Skip to main content
Skip table of contents

Upgrade VeridiumID from 3.x to v3.5.4 (without OS Upgrade)

This document will provide a step by step procedure to upgrade to VeridiumID 3.5.4.

The procedure will provide information regarding both update methods:

  • using a configured YUM repository

  • using local packages

The update is done without downtime, one node at a time. Please start with WEBAPP nodes and after that do the installation on PERSISTENCE nodes. In order to have no impact, please take out from the balancer the node on which install is running.
WEBAPP node is a server where websecadmin is installed, PERSISTENCE node is a server where cassandra is installed.

The application 3.x is compatible with 3.5.4 database schema.

Summary:

1) Download packages

2) Pre-requirements

3) Start Update

4) Post update steps

5) Other referrences

1) Download packages

For update procedure, with local packages, please download only “VeridiumID Update packages” archive containing all RPMs.

Package URL

MD5

SHA1

Description

Update Packages Archive

6b9068d20661db13425aed800a060725

65a41a28da142b39bdd4ad8591e0dc773040b828

VeridiumID Update packages archive containing all RPMs, for local update procedure

For Update using a YUM repository, please download all packages and make them available within your own local repository

Package URL

MD5

SHA1

Description

WebsecAdmin

89d24d4eacc8d7546d527f6643111709

3d8c362481f8243b1331b6328719b2225813d505

VeridiumID Admin Dashboard

Migration

d920687bac3524437647bc082521c710

412452c29aff2a58e5f12b25ae919cba860bbc88

VeridiumID migration tool

Websec

9910697679bece49c173b133a2c3fd1f

dc4109568dafff86e84c29111b21506b051d1456

VeridiumID Websec

AdService

a6840f1bc2caefce7d6cd7abbd63fc2c

bf4b3445f73fe9bf0845bd89e9b384fc004ab8ef

VeridiumID Directory Service component

DMZ

581ab79ed329d32efb88e8f59d5b927c

d724e1378ca5a41305b3fca77cd94f799ab01b04

VeridiumID DMZ service

Data Retention

e4734aaeb4fd44bebda2706b37b8680a

1b8ea18785fb3957c47fecf00448acb24f6fadec

VeridiumID Data Retention service

Fido

5bc4840eff1986d67f10bde8aff35198

22a376936da250af0bdc26580d7982cd095a6aad

VeridiumID Fido service

OPA

5db9b6902eb13e247d68b3ae59704daa

2dab04922522965b6db4c49b27823b2793743d58

VeridiumID Open Policy Agent

Elasticsearch

8efcf2573c634b3daa79685cea043b1f

b39ec67232bc504202b0bce92bc01f46fe05f8ef

VeridiumID Elasticsearch

Kibana

acf98cb10c75f7700c35d937fc12ffe0

cd4852481cba1f6f5303ba8c71f9ff28660721cb

VeridiumID Kibana

Zookeeper

7d9dce81357e23e7a51dac25204314eb

3bfca5e9bfea0d6e75b546a4b80eaec9e2dbe0d6

VeridiumID Zookeeper

Cassandra

ab22eafb95ec1703674d2fe1d9359bd8

120a7071d91b6a7df1ac599b03f84fdfb382e6b0

VeridiumID Cassandra

Haproxy

7ba8f069792964810ca033f521ae3bf3

7faba387a822905baf52c5ba93e5c106604550e1

VeridiumID Haproxy

SelfServicePortal

8298a682785f62939987cd5f9fc011f7

6d3901bc1de423b1ebc34f70db1e4126d5ee498f

VeridiumID Self Service Portal

Shibboleth

6497b51eb1804b4a57730202ebccda86

1ec956e264cee8f5f01ccc512ae7971099a2baef

VeridiumID Shibboleth Identity Provider

Tomcat

daefba94f712522469a699a147f36818

c04b7c55d169ffe53605228b33e25264c9e5e6eb

VeridiumID Tomcat

Freeradius

e078ebd61e1b112f41ae4057fdea6497

7eef88ee7fb1316a570af5269651588845115eec

VeridiumID FreeRadius

4F

e957b69db0732ac77b9d6536eb92dfba

4056b7403929c9ea1e14ea5a8eeaae5930605445

VeridiumID 4F biometric library

VFace

bb3cf982b43be933df28f3c61a4f93c2

f962d596f4989e1acd997db8c8a8fd1f42f0d78b

VeridiumID VFace biometric library

Update procedure RPM

77788cd3f8ac1f9d8b655a2db3073ca9

3a77b5c1ef492dcc096b09db7370930fe6237284

Update scripts

2) Pre-requirements

2.1) (MANDATORY) User requirements

We recommend using any user with sudo rights or root directly.

