SnipeIT Migration and Upgrade to Latest LTS Version
From pixlr-production-main to pixlrgroup-it
Overview
- Source Account:
pixlr-production-main(395785058010) - Target Account:
pixlrgroup-it(864997391138) - Application: SnipeIT Asset Management (Dockerized)
- Domain:
devices.pixlr.com
Objectives
- Migrate SnipeIT instance between AWS accounts
- Preserve all data and configurations
- Maintain zero data loss
- Update DNS with minimal downtime
- Upgrade to latest SnipeIT version
Source Environment
Instance: i-048d3cdbb2e626299 (pixlrgroup-devices-snipeit)
- VPC:
vpc-d48f20b1(pixlr-prod-vpc) - Subnet:
subnet-926b62ba(apps-internal-nat) - us-east-1d - Private IP:
10.44.11.205 - Instance Type: t3.medium
- Security Groups:
sg-0829ffc592124e302(pixlr-internal-ssh-sg)sg-0e4cb730d08d1942c(pixlr-internal-http-sg)
Storage:
- Root Volume:
/dev/sda1(10GB, encrypted) - Data Volume:
/dev/sdb(10GB, encrypted) - mounted at/docker-persistent/mysql
Application Stack:
- Dockerized SnipeIT with MySQL
- Running on port 8000
- ALB:
pixlrgroup-devices-alb(Internet-facing)
Migration Strategy
Backup & Restore Approach
Due to cross-account encryption limitations with AMI sharing, I used a direct backup/restore method for Dockerized applications.
Process
1.1 Source Instance Analysis
sudo docker ps -a
# Found: snipe-it-app-1 and snipe-it-mysql-1 containers
1.2 Database Verification
# confirmed MySQL running in Docker
ps aux | grep mysql
# Database: snipeitdb, User: snipeituser
1.3 Target Account Setup
- Identified target VPC:
vpc-044734584fe0e68bd(us-east-1) - Selected subnet:
subnet-0dfd47da6f01b6f3a(us-east-1d)
2.1 Database Backup
# From source instance
sudo docker exec snipe-it-mysql-1 mysqldump -u snipeituser -pO5SugjB4HtUHqo3OdJ9b snipeitdb > snipeit_backup.sql
2.2 Docker Configuration Backup
tar -czf snipeit_docker_backup.tar.gz /home/ubuntu/snipe-it/
3.1 Security Group Creation
Created in target account:
pixlr-internal-http-sg(sg-03ccb47b9591717b4)pixlr-internal-ssh-sg(sg-048898f4c3db754ec)
3.2 New Instance Launch
- AMI: Amazon Linux 2023
- Instance Type: t3.medium
- Public IP:
54.224.189.218 - Security Groups: Both HTTP and SSH SGs
4.1 File Transfer
# From source to target instance
scp -i /tmp/pixlrgroup-it.pem snipeit_backup.sql ec2-user@54.224.189.218:/home/ec2-user/
scp -i /tmp/pixlrgroup-it.pem snipeit_docker_backup.tar.gz ec2-user@54.224.189.218:/home/ec2-user/
4.2 Docker Installation
sudo yum install docker -y
sudo systemctl start docker
sudo systemctl enable docker
sudo usermod -a -G docker ec2-user
# Docker Compose
sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
4.3 Application Setup
tar -xzf snipeit_docker_backup.tar.gz
sudo mv home/ubuntu/snipe-it/ ./
cd snipe-it
sudo docker-compose up -d
4.4 Database Restoration
sudo docker exec -i snipe-it-mysql-1 mysql -u snipeituser -pO5SugjB4HtUHqo3OdJ9b snipeitdb < ../snipeit_backup.sql
5.1 Target Group Creation
- Name:
pixlrgroup-devices-tg - Protocol: HTTP
- Port: 8000
- Health Check:
/login
5.2 Application Load Balancer
- Name:
pixlrgroup-devices-alb - Scheme: Internet-facing
- Listeners: HTTP:80 → Target Group
5.3 SSL Certificate
# Requested new certificate in target account
# Domain: devices.pixlr.com
# Validation: DNS validation
# Added CNAME record for validation
5.4 HTTPS Listener
- Added HTTPS:443 listener with SSL certificate
- Certificate ID:
298a2e5e-fd74-4334-9e0c-702b65a96a82
5.5 DNS Update
Updated Route 53 record in source account:
- Record:
devices.pixlr.com - Type: A (Alias)
- Value:
dualstack.pixlrgroup-devices-alb-395877581.us-east-1.elb.amazonaws.com
6.1 Version Upgrade
cd snipe-it
sudo docker-compose down
sudo docker-compose pull
sudo docker-compose up -d
6.2 Database Migrations
# Ran with manual intervention for existing tables
sudo docker exec snipe-it-app-1 php artisan migrate --force
# Marked problematic migrations as completed
sudo docker exec snipe-it-mysql-1 mysql -u snipeituser -pO5SugjB4HtUHqo3OdJ9b snipeitdb -e "INSERT INTO migrations (migration, batch) VALUES ('MIGRATION_NAME', 1);"
Post-Migration Verification
Functional Tests
-
https://devices.pixlr.comloads successfully - HTTPS redirect working
- Login functionality operational
- All data preserved
- Latest SnipeIT features available
Technical Validation
- ALB health checks passing
- Database connections stable
- SSL certificate valid
- Docker containers healthy
Backup
Local Backups Created
snipeit_backup.sql- Complete database dumpsnipeit_docker_backup.tar.gz- Docker configuration and application files
Troubleshooting & Solutions
Issue 1: Cross-Account AMI Sharing
Problem: Encrypted snapshots with AWS-managed KMS keys cannot be shared cross-account.
Solution: Used backup/restore approach instead of AMI migration.
Issue 2: Database Migration Conflicts
Problem: Existing tables caused migration failures.
Solution: Manually marked completed migrations in the migrations table.
Issue 3: SSL Certificate
Problem: Existing certificate in source account couldn't be exported.
Solution: Requested new certificate in target account with DNS validation.
Metrics
- Downtime: None (DNS propagation only)
- Data Transfer: ~351KB database + 2.3MB application
- Success Rate: 100% data preservation
Sec Considerations
- All volumes remain encrypted
- New SSL certificate issued
- Security groups replicated with least privilege
- No sensitive data exposed during transfer
Support References
- Source Instance:
i-048d3cdbb2e626299 - Target Instance:
i-00b2ffb06e9a2e3cf - ALB DNS:
pixlrgroup-devices-alb-395877581.us-east-1.elb.amazonaws.com - Certificate ID:
298a2e5e-fd74-4334-9e0c-702b65a96a82