Scaling, updates + secrets

This section focuses on the ongoing management of the UltiHash cluster after it has been installed and configured. It covers essential tasks like scaling, updates, security management.

Cluster management

1. Scaling the cluster

  • Purpose: Adjust the number of replicas for UltiHash services based on workload demand.

  • Example: To scale the storage and deduplicator services, adjust the replicaCount in the Helm chart and apply the changes:

    helm upgrade <release_name> oci://registry.ultihash.io/stable/ultihash-cluster -n <namespace> --set storage.replicas=3,deduplicator.replicas=3
    
  • Recommendation: Monitor your system's performance and scale the services accordingly to ensure high availability and optimal performance.

2. Rolling updates

  • Purpose: Safely apply updates to the UltiHash components.

  • Example: Use Helm to perform a rolling update to the UltiHash version 1.3.0:

    helm upgrade <release_name> oci://registry.ultihash.io/stable/ultihash-cluster -n <namespace> --version 1.3.0 --values values.yaml
    
  • Recommendation: Always back up your configuration and data before applying updates. Test updates in a staging environment before rolling them out to production.

3. Backup the cluster

  • Purpose: backup your UltiHash cluster and its data for the purpose of disaster recovery.

  • Example: use Velero to your create a backup of the entire Kubernetes namespace your UltiHash cluster deployed in:

    velero backup create <backup_name> --include-namespaces <namespace_name> --wait
  • Recommendation: Perform backups frequently enough to avoid losing substantial amount in case of a disaster.

4. Restore the cluster

  • Purpose: restore your cluster from a backup in case the data got lost or corrupted.

  • Example: use Velero to restore your cluster from a backup (specify the name of the backup to restore from):

    velero restore create <restore-name> --from-backup <backup_name> --wait
  • Recommendation: a cluster could be restored not only in-place, but also in a separate environment. This could be useful in case a cluster needs to be migrated.

Security management

1. Secret management

  • Purpose: Securely manage and rotate Kubernetes secrets used by the UltiHash cluster.

  • Example: Rotate a Kubernetes secret without causing downtime:

    kubectl delete secret docker-registry registry-credential
    
    kubectl create secret docker-registry registry-credentials \\\\
      --docker-server='registry.ultihash.io' \\\\
      --docker-username='<new_registry_username>' \\\\
      --docker-password='<new_registry_password>'
    
    # Gracefully restart UltiHash services to apply the changes
    helm upgrade <release_name> oci://registry.ultihash.io/stable/ultihash-cluster -n <namespace> --values.yaml --force
  • Recommendation: Rotate secrets periodically and implement alerts for expired or compromised secrets.

License management

1. License update

  • In case you have been updated your license on your user dashboard, the actual license change will be automatically propagated to your UltiHash cluster within one hour. In case the license change has to be in effect immediately, perform force update of your cluster by using helm:

    helm upgrade <release_name> oci://registry.ultihash.io/stable/ultihash-cluster -n <namespace> --version 1.3.0 --values values.yaml --forc

Last updated

Was this helpful?