Upgrade Key Trustee Server 5.16 to 7.1.x

How to upgrade Key Trustee Server from CDH 5.16 to CDP Private Cloud 7.1.x.

Running Upgrading a Cluster will not upgrade the Key Trustee Server, because KTS is not part of the overall CDH parcel and needs to be upgraded separately. Upgrading the KTS can be done at any point after performing Upgrading Cloudera Manager.

You can only upgrade from Key Trustee Server 5.16 to 7.1.x. If you are upgrading from an older version of Key Trustee Server, first upgrade to 5.16 using Upgrading Cloudera Navigator Key Trustee Server.

If you are using a package-based KTS install, see Migrating Unmanaged Key Trustee Server to Cloudera Manager.

  1. Back up the Key Trustee Server:
    1. Select the Key Trustee Server service configuration that you wish to back up.
    2. From the Actions menu, select Create Backup on Active Server (or Create Backup on Passive Server) .
      A successfully completed backup of the Key Trustee Server is indicated by the message Command Create Backup on Active Server finished successfully on service keytrustee_server.
  2. Add your internal parcel repository to Cloudera Manager following the instructions in Configuring a Local Parcel Repository (see Configuring Cloudera Manager to Use an Internal Remote Parcel Repository ).
  3. Download, distribute, and activate the latest Key Trustee Server parcel on the cluster containing the Key Trustee Server host, following the instructions in Step 6: Access Parcels.

If the Key Trustee Server active or passive database does not start properly after upgrade from 5.x, 6.x or 7.0 to 7.1, manually restart the Key Trustee Server service to correct the problem: Key Trustee Server service > Actions > Restart.