Reinstall an Edge site

Important 

In Collibra 2024.05, we launched a new user interface (UI) for Collibra Data Intelligence Platform! You can learn more about this latest UI in the UI overview.

Use the following options to see the documentation in the latest UI or in the previous, classic UI:

You always reinstall an Edge site by restoring a backup of that Edge site. Reinstallation may be necessary to resolve an issue or to upgrade the software included in the Edge site installer.

Warning If you have any existing connections, we highly recommend backing up your site and reinstalling the site from the backup. If you do not use a backup, you will need to manually re-enter passwords, encrypted text parameters, and any file parameters in each connection to restore full functionality.

Note This process is certified for restoring an Edge site to the Collibra environment on which the site was originally created, for example, restoring Development to Development or Production to Production. The process is not certified or tested for promoting an Edge site migration from one environment to another, for example, from Development to Production. These types of migrations require the reinstallation of the Edge application each time the migration is promoted.

  • Reinstall an Edge site on K3S
  • Reinstall an Edge site on managed Kubernetes
Important This topic uses the Edge CLI. If you still use the deprecated Edge tool, go to the Edge Tool documentation to review the relevant commands. Keep in mind that the Edge Tool will be end of life with the February 2025.02 release.

Steps

  1. Back up your current Edge site.

    On the server that runs your Edge site, run the following command:

    Copy
    sudo ./edgecli recovery backup --path <backup_path>

    Edge creates a backup of your Edge site in the selected folder of the command.

  2. If you are reusing the same server as your old Edge site:
    1. Use the Edge tool command to uninstall the old installation.
      Run the following Edge command from any location on the server Edge is installed on: 
      uninstall-edge.sh --remove-local-data
    2. Recreate the Linux disk mount for the /var/lib/rancher/k3s directory.
      1. Create /var/lib/rancher/k3s with mkdir -p /var/lib/rancher/k3s
      2. Mount the disk with "mount -a"
      3. Delete the contents with rm -rf /var/lib/rancher/k3s/*
      Note This is the default installation path. If it is not created as a separate mount point after following the steps above, the installation will use 50 GB of disk space from either /var, or if not present, the root level of the drive.
  3. Redownload the installer.
    1. Go to the Edge site page in your Edge enviornment.
    2. Click ActionsSite Actions.
    3. Click Redownload Installer.
    4. Review and check the required acknowledgment checkbox.
    5. Click DownloadDownload Installer.
    6. Save the new installer to your server where the old installer was saved.

    Note This is a new installer for your Edge site. The previous installer will no longer work.

  4. Extract the downloaded installer to an empty folder.
    Copy
    tar -xf installer-<edge-site-id>.tgz
    Note 
    • Keep the installer or the contents of the extracted installer in a secure location on your server. These contents contain various tools that you may need later, for example to troubleshoot issues.
    • If you want to run a script or executable file from the extracted directory, ensure that the directory is not mounted as noexec. If a directory is mounted as noexec, scripts and executable files will be prevented from being run within the directory.
  5. Reinstall using the new installer with the backup option, including any additional installation scripts:
    Copy
    sudo sh install-master.sh properties.yaml -r registries.yaml -b backup.yaml

    FlagDescription
    --proxy

    If you are using a forward proxy, add this flag to the installation prerequisite script.

    Note If your proxy properties are not in the default proxy.properties file in the root of the installer, you must add the file path the installation prerequisite script. For example:

    --proxy temp/proxy/proxyproperties

    --ca

    If you want to use a custom certificate, for example to configure a forward man-in-the-middle proxy, add this flag to the installation prerequisite script.

    Note If your custom certificate are not in the default ca.pem file in the root of the installer, you must add the file path the installation prerequisite script. For example:

    --ca temp/certs

    You can also use this flag to add a custom certificate for data sources.

    Your data source may require the injection of a custom certificate in order to connect with your Edge site. This custom certificate is typically signed by a private, untrusted Certificate Authority, and therefore must be added to your Edge site truststore.

    As you may not have a list of all required certificates at the time of installation, we recommend the sudo ./edgecli config ca merge --path command shown in the Edge CLI topic.

    The process functions as follows:

    1. Edge and the data source connect using the data source certificate.
    2. Edge communicates the data source metadata to your Collibra Data Intelligence Platform using a Collibra certified certificate.
    --registry-url <registry-url>

    The URL of your registry.

    Add this flag if you use a private docker registry either with or without authentication.

