Scaling, updates + secrets

This section focuses on the ongoing management of the UltiHash cluster after it has been installed and configured. It covers essential tasks like scaling, updates, security management.

Cluster management

1. Scaling the cluster

Purpose: Adjust the number of replicas for UltiHash services based on workload demand.

Example: To scale the storage and deduplicator services, adjust the replicaCount in the Helm chart and apply the changes:

helm upgrade <release_name> oci://registry.ultihash.io/stable/ultihash-cluster -n <namespace> --set storage.replicas=3,deduplicator.replicas=3

Recommendation: Monitor your system's performance and scale the services accordingly to ensure high availability and optimal performance.

2. Rolling updates

Purpose: Safely apply updates to the UltiHash components.

Example: Use Helm to perform a rolling update to the UltiHash version 1.3.0:

helm upgrade <release_name> oci://registry.ultihash.io/stable/ultihash-cluster -n <namespace> --version 1.3.0 --values values.yaml

Recommendation: Always back up your configuration and data before applying updates. Test updates in a staging environment before rolling them out to production.

3. Backup the cluster

Purpose: backup your UltiHash cluster and its data for the purpose of disaster recovery.

velero backup create <backup_name> --include-namespaces <namespace_name> --wait

Recommendation: Perform backups frequently enough to avoid losing substantial amount in case of a disaster.

4. Restore the cluster

Purpose: restore your cluster from a backup in case the data got lost or corrupted.

velero restore create <restore-name> --from-backup <backup_name> --wait

Recommendation: a cluster could be restored not only in-place, but also in a separate environment. This could be useful in case a cluster needs to be migrated.

Security management

1. Secret management

Purpose: Securely manage and rotate Kubernetes secrets used by the UltiHash cluster.

Example: Rotate a Kubernetes secret without causing downtime:

kubectl delete secret docker-registry registry-credential

kubectl create secret docker-registry registry-credentials \\\\
  --docker-server='registry.ultihash.io' \\\\
  --docker-username='<new_registry_username>' \\\\
  --docker-password='<new_registry_password>'

# Gracefully restart UltiHash services to apply the changes
helm upgrade <release_name> oci://registry.ultihash.io/stable/ultihash-cluster -n <namespace> --values.yaml --force

Recommendation: Rotate secrets periodically and implement alerts for expired or compromised secrets.

License management

1. License update

helm upgrade <release_name> oci://registry.ultihash.io/stable/ultihash-cluster -n <namespace> --version 1.3.0 --values values.yaml --forc

Last updated 13 days ago

Was this helpful?

kubectl delete secret docker-registry registry-credential kubectl create secret docker-registry registry-credentials \\\\ --docker-server='registry.ultihash.io' \\\\ --docker-username='<new_registry_username>' \\\\ --docker-password='<new_registry_password>' # Gracefully restart UltiHash services to apply the changes helm upgrade <release_name> oci://registry.ultihash.io/stable/ultihash-cluster -n <namespace> --values.yaml --force