Skip to main content

Upgrade

Upgrading FNCM in the cluster

Download the most recent IBM Case file for FileNet Content Manager. As of this writing it is v1.8.0. You can check for newer versions by going here

This assumes you are running an older version.

wget https://github.com/IBM/cloud-pak/raw/master/repo/case/ibm-cp-fncm-case/1.8.0/ibm-cp-fncm-case-1.8.0.tgz

Extract the case file

tar zxvf ibm-cp-fncm-case-1.8.0.tgz

Change into the operator directory and extract the container samples file

cd ibm-cp-fncm-case/inventory/fncmOperator/files/deploy/crs/

// this name is equivalent to the corresponding filenet version and thus may change
tar xvf container-samples-5.5.12.tar

Upgrading the operator manually

info

It's important to note that if you are running airgapped and you have already staged the operator image to your repository, you will need to update the image path in the operator.yaml file. The below example uses sed and updates every image: entry.

sed -i "s/image:.*/image: \"<REPO URL>\/path\/to\/icp4a-content-operator:23.0.2\"/" operator.yaml

This needs to be done before applying the operator.yaml!

If you cannot run the deployment script, follow these steps to deploy the operator manually.

From the container-samples directory:

cd ibm-cp-fncm-case/inventory/fncmOperator/files/deploy/crs/container-samples
kubectl apply -f ./descriptors/operator.yaml

Wait for the operator to come back online after upgrading and completes its reconciliation.

Upgrading FNCM containers

Once the operator has been upgraded, update your CR file to the latest image tags. You can also grab the latest CR from the case directory you extracted above:

cd ibm-cp-fncm-case/inventory/fncmOperator/files/deploy/crs/container-samples/descriptors/ibm_fncm_cr_production_FC_content.yaml

Now apply your updated CR to the cluster:

kubectl apply -f ibm_fncm_cr_production.yaml
info

As of 5.5.11, the add_repo_ce_wsi_url was updated in the default CR shipped with that case. It no longer uses http for access and now uses https. So this must be taken into account if you are using an older CR that you've updated:

navigator_configuration.initialize_configuration.ic_icn_init_info.icn_repos

 add_repo_ce_wsi_url: "http://{{ meta.name }}-cpe-stateless-svc.{{ meta.namespace }}.svc:9080/wsi/FNCEWS40MTOM/"

Would now be

add_repo_ce_wsi_url: "https://{{ meta.name }}-cpe-stateless-svc.{{ meta.namespace }}.svc:9443/wsi/FNCEWS40MTOM/"

Secret menu items

info

As of 23.0.1-IF003 the secret menu item for disabling readonly root fs on FNCM and BAN components is available. Simply add the following to your CR:

shared_configuration:
  sc_disable_read_only_root_filesystem: true

This helps when you have agents like Dynatrace that inject certain configs into each container rootfs as they come up.