Upgrade VeridiumID from 3.x to 3.5.0
This document will provide a step by step procedure to upgrade to VeridiumID 3.5.0.
The procedure will provide information regarding both update methods:
using a configured YUM repository
using local packages
The update is done without downtime, one node at a time. Please start with WEBAPP nodes and after that do the installation on PERSISTENCE nodes. In order to have no impact, please take out from the balancer the node on which install is running.
WEBAPP node is a server where websecadmin is installed, PERSISTENCE node is a server where cassandra is installed.
The application 3.x is compatible with 3.5.0 database schema.
Summary:
1) Download packages
2) Pre-requirements
3) Start Update
4) Post update steps
5) Other referrences
1) Download packages
For update procedure, with local packages, please download only “VeridiumID Update packages” archive containing all RPMs.
Package URL | MD5 | SHA1 | Description |
|---|---|---|---|
d5df95787632f3d8b0e7453b49841372 | 385dcd35dcaab1fa4b965f6f159d48337f4c8f30 | VeridiumID Update packages archive containing all RPMs, for local update procedure |
For Update using a YUM repository, please download all packages and make them available within your own local repository
Package URL | MD5 | SHA1 | Description |
|---|---|---|---|
25df389e42df1279a24110ac9ac4c162 | 3f1004be87fd714efc27f08958f5c83d441ab6c8 | VeridiumID Admin Dashboard | |
eafbe62e4dde2865645f9aa0772c146c | 859e1d939f47ab7f9ee3ba5ebc3b356478271e14 | VeridiumID migration tool | |
10fae6c197a1f377474a0ab617039efc | 505f16ebfca5437fe5824d6d69583458ebddb472 | VeridiumID Websec | |
81b8282851780b3259d5762560f77e4e | 354428b6a6a747be96a18d9d81f13e300156f84a | VeridiumID Directory Service component | |
282b7accc02e7f637a1d7ebc9e5fcb89 | 4cb1e94856ca54c556b854d2ec3a9b138e000f45 | VeridiumID DMZ service | |
3df9f3c7ffac390b67925a129b95d5b5 | ec971ab75e548b5c227ed9e98d9e6050bbff0846 | VeridiumID Data Retention service | |
37fb5ba73ab7b79883f2152ab195e2e4 | 41698319aed5217b383ff726942e448c6c7f8f40 | VeridiumID Fido service | |
dcf1aba13355c28e3326ebfde03e380a | bd714d397a34dcdef2c2129fcf2b0151c2a3faa5 | VeridiumID Notifications service | |
62d321d9b9bc8f9fbc7e3b3eb096c783 | 4e95dd559f127b6c02bd06f90a0477885fa54187 | VeridiumID Open Policy Agent | |
9e8a2088655f621a3ee914b857d62230 | bf32096332f9be0f778a952fc9b60e071da44ec6 | VeridiumID Elasticsearch | |
fb4efc1f3c95ada17155578e7b456afd | 5efbe70c95a1ee6625a847a71355b65c8a6e1930 | VeridiumID Kibana | |
2f2c8bb5e059f568938c3b87f90dcce6 | 62e5f3003beb1c5bbe96fce65266f11820ef9695 | VeridiumID Zookeeper | |
ef3fedd93a2bde1d35cc9744bf7c838c | 71849da2d14cbf4211b93013dc7de7f3e77b698b | VeridiumID Cassandra | |
ba2d144631c44f91cebcb91da864ce6d | 933e7964c451c6625d6790cc4418affb0c738d3a | VeridiumID Haproxy | |
09dd64b12955f5c830c580b31766f8c4 | e63f51e478b8d811cc281bee3da6b6ca1d09e6ab | VeridiumID Statistics services | |
d6d86f23cf476db0026ddc05f4a4c352 | d3fc69e3768f9a5faa66a005672267892f1f1f0a | VeridiumID Self Service Portal | |
5fec2ff34fc9761b3f228fa2fb13fafe | 368210e87201c9bae7985541c3313527c5d5ecff | VeridiumID Shibboleth Identity Provider | |
b145ab10ff4a6a6d5c3a7030ef685f97 | 5b0505bd2840ba0d9ecdd8a7fe79efaffda16d4a | VeridiumID Tomcat | |
7542480b358483f292475ab9fbe263aa | 41a533b192d22ecb25b77501019c61764abddf99 | VeridiumID FreeRadius | |
494c99549f358317f9ef0de4f28d41d4 | 3dfe58c4284d8b0bf75e7484e7109a21772e68b4 | VeridiumID 4F biometric library | |
b8d703be775f02b09f03996a39789555 | 767ce82ca89c80a8d7d3115f54c2dbf0686e174f | VeridiumID VFace biometric library | |
e7f6a49b666c849bcfd6170ba1d9298b | aa51c588ecc2c18e2272403fc53010ef04fe37b1 | Python RPM | |
1f2e97224e07230132c1cad6d23c4bf7 | 544ef99f6c78568f634cfec58f6348dfda847dd6 | Update scripts |
2) Pre-requirements
2.1) (MANDATORY) User requirements
We recommend using any user with sudo rights or root directly.
