Upgrade Centos 7 to Rocky Linux 8/9 - After update Veridium version to 3.6.0
This procedure is applicable only if you have updated Veridium to version 3.6.0.
Overview
1) Pre-requirements - Take server snapshot.
2) Prepare for OS Update - Install Upgrade RPM that will do the necessary changes for Veridium, before OS update.
3) Perform OS Update
4) Post OS upgrade steps - Application Update - Install new RPM versions, that are compatible with the new OS version.
1) Pre-requirements
1.1) Take a snapshot of the server. It is critical to have snapshots, as this is the only way to restore in case of OS update is failing.
1.2) User should have internet access from server directly or via proxy, in order to download the update OS packages.
2) Prepare for OS update - Install Upgrade RPM that will do the necessary changes for Veridium, before OS update
2.1) Using Veridium REPO, the packages can be found in the following, based to which version you want to do the update:
Package URL | Description |
|---|---|
https://veridium-repo.veridium-dev.com/repository/VeridiumRPM8/packages/ | Repository with RHEL8 packages |
https://veridium-repo.veridium-dev.com/repository/VeridiumRPM9/packages/ | Repository with RHEL9 packages |
2.2) In case of using local packages update, please download the following archive accordingly, based to which version you want to do the update.
Package URL | MD5 | SHA1 | Description |
|---|---|---|---|
|
| VeridiumID Update packages archive containing all RPMs, for local update procedure | |
|
| VeridiumID Update packages archive containing all RPMs, for local update procedure |
CODE
## Download the package, based on what you want to install.
## RHEL8, Rocky8
wget --user NEXUS_USER --password NEXUS_PASSWORD -e use_proxy=yes -e http_proxy=PROXY_IP:PROXY_PORT https://veridium-repo.veridium-dev.com/repository/VeridiumUtils/Veridium-3.6.0-update/veridiumid-update-packages-rhel8-10.0.55.zip
TMP_DEST="/home/veridiumid/update360RHELUPDATE"
unzip veridiumid-update-packages-rhel8-10.0.55.zip -d ${TMP_DEST}
## RHEL9, Rocky9
wget --user NEXUS_USER --password NEXUS_PASSWORD -e use_proxy=yes -e http_proxy=PROXY_IP:PROXY_PORT https://veridium-repo.veridium-dev.com/repository/VeridiumUtils/Veridium-3.6.0-update/veridiumid-update-packages-rhel9-10.0.55.zip
TMP_DEST="/home/veridiumid/update360RHELUPDATE"
unzip veridiumid-update-packages-rhel9-10.0.55.zip -d ${TMP_DEST}
2.3) Run the pre-update steps.
CODE
sudo bash /etc/veridiumid/update-procedure/current/resources/scripts/360/pre_os_update.sh3) Upgrade from Centos 7 to Rocky 8 and then to Rocky 9
3.1) Setup PROXY, If you are using public repositories.
CODE
## edit /etc/environment, by adding the reverse proxy.
vim /etc/environment
http_proxy=IP:PORT
https_proxy=IP:PORT
## After that login/logout from current session
3.2) In case, that there are some specific repo-s, not Centos/Redhat, pls disable
CODE
sudo yum repolist all
sudo sed -i 's|enabled=1|enabled=0|g' /etc/yum.repos.d/remote.repo
sudo sed -i 's|enabled=1|enabled=0|g' /etc/yum.repos.d/nexus.repo
##centos updates should be enabled
sudo sed -i 's|enabled=0|enabled=1|g' /etc/yum.repos.d/CentOS-Base.repo
sudo yum clean metadata
## should be enabled CentOS-7 - Base and CentOS-7 - Updates
sudo yum repolist all | grep enabled
3.3) update OS to latest available OS and reboot
CODE
sudo yum update
sudo reboot
## check the kernel version, it should be at least
uname -r
3.10.0-1160.108.1.el7.x86_64
3.4) install additional repository, for rocky/alma
CODE
sudo yum install -y http://repo.almalinux.org/elevate/elevate-release-latest-el$(rpm --eval %rhel).noarch.rpm
sudo yum install -y leapp-upgrade leapp-data-rocky3.5) apply some specific rules, much more might be added, if specific OS rules were implemented. The report will be generated and inform if specific blocking actions need to be solved.