    For example:

    --registry-url edge-docker-delivery.repository.collibra.io

    --registry-host

    Where your private docker is hosted. If you do not specify this parameter, it is automatically derived from --registry-url

    For example:

    edge-docker-delivery.my-registry.docker.io

    --registry-user <registry-user>

    Your registry account username.

    Add this flag if you use a private docker registry with authentication.

    --registry-pass <registry-pass>

    Your registry account password.

    Add this flag if you use a private docker registry with authentication.

    --user-id <user_id>

    If you want to run all of your Edge site pods and containers with a specific user ID (UID), add this flag to the installation script.

    --group-id <group_id>

    If you want to run all of your Edge site pods and containers with a specific group ID (GID), add this flag to the installation script.

    sudo sh install-master.sh properties.yaml -r registries.yaml -b backup.yaml
--registry-url https://private-docker.registry.com 
--registry-user user1 
--registry-pass pass12
Tip 
What is your Edge site installation method?
Which Edge CLI method do you want to use?

Note The default Edge CLI method is an easier solution for installing your Edge site via the Edge CLI. Edge creates the cluster level objects, such as namespaces, CRDs, and priority classes for you. This method can be used for both dedicated and shared clusters.

Note The restrictive Edge CLI method allows you or your company to create the cluster level objects, such as namespaces, CRDs, and priority classes, for your Edge site. This method may be required if your company has security requirements or process that do not allow Edge sites to create the cluster level objects for you. This method can be used for both dedicated and shared clusters.

Important This topic uses the Edge CLI. If you still use the deprecated Edge tool, go to the Edge Tool documentation to review the relevant commands. Keep in mind that the Edge Tool will be end of life with the February 2025.02 release.

Warning Collibra Support will not assist with custom Helm or Kubernetes configurations. The following steps are an example, and any assistance for configurations or issues outside of these steps is unsupported. We recommend using the Edge CLI method for managed Kubernetes installations.

A common example of custom Helm configurations is, but not limited to, using an unsupported private repository. At this time, we only support a JFrog repository.

You can reinstall your Edge site on a managed Kubernetes cluster by using the Edge CLI tool.

Steps

  1. Back up your current Edge site.

    On the server from which you manage your managed Kubernetes cluster, run the following command:

    Copy
    ./edgecli recovery backup --path <backup_path>

    Edge creates a backup of your Edge site in the defined folder of the last command.

  2. Redownload the installer and save it on your Linux server that has kubectl access to the k8s cluster.
    1. Go to the Edge site page in your Edge environment.
    2. Click ActionsSite Actions.
    3. Click Redownload Installer.
    4. Review and check the required acknowledgment checkbox.
    5. Click DownloadDownload Installer.
    6. Save the new installer to your server where the old installer was saved.

    Note This is a new installer for your Edge site. The previous installer no longer works.

  3. Extract the downloaded installer to an empty folder.
    Copy
    tar -xf installer-<edge-site-id>.tgz
    Note 
    • Keep the installer or the contents of the extracted installer in a secure location on your server. These contents contain various tools that you may need later, for example to troubleshoot issues.
    • If you want to run a script or executable file from the extracted directory, ensure that the directory is not mounted as noexec. If a directory is mounted as noexec, scripts and executable files will be prevented from being run within the directory.

  4. Use the Edge uninstall command, depending on your Edge site installation method, to uninstall the old installation.

    • If you installed your Edge site using the previous method, follow the path inside the extracted installer and run the following command:
      Copy
      extracted installer>/resources/installer-job/tools/uninstall-edge-on-managed-k8s.sh
    • If you installed your Edge site using the Edge CLI method, run one of the following command:
      • Copy
        ./edgecli uninstall
        • Optional, if you used a custom namespace, you must add -n <my-namespace> to the command, replacing <my-namespace> with your custom Edge site namespace.
          Example:
          ./edgecli uninstall -n <my-namespace>
      • Copy
        ./edgecli uninstall 2>&1 | tee "edge-installer-$(date +"%Y-%m-%d_%H-%M-%S").log"
        • Optional, if you used a custom namespace, you must add -n my-namespace> to the command, replacing my-namespace> with your custom Edge site namespace.
          Example
          ./edgecli uninstall 2>&1 | tee "edge-installer-$(date +"%Y-%m-%d_%H-%M-%S").log" -n my-namespace
  5. If you use a custom setup, such as proxy.properties and ca.pem for forward proxies or classification, ensure that it is available or included as it was in the previous setup.
  6. Reinstall using the new installer and backup:
    Note 
    • You can install your Edge site with either terminal logging or terminal and file logging. Both options log the output of your Edge site installation.
      • Terminal logging only saves the output to the Edge terminal.
      • Terminal and file logging saves the output both to the terminal and a separate file. This file will be saved in the current directory with the naming format: edge-installer-$(date +"%Y-%m-%d_%H-%M-%S").log
    • Copy
      ./edgecli install -b backup