Python 3 must be installed. To check if you have a working Python 3 version run the following command:

CODE
python3 --version

If Python 3 is not installed, please see section 5.1 - How to install python 3

2.2) (OPTIONAL) Cassandra Backup

By default, the database backup procedure is scheduled on Saturday mornings at 04:00 AM. Please check under /opt/veridiumid/backup/cassandra directory on persistence layer nodes to see when the last successfull backup was executed.

CODE
ls -l /opt/veridiumid/backup/cassandra

If you wish to perform an additional backup of the Cassandra database, run the following script on persistence layer nodes as any user that has sudo rights or directly as root:

CODE
bash /opt/veridiumid/backup/cassandra/cassandra_backup.sh \
-c=/opt/veridiumid/backup/cassandra/cassandra_backup.conf

3) Start Update

The commands must be executed on ALL machines sequentially, first on WEBAPP and after that on PERSISTENCE, in order to update your VeridiumID platform to the latest 3.5.4 version.

Please execute all commands as root.

3.1) Update using a YUM repository

Please execute steps 3.1.1 on all servers in parallel. Please execute steps 3.1.2 and 3.1.3 on each server, one at a time, starting with WEBAPP and after that PERISTENCE. After 3.1.3, the server will be updated to desired version.

3.1.1) Install the necessary Update procedure on ALL machines

CODE
yum clean metadata
yum install -y veridiumid_update_procedure-9.5.13

The next steps will all be done from within the /etc/veridiumid/update-procedure/current/ directory.

CODE
cd /etc/veridiumid/update-procedure/current/

3.1.2) Run preUpdateSteps.py

Run the following command to stop the services on one node.

CODE
python3 preUpdateSteps.py --version 9.5.13 --use-repo

There might be ERROR messages in the output of the script but as long as the script does not stop its execution, it means that it’s not a stopping event.

3.1.3) Run startUpdate.py

Run the following command to install services on that specific node.

CODE
python3 startUpdate.py --version 9.5.13 --use-repo

There might be ERROR messages in the output of the script but as long as the script does not stop its execution, it means that it’s not a stopping event.

3.2) Update using local packages

Please execute steps 3.2.1 and 3.2.2 on all servers in parallel. Please execute steps 3.2.3 and 3.2.4 on each server, one at a time, starting with WEBAPP and after that PERISTENCE. After 3.2.4, the server will be updated to desired version.

3.2.1) Download the necessary Update packages on all nodes

To download the latest veridiumid-update-packages.zip, use the following link.

We recommend downloading to veridiumid’s HOME folder. As such, all the examples will feature this folder. If you wish to use another location, please avoid using /tmp/.

After downloading the veridiumid-update-packages-9.5.13.zip archive, you can run the following command to access its contents. This will create a directory called update-354 and another named packages inside of it:

CODE
cd /home/veridiumid
unzip veridiumid-update-packages-9.5.13.zip -d update-354

3.2.2) Install Update procedure on all nodes (no downtime while this package is installing)

CODE
cd update-354/packages/
yum localinstall -y veridiumid_update_procedure-9.5.13-20240215.x86_64.rpm
cd /etc/veridiumid/update-procedure/current/

3.2.3) Run preUpdateSteps.py

Run the following command to stop the services on one node.

CODE
python3 preUpdateSteps.py --version 9.5.13 \
--rpm-path /home/veridiumid/update-354/packages

There might be ERROR messages in the output of the script but as long as the script does not stop its execution, it means that it’s not a stopping event.
Use the –rpm-path parameter to define where the RPMs have been copied locally, for example: /home/veridiumid/update-354/packages/

3.2.4) Run startUpdate.py

Run the following command to install services on that specific node.

CODE
python3 startUpdate.py --version 9.5.13 \
--rpm-path /home/veridiumid/update-354/packages

There might be ERROR messages in the output of the script but as long as the script does not stop its execution, it means that it’s not a stopping event.
Use the –rpm-path parameter to define where the RPMs have been copied locally, for example: /home/veridiumid/update-354/packages/

3.3) Check the status of the VeridiumID Services

In order to check the status of the VeridiumID Services, you can run the following command. All services needs to have status Started.

CODE
bash /etc/veridiumid/check_services.sh

4) Post update steps

5) Other referrences.

5.1) How to install python 3

In order to run the update procedure all nodes must have Python 3 installed or the alternative provided by VeridiumID.

To check if the VeridiumID Python 3 package (this is optional) is present use the following command as root:

CODE
yum list installed veridiumid_python

If not installed please use the RPM from the following link.

To install the RPM run the following command as root:

CODE
# if using YUM repository:
yum -y install veridiumid_python

# or, if using local package:
yum localinstall -y 
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.