IBM DataPower Operations Dashboard v1.0.22.x

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 6 Next »

Prepare for Upgrade

Make sure to follow Preparing for Upgrade before applying the upgrade.

Special Step 1 for 1.0.22.0 Upgrade of DPOD Appliance Mode

For DPOD Appliance Mode users only:
It is required to install some packages before applying the upgrade. Please follow now the instructions documented in the Special Step 1 page.

Obtain the Software Upgrade

  • Download the CEF file and its md5 checksum file from IBM Fix Central (file name is DPOD-fixpack-<version number>.cef).
    Verify the CEF file integrity by calculating its md5 checksum and comparing it to the downloaded md5 checksum file.

  • The upgrade is packaged as a CEF (Compressed Executable Format) file.

  • The CEF file may be executed from any directory that meets the following requirements (e.g.: /installs/update/fix/TODO):

    • The directory is NOT mounted with noexec flag (e.g.: in /etc/fstab).

    • The directory is NOT one of the following: /app, /logs, /data, /tmp.

  • Copy the CEF file into the chosen directory.

Make Sure there is Enough Free Disk Space

Inspect the free space of each mount point. You may use the following command:

df -h

The following table lists the required available space:

Mount Point

Required Available Space

/

100 MB

/installs

6 GB

If there is not enough free space on the /installs mount point, you may free some from the following directories:

Directory

Description

/installs/update/fix/TODO

Remove old DPOD update files (.sfs / .cef).

/installs/backups
/installs/system-backup
/installs/update/fix/backups

Move old DPOD backup directories to a different server. It is recommended not to delete the backups until you are absolutely sure you don’t need them anymore.

/installs/APPL-setup
/installs/MonTierInstaller
/installs/rpms
/installs/dnfDpodRepo

Remove the directories.

Execute the CEF File

  • Execute the following commands:

    mkdir -p /installs/backups
cd <CEF_DIRECTORY>
chmod 755 <CEF_FILE>
sudo ./<CEF_FILE>

  • By default, the installation will extract temporary files to /app/tmp directory. To change the destination directory, use the option --staging-path <directory>.

  • Do not interrupt the software update process after it has started.
    If SSH connection is lost during upgrade, the upgrade will still continue. Reconnect to the server and check the log files for the process status and outcome.

  • Note: Once the upgrade to 1.0.22.0 is completed, DPOD no longer requires the root user for performing administrative tasks via the server CLI (e.g.: using SSH).
    Most of the administration of DPOD should be performed with the non-administrative user that is also running the DPOD services (usually dpodsvc or storeadm), such as starting/stopping services, configuring LDAP, export/import, etc. These tasks can also be accomplished from the Admin Console.
    However, since DPOD also configures the operating system (the httpd service, OS limits, firewall rules, services in /etc/init.d, etc.), some actions require sudo, such as the installation, upgrading DPOD, backup, restore and generating a mustgather file.

  • Note: Once the upgrade to 1.0.22.0 is completed, CLI commands need to be executed with their full path.
    e.g.: Use /app/scripts/app-utils.sh instead of app-util.sh.

Special Step for 1.0.22.0 Upgrade of DPOD Appliance Mode

For DPOD Appliance Mode users only:
It is required to migrate the operating system from CentOS to Rocky Linux after applying the upgrade. Please follow now the instructions documented in the Special Step 2 page.

Restore Certificates of Web & Admin Consoles (Special Step for 1.0.22.0 Upgrade)

Due to a bug in the upgrade process, the configuration of custom certificates for the Web Console and Admin Console (see Replacing Certificates of Web & Admin Consoles) is lost during the upgrade.

If custom certificates have been configured before the upgrade, please follow the steps below to restore that configuration:

  • Extract the custom certificates from the backup that was automatically created during the upgrade:

    tar xvf /installs/backups/.../system-backup.tar.gz etc/httpd/conf/certs/custom_cer.pem etc/httpd/conf/certs/custom_key.pem etc/httpd/conf/certs/custom_key_passphrase.sh

  • Copy the files custom_cer.pem, custom_key.pem and custom_key_passphrase.sh (if exists) to /etc/httpd/conf/certs.

  • Execute the following commands:

    sudo touch /tmp/sudo.tmp
SSL_CERT_FILE="/etc/httpd/conf/certs/custom_cer.pem"
[[ -f "${SSL_CERT_FILE}" ]] && sudo /app/utils/yq e -i ".httpd.httpdSslCertFile = \"${SSL_CERT_FILE}\"" /app/config/config.yaml && sudo sed -i "s#^SSLCertificateFile .*#SSLCertificateFile \"${SSL_CERT_FILE}\"#g" /etc/httpd/conf/httpd.conf 
SSL_CERT_KEY_FILE="/etc/httpd/conf/certs/custom_key.pem" 
[[ -f "${SSL_CERT_KEY_FILE}" ]] && sudo /app/utils/yq e -i ".httpd.httpdSslKeyFile = \"${SSL_CERT_KEY_FILE}\"" /app/config/config.yaml && sudo sed -i "s#^SSLCertificateKeyFile .*#SSLCertificateKeyFile \"${SSL_CERT_KEY_FILE}\"#g" /etc/httpd/conf/httpd.conf
SSL_PASSPHRASE_FILE="/etc/httpd/conf/certs/custom_key_passphrase.sh"
[[ -f "${SSL_PASSPHRASE_FILE}" ]] && sudo sed -i "/^SSLCertificateKeyFile /a SSLPassPhraseDialog exec: \"${SSL_PASSPHRASE_FILE}\"" /etc/httpd/conf/httpd.conf
sudo systemctl restart httpd

  • No labels

Copyright © 2015 MonTier Software (2015) Ltd.