       Add additional flags to the install command as needed. For example, if you have a custom namespace or want to use a private docker registry:

      FlagDescription
      -n <my-namespace>If you created a custom namespace, add -n <my-namespace> to the command. For example: 
      ./edgecli install -n <my-namespace>
      --proxy

      If you are using a forward proxy, add this flag to the installation prerequisite script.

      Note If your proxy properties are not in the default proxy.properties file in the root of the installer, you must add the file path the installation prerequisite script. For example:

      --proxy temp/proxy/proxyproperties

      --ca

      If you want to use a custom certificate, for example to configure a forward man-in-the-middle proxy, add this flag to the installation prerequisite script.

      Note If your custom certificate are not in the default ca.pem file in the root of the installer, you must add the file path the installation prerequisite script. For example:

      --ca temp/certs

      You can also use this flag to add a custom certificate for data sources.

      Your data source may require the injection of a custom certificate in order to connect with your Edge site. This custom certificate is typically signed by a private, untrusted Certificate Authority, and therefore must be added to your Edge site truststore.

      As you may not have a list of all required certificates at the time of installation, we recommend the ./edgecli config ca merge --path command shown in the Edge CLI topic.

      The process functions as follows:

      1. Edge and the data source connect using the data source certificate.
      2. Edge communicates the data source metadata to your Collibra Data Intelligence Platform using a Collibra certified certificate.
      --is-openshift

      If you are using an OpenShift cluster, add this flag to deploy Security Context Constraints (SCC) which provide the Edge service accounts with the required permissions.

      --disable-otelIf you don't want to send your metrics and logs to Edge, add this flag to the installation command to disable OpenTelemetry.
      --registry-url <registry-url>

      The URL of your registry.

      Add this flag if you use a private docker registry either with or without authentication.

      For example:

      --registry-url edge-docker-delivery.repository.collibra.io

      --registry-host

      Where your private docker is hosted. If you do not specify this parameter, it is automatically derived from --registry-url

      For example:

      --registry-host edge-docker-delivery.my-registry.docker.io

      --registry-user <registry-user>

      Your registry account username.

      Add this flag if you use a private docker registry with authentication.

      --registry-pass <registry-pass>

      Your registry account password.

      Add this flag if you use a private docker registry with authentication.

      --user-id <user_id>

      If you want to run all of your Edge site pods and containers with a specific user ID (UID), add this flag to the installation script.

      --group-id <group_id>

      If you want to run all of your Edge site pods and containers with a specific group ID (GID), add this flag to the installation script.

      --unset-run-as-idsIf your Edge site is installed on an OpenShift Kubernetes cluster, and you want to run all of your Edge site pods and containers from random UIDs and GIDs, add this flag to the installation script.
      • ./edgecli install -b backup
--registry-url https://private-docker.registry.com 
--registry-user user1 
--registry-pass pass12

       

    • Copy
      ./edgecli install -b backup 2>&1 | tee "edge-installer-$(date +"%Y-%m-%d_%H-%M-%S").log"

       Add additional flags to the install command as needed. For example, if you have a custom namespace or want to use a private docker registry:

      FlagDescription
      -n <my-namespace>If you created a custom namespace, add -n <my-namespace> to the command. For example: 
      ./edgecli install -n <my-namespace>
      --proxy

      If you are using a forward proxy, add this flag to the installation prerequisite script.

      Note If your proxy properties are not in the default proxy.properties file in the root of the installer, you must add the file path the installation prerequisite script. For example:

      --proxy temp/proxy/proxyproperties

      --ca

      If you want to use a custom certificate, for example to configure a forward man-in-the-middle proxy, add this flag to the installation prerequisite script.

      Note If your custom certificate are not in the default ca.pem file in the root of the installer, you must add the file path the installation prerequisite script. For example:

      --ca temp/certs

      You can also use this flag to add a custom certificate for data sources.

