Is there a way to migrate from plugin version 0.4.0 to 0.10.1

[axcosta]

• What are you trying to do? Trying to migrate already created blobstores from plugin version 0.4.0 to 0.10.1
• What feature or behavior is this required for? Migrate/backup/restore feature
• How could we solve this issue? (Not knowing is okay!) Is there a way to do this (even if manually)

[nblair]

Great question @axcosta. Between release 0.4.0 and 0.10, we redesigned how the "deleted blobs index" data was stored in Datastore and moved the storage of total blob count and size from a file in the bucket to Datastore. More detail on these changes can be found in https://github.com/sonatype-nexus-community/nexus-blobstore-google-cloud/blob/master/design/datastore_for_blobstore_metadata.md.

I'd still like to explore this idea with you, if you are willing.

Do you have multiple google cloud blobstores in your NXRM instance? Have you run the "compact blobstore" task successfully against the google cloud blobstore? What is the current blobstore total blob count and size? What is your tolerance for precision on the total blob count and size?

[axcosta]

Thanks for your prompt answer, @nblair !

Answers below:

• Do you have multiple google cloud blobstores in your NXRM instance? Yes, there are two blobstores (one for proxy, other for private artifacts)
• Have you run the "compact blobstore" task successfully against the google cloud blobstore? Had not run this task yet.
• What is the current blobstore total blob count and size?
  • proxy -> 120K (count); 10GB (size)
  • private artifacts -> 24 (count); 150KB (size)
• What is your tolerance for precision on the total blob count and size? In the case of proxy, we can rebuild that from ground without any hassle. In the case of our own private artifacts, I'd rather not lose anything.

[nblair]

🤔ok, this helps. I want to highlight it's fantastic to hear you're successfully proxying that many artifacts 👍 - at least I hope it's been successful :)

I'm assuming you plan to do an in-place upgrade if your existing NXRM instance? Here are some of the challenges we face:

• 0.4.0 was written against the legacy Datastore offering. Since it's working for you, that means the GCP project hosting your NXRM only supports legacy Datastore. 0.10 is intended to be used against Firestore in Datastore mode. Google Cloud Platform doesn't support one project having both legacy Datastore and Firestore; you have to pick one before you store any data.
• In 0.4.0, both the total blobstore size and blob count were tracked in 2 values in a single text file (you can imagine the hoops internally we needed to deal with the concurrent adds/removes). In 0.10, the size and counts are sharded. If you are familiar with the layout of the files in the bucket, there is a size and count value tracked per vol folder. Sharding this data follows Google's recommendations for data like this (see https://cloud.google.com/datastore/docs/best-practices#sharding_and_replication), and helps us scale that out in a safer manner.
• The Google SDK only lets you get sizes for individual files; you can't interrogate the size of the whole bucket or the size under a particular prefix.

The first fact would prevent you from being able to do an in-place upgrade with the blobstore plugin in the same GCP project. Given the size of the proxy, the time/resource to walk through all the content would be prohibitive to recalculating the sizes of the vol shards.

Is running a new NXRM instance with the latest versions in a new GCP project be an option to consider?

[axcosta]

@nblair , yes, it's been successful so far running NXRM in GKE at GCP. Although I think Nexus is an extremely outdated software BUT I cannot afford any paid solution at the moment.

Answering to your question, yes, I can use a new GCP project. And keep in mind that for the proxied artifacts I'm not so worried on preserving those. I'm looking really for a solution to migration of the private ones (which are very few).

Thank you again for your time on this!

[nblair]

@axcosta thanks for your willingness to try using a second instance, that helps us here.

Assuming that the private blobstore only has one repository, this is what I would do:

Current state

• http://oldserver/proxy repository (proxy type) using the GCP blobstore against bucket1 storage bucket
• http://oldserver/private repository (hosted type) using the GCP blobstore against private storage bucket

New Server

• http://newserver/proxy repository (proxy type) using GCP blobstore against bucket2 storage bucket.
• http://newserver/private repository (proxy type) using GCP blobstore against private2 storage bucket

In this scenario the private repository in the new server is a proxy repository of http://oldserver/private against a new, empty bucket. As all of the artifacts are fetched through http://newserver/private, all of the content is migrated properly into the bucket. Once all content has been fetched, the oldserver can be decommissioned, as the proxy can continue to host the content. On the new server's proxy repository, you need to be aware of two things:

1. You can stop the proxy from making additional requests to the remote once the oldserver is gone by checking "Block outbound connections on the repository".
2. The Invalidate Cache button on http://newserver/proxy will become dangerous, as it will delete your content, and without the oldserver you would have no way to rebuild (You'd need to engage your backup strategy at that point).

In this proposed state, http://newserver/private would act just like http://oldserver/private to your clients, unless you needed to publish.

If you need to publish to this private repository on the new server, I would recommend employing a group repository type:

• http://newserver/private repository (group type) using GCP blobstore against private2 storage bucket. The group contains the following two additional repositories:
  • http://newserver/old-private repository (proxy type), using private2 bucket, proxying http://oldserver/private
  • http://newserver/private-publish repository (hosted type), using private2 bucket

In this scenario, your clients consuming private artifacts from oldserver can continue to access them from the same url and path. The only difference would be for your publishers, who would need to change their publishing path to /private-publish instead of /private.

Would this work for you? By rebuilding the bucket via these combinations of repositories, they can naturally rebuild the content the way the should be through normal client activity, and we don't have to have downtime for a potentially messy migration.

[nblair]

Hi @axcosta! Any feedback on the above idea? I have some time blocked off tomorrow to work on the plugin, let me know if that strategy will work or if we need to explore further.

[axcosta]

Hi Nicholas,

Sorry not responding earlier as I have been on vacations just returning today back to work. Yes, definitely your idea worked well on our case. We have two instances running at the moment (there are artifacts which are not accessed often, so that's why we're still maintaining the old and new Nexus) being the "old" instance configured as a proxy.

Thank you very much for your help on this matter!

Best regards, Andre.

Em qua., 19 de fev. de 2020 às 11:58, Nicholas Blair < notifications@github.com> escreveu:

Hi @axcosta https://github.com/axcosta! Any feedback on the above idea? I have some time blocked off tomorrow to work on the plugin, let me know if that strategy will work or if we need to explore further.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/sonatype-nexus-community/nexus-blobstore-google-cloud/issues/55?email_source=notifications&email_token=ABAPPXF5TSU5RDAD3XLVIODRDVCLFA5CNFSM4KNMIQPKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEMIFFLI#issuecomment-588272301, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABAPPXHGFRWVV7FDWS5OM5TRDVCLFANCNFSM4KNMIQPA .

[nblair]

Awesome @axcosta - I'm glad to hear it worked :) Thanks for the follow up!