Update to v25.06

Update procedure for v25.06 requires some preparatory steps before launching the new version.

Preparing for the Update

1. Ensure that Docker Compose version 2 is installed:

   docker-compose version --short

   Upgrade if required. MITIGATOR no longer supports Docker Compose version 1.

2. Remove elements unsupported by Docker Compose v2 from .env file:

   sed -e 's/\b\(docker-compose.yml\):\1/\1/' -i .env

3. If using NVIDIA (Mellanox) network adapters update OFED to the latest version.

4. Download metric migration script on all instances running ClickHouse:

   wget https://docs.mitigator.ru/master/kb/update2506/update2506.sql -O /srv/mitigator/update2506.sql

5. Add MITIGATOR_PUBLIC_ADDRESS variable to .env file on all instances. To keep existing behavior, set it to the same value as MITIGATOR_HOST_ADDRESS.

   If MITIGATOR_HOST_ADDRESS is set to a domain name, replace it with IP address if possible, otherwise containers may lose connectivity in case of a DNS failure. MITIGATOR_PUBLIC_ADDRESS may be set to either a domain name or an IP address.

6. Change instance data ownership on all instances:

   chown -R 65534:65534 /var/lib/docker/volumes/mitigator_own_id/_data

7. Remove obsolete web UI files on all instances:

   docker volume rm mitigator_frontend

Upgrading Mounted Custom Settings

If custom settings files for Postgres (postgresql.conf) or Nginx (nginx.conf) are mounted into containers, these files must be upgraded for use with new images.

Upgrading Postgres Custom Settings

Check that postgresql.conf is mounted:

docker-compose config | grep postgresql.conf

The following output lines indicate that postgresql.conf is mounted:

source: /srv/mitigator/postgresql.conf
target: /etc/postgresql/11/main/postgresql.conf

If there are no such lines in the output, postgresql.conf upgrade is not needed. If the path on the host differs from /srv/mitigator/postgresql.conf, adjust the path in the upgrade command below accordingly.

Upgrade postgresql.conf:

sed -e "/include '\/database_identifier'/d" -i /srv/mitigator/postgresql.conf

Upgrading Nginx Custom Settings

Check that nginx.conf is mounted:

docker-compose config | grep nginx.conf

The following output lines indicate that nginx.conf is mounted:

source: /srv/mitigator/nginx.conf
target: /etc/nginx/nginx.conf

If there are no such lines in the output, nginx.conf upgrade is not needed. If the path on the host differs from /srv/mitigator/nginx.conf, adjust the path in the upgrade command below accordingly.

Upgrade nginx.conf:

sed -e "/user www-data;/d" -e "s|pid /run/nginx.pid|pid /var/lib/nginx/nginx.pid|" -i /srv/mitigator/nginx.conf

Upgrading Custom HTTP(S) Settings

Check that mitigator.conf is mounted:

docker-compose config | grep mitigator.conf

The following output lines indicate that mitigator.conf is mounted:

source: /srv/mitigator/mitigator.conf
target: /etc/nginx/conf.d/mitigator.conf

If there are no such lines in the output, mitigator.conf upgrade is not needed. If the path on the host differs from /srv/mitigator/mitigator.conf, adjust the path in the upgrade command below accordingly.

Upgrade mitigator.conf:

sed -e 's/listen 80/listen 8000/' -e 's/listen 443/listen 8443/' -i /srv/mitigator/mitigator.conf

System Update

Update all MITIGATOR instances using standard update procedure.

Launching MITIGATOR and Migrating Data

1. Start MITIGATOR:

   docker-compose up -d

2. Perform metric migration:

   docker-compose exec -T clickhouse clickhouse-client -mn < update2506.sql && \
   docker-compose restart carbon-clickhouse

   Migration may take a while. DDoS-protection functions of MITIGATOR are fully operational while migrating data. Some graphs may not render during migration.

   This command prints nothing if successful. Please report to the developers about any error printed.