74a679dc51
Co-authored-by: Laura Coursen <lecoursen@github.com> Co-authored-by: Evan Bonsignori <ebonsignori@github.com>
17 KiB
title, intro, redirect_from, versions, type, topics, shortTitle
| title | intro | redirect_from | versions | type | topics | shortTitle | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Upgrading GitHub Enterprise Server | Upgrade {% data variables.product.prodname_ghe_server %} to get the latest features and security updates. |
|
|
how_to |
|
Upgrading GHES |
{% ifversion ghes < 3.3 %}{% data reusables.enterprise.upgrade-ghes-for-features %}{% endif %}
Preparing to upgrade
- Determine an upgrade strategy and choose a version to upgrade to. For more information, see "[Upgrade requirements](/enterprise/{{ currentVersion }}/admin/guides/installation/upgrade-requirements/)" and refer to the {% data variables.enterprise.upgrade_assistant %} to find the upgrade path from your current release version.
- Create a fresh backup of your primary instance with the {% data variables.product.prodname_enterprise_backup_utilities %}. For more information, see the README.md file in the {% data variables.product.prodname_enterprise_backup_utilities %} project documentation.
{% note %}
Note: Your {% data variables.product.prodname_enterprise_backup_utilities %} version needs to be the same version as, or at most two versions ahead of, {% data variables.location.product_location %}. For more information, see "Upgrading GitHub Enterprise Server Backup Utilities."
{% endnote %}
- If {% data variables.location.product_location %} uses ephemeral self-hosted runners for {% data variables.product.prodname_actions %} and you've disabled automatic updates, upgrade your runners to the version of the runner application that your upgraded instance will run.
- If you are upgrading using an upgrade package, schedule a maintenance window for {% data variables.product.prodname_ghe_server %} end users. If you are using a hotpatch, maintenance mode is not required.
{% note %}
Note: The maintenance window depends on the type of upgrade you perform. Upgrades using a hotpatch usually don't require a maintenance window. Sometimes a reboot is required, which you can perform at a later time. Following the versioning scheme of MAJOR.FEATURE.PATCH, patch releases using an upgrade package typically require less than five minutes of downtime. Feature releases that include data migrations take longer depending on storage performance and the amount of data that's migrated. For more information, see "Enabling and scheduling maintenance mode."
{% endnote %}
Taking a snapshot
A snapshot is a checkpoint of a virtual machine (VM) at a point in time. We highly recommend taking a snapshot before upgrading your virtual machine so that if an upgrade fails, you can revert your VM back to the snapshot. We only recommend taking a VM snapshot when the appliance is powered down or in maintenance mode and all background jobs have finished.
If you're upgrading to a new feature release, you must take a VM snapshot. If you're upgrading to a patch release, you can attach the existing data disk.
There are two types of snapshots:
-
VM snapshots save your entire VM state, including user data and configuration data. This snapshot method requires a large amount of disk space and is time consuming.
-
Data disk snapshots only save your user data.
{% note %}
Notes:
- Some platforms don't allow you to take a snapshot of just your data disk. For these platforms, you'll need to take a snapshot of the entire VM.
- If your hypervisor does not support full VM snapshots, you should take a snapshot of the root disk and data disk in quick succession.
{% endnote %}
| Platform | Snapshot method | Snapshot documentation URL |
|---|---|---|
| Amazon AWS | Disk | https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-creating-snapshot.html |
| Azure | VM | https://docs.microsoft.com/azure/backup/backup-azure-vms-first-look-arm |
| Hyper-V | VM | https://docs.microsoft.com/windows-server/virtualization/hyper-v/manage/enable-or-disable-checkpoints-in-hyper-v |
| Google Compute Engine | Disk | https://cloud.google.com/compute/docs/disks/create-snapshots |
| VMware | VM | https://pubs.vmware.com/vsphere-50/topic/com.vmware.wssdk.pg.doc_50/PG_Ch11_VM_Manage.13.3.html{% ifversion ghes < 3.3 %} |
| XenServer | VM | https://docs.citrix.com/en-us/xencenter/current-release/vms-snapshots.html{% endif %} |
Upgrading with a hotpatch
{% data reusables.enterprise_installation.hotpatching-explanation %}
Using the {% data variables.enterprise.management_console %}, you can install a hotpatch immediately or schedule it for later installation. You can use the administrative shell to install a hotpatch with the ghe-upgrade utility. For more information, see "Upgrade requirements."
