SD Elements 2024.3

What’s new?

SD Elements 2024.3 includes the changes below.

  1. Removal of the CAM deployment

  2. Database engine upgrade to Postgres 16

Removal of the CAM deployment

The CAM deployment, initially introduced in SD Elements 2023.2, has been removed. As such, after upgrading to 2024.3 you will no longer see a {RELEASE_NAME}-cam Kubernetes deployment or {RELEASE_NAME}-cam-XXXX-XX pod in the namespace where SD Elements is installed.

SD Elements functionality and featureset is unchanged. The functionality previously provided by the CAM deployment has been moved into the {RELEASE_NAME}-web deployment.

Database Engine Upgrade to Postgres 16

SD Elements 2024.3 adds support for Postgres 16. Upgrade steps and options will vary depending on deployment method and preferred upgrade method.

Database Upgrade Method

Two database upgrade methods are supported.

  1. Automatic upgrade (default, recommended): An automatic upgrade to SD Elements 2024.3 performs the Postgres and SD Elements version upgrades simultaneously.

  2. Manual upgrade: A manual upgrade will only upgrade to SD Elements 2024.3 and require additional steps to upgrade from Postgres 12 to Postgres 16.

Automatic is the default and recommend database upgrade method. All SD Elements instances in Security Compass' SaaS environment will be upgraded in this way.

Deployment Method

Automatic Upgrade

Manual Upgrade

Built-in database

Yes

Optional

Customer-managed database

No

Yes

Skip to the section that matches your database deployment method for details.

Built-in Database

By default, instances with a built-in database upgraded to SD Elements 2024.3 will also receive a database engine upgrade to Postgres 16.

Optional Configurations

Configuration

Type

Default

Description

global.upgradeToPostgres16

bool

true

Upgrade database engine version to Postgres 16.

postgresql.image.tag

string

16.4.0-debian-12-r2

Sets the image tag for the {RELEASE_NAME}-database statefulset. When global.upgradeToPostgres16=false, postgresql.image.tag must be set to 12.18.0-debian-12-r6.

PGDATABACKUP

string

null

The directory to which a Postgres 12 copy of SD Elements data is saved prior to upgrading the database engine to Postgres 16.

Sample custom values representation of optional configurations

global:
    upgradeToPostgres16: false
postgresql:
    image:
      tag: 12.18.0-debian-12-r6
    primary:
      initContainers:
        - name: shared-init
          env:
            - name: PGDATABACKUP
              value: "/bitnami/postgresql/data/backup"
Database Upgrade Process

For both automatic and manual upgrades, when the database engine is upgraded to Postgres 16:

  1. All data within the statefulset/{RELEASE_NAME}-database persistent volume will be copied into the tmp/ directory of a node within the cluster. If there is not enough free storage on the node the upgrade will be aborted.

The cluster node used for the upgrade must have enough free space for the database engine upgrade to complete successfully.

See Retrieve Database Storage Usage for instructions to assess how much free space must be available on cluster node volumes.

  1. The database in tmp/ is upgraded to Postgres 16

  2. If applicable, databases for SD Elements versions older than 2024.2 will be removed.

  3. Data within the tmp/ directory is copied back to the statefulset/{RELEASE_NAME}-database persistent volume .

Suggested approaches if cluster node volumes are too small:

  • Directly remove databases for older SD Elements versions prior to upgrading to SD Elements 2024.3

  • Increase node volume size at the cluster level

Thoroughly vet the selected approach to ensure it aligns with your use case and corporate policies.

Customer-managed (External) Database

For SD Elements instances deployed using a customer-managed instead of built-in database the database engine upgrade to Postgres 16 will need to be performed manually. Consult upstream documentation in addition to SD Elements documentation to create an upgrade plan.

Upgrading to SD Elements 2024.3

If upgrading from 2024.2.82 or earlier, review the changes to the datastore statefulset regardless of how the SD Elements database is deployed.

Prerequisites

For SD Elements instances using the built-in database:

For SD Elements instances using a customer-managed (external) database:

Known Issues

Enabling PAS in SD Elements 2024.3

Steps

The upgrade steps for SD Elements 2024.3 will depend on the database deployment method for the SD Elements instance. In both cases, review the general upgrade steps in addition to the steps below.

Built-in database

Automatic upgrade (default)
Manual upgrade (optional)

  1. Upgrade SD Elements only

    • If upgrading from 2024.2.82 or earlier, review the changes to the datastore statefulset

    • Follow general upgrade steps to upgrade SD Elements (to 2024.3). Pass global.upgradeToPostgres16=false and postgresql.image.tag=12.18.0-debian-12-r6 in the helm upgrade command or through the custom values file.

    • The database engine version will remain at Postgres 12

    • The deployment/{RELEASE_NAME}-cam resource will be removed

  2. Upgrade database engine version only

    • Follow general upgrade steps to upgrade SD Elements (to 2024.3). Ensure global.upgradeToPostgres16 and postgresql.image.tag are not passed in the helm upgrade command or set in the custom values file.

    • The database engine version will be upgraded to Postgres 16

Customer-managed (External) Database

  1. Upgrade SD Elements only

  2. Follow upstream database provider’s documentation to upgrade the database engine to Postgres 16

results matching ""

    No results matching ""