      Your data source may require the injection of a custom certificate in order to connect with your Edge site. This custom certificate is typically signed by a private, untrusted Certificate Authority, and therefore must be added to your Edge site truststore.

      As you may not have a list of all required certificates at the time of installation, we recommend the ./edgecli config ca merge --path command shown in the Edge CLI topic.

      The process functions as follows:

      1. Edge and the data source connect using the data source certificate.
      2. Edge communicates the data source metadata to your Collibra Data Intelligence Platform using a Collibra certified certificate.
      --is-openshift

      If you are using an OpenShift cluster, add this flag to deploy Security Context Constraints (SCC) which provide the Edge service accounts with the required permissions.

      --disable-otelIf you don't want to send your metrics and logs to Edge, add this flag to the installation command to disable OpenTelemetry.
      --registry-url <registry-url>

      The URL of your registry.

      Add this flag if you use a private docker registry either with or without authentication.

      For example:

      --registry-url edge-docker-delivery.repository.collibra.io

      --registry-host

      Where your private docker is hosted. If you do not specify this parameter, it is automatically derived from --registry-url

      For example:

      --registry-host edge-docker-delivery.my-registry.docker.io

      --registry-user <registry-user>

      Your registry account username.

      Add this flag if you use a private docker registry with authentication.

      --registry-pass <registry-pass>

      Your registry account password.

      Add this flag if you use a private docker registry with authentication.

      --user-id <user_id>

      If you want to run all of your Edge site pods and containers with a specific user ID (UID), add this flag to the installation script.

      --group-id <group_id>

      If you want to run all of your Edge site pods and containers with a specific group ID (GID), add this flag to the installation script.

      --unset-run-as-idsIf your Edge site is installed on an OpenShift Kubernetes cluster, and you want to run all of your Edge site pods and containers from random UIDs and GIDs, add this flag to the installation script.
      • ./edgecli install -b backup
--registry-url https://private-docker.registry.com 
--registry-user user1 
--registry-pass pass12
2>&1 | tee "edge-installer-$(date +"%Y-%m-%d_%H-%M-%S").log"
    Warning  Do not exclude -b backup.yaml from this command. If you exclude -b backup.yaml from the command, your Edge site will be reinstalled without your backup and previous configurations, such as passwords, encrypted text parameters, and any file parameters in each connection. Additionally, you will not be able to use that backup in any future reinstallations.
  1. Back up your current Edge site.
    Copy
    kubectl get -n <my-namespace> secrets -l edge.collibra.com/backup -o yaml > <PATH_OF_BACKUP_FILE>
    PropertyDescription
    <my-namespace>

    The Edge site namespace.

    • If your Edge site has a custom namespace, add it here.
    • If your Edge site does not have a custom namespace, add the default namespace, collibra-edge.
    <PATH_OF_BACKUP_FILE>The name of the output yaml file containing your Edge site backup. For example, myBackupFile.yaml.
  2. Redownload the installer and save it on your Linux server that has kubectl access to the k8s cluster.
    1. Go to the Edge site page in your Edge environment.
    2. Click ActionsSite Actions.
    3. Click Redownload Installer.
    4. Review and check the required acknowledgment checkbox.
    5. Click DownloadDownload Installer.
    6. Save the new installer to your server where the old installer was saved.

    Note This is a new installer for your Edge site. The previous installer no longer works.

  3. Extract the downloaded installer to an empty folder.
    Copy
    tar -xf installer-<edge-site-id>.tgz
    Note 
    • Keep the installer or the contents of the extracted installer in a secure location on your server. These contents contain various tools that you may need later, for example to troubleshoot issues.
    • If you want to run a script or executable file from the extracted directory, ensure that the directory is not mounted as noexec. If a directory is mounted as noexec, scripts and executable files will be prevented from being run within the directory.

  4. From the extracted TGZ archive directory, run the uninstall command:

    Copy 
    sh edge-cd-helm-chart/helm-uninstall.sh
    Note If your Edge site had a custom namespace, add --namespace <my-namespace>, replacing <my-namespace> with the name of your Edge site namespace.

