Migrating cpServer controlPlane node
This section describes the steps for cpServer controlPlane node migration.
Note:
It is recommended to use the same node pool for primary and cpServer controlPlane.
Steps for cpServer controlPlane node migration
- Create new nbunewpool node pool with required data (with appropriate taints and labels).
Note:
Ensure that the new node pool uses the same subnets or compatible subnets in the same Availability Zones as the original deployment.
- Validate subnet compatibility and network configuration:
For AKS:
Verify Azure Files/NetApp Files availability across all target zones.
Confirm new node pool subnet and zone compatibility with existing storage configuration.
Check that virtual network peering and routing support the new node placement.
For EKS:
Verify that AWS Load Balancer Controller and CNI are configured for the target subnets.
Confirm EFS mount targets exist in all Availability Zones where the new node pool will be deployed.
Check that target subnets are properly tagged for Kubernetes cluster discovery.
If EFS mount targets are missing in target AZs, create them before proceeding with migration.
Ensure that the security groups allow NFS traffic (port 2049) between nodes and EFS mount targets.
- Set the required permissions and assign the role.
For AKS: For plugin configuration, the kubernetes cluster requires permissions to be assigned to the System Managed Identity as follows:
Obtain the name of the infrastructure resource group for the kubernetes cluster.
Enable the System Managed Identity on the identified nodepool (
nbunewpool).Assign the role having the Snapshot Manager permission.
For EKS: For plugin configuration, the kubernetes cluster requires permissions to be assigned to IAM of primary nodepool. The IAM role must be assigned during the node pool creation as follows:
Assign the appropriate IAM role to the nbunewpool nodepool.
- Configure Instance Metadata Service (IMDS) for AL2023 compatibility:
Critical for Amazon Linux 2023: AL2023 AMI for EKS nodes enforces
IMDSv2 hop limit = 1by default, which prevents NetBackup containers from accessing AWS metadata service.For more information, see Upgrade from Amazon Linux 2 to Amazon Linux 2023.