data. Important: We do not have a specific best practice for this step. However, we recommend using your preferred method to back up the PVC data based on the type of PVC. |
|
| 4 | Back up your customizations in the deployment manager and the cluster.
| For example: If you are using a self-signed or custom-signed certificate, back up the certificates (custom_cacert.pem, cacerts, or any other certificates on which you have set up an LDAP) from helix-on-prem-deployment-manager/commons/certs/. |
| 5 | Create a new workspace directory on the system from where you will run the BMC Helix ITOM deployment script. |
|
| 6 | Download the deployment manager to the working_directory. | |
| 7 | Download the latest container images required to perform the upgrade. | |
| 8 | Use the upgrade configuration utility. The utility picks the values from the latest successful deployment of BMC Helix ITOM to configure the infra.config, deployment.config, and secrets.txt files.
| For more information, see Using the upgrade configuration utility. |
| 9 | (Optional) Define a password for the user, | Applications will use a non-default user for Elasticsearch connections for Log Elasticsearch (Log ES), which you can define in the secrets.txt file. |
| 10 | If you changed the default passwords for BMC Helix Single Sign-on (HSSO) and Elasticsearch during the installation of BMC Helix ITOM (for more information, see Preparing for password encryption), you must set the same password before upgrading BMC Helix ITOM. | To set the passwords:
To use a non-default user, go to the secrets.txt file and change the default value of the LOG_ES_PASSWD parameter. The password must meet the following requirements:
|
| 11 | Save the certificates (custom_cacert.pem or public_cacert.pem) in the <working _directory>/commons/certs/ directory. Important: If you set the value of the parameters CUSTOM_CA_SIGNED_CERT_IN_USE to false and MONITOR to yes, you must name the public CA certificate file (full chain) as public_cacert.pem and copy it to the commons/certs directory; that is, commons/certs/public_cacert.pem. |
|
| 12 | Backup RSSO audit logs If you have deployed ITOM 24.1 or ealier, you can backup the data related to RSSO audit log into MinIO. |
|
| 13 | (Optional) Upgrade your container orchestration platform (Kubernetes and Openshift) to a supported version. Important: If you are using Rancher on Kubernetes, you must upgrade Rancher and then upgrade Kubernetes. |
|
| 14 | Upgrade the NGINX Ingress Controller (nginx-ingress-controller) based on your Kubernetes and OpenShift versions. Important: You might experience downtime while upgrading the Nginx Ingress Controller. | |
| 15 | Upgrade Helm to a supported version based on your Kubernetes and OpenShift versions. | |
| 16 | Migrate data from PostgreSQL database to 17.x | Migrating data from PostgreSQL database 15.x to 17.x |
Where to go from here
If you have completed all the upgrade prerequisite tasks, proceed with the upgrade: