1. Deploying and Managing Oracle Unified Directory on Kubernetes
  2. Administering Oracle Unified Directory on Kubernetes
  3. Patching and Upgrading
  4. Upgrading from Oracle Unified Directory 12.2.1.4 to 14.1.2
  5. Performing the Upgrade from 12c to 14c

13.2.1 Performing the Upgrade from 12c to 14c

Run the following steps to upgrade the Oracle Unified Directory (OUD) 12.2.1.4 deployment to 14.1.2.1.0:

Note:

Administrators should be aware of the following:
  • If you are not using Oracle Container Registry or your own container registry, then you must first load the OUD 14c container image on all nodes in your Kubernetes cluster.
  • If you have Kubernetes Horizontal Pod Autoscaler (HPA) enabled, you must disable HPA before performing the steps below. See, Deleting the Horizontal Pod Autoscaler.
  1. Download the OUD 14c deployment scripts as per Setting Up the Code Repository for OUD.
  2. Take a backup of the persistent volume directory:
    sudo cp -rp <persistent_volume>/oud_user_projects <persistent_volume>/oud_user_projects_bkp12c
    For example:
    sudo cp -rp /nfs_volumes/oudpv/oud_user_projects /nfs_volumes/oudpv/oud_user_projects_bkp12c
  3. Navigate to the $WORKDIR/kubernetes/helm14c directory:
    cd $WORKDIR/kubernetes/helm14c
  4. Create an oud-patch-override.yaml file that contains:
    image:
  repository: <image_location>
  tag: <image_tag>
 imagePullSecrets:
   - name: orclcred
    For example:
    image:
  repository: container-registry.oracle.com/middleware/oud_cpu
  tag: 14.1.2.1.0-jdk17-ol8-<YYMMDD>
imagePullSecrets:
  - name: orclcred

    Note:

    If you are not using Oracle Container Registry or your own container registry for your OUD container image, then you can remove the following:
    imagePullSecrets:
  - name: orclcred
    If you have also upgraded your version of Kubernetes since the last container image update, you also need to add the following to the file:
    cronJob:
  kubectlImage:
    repository: bitnami/kubectl
    tag: <version>
    pullPolicy: IfNotPresent
    Where the <version> in kubectlImage: tag: should be set to the same version as your Kubernetes version (kubectl version). For example if your Kubernetes version is 1.30.3 set to 1.30.3.

    If your cluster does not have access to the internet to pull the bitnami/kubectl image, you must load the images in a local container registry and set the repository tag appropriately.

  5. Run the following command to upgrade the deployment:
    helm upgrade --namespace <namespace> \
--values oud-patch-override.yaml \
<release_name> oud-ds-rs --reuse-values
    For example:
    helm upgrade --namespace oudns \
--values oud-patch-override.yaml \
oud-ds-rs oud-ds-rs --reuse-values
    The output will look similar to the following:
    Release "oud-ds-rs" has been upgraded. Happy Helming!
NAME: oud-ds-rs
LAST DEPLOYED: <DATE>
NAMESPACE: oudns
STATUS: deployed
REVISION: 2
NOTES:
#
# Copyright (c) 2025, Oracle and/or its affiliates.
#
# Licensed under the Universal Permissive License v 1.0 as shown at
# https://oss.oracle.com/licenses/upl
#
#
Since "nginx" has been chosen, follow the steps below to configure nginx ingress controller.
Add Repo reference to helm for retriving/installing Chart for nginx-ingress implementation.
command-# helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx

Command helm install to install nginx-ingress related objects like pod, service, deployment, etc.
# helm install --namespace <namespace for ingress> --values nginx-ingress-values-override.yaml lbr-nginx ingress-nginx/ingress-nginx

For details of content of nginx-ingress-values-override.yaml refer README.md file of this chart.

Run these commands to check port mapping and services:
# kubectl --namespace <namespace for ingress> get services -o wide -w lbr-nginx-ingress-controller
# kubectl describe --namespace <namespace for oud-ds-rs chart> ingress.extensions/oud-ds-rs-http-ingress-nginx
# kubectl describe --namespace <namespace for oud-ds-rs chart> ingress.extensions/oud-ds-rs-admin-ingress-nginx

Accessible interfaces through ingress:
(External IP Address for LoadBalancer NGINX Controller can be determined through details associated with lbr-nginx-ingress-controller)

1. OUD Admin REST:
   Port: http/https

2. OUD Data REST:
   Port: http/https

3. OUD Data SCIM:
   Port: http/https

4. OUD LDAP/LDAPS:
   Port: ldap/ldaps

5. OUD Admin LDAPS:
   Port: ldaps

Please refer to README.md from Helm Chart to find more details about accessing interfaces and configuration parameters.


Accessible interfaces through ingress:

1. OUD Admin REST:
   Port: http/https

2. OUD Data REST:
   Port: http/https

3. OUD Data SCIM:
   Port: http/https

Please refer to README.md from Helm Chart to find more details about accessing interfaces and configuration parameters.
    The helm upgrade will perform a rolling restart of the OUD pods.
  6. Run the following command and make sure all the OUD pods are started:
    kubectl get pods -n <namespace> -w
    For example:
    kubectl get pods -n oudns -w
  7. Once the pods are up and running, you can run the following command to show the OUD 14c container image is used by the pods:
    kubectl describe pod <pod> -n <namespace>
    For example:
    kubectl describe pod oud-ds-rs-0 -n oudns
    The output will look similar to the following:
    ...
Containers:
  oud-ds-rs:
    Container ID:   cri-o://6a35ef3a0721015aa99b2aaeebdc96528c8166db7bf36176f0b9665e43c10ded
    Image:          container-registry.oracle.com/middleware/oud_cpu:14.1.2.1.0-jdk17-ol8-<DDYYMM>
    Image ID:       container-registry.oracle.com/middleware/oud_cpu@sha256:2ae38d6bdca4c411d6b62289cf80563f611a1fdcbaf01632be7b4fa6a4169000
  8. Verify the OUD deployment where applicable: