Make sure to follow Preparing for Upgrade before applying the upgrade.
This section should be applied before upgrading from 1.0.21.0 to 1.0.22.0. |
Version 1.0.22.0 includes new features that are based on additional packages that need to be installed on the operating system before applying the upgrade.
For DPOD Appliance Mode users:
Please follow now the instructions documented in the Special Step 1 page.
For DPOD Non-Appliance Mode users:
Make sure the following packages (RPMs) are installed and up-to-date from the official Red Hat/Rocky Linux repositories:bc, chrony, cjose, curl, fontconfig, hiredis, httpd, initscripts, jansson, lz4, mailcap, mod_ssl, nmon, numactl, policycoreutils-python-utils, tuned, unzip, wget, xmlstarlet.
Note: The EPEL repository (e.g.: dnf install epel-release) may be required to install the packages hiredis and nmon.
The installation is usually performed by executing dnf:
dnf install bc chrony cjose curl fontconfig hiredis httpd initscripts jansson lz4 mailcap mod_ssl nmon numactl policycoreutils-python-utils tuned unzip wget xmlstarlet |
If the command fails to find the packages, you may manually download the RPM files and install them.
Download the CEF file and its md5 checksum file from IBM Fix Central (file name is DPOD-fixpack-<version number>.cef).
Verify the CEF file integrity by calculating its md5 checksum and comparing it to the downloaded md5 checksum file.
The upgrade is packaged as a CEF (Compressed Executable Format) file.
The CEF file may be executed from any directory that meets the following requirements (e.g.: /installs/update/fix/TODO):
The directory is NOT mounted with noexec flag (e.g.: in /etc/fstab).
The directory is NOT one of the following: /app, /logs, /data, /tmp.
Copy the CEF file into the chosen directory.
Inspect the free space of each mount point. You may use the following command:
df -h |
The following table lists the required available space:
Mount Point | Required Available Space |
|---|---|
/ | 100 MB |
/installs | 6 GB |
If there is not enough free space on the /installs mount point, you may free some from the following directories:
Directory | Description |
|---|---|
/installs/update/fix/TODO | Remove old DPOD update files ( |
/installs/backups | Move old DPOD backup directories to a different server. It is recommended not to delete the backups until you are absolutely sure you don’t need them anymore. |
/installs/APPL-setup | Remove the directories. |
Execute the following commands:
Note: Starting from DPOD 1.0.22.0, it is possible to use a user with sudo permissions instead of running the upgrade by the root user itself.
mkdir -p /installs/backups cd <CEF_DIRECTORY> chmod 755 <CEF_FILE> sudo ./<CEF_FILE> |
By default, the installation will extract temporary files to /app/tmp directory. To change the destination directory, use the option --staging-path <directory>.
Do not interrupt the software update process after it has started.
If SSH connection is lost during upgrade, the upgrade will still continue. Reconnect to the server and check the log files for the process status and outcome.
Note: Once the upgrade to 1.0.22.0 is completed, DPOD no longer requires the root user for performing administrative tasks via the server CLI (e.g.: using SSH).
Most of the administration of DPOD should be performed with the non-administrative user that is also running the DPOD services (usually dpodsvc or storeadm), such as starting/stopping services, configuring LDAP, export/import, etc. These tasks can also be accomplished from the Admin Console.
However, since DPOD also configures the operating system (the httpd service, OS limits, firewall rules, services in /etc/init.d, etc.), some actions require sudo, such as the installation, upgrading DPOD, backup, restore and generating a mustgather file.
Note: Once the upgrade to 1.0.22.0 is completed, CLI commands need to be executed with their full path.
e.g.: Use /app/scripts/app-utils.sh instead of app-util.sh.
This section should be applied by DPOD Appliance Mode users after upgrading from 1.0.21.0 to 1.0.22.0. |
It is required to migrate the operating system from CentOS to Rocky Linux after applying the upgrade. Please follow now the instructions documented in the Special Step 2 page.
This section should be applied after upgrading from 1.0.21.0 to 1.0.22.0. |
Due to a bug in the upgrade process of version 1.0.22.0, the configuration of custom certificates for the Web Console and Admin Console (see Replacing Certificates of Web & Admin Consoles) is lost during the upgrade.
If custom certificates have been configured before the upgrade, you may re-configure them using the same procedure, or alternatively follow the steps below to restore that configuration:
Extract the custom certificates from the backup that was automatically created during the upgrade:
tar xvf /installs/backups/.../system-backup.tar.gz etc/httpd/conf/certs/custom_cer.pem etc/httpd/conf/certs/custom_key.pem etc/httpd/conf/certs/custom_key_passphrase.sh |
Copy the files custom_cer.pem, custom_key.pem and custom_key_passphrase.sh (if exists) to /etc/httpd/conf/certs.
Execute the following commands:
sudo touch /tmp/sudo.tmp
SSL_CERT_FILE="/etc/httpd/conf/certs/custom_cer.pem"
[[ -f "${SSL_CERT_FILE}" ]] && sudo /app/utils/yq e -i ".httpd.httpdSslCertFile = \"${SSL_CERT_FILE}\"" /app/config/config.yaml && sudo sed -i "s#^SSLCertificateFile .*#SSLCertificateFile \"${SSL_CERT_FILE}\"#g" /etc/httpd/conf/httpd.conf
SSL_CERT_KEY_FILE="/etc/httpd/conf/certs/custom_key.pem"
[[ -f "${SSL_CERT_KEY_FILE}" ]] && sudo /app/utils/yq e -i ".httpd.httpdSslKeyFile = \"${SSL_CERT_KEY_FILE}\"" /app/config/config.yaml && sudo sed -i "s#^SSLCertificateKeyFile .*#SSLCertificateKeyFile \"${SSL_CERT_KEY_FILE}\"#g" /etc/httpd/conf/httpd.conf
SSL_PASSPHRASE_FILE="/etc/httpd/conf/certs/custom_key_passphrase.sh"
[[ -f "${SSL_PASSPHRASE_FILE}" ]] && sudo sed -i "/^SSLCertificateKeyFile /a SSLPassPhraseDialog exec: \"${SSL_PASSPHRASE_FILE}\"" /etc/httpd/conf/httpd.conf
sudo systemctl restart httpd |
This section should be applied after upgrading from 1.0.22.0 to 1.0.22.1. |
If SELinux is enabled on the system, the httpd service might fail to start with the following error:
# systemctl status httpd
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Mon 2025-03-24 15:23:47 IST; 14s ago
Docs: man:httpd.service(8)
Process: 1785 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, status=1/FAILURE)
Main PID: 1785 (code=exited, status=1/FAILURE)
Status: "Reading configuration..."
Mar 24 15:23:47 RHEL8 systemd[1]: Starting The Apache HTTP Server...
Mar 24 15:23:47 RHEL8 httpd[1785]: (13)Permission denied: AH00091: httpd: could not open error log file /logs/httpd/error_log.
Mar 24 15:23:47 RHEL8 httpd[1785]: AH00015: Unable to open logs
Mar 24 15:23:47 RHEL8 systemd[1]: httpd.service: Main process exited, code=exited, status=1/FAILURE
Mar 24 15:23:47 RHEL8 systemd[1]: httpd.service: Failed with result 'exit-code'.
Mar 24 15:23:47 RHEL8 systemd[1]: Failed to start The Apache HTTP Server. |
To fix it, execute the following commands:
getenforce | grep Enforcing >/dev/null && sudo semanage fcontext -a -t httpd_log_t '/logs/httpd(/.*)?' && sudo restorecon -vvRF /logs/httpd sudo systemctl restart httpd |