{% note %}
{% ifversion ghes %}Notes{% else %}Note{% endif %}:
{% ifversion ghes %}
-
If {% data variables.location.product_location %} is running a release candidate build, you can't upgrade with a hotpatch.
-
{% endif %}Installing a hotpatch using the {% data variables.enterprise.management_console %} is not available in clustered environments. To install a hotpatch in a clustered environment, see "Upgrading a cluster."
{% endnote %}
Upgrading a single appliance with a hotpatch
Installing a hotpatch using the {% data variables.enterprise.management_console %}
You can use the {% data variables.enterprise.management_console %} to upgrade with a hotpatch by enabling automatic updates. You will then be presented with the latest available version of {% data variables.product.prodname_ghe_server %} that you can upgrade to.
If the upgrade target you're presented with is a feature release instead of a patch release, you cannot use the {% data variables.enterprise.management_console %} to install a hotpatch. You must install the hotpatch using the administrative shell instead. For more information, see "Installing a hotpatch using the administrative shell."
- Enable automatic updates. For more information, see "Enabling automatic updates." {% data reusables.enterprise_site_admin_settings.access-settings %} {% data reusables.enterprise_site_admin_settings.management-console %} {% data reusables.enterprise_management_console.updates-tab %}
- When a new hotpatch has been downloaded, use the Install package drop-down menu:
- To install immediately, select Now:
- To install later, select a later date.
- Click Install.
Installing a hotpatch using the administrative shell
{% data reusables.enterprise_installation.download-note %}
{% data reusables.enterprise_installation.ssh-into-instance %}
2. {% data reusables.enterprise_installation.enterprise-download-upgrade-pkg %} Copy the URL for the upgrade hotpackage (.hpkg file).
{% data reusables.enterprise_installation.download-package %}
4. Run the ghe-upgrade command using the package file name:
admin@HOSTNAME:~$ ghe-upgrade GITHUB-UPGRADE.hpkg
*** verifying upgrade package signature...
- If a reboot is required for updates for kernel, MySQL, Elasticsearch or other programs, the hotpatch upgrade script notifies you.
Upgrading an appliance that has replica instances using a hotpatch
{% note %}
Note: If you are installing a hotpatch, you do not need to enter maintenance mode or stop replication.
{% endnote %}
Appliances configured for high-availability and geo-replication use replica instances in addition to primary instances. To upgrade these appliances, you'll need to upgrade both the primary instance and all replica instances, one at a time.
Upgrading the primary instance
- Upgrade the primary instance by following the instructions in "Installing a hotpatch using the administrative shell."
Upgrading a replica instance
{% note %}
Note: If you're running multiple replica instances as part of geo-replication, repeat this procedure for each replica instance, one at a time.
{% endnote %}
- Upgrade the replica instance by following the instructions in "Installing a hotpatch using the administrative shell." If you are using multiple replicas for Geo-replication, you must repeat this procedure to upgrade each replica one at a time. {% data reusables.enterprise_installation.replica-ssh %} {% data reusables.enterprise_installation.replica-verify %}
Upgrading with an upgrade package
While you can use a hotpatch to upgrade to the latest patch release within a feature series, you must use an upgrade package to upgrade to a newer feature release. For example to upgrade from 2.11.10 to 2.12.4 you must use an upgrade package since these are in different feature series. For more information, see "Upgrade requirements."
Upgrading a single appliance with an upgrade package
{% data reusables.enterprise_installation.download-note %}
{% data reusables.enterprise_installation.ssh-into-instance %} 2. {% data reusables.enterprise_installation.enterprise-download-upgrade-pkg %} Select the appropriate platform and copy the URL for the upgrade package (.pkg file). {% data reusables.enterprise_installation.download-package %} 4. Enable maintenance mode and wait for all active processes to complete on the {% data variables.product.prodname_ghe_server %} instance. For more information, see "Enabling and scheduling maintenance mode."
{% note %}
Note: When upgrading the primary appliance in a High Availability configuration, the appliance should already be in maintenance mode if you are following the instructions in "Upgrading the primary instance."