  5. Run the following command to apply the Edge site backup file:

    Copy 
    kubectl apply -f <PATH_OF_BACKUP_FILE>
  6. From inside the extracted TGZ archive directory , run the helm installer script, including any additional helm install script flags you may need to configure. For example, if you want to use a custom namespace or install your Edge site on an OpenShift cluster.
    Copy
    sh edge-cd-helm-chart/helm-install-prerequisites.sh --namespace <my-namespace> --installer .
    Note When you run the installation command, a list of all of these flags are listed. When you run the full command, every command and property run is listed.
    FlagDescription
    --installer <path_to_extracted_installer>
    Note This property is required for all Edge site installations
    		The path to the downloaded, extracted Edge installer.
    --namespace <my-namespace>

    The identifier of the Edge site.

    • If you are installing multiple Edge sites in the same Kubernetes cluster, each Edge site namespace must be unique. For example, --namespace edge-namespace.
    • If you do not specify a namespace, the default collibra-edge namespace is used.
    Note Throughout the remaining installation steps, replace <my-namespace> in the provided commands with this new namespace name. Example commands will have edge-namespace as an example namespace name.
    --is-openshift

    If you are using an OpenShift cluster, add this flag to deploy Security Context Constraints (SCC) which provide the Edge service accounts with the required permissions.

    --proxy

    If you are using a forward proxy, add this flag to the installation prerequisite script.

    Note If your proxy properties are not in the default proxy.properties file in the root of the Edge installer, you must:

    1. Add your proxy properties to a folder relative to the Edge installer.
    2. Add the file path of the proxy properties file, relative to the Edge installer, to the installation prerequisite script. For example, if you added the proxy properties file to a folder called proxy within the Edge installer folder, add the following to the script:
      --proxy proxy/myproxy.properties

    --ca

    If you want to use a custom certificate, for example to configure a forward man-in-the-middle proxy, add this flag to the installation prerequisite script.

    Note If your custom certificate is not in the default ca.pem file in the root of the Edge installer, you must:

    1. Add your certificate file to a folder relative to the Edge installer.
    2. Add the file path of the custom certificate file, relative to the Edge installer, to the installation prerequisite script. For example, if you added the custom certificate file to a folder called mycerts within the Edge installer folder, add the following to the script:
      --ca mycerts/certs.pem

    --disable-otelIf you don't want to send your metrics and logs to Edge, add this flag to the installation command to disable OpenTelemetry.
    --registry-url <registry-url>

    The URL of your registry.

    Add this flag if you use a private docker registry either with or without authentication.

    For example:

    --registry-url edge-docker-delivery.repository.collibra.io

    --registry-user <registry-user>

    Your registry account username.

    Add this flag if you use a private docker registry with authentication.

    --registry-pass <registry-pass>

    Your registry account password.

    Add this flag if you use a private docker registry with authentication.

    --user-id <user_id>

    If you want to run all of your Edge site pods and containers with a specific user ID (UID), add this flag to the installation script.

    --group-id <group_id>

    If you want to run all of your Edge site pods and containers with a specific group ID (GID), add this flag to the installation script.

    --unset-run-as-idsIf your Edge site is installed on an OpenShift Kubernetes cluster, and you want to run all of your Edge site pods and containers from random UIDs and GIDs, add this flag to the installation script.

  7. Install your Edge site with the Helm install script, including any additional set flags you may need to configure.:

    Copy 
    helm install edge-cd edge-cd-helm-chart/edge-cd -n <my-namespace> --set edgecd.collibraEdgeReleaseName=collibra-edge

    Add these additional flags to the Helm installer script, before the --set edgecd.collibraEdgeReleaseName=collibra-edge line.

    Flag Description
    --set edgecd.image.repository=<registry_url> If you added a registry URL to the installer prerequisite script, add this set flag to the installer script.
    --set global.podSecurityContext.runAsUser=<user_id> If you added a specific UID to run your Edge site pods to the installer prerequisite script, add this set flag to the installer script.
    --set global.containerSecurityContext.runAsUser=<user_id> If you added a specific UID to run your Edge site containers to the installer prerequisite script, add this set flag to the installer script.
    --set global.podSecurityContext.runAsGroup=<group_id> If you added a specific GID to run your Edge site pods to the installer prerequisite script, add this set flag to the installer script.
    --set global.containerSecurityContext.runAsGroup=<group_id> If you added a specific GID to run your Edge site containers to the installer prerequisite script, add this set flag to the installer script.
    --set global.unsetRunAsIds=true

    If your Edge site is installed on an OpenShift Kubernetes cluster, and you added the --unset-run-as-ids flag to the installer prerequisite command to run all of your Edge site pods and containers from random UIDs and GIDs, add this set flag to the installer script.