Upgrade
These pages provide best practices and tutorials for upgrading the AIStor server on Linux or Kubernetes infrastructure.
All AIStor software, including Key Manager, supports non-disruptive upgrades with zero downtime.
Prerequisites
Valid SUBNET license
Using or upgrading AIStor Key Manager requires a valid MinIO Commercial License. If necessary, you can download the current license from SUBNET.
Back up the cluster’s state
Key Manager supports backing up the cluster state. This backs up the cluster’s key database.
Taking a backup of the cryptographic key database prior to upgrading a Key Manager cluster serves as a protective measure against unexpected or undesired upgrade outcomes.
To back up the cluster’s current state, run the following command:
minkms backup --api-key KEY-VALUE
On success, this creates a compressed backup file using gzip
and outputs the name of the file.
The filename resembles YYYYMMDD_HHMMSS_kms.db.gzip
.
To disable compression of the backup, add --compress off
to the command.
If needed, you can restore a cluster’s state from a backup with minkms restore
.
Test Upgrades Before Applying To Production
Key Manager runs a testing and validation suite as part of all releases. However, no testing suite can account for your production environment’s unique combinations and permutations of hardware, software, and workloads.
You should always validate any Key Manager upgrade in a non-critical environment such as Dev, QA, or Staging before applying the upgrade to production deployments, or any other environment containing critical data. Upgrading a production environment without first validating in a less critical environment is done at your own risk.
If your Key Manager deployment is significantly behind the latest stable release – 6+ months or more - consider creating an issue on SUBNET for additional support and guidance during the upgrade procedure.
Upgrading Hardware, OS, or other Host Services
Key Manager requires only one node to be available for read
operations, which is the bulk of requests to Key Manager.
Consult with MinIO support using SUBNET before conducting maintenance operations for additional oversight and guidance.