keycloak-scim/upgrading/topics/rhsso/intro.adoc
2022-10-19 08:42:12 +02:00

60 lines
3.6 KiB
Text

[[intro]]
== Upgrading Red Hat Single Sign-On
Red Hat Single Sign-On (RH-SSO) {project_versionDoc} is based on the Keycloak project and provides security for your web applications by
providing Web single sign-on capabilities based on popular standards such as SAML 2.0, OpenID Connect, and OAuth 2.0.
The Red Hat Single Sign-On Server can act as a SAML or OpenID Connect-based identity provider, mediating with your
enterprise user directory or third-party SSO provider for identity information and your applications using standards-based
tokens.
RH-SSO provides two operating modes: standalone server or managed domain. The standalone server operating mode represents
running RH-SSO as a single server instance. The managed domain operating mode allows for the management of multiple
RH-SSO instances from a single control point. The upgrade process differs depending on which operating mode has been
implemented. Specific instructions for each mode are provided where applicable.
The purpose of this guide is to document the steps that are required to successfully upgrade from
Red Hat Single Sign-On 7.x to Red Hat Single Sign-On {project_versionDoc}.
=== About upgrades
Depending on your version of RH-SSO, you choose one of three types of upgrade. However, if you starting from Keycloak, you choose xref:keycloak-migration[this procedure].
==== Major upgrades
A major upgrade or migration is required when RH-SSO is upgraded from one major release to another, for example, from
Red Hat Single Sign-On 7.2 to Red Hat Single Sign-On 8.0. There may be breaking API changes between major releases
that could require rewriting parts of applications or server extensions.
==== Minor updates
Red Hat Single Sign-On periodically provides point releases, which are minor updates that include bug fixes, security
fixes, and new features. If you plan to upgrade from one Red Hat Single Sign-On point release to another, for example,
from Red Hat Single Sign-On 7.3 to Red Hat Single Sign-On {project_versionDoc}, code changes should not be required for applications or
custom server extensions as long as no private, unsupported, or tech preview APIs are used.
==== Micro updates
Red Hat Single Sign-On {project_versionDoc} also periodically provides micro releases that contain bug and security fixes.
Micro releases increment the minor release version by the last digit, for example from {project_versionDoc}.0 to {project_versionDoc}.1. These releases
do not require migration and should not impact the server configuration files. The patch management system for ZIP
installations can also roll back the patch and server configuration.
A micro release only contains the artifacts that have changed. For example if Red Hat Single Sign-On {project_versionDoc}.1 contains changes to
the server and the JavaScript adapter, but not the EAP adapter, only the server and JavaScript adapter are released and require
updating.
[id="keycloak-migration"]
=== Migrating Keycloak to RH-SSO
You can migrate to Red Hat Single Sign-On, the supported Red Hat product, from Keycloak, the community project.
.Prerequisites
* To learn about new features before the upgrade, review the xref:release_changes[changes].
* Verify that you have installed the correct version of Keycloak as a starting point. To migrate to Red Hat Single Sign-On {project_versionDoc}, first install Keycloak {keycloak_upgrade_version}.
.Procedure
. Perform the xref:_upgrading_minor[Minor Upgrades] procedure. Although this procedure is labelled *Minor Upgrade*, the same steps apply for this migration.
. Perform the xref:_upgrade_adapters[Adapter Upgrade procedure].