This topic describes how you can upgrade to VMware Tanzu Operations Manager v2.10.2 or later directly from v2.5 and later, skipping minor versions. This is called a jump upgrade.
Jump upgrading enables you to upgrade directly to the long-term support (LTS) version of Tanzu Operations Manager, which is v2.10. Jump upgrading Tanzu Operations Manager v2.10 is supported through April 2024. For more information, see Long-Term Support for Ops Manager v2.10 in Tanzu Operations Manager v2.10 Release Notes.
Prerequisites
Before you jump upgrade to Tanzu Operations Manager v2.10.2 or later:
-
If you are using Tanzu Operations Manager v2.10.8 or earlier, you must complete any in-progress CA rotation before you can jump upgrade. Failure to complete the CA rotation results in the inability to Apply Changes due to safety violations.
-
If you are on Tanzu Operations Manager v2.4 or earlier, you must do standard upgrades for each version up to v2.5 before you can jump upgrade to v2.10.
-
To upgrade to Tanzu Operations Manager v2.10, you must ensure that the products you have installed are compatible with Tanzu Operations Manager v2.10.
-
You must have no changes to any product tile or service instance currently staged.
-
If you are using vSphere with NSX-T, you must have NSX-T v2.3 or later installed.
-
You have installed Trusty stemcell 3541 or later.
BOSH DNS certificates regeneration
In Tanzu Operations Manager v2.10.9 and later, BOSH DNS leaf certificates are generated to include the subject alternative name (SAN) field. This migration process is required before you upgrade to Tanzu Operations Manager v2.10.33 and later. If you do not complete this migration before upgrading to v2.10.33 or later, you might experience unexpected BOSH DNS resolution issues until the change is rolled out to all VMs.
When you upgrade to v2.10.9 or later, the BOSH DNS leaf certificates are automatically regenerated to include the SAN field on the next Apply Changes.
To allow DNS certificate regeneration and avoid communication issues between system components:
-
Run the Upgrade service instances errand on all service tiles.
-
Apply Changes to all tiles.
Jump upgrade
After you ensure your deployment meets the requirements described in Prerequisites above, you can upgrade to Tanzu Operations Manager to v2.10.2 or later.
To jump upgrade to Tanzu Operations Manager to v2.10.2 or later:
-
Review the table in Breaking changes below and address any breaking changes that apply to your current Tanzu Operations Manager version.
-
Follow the procedure in Upgrading Tanzu Operations Manager.
Breaking changes
The following table describes the breaking changes that affect Tanzu Operations Manager v2.5 through v2.9 and how to address them before you upgrade:
| Upgrading From | Breaking Change | Action Before Upgrading |
|---|---|---|
| Any prior to v2.10.33 | For Tanzu Operations Manager v2.10.9 and later, BOSH DNS leaf certificates are generated to include the subject alternative name (SAN) field. If you do not distribute the BOSH DNS leaf certificates to all VMs, you can experience downtime caused by communication issues between system components. | When upgrading to Tanzu Operations Manager v2.10.9 or later, run the Upgrade service instances errand on all service tiles and Apply Changes to all tiles. For more information, see BOSH DNS certificates regeneration above |
| v2.4 | Tanzu Operations Manager release artifacts are renamed for smoother automation. This could cause your pipeline jobs break due to outdated product filenames. | If you use automation scripts or other tools to access release artifacts, update them to match the new filename scheme. |
| v2.5 | You can only SSH onto the Tanzu Operations Manager VM in a vSphere deployment with a private SSH key, not a password. You could get an error when authenticating that causes Tanzu Operations Manager to shut down and enter a reboot loop. | Add a public key to the OVF template for the Tanzu Operations Manager VM. Then, use the private key to SSH onto the Tanzu Operations Manager VM. For more information, see Deploy Ops Manager in Deploying Ops Manager on vSphere. |
