Skip to main content

Privacera Documentation

Table of Contents

Basic steps for blue/green upgrade of Privacera Platform

A "blue/green deployment/upgrade" is generally used to move a service/application from an old machine/environment to a new one, most often involving a software upgrade on the new service.


These steps assume that you are running Privacera Platform on Kubernetes.

This is the general process for moving Privacera Platform to a new environment:

  • Back up the old Privacera Platform's Ranger and Solr databases.

  • Restore backups on new environment.

  • Optionally, upgrade the Privacera Platform software on the new environment.

  • Verify that data is intact after the move.


  • Be sure to have installed the pg_dump utility on the old system, which you use to take backups.

  • For verification of a successful move to the new system, ensure that you can login to the Privacera Platform's Solr and Ranger KMS subservices. Check with your system administrator of Privacera to get the host IP address or hostname and port and username and password to login to these services.


  1. Backup the database for Privacera and Ranger on the old environment.

    # Take the backup of existing database (privacera_db/ranger_db)
    pg_dump -U privacera -h <YOUR_PRIVACERA_HOSTNAME_OR_IPADDRESS> privacera_db_datatest > privacera_db_datatest_backup.sql
  2. Backup /store/data backup from the Solr pod on old cluster:

    kubectl cp solr-0:/store/data/ -n <namespace>

    With tar, tar the Privacera folder from the old server and then untar same on the new server.


    On the newer server download and extract the same PM version used on the older server and copy config/custom-vars and config/ssl and config/vars.privacera.yml to the new server. This also brings the database across to the new server.

  3. On the new cluster, update the cluster name in custom-config/vars.kubernetes.yml

    On the new machine, run Privacera Manager update:

    ~/privacera/privacera-manager update
  4. Check that all services are up and running on the new environment. Keep the old AKS running until all the services are validated.

  5. Copy the Solr backup taken on the old server to the new server.

    Delete the folder /store/data from the Solr pod of the new cluster. 

    Copy the backup taken from old pod running in the old cluster to the new pod in the new cluster:

    kubectl cp . solr-0:/store/data/ -n <namespace>
  6. Restart solr and zookeeper

    kubectl delete po <zookeeper_pod_name> -n <namespace>
        kubectl delete po <solr_pod_name> -n <namespace>


    kubectl rollout restart sts <zookeeper_statefulset_name> -n <namespace>
        kubectl rollout restart sts <solr_statefulset_name> -n <namespace>
  7. Verify the data on the new cluster.

    Login to Solr UI and validate whether all the collections are present there or not which were present in older Solr pods.

    Login to Privacera Portal/Ranger Portal (for KMS) and check if all the older audits are visible.

    Perform some access checks to see if newer audits are visible.

  8. Decommission the old cluster once all services and solr data is verified.