Can tiup update upgrade a single component of TiDB or Data Migration?

This topic has been translated from a Chinese forum by GPT and might contain errors.

Original topic: tiup update 可以升级 tidb或data migration的单个组件吗?

| username: love-cat

[TiDB Usage Environment] Production Environment
[TiDB Version] 5.2.2
[Reproduction Path]

  1. I installed TiDB version 5.2.2. Now the cloud platform has detected vulnerabilities in Grafana. I want to upgrade the Grafana version for TiDB and Data Migration separately. Will there be any version dependency issues?
  2. Can I directly use tiup update to upgrade the components?
    [Encountered Issues: Problem Phenomenon and Impact]
    [Resource Configuration]
    [Attachments: Screenshots/Logs/Monitoring]
| username: 江湖故人 | Original post link

Question 1
It is recommended to use a unified version to avoid some pitfalls.

Question 2
tiup update | PingCAP Documentation Center

tiup update [component1][:version] [component2..N] [flags]
  • [component1] indicates the name of the component to be upgraded
  • [version] indicates the version to be upgraded to. If omitted, it means upgrading to the latest stable version of the component.
  • [component2...N] indicates that multiple components or versions can be specified for upgrade. If no component is specified, i.e., [component1][:version] [component2..N] is empty, the --all option or the --self option needs to be used.

The upgrade operation will not delete the old version, and the old version can still be specified for use during execution.

| username: love-cat | Original post link

We are afraid to upgrade the TiDB cluster due to compatibility issues. Our usage involves using Data Migration for full and incremental synchronization of MySQL data to TiDB. We have encountered compatibility issues during previous upgrades, so we are hesitant to upgrade now.

| username: tidb菜鸟一只 | Original post link

After upgrading Grafana through tiup, it should be ineffective. This basically does not follow version upgrades. I don’t know if the vulnerability scan of Grafana on your so-called cloud platform is done in this way. If possible, it is recommended to block the scan.

| username: 小龙虾爱大龙虾 | Original post link

Upgrading a single TiDB component using the patch method, like Grafana which is relatively simple and stateless, with low compatibility requirements with other components, should allow you to create a patch package and apply it.

| username: love-cat | Original post link

We deployed it for the customer, and the customer is using a cloud platform. They believe that the vulnerabilities detected by the cloud platform cannot be ignored and must be fixed.

| username: wangccsy | Original post link

It should be possible.

| username: 连连看db | Original post link

You still need to confirm which aspect the vulnerability is in first, otherwise you won’t know which version to upgrade to in order to fix the vulnerability. Grafana can be upgraded separately, as it is not native in the first place.

| username: dba远航 | Original post link

Support component upgrades, but have you confirmed if the upgraded version has any issues?

| username: Jellybean | Original post link

  1. The “Grafana vulnerability” you mentioned, can you specify it? If it’s just about the Grafana account password being admin, you can directly change the password to a strong one. Most security requirements can be met this way.

  2. Are you sure upgrading Grafana to a higher version is effective? Have you verified it in a test environment on the same cloud platform? If you upgrade rashly and find it ineffective, it will be a waste of effort.

  3. Regarding how to upgrade only the Grafana component, tiup upgrades the cluster using tiup cluster. As far as I remember, to avoid misuse by users, TiUP Cluster does not support upgrading specific nodes.

If you are determined to proceed, you can consider using the tiup cluster patch function. During the cluster’s operation, it dynamically replaces the binary file of a service, keeping the cluster available during the replacement process, thereby indirectly achieving the purpose of upgrading a single node.

  1. If possible, it is recommended to meet security requirements by setting firewall policies, configuring black and white lists, etc.
    In short, try to keep all components of the cluster at the same version to avoid unknown issues caused by version inconsistencies.
| username: TIDB-Learner | Original post link

If upgrading across major versions, it is recommended to upgrade the entire system. If not upgrading across major versions, patch upgrades should be fine.

| username: Kongdom | Original post link

Has this issue been resolved?
If it has been resolved, please mark the question as [Marked as Best Answer] so that it can be searchable and help others find the answer more efficiently.
If your issue has not been resolved, please continue to ask and provide feedback on the problems you encountered, including operation prompts or screenshots.