KB Article #168388

Upgrading VXP Appliance from version 7.0 to 7.x

Problem

Upgrading a API Server appliance from version 7.0 to 7.x

Resolution


Upgrading VXP Appliance from version 7.0 to 7.x

 

The basic sequence of steps involved is:

  1. Upgrade the System packages

  2. Backup the 7.0 configuration

  3. Uninstall the 7.0 software package

  4. Install the 7.x software package

  5. Configure NodeManager and API Server Instances

  6. Upgrade and import older configuration



Upgrade System packages

Perform the yum update as per the usual update instructions.

Log in as root and run:

# yum -x VordelGateway-appliance -x VordelNodeManager-appliance update -y

# wgethttp://kingsofsoa.vordel.com/vordel/post-upgrade.sh

# sh post-upgrade.sh

 

And reboot the system.

 

NOTE: If appliance is not connected to the internet, you will need to provide the package list to Vordel so we can build a custom update package for the appliance.

 

Example command:

 

> rpm -qa > rpmlist.txt

 

Backup the 7.0 Configuration

Stop any running instances of the Vordel Gateway software.

Back up the current 7.0 installation

# cp -r /opt/Vordel/apiserver/ /opt/backups/7.0.0_backup

 

Uninstall the 7.0 software package

After completing the backup, remove the Vordel API Server 7.0 package with the following command. Note that carrying out this command will permanently erase the Vordel API Server 7.0 installation. Please ensure you have a valid backup performed.

# rpm -e VordelNodeManager-appliance

# rm -rf /opt/Vordel/apiserver/*

 

Install the 7.x software package

Run the following command to install the 7.x software

# yum install -y VordelNodeManager-appliance

# yum install -y appliance-system-packages

 

This will download and install the software package from the yum server.

 

If there is no internet connection and the VordelNodeManager-appliance package has been provided to you by other means you can install the package using the following RPM command:

# rpm -Uvh VordelNodeManager-appliance*.rpm



Configure NodeManager and API Server Instances

The following instructions will enable the user to create a typical simple deployment scenario. The aim is to create a local Admin Node Manager, along with a group containing one API Server instance. For the VXP it is recommended that init.d startup and shutdown scripts are created for the Node Manager and any API Server instances, and also that the processes are executed with non-root user privileges. The VXP is preconfigured with an admin user for just this purpose. Note that managedomain must be executed as root to have the permissions to create init.d scripts.

 

Login to the system

After the VXP has been configured and has booted up for the first time, login to the box either locally or through ssh. Note that if you are connecting through ssh you will not be able to login directly as the root user, you must login as admin, and then run ‘su -’ to switch user to root.

 

Create the Admin Node Manager

While logged in as root, enter the following command

# managedomain

 

You will be presented with a menu of options

-------------------------------------------------------
                Manage Domain Menu
-------------------------------------------------------
Admin Node Manager unknown

Host Management:
  1) Register host
  2) Edit a host
  3) Delete a host
  4) Change credentials for Admin Node Manager, currently connecting as:
        user 'admin' with truststore 'None'
API Server Management:
  5) Create API Server instance
  6) Edit API Server i.e. rename, change management port
  7) Delete API Server instance
  8) Add a tag to API Server
  9) Delete a tag from API Server
  10) Add init.d script for existing local API Server
Group Management:
  11) Edit group i.e. rename it
  12) Delete a group
Topology Management:
  13) Print topology
  14) Check topologies are in synch
  15) Check the Admin Node Manager topology against another topology
  16) Synch all topologies
  17) Reset the local topology
Deployment:
  18) Deploy to a group
  19) List deployment information
  20) Create deployment archive
  21) Download deployment archive

q) Quit
Select option:

 

Choose option 1 “Register host”.

From here, you can select mostly default settings. You may wish to change the name of your Node Manager but it is not necessary. If you intend to connect multiple appliances to a domain then you need to use DNS configured hostnames or the IP address for the Node Manager. The important parts to change are in bold below. (User input in RED)

 

Select option: 1
Is this the first host (Admin Node Manager) in the domain [y]:
Enter details of the new host to be registered...
Use SSL [y]:
Select/enter local hostname or IP address:
  1) vxp
  2) vxp
  3) 127.0.0.1
  4) Enter hostname or IP address
Enter selection from 1-4 [1]: 4
Enter hostname or IP address: 192.168.0.165
Enter port [8090]:
Enter Node Manager name [Node Manager on 192.168.0.165]:
Do you want to create an init.d script for this Node Manager [n]: y
Enter user to run init.d script: admin
Completed successfully.
You may now start the Node Manager on your newly registered host.

Creating system service for 'Node Manager on 192.168.0.165' in group 'Node Manager Group'...
Completed.
Hit enter to continue...

 

Now enter ‘q’ to quit managedomain.

 

Start Node Manager service as admin

Before running the Node Manager service as the admin user you must first change the ownership of a few files created by managedomain. The ownership is changed with the following command:

 

# chown -R admin:admin /opt/Vordel/apiserver/{system,conf,logs,groups,trace}

 

Note that this command must only be run on the directories outlined above. If it is run on the whole /opt/Vordel/apiserver directory then there will be an issue running the process as a non root user. See this doc for methods to fix.

 

Then start the Admin Node Manager with the following command

 

# service vshell-Node-Manager-on-192.168.0.165 start

Starting the Vordel API Server service                     [  OK  ]
[root@vxp ~]
[10:16:38]#

 

Note that the command above will change based on the name you supplied when creating the Node Manager in managedomain.