CODE
sudo rmmod pata_acpi
echo PermitRootLogin yes | sudo tee -a /etc/ssh/sshd_config
sudo leapp answer --section remove_pam_pkcs11_module_check.confirm=True
## if this is returning, errror, run the below one:
sudo leapp answer --add --section remove_pam_pkcs11_module_check.confirm=True
## check if upgrade can be executed
sudo leapp preupgrade
Run the OS upgrade
CODE
sudo leapp upgrade
## after the upgrade, please reboot server; the reboot can take up to 15 minutes
sudo reboot
## check if rocky was installed
cat /etc/rocky-release3.6) Remove unnecessary packages from Centos 7
CODE
rpm -qa | grep -E 'el7[.-]' | xargs sudo rpm -e3.7) If case of wanting to upgrade to Rocky 9 continue with steps from “Upgrade from Rocky 8 to Rocky 9” otherwise continue with “Post upgrade steps”.
Also undo reverse proxy setup, if you want to upgrade only to Rocky8:
CODE
## edit /etc/environment, by adding the reverse proxy.
vim /etc/environment
## remove these lines
http_proxy=IP:PORT
https_proxy=IP:PORT
## After that reboot the server, by running:
rebootUpgrade from Rocky 8 to Rocky 9
3.8) Prepare the upgrade
CODE
#Install the elevate-release package for Rocky 8
sudo yum install -y http://repo.almalinux.org/elevate/elevate-release-latest-el$(rpm --eval %rhel).noarch.rpm
#yum configuration excluded several packages during the upgrade. Change the configuration so no packages are excluded. This command does not provide an output.
sudo yum config-manager --save --setopt exclude=''
#Install the Leapp migration packages:
sudo yum install -y leapp-upgrade leapp-data-rocky
sudo leapp preupgrade
##check for inhibitors
less /var/log/leapp/leapp-report.txt3.9) Possible inhibitors
CODE
sudo yum remove -y make-devel rocky-logos
## RHEL 9 does not support the legacy network-scripts package that was deprecated in RHEL 8 in favor of NetworkManager. Files for device types that are not supported by NetworkManager are present in the system.
ls /etc/sysconfig/network-scripts/ifcfg-*
sudo nmcli con show
#The network interface needs to be converted to work with NetworkManager. This can be achieved by running the following command for the affected interface.
sudo nmcli connection migrate "<interface_name>"
sudo sed -i "s/^AllowZoneDrifting=.*/AllowZoneDrifting=no/" /etc/firewalld/firewalld.conf
sudo leapp answer --section check_vdo.no_vdo_devices=True
##if the previous is failing
sudo leapp answer --add --section check_vdo.no_vdo_devices=True
3.10) Run the OS update
CODE
sudo leapp upgrade
# After the upgrade is finished a reboot will be required
reboot
cat /etc/rocky-release3.11) Remove old Rocky 8 packages
CODE
rpm -qa | grep -E 'el8[.-]' | xargs sudo rpm -e
sudo yum install jemalloc3.12) on Rocky8 and Rocky9, ntpd service was replaced by chronyd. If necessary, please setup the NTP servers in this file:
CODE
sudo chronyc -a sources
##
sudo vi /etc/chrony.conf
pool SERVERIP iburst
##
sudo systemctl restart chronyd3.12) Continue with “Post upgrade steps”
Also undo reverse proxy setup:
CODE
## edit /etc/environment, by adding the reverse proxy.
vim /etc/environment
## remove these lines
http_proxy=IP:PORT
https_proxy=IP:PORT
## After that reboot the server, by running:
reboot4) Post OS upgrade steps - Application Update
Install new RPM versions, that are compatible with the new OS version.
4.1) Run post upgrade script
CODE
# In case of local RPMs
TMP_DEST="/home/veridiumid/update360RHELUPDATE"
sudo bash /etc/veridiumid/update-procedure/current/resources/scripts/360/post_os_update.sh ${TMP_DEST}/packages/
# In case of YUM repository
sudo bash /etc/veridiumid/update-procedure/current/resources/scripts/360/post_os_update.sh
bash /etc/veridiumid/scripts/check_services.sh4.2) Enable log rotate to run each day
CODE
## apply this fix, because some files might be duplicated
if [ -e "/etc/logrotate.d/rsyslog" ] && [ -e "/etc/logrotate.d/syslog" ]; then
rm -f /etc/logrotate.d/syslog
systemctl restart logrotate
fi
## enable the logrotate timer to be executed periodically
systemctl enable logrotate.timer
systemctl start logrotate.timer