{% endnote %}
- Run the
ghe-upgradecommand using the package file name:
admin@HOSTNAME:~$ ghe-upgrade GITHUB-UPGRADE.pkg
*** verifying upgrade package signature...
- Confirm that you'd like to continue with the upgrade and restart after the package signature verifies. The new root filesystem writes to the secondary partition and the instance automatically restarts in maintenance mode:
*** applying update...
This package will upgrade your installation to version VERSION-NUMBER
Current root partition: /dev/xvda1 [VERSION-NUMBER]
Target root partition: /dev/xvda2
Proceed with installation? [y/N]
{% ifversion ip-exception-list %}
- Optionally, to validate the upgrade, configure an IP exception list to allow access to a specified list of IP addresses. For more information, see "Validating changes in maintenance mode using the IP exception list." {% endif %}
- For single appliance upgrades, disable maintenance mode so users can use {% data variables.location.product_location %}.
{% note %}
Note: When upgrading appliances in a High Availability configuration you should remain in maintenance mode until you have upgraded all of the replicas and replication is current. For more information, see "Upgrading a replica instance."
{% endnote %}
Upgrading an appliance that has replica instances using an upgrade package
Appliances configured for high-availability and geo-replication use replica instances in addition to primary instances. To upgrade these appliances, you'll need to upgrade both the primary instance and all replica instances, one at a time.
Upgrading the primary instance
{% warning %}
Warning: When replication is stopped, if the primary fails, any work that is done before the replica is upgraded and the replication begins again will be lost.
{% endwarning %}
- On the primary instance, enable maintenance mode and wait for all active processes to complete. For more information, see "Enabling maintenance mode." {% data reusables.enterprise_installation.replica-ssh %}
- On the replica instance, or on all replica instances if you're running multiple replica instances as part of geo-replication, run
ghe-repl-stopto stop replication. - Upgrade the primary instance by following the instructions in "Upgrading a single appliance with an upgrade package."
Upgrading a replica instance
{% note %}
Note: If you're running multiple replica instances as part of geo-replication, repeat this procedure for each replica instance, one at a time.
{% endnote %}
- Upgrade the replica instance by following the instructions in "Upgrading a single appliance with an upgrade package." If you are using multiple replicas for Geo-replication, you must repeat this procedure to upgrade each replica one at a time. {% data reusables.enterprise_installation.replica-ssh %} {% data reusables.enterprise_installation.replica-verify %}
{% data reusables.enterprise_installation.start-replication %}
{% data reusables.enterprise_installation.replication-status %} If the command returns Replication is not running, the replication may still be starting. Wait about one minute before running ghe-repl-status again.
{% note %}
Note: While the resync is in progress ghe-repl-status may indicate that replication is behind. For example, you may see the following message.
CRITICAL: git replication is behind the primary by more than 1007 repositories and/or gists
{% endnote %}
{%- ifversion ghes = 3.4 or ghes = 3.5 or ghes = 3.6 %}
- If you have upgraded each node to {% data variables.product.product_name %} 3.6.0 or later and started replication, but
git replication is behind the primarycontinues to appear after 45 minutes, contact {% data variables.contact.enterprise_support %}. For more information, see "Receiving help from {% data variables.contact.github_support %}." {%- endif %} - {% ifversion ghes = 3.4 or ghes = 3.5 or ghes = 3.6 %}Otherwise, if{% else %}If{% endif %}
ghe-repl-statusdid not returnOK, contact {% data variables.contact.enterprise_support %}. For more information, see "Receiving help from {% data variables.contact.github_support %}."
- When you have completed upgrading the last replica, and the resync is complete, disable maintenance mode so users can use {% data variables.location.product_location %}.
Restoring from a failed upgrade
If an upgrade fails or is interrupted, you should revert your instance back to its previous state. The process for completing this depends on the type of upgrade.
Rolling back a patch release
To roll back a patch release, use the ghe-upgrade command with the --allow-patch-rollback switch. Before rolling back, replication must be temporarily stopped by running ghe-repl-stop on all replica instances. {% data reusables.enterprise_installation.command-line-utilities-ghe-upgrade-rollback %}
Once the rollback is complete, restart replication by running ghe-repl-start on all replicas.
For more information, see "Command-line utilities."
Rolling back a feature release
To roll back from a feature release, restore from a VM snapshot to ensure that root and data partitions are in a consistent state. For more information, see "Taking a snapshot."
{% ifversion ghes %}
Further reading
- "About upgrades to new releases" {% endif %}