 

You can test that the Node Manager is running with the correct user by issuing:

 

# psgrep vshell
admin  8187  1 13 10:16 ? 00:00:25 Node Manager on 192.168.0.165 (Node Manager Group) (vshell)
[root@vxp ~]
[10:19:30]#

Create the API Server Instance

Start managedomain again and select option 5 to create a new API Server Instance. After entering a name and group for the new API server instance the defaults can be accepted. It is important to create the init.d script. (User input in RED)

 

Select option: 5
Enter API Server name: APIServer1
Enter group name: Group1
Use SSL [y]:

Select a host:
  1) 192.168.0.165
  2) Enter host name
Enter selection from 1-2 [192.168.0.165]:
Enter local management port for instance [8085]:
Enter external traffic port for instance [8080]:
Do you want to create an init.d script for this instance [n]: y
Enter user to run init.d script: admin
The new API Server 'APIServer1' in group 'Group1' has been successfully created and installed


Creating system service for 'APIServer1' in group 'Group1'...
Completed.

Hit enter to continue...

Now enter ‘q’ to quit managedomain.

 

Start API Server instance service as admin

Start the API Server instance with the following command

 

NOTE: Make sure to start the API Server instance as the admin user

 

# service vshell-Group1-APIServer1 start
Starting the API Server service                            [  OK  ]
[root@vxp ~]
[10:32:05]#

 

Note that the command above will change based on the name you supplied when creating the API Server instance in managedomain.

 

You can test that the API Server instance is running with the correct user by issuing:

# psgrep vshell
admin 8187 1  2 10:16 ?   00:00:31 Node Manager on 192.168.0.165 (Node Manager Group) (vshell)
admin 8602 1  5 10:31 ?   00:00:20 APIServer1 (Group1) (vshell)
[root@vxp ~]
[10:38:34]#

 

Note that both the Node Manager and API Server processes are listed.



Enable the Node Manager and API Server services at bootup

To set the Node Manager and API Server services to start automatically at boot time run the following commands:

 

# chkconfig --add vshell-Node-Manager-on-192.168.0.165
# chkconfig --add vshell-Group1-APIServer1

 

Note that the service name given to these commands may have to change if you entered different names for the Node Manager and API server in the examples given above.

 

To test that the services have been configured to start on bootup run the following:

 

# chkconfig --list | grep vshell-*
vshell-Group1-APIServer10:off1:off2:on3:on4:on5:on6:off
vshell-Node-Manager-on-192.168.0.1650:off1:off2:on3:on4:on5:on6:off
[root@vxp ~]
[10:45:05]#

 

Complete the Sotware Upgrade

Upgrade 7.0.0 using the instructions below. Note that you will point the upgrade scripts at the  backup location of the previous configuration as shown earlier.

Producing a .fed file

With API Server 7.0.0 it is now possible to produce a packaged .fed file for deploying your configuration to Server groups. API Server ships with a script that will upgrade an existing federated config from the 7.0.0 configuration and produce a .fed file.

This script can be located int /opt/Vordel/apiserver/posix/bin/upgradeconfig



NOTE: Ensure to run the command below as the root user

 

To run it first create a directory to store the output fed file then from the terminal execute the following command. For this example command we have backuped the older version of the gateway to /opt/backups/7.0.0_backup as shown earlier in this document. We also created a new directory for the upgraded configuration to be created: /opt/fedfile_upgraded/



To run the command to upgrade the 7.0.0 configuration to a version 7.x configuration the command will look like the example below:

 

./upgradeConfig.py federated:file:/opt/backups/7.0_backup/conf/fed/configs.xml /opt/fedfile_upgraded/

 

 

After the script has successfully run the .fed file will be located in the path location specified in the previous command.

 

This .fed file can then be deployed throughPolicy Studio, theWeb-based Vordel Manager tools, or by using themanagedomain script.

 

Deploy the new Upgraded Configuration using the Managedomain Script

A .fed file can be deployed using the managedomain script.

 



When you run managedomain you will be given a set of options, option 18 is for deploying from a fed file. Enter 18 and follow the instructions as per below: (User input in RED)

 

Select option: 18

Select a group:

1) Group1

2) Enter group name

Enter selection from 1-2 [2]: 1

Select one of the following options for deployment:

1) Enter name of directory containing federated store config files

2) Enter name of deployment archive file

3) Enter tagname

Enter selection [1]: 1

Enter name of directory containing configuration files [/opt/Vordel/apiserver/skel/system/conf/templates]: /opt/fedfile_upgraded/   

Enter comment: upgraded_from_700

Do you wish to deploy to all API Servers in the group ? [y]: y

Loading configuration '7b2f0a3b-89cd-4bdb-8b66-732992400d47' to hosts running group...

Loaded configuration '7b2f0a3b-89cd-4bdb-8b66-732992400d47' to hosts running group.

Deploying to API Server 'APIServer1'...

Deployed to API Server 'APIServer1' successfully.

 

Hit enter to continue...

 

The API Server instance/s deployed to will now run with the upgraded configuration made from the older version of the Gateway.

 

You can now log into the the Node Manager to connect to the API Server instance using Policy Studio.

Still need help?

If this information wasn't helpful to you, just drop us a line. We'll get back to you as soon as possible.