Python 3 must be installed. To check if you have a working Python 3 version run the following command:
python3 --version
If Python 3 is not installed, please see section 5.1 - How to install python 3
2.2) (OPTIONAL) Cassandra Backup
By default, the database backup procedure is scheduled on Saturday mornings at 04:00 AM. Please check under /opt/veridiumid/backup/cassandra directory on persistence layer nodes to see when the last successfull backup was executed.
ls -l /opt/veridiumid/backup/cassandra
If you wish to perform an additional backup of the Cassandra database, run the following script on persistence layer nodes as any user that has sudo rights or directly as root:
bash /opt/veridiumid/backup/cassandra/cassandra_backup.sh \
-c=/opt/veridiumid/backup/cassandra/cassandra_backup.conf
3) Start Update
The commands must be executed on ALL machines sequentially, first on WEBAPP and after that on PERSISTENCE, in order to update your VeridiumID platform to the latest 3.5.0 version.
Please execute all commands as root.
3.1) Update using a YUM repository
Please execute steps 3.1.1 on all servers in parallel. Please execute steps 3.1.2 and 3.1.3 on each server, one at a time, starting with WEBAPP and after that PERISTENCE. After 3.1.3, the server will be updated to desired version.
3.1.1) Install the necessary Update procedure on ALL machines
yum clean metadata
yum install -y veridiumid_update_procedure-9.1.28
The next steps will all be done from within the /etc/veridiumid/update-procedure/current/ directory.
cd /etc/veridiumid/update-procedure/current/
3.1.2) Run preUpdateSteps.py
Run the following command to stop the services on one node.
python3 preUpdateSteps.py --version 9.1.28 --use-repo
There might be ERROR messages in the output of the script but as long as the script does not stop its execution, it means that it’s not a stopping event.
3.1.3) Run startUpdate.py
Run the following command to install services on that specific node.
python3 startUpdate.py --version 9.1.28 --use-repo
There might be ERROR messages in the output of the script but as long as the script does not stop its execution, it means that it’s not a stopping event.
3.2) Update using local packages
Please execute steps 3.2.1 and 3.2.2 on all servers in parallel. Please execute steps 3.2.3 and 3.2.4 on each server, one at a time, starting with WEBAPP and after that PERISTENCE. After 3.2.4, the server will be updated to desired version.
3.2.1) Download the necessary Update packages on all nodes
To download the latest veridiumid-update-packages.zip, use the following link.
We recommend downloading to veridiumid’s HOME folder. As such, all the examples will feature this folder. If you wish to use another location, please avoid using /tmp/.
After downloading the veridiumid-update-packages-9.1.28.zip archive, you can run the following command to access its contents. This will create a directory called update-350 and another named packages inside of it:
cd /home/veridiumid
unzip veridiumid-update-packages-9.1.28.zip -d update-350
3.2.2) Install Update procedure on all nodes (no downtime while this package is installing)
cd update-350/packages/
yum localinstall -y veridiumid_update_procedure-9.1.28-20231017.x86_64.rpm
cd /etc/veridiumid/update-procedure/current/
3.2.3) Run preUpdateSteps.py
Run the following command to stop the services on one node.
python3 preUpdateSteps.py --version 9.1.28 \
--rpm-path /home/veridiumid/update-350/packages
There might be ERROR messages in the output of the script but as long as the script does not stop its execution, it means that it’s not a stopping event.
Use the –rpm-path parameter to define where the RPMs have been copied locally, for example: /home/veridiumid/update-350/packages/
3.2.4) Run startUpdate.py
Run the following command to install services on that specific node.
python3 startUpdate.py --version 9.1.28 \
--rpm-path /home/veridiumid/update-350/packages
There might be ERROR messages in the output of the script but as long as the script does not stop its execution, it means that it’s not a stopping event.
Use the –rpm-path parameter to define where the RPMs have been copied locally, for example: /home/veridiumid/update-350/packages/
3.3) Check the status of the VeridiumID Services
In order to check the status of the VeridiumID Services, you can run the following command. All services needs to have status Started.
bash /etc/veridiumid/check_services.sh
4) Post update steps
5) Other referrences.
5.1) How to install python 3
In order to run the update procedure all nodes must have Python 3 installed or the alternative provided by VeridiumID.
To check if the VeridiumID Python 3 package (this is optional) is present use the following command as root:
yum list installed veridiumid_python
If not installed please use the RPM from the following link.
To install the RPM run the following command as root:
# if using YUM repository:
yum -y install veridiumid_python
# or, if using local package:
yum localinstall -y veridiumid_python-3.6.8-20231017.x86_64.rpm