| v2.4 and v2.5 | The stemcell property for the Tanzu Operations Manager API /api/v0/diagnostic_report endpoint is removed. This could cause an error when retrieving Tanzu Operations Manager diagnostic reports. |
Update any automation scripts that use the stemcell property. For more information, see Stemcell Property for Diagnostic Report API Endpoint is Removed in Tanzu Operations Manager v2.6 Release Notes. |
| v2.4 and v2.5 | The stemcell version key for pending changes is moved and renamed. This could cause an error when retrieving Tanzu Operations Manager API pending changes. |
Update your automation scripts that use the stemcell information in the /api/v0/pending_changes endpoint. |
| v2.4 and v2.5 | Trusty stemcells 3541 and earlier are no longer supported. If your deployment is on AWS and using outdated stemcells, Tanzu Operations Manager fails to boot. | Install Xenial stemcells or Trusty stemcell 3586 or later. For more information, see AWS Deployments Use 5th Generation Instances in Tanzu Operations Manager v2.6 Release Notes. |
| v2.4, v2.5, and v2.6 | The /api/v0/stemcells_assignments endpoint in the Tanzu Operations Manager API is removed. This could cause an error when retrieving Tanzu Operations Manager API stemcell assignments. |
Update your automation scripts to use the /api/v0/stemcell_associations endpoint instead. For more information, see Stemcell Associations for Products in the Tanzu Operations Manager API documentation. |
| v2.4, v2.5, and v2.6 | Tanzu Operations Manager v2.10 installs a later version of the BOSH CLI. This could cause your BOSH CLI automation scripts to stop working. | Update your automation scripts to use BOSH CLI v2. For more information, see Installing the CLI and Commands in the BOSH documentation. |
| v2.4, v2.5, and v2.6 | Certain properties within a collection or selector are no longer configurable in the Tanzu Operations Manager UI and API. | Update your automation scripts to remove these properties. For more information about the tile properties you can configure in Tanzu Operations Manager v2.10.2, see the release notes for that tile. |
| v2.4, v2.5, and v2.6 | The nsx_security_groups property is renamed security_groups for NSX-V deployments and ns_groups for NSX-T deployments. Additionally, the Tanzu Operations Manager API does not recognize NSX-related properties that are not nested under an nsx or nsxt key. If your deployment is on vSphere, Tanzu Operations Manager API does not update parameters for NSX-V or NSX-T. |
Update your automation scripts to use the appropriate properties for your deployment. For more information, see Configuring resources for a job in the Tanzu Operations Manager API documentation. |
| v2.4, v2.5, v2.6, and v2.7 | If TLS is not enabled before upgrade and Windows stemcells are in use, Apply Changes can fail. Tanzu Operations Manager enables TLS by default when an internal blobstore is configured. | Enable the internal blobstore TLS on the Director Config pane under the BOSH Director tile. To re-create all Windows-based VMs, do one of the following:
|
| v2.5, v2.6, v2.7, and v2.8 | Tanzu Operations Manager v2.9 is incompatible with vSphere Data Center NSX-T v2.2 and earlier. | Upgrade to NSX-T v2.3 or later. For more information, see Ops Manager v2.9 Incompatible with vSphere Data Center NSX-T v2.2 and Earlier in Tanzu Operations Manager v2.9 Release Notes. |
| v2.8 and v2.9 | Tanzu Operations Manager v2.10 includes CredHub Maestro v8.0. In this version of CredHub Maestro, the `maestro update-transitional latest` command is removed. | If you have scripts that rely on the `maestro update-transitional latest` command, remove references to the command before you upgrade to Tanzu Operations Manager v2.10. In CredHub Maestro v8.0, you run `maestro regenerate ca` to regenerate a certificate authority (CA) and mark the latest version of the CA as transitional. This command performs both actions, while previous versions of CredHub Maestro use a separate command for each task. |
For breaking changes between Tanzu Operations Manager v2.10 and v2.10, see Breaking changes in Tanzu Operations Manager v2.10.
