Octopus Server Migration - invalid Master Key

(Ali) #1

Hi

We are migrating Octopus Server to different datacentre.

I have restored the DB to new DB Server, started the installation of new Octopus Deploy but when i get to Master Key step, it gives me error saying:
Please enter a valid master key for the existing database.

I have the key (current server is still in use and i even copied from the existing server).

Could you point me to the right direction what could be the issue and where to check?

#2

Hi Ali,

Thanks for getting in touch!

Sorry to hear that you are having issues with moving your Octopus install to a new datacenter. As the migration process is very rigid would you be able to confirm some information for me?

Firstly, can you confirm that you exported your Master Key using the method outlined here? If you attempted to copy the key directly that would explain why you are seeing your current issue. Can you also confirm that you are keeping the versions consistent (i.e. you are not attempting to perform an upgrade at the same time)?

We have a documentation page that outlines the complete steps required to complete a move, so if you can review and double check that everything has been performed in the correct order that would also be very much appreciated.

Sorry for the 20 questions, just need to narrow down where the issue could be.

I look forward to resolving this issue with you,

Regards,

Alex

(Ali) #3

Hi Alex

Thank you for your reply.

The master key was saved/copied the same way it mentions in the document you linked.
However, i think the problem is i am migrating to up-to-date version instead of the one we currently have.

I will try migrating to the same version and then upgrade. I will keep you updated.

Thanks again

Ali

(Ali) #4

Hi Alex,

Thanks, the migration worked. However the service isn’t starting because the TaskLogs path is different than on the new server. (drives are different)

Is it possible to know where in DB it needs to be changed?

#5

Hi Ali,

Glad to hear that you are most of the way there with your migration! Fortunately moving the TasksLog folder is fairly straightforward with a single command:

Octopus.Server path --taskLogs=<NewDirectoryPath>

More information is available here if you need to adjust any other folder paths as part of this migration.

Please let me know how this goes, hopefully I hear that all is well shortly,

Regards,

Alex

(Ali) #6

Hi Alex,

Thanks for the assistance. Due to some network issues on our side, i am unable to do the changes yet. I will update you soon.

Thanks

#7

Hi Ali,

Thanks for letting me know, I look forward to hearing from you!

Regards

Alex

(Ali) #8

Hi Alex

Thanks for the help. The script ran and octopus is started.

I am having trouble logging in but that is because the domain i was authenticate against isnt there anymore. I will have to change the domain it should authorise against.

Thanks again

#9

Hi Ali,

No problems, and thanks for the update! Let me know if there is anything else we can assist with.

Regards,

Alex

(Ali) #10

Hi Alex,

Sorry for bugging you again, but I have a different question. Not sure if i should open another discussion, but basically the migration of the Octopus server also includes leaving the local domain and using the real domain for authentication.

I have read in the documentation but we cannot have the old domain as trusted domain.
Is there a way to authenticate the migrated octopus server with the new domain and keep the old users? perhaps change the username? What would be the best approach for this? I won’t mind creating new accounts for users and it is less than 20 if i can keep API keys attached and perhaps service accounts?

#11

Hi Ali,

Thanks for the reply. In future the best approach is to keep questions separate as in some cases they are handled by different teams :).

In this case I will need to engage with some colleagues who will be in touch with you shortly.

Regards

Alex

#12

Hi Ali,

Fortunately this should be fairly straightforward!

Once you have added the new domain as an AD authentication provider all you will need to do is login with an Octopus administrator account and update the required user accounts email addresses to match the new domain. Once that is complete the users should be able to login as normal.

Please let me know if you have any further issues or questions,

Regards
Alex

(system) closed #14