Upgrading the PingDataGovernance Policy Administration GUI using Docker - PingDataGovernance

Upgrading the PingDataGovernance Policy Administration GUI using Docker - PingDataGovernance - 8.2

PingDataGovernance

bundle

pingdatagovernance-82

ft:publication_title

PingDataGovernance

Product_Version_ce

PingDataGovernance 8.2

category

Product

pdg-82

pingdatagovernance

ContentType_ce

Page created: 22 Jul 2020 |

Page updated: 9 Feb 2021

| 3 min read

8.2 PingDataGovernance Product Upgrading User task Product documentation Content Type Data Governance Capability

If you originally installed the GUI with Docker per Installing PingDataGovernance Policy Administration GUI using Docker, use this procedure to upgrade the PingDataGovernance Policy Administration GUI when a new version is released.

In your current Policy Administration GUI, complete the steps in Backing up policies.
Stop the old Docker container and start the new one.
When a new Docker image for the PingDataGovernance Policy Administration GUI is available, you stop the existing Docker container and start the new container from the new image while mounting the same volumes. The Ping Identity DevOps Docker images use the PingDataGovernance setup tool to update the policy database on the mounted volume, as described in Example: Override the configured policy database location.

Warning:
If you use a shared volume, you should always stop the Docker container running the older version of the Policy Administration GUI before you start the new container.

For example, the following commands stop the running container and run a new image named <pap_new>. This image uses the volumes from <pap_old> to house the policy database. Also, the command uses the same PING_H2_FILE value from Example: Override the configured policy database location to indicate that the PingDataGovernance setup tool should use that location.

Note: For proper communication between containers, create a Docker network using a command such as docker network create --driver <network_type> <network_name>, and then connect to that network with the --network=<network_name> option.
```
$ docker container stop <pap_old>
$ docker run --network=<network_name> --name <pap_new> \
    -p 443:443 -d --env-file ~/.pingidentity/devops \
    --volumes-from <pap_old> \
    --env PING_H2_FILE=/opt/shared/Symphonic \
    pingidentity/pingdatagovernancepap:<TAG>
```
The Docker image <TAG> used in the example is only a placeholder. For actual tag values, see Docker Hub (https://hub.docker.com/r/pingidentity/pingdatagovernancepap).
Warning:
The setup tool uses the default credentials to upgrade the policy database. If the credentials no longer match the default values, the server administrator should pass the correct credentials to the setup tool using the PING_DB_ADMIN_USERNAME, PING_DB_ADMIN_PASSWORD, PING_DB_APP_USERNAME, and PING_DB_APP_PASSWORD UNIX environment variables.
For example, if the old policy database admin credentials have been previously set to admin/Passw0rd, and the application credentials have been set to app/S3cret, the docker run command should include those environment variables as shown in this example.
```
  $ docker container stop <pap_old>
  $ docker run --network=<network_name> --name <pap_new> \
  -p 443:443 -d --env-file ~/.pingidentity/devops \
  --env PING_H2_FILE=/opt/shared/Symphonic \
  --env PING_DB_ADMIN_USERNAME=admin \
  --env PING_DB_ADMIN_PASSWORD=Passw0rd \
  --env PING_DB_APP_USERNAME=app \
  --env PING_DB_APP_PASSWORD=S3cret \
  pingidentity/pingdatagovernancepap:<TAG>
```
The Docker image <TAG> used in the example is only a placeholder. For actual tag values, see Docker Hub (https://hub.docker.com/r/pingidentity/pingdatagovernancepap).

This command ensures that the setup tool has the correct credentials to access the policy database, and that it does not reset credentials to their defaults.
In the new GUI, complete the steps in Upgrading the Trust Framework and policies.