Differences
This shows you the differences between two versions of the page.
Next revision | Previous revision | ||
cloudappliance/smeinplaceupgrade [2018_04_12 11:46] – external edit 127.0.0.1 | cloudappliance:smeinplaceupgrade [2023_07_06 23:50] (current) – removed steven | ||
---|---|---|---|
Line 1: | Line 1: | ||
- | ===== SME Inplace upgrade to 1712 ===== | ||
- | (Last Updated 6th April 2018) | ||
- | |||
- | The SME Enterprise File Fabric platform is shipped as a virtual appliance, this makes it easy to deploy. The new generation of Enterprise File Fabric has a more comprehensive way to upgrade. | ||
- | |||
- | Please note that this procedure is written for systems that following " | ||
- | |||
- | ==== Prerequisites ==== | ||
- | |||
- | Ensure the following prerequisites are met before beginning an upgrade: | ||
- | * SME version 10.0.X or 1705.X is installed and functional | ||
- | * Public internet access for download patches | ||
- | * A complete backup / snapshot has been done of both the system and the database | ||
- | * Verify API based storage providers have a valid certificate | ||
- | |||
- | In addition, you must ensure you have full administrator access to the systems. | ||
- | * smeconfiguser | ||
- | * root | ||
- | * appladmin | ||
- | * organizational admin(s) of your organization | ||
- | |||
- | During the upgrade, ongoing uploads will be cancelled and the site will be unavailable for a short duration, please schedule downtime accordingly. | ||
- | |||
- | === Prepare for the upgrade === | ||
- | To receive upgrades for File Fabric you will need a valid support contract. | ||
- | |||
- | Start by backing up the appliance. This upgrade will be an upgrade of both software and the database, please do not proceed without a good backup. SME does not support a database rollback, so if something does not go to plan, a system restore will be required. | ||
- | |||
- | |||
- | == Checking storage certificates == | ||
- | Version 1712 of the Enterprise File Fabric increases the security requirements for storage providers that are accessed over HTTPS. As a result, self-signed certificates and certificates with missing intermediate chains are not supported by default. | ||
- | |||
- | == Validating storage certificates == | ||
- | Log into the Enterprise File Fabric as the " | ||
- | |||
- | < | ||
- | curl https:// | ||
- | </ | ||
- | |||
- | If curl returns any error of type (60), the storage provider will no longer work with the defaults in v1712. | ||
- | |||
- | Examples: | ||
- | |||
- | //Broken chain// | ||
- | < | ||
- | curl https:// | ||
- | curl: (60) Peer's Certificate issuer is not recognized. | ||
- | More details here: http:// | ||
- | </ | ||
- | |||
- | // | ||
- | < | ||
- | curl https:// | ||
- | curl: (60) Peer's certificate issuer has been marked as not trusted by the user. | ||
- | </ | ||
- | |||
- | //Expired Certificate// | ||
- | < | ||
- | curl https:// | ||
- | curl: (60) Peer's Certificate has expired. | ||
- | </ | ||
- | |||
- | Note: The Enterprise File Fabric will not allow use of storage with an expired certificate | ||
- | |||
- | === Disabling certificate validation === | ||
- | Storage Made Easy always recommends the use of valid certificates from signed public authorities. | ||
- | |||
- | For each storage type that fails curl validation an entry will need to be made in config.inc.php. | ||
- | |||
- | ^ Storage Type ^ variable | ||
- | | Amplidata |var $ssl\_certificates\_amplidata = ' | ||
- | | BlueMix Object Storage | var $ssl\_certificates\_bluemix = ' | ||
- | | Caringo Swarm | var $ssl\_certificates\_caringoswarm = ' | ||
- | | Ceph | var $ssl\_certificates\_ceph = ' | ||
- | | Cleversafe | ||
- | | Cloudian | ||
- | | Dell EMC Elastic Cloud Storage | var $ssl\_certificates\_dellemc = ' | ||
- | | EMC Atmos S3 |var $ssl\_certificates\_atmoss3 = ' | ||
- | | HostingSolutions.it | var $ssl\_certificates\_hostsolit = ' | ||
- | | HPHelion | var $ssl\_certificates\_hphelion = ' | ||
- | | IBM Cloud Object Storage| var $ssl\_certificates\_ibmcloud = ' | ||
- | | Igneous | var $ssl\_certificates\_igneous = ' | ||
- | | Leonovus | var $ssl\_certificates\_leonovus = ' | ||
- | | Minio Object Storage | var $ssl\_certificates\_minio = ' | ||
- | | Mirantis | var $ssl\_certificates\_mirantis = ' | ||
- | | Open S3 - S3 Compatible Cloud | var $ssl\_certificates\_opens3 = ' | ||
- | | OpenIO | var $ssl\_certificates\_openio = ' | ||
- | | OpenStack | var $ssl\_certificates\_openstack = ' | ||
- | | SoftLayer | var $ssl\_certificates\_softlayer = ' | ||
- | | Swift v3 | var $ssl\_certificates\_swift = ' | ||
- | | SwiftStack | var $ssl\_certificates\_swiftstack = ' | ||
- | |||
- | If you wish to disable certificate validation for a storage provider that is not on this list, please contact SME at: support@storagemadeeasy.com | ||
- | |||
- | Log into the SME appliance as smeconfiguser e.g. | ||
- | < | ||
- | ssh smeconfiguser@cloudfiles.company.com | ||
- | </ | ||
- | |||
- | |||
- | Change user to root | ||
- | < | ||
- | su - | ||
- | </ | ||
- | |||
- | Add the required variables to the file: / | ||
- | < | ||
- | vi / | ||
- | </ | ||
- | |||
- | For example, if the backend storage providers Minio and Ceph have self-signed certificates the following will be added: | ||
- | |||
- | var $ssl_version = ' | ||
- | var $ssl_certificates_minio = ' | ||
- | var $ssl_certificates_ceph = ' | ||
- | |||
- | Once added, save the config.inc.php file and confirm normal Enterprise File Fabric operation against altered storage providers by logging into web console as an Organization Administrator then upload and download a file. | ||
- | |||
- | === Upgrade === | ||
- | |||
- | Log into the SME appliance as smeconfiguser e.g. | ||
- | < | ||
- | ssh smeconfiguser@cloudfiles.company.com | ||
- | </ | ||
- | Change user to root | ||
- | < | ||
- | su - | ||
- | </ | ||
- | |||
- | Update the File Fabric repository | ||
- | < | ||
- | yum install https:// | ||
- | </ | ||
- | |||
- | Clear the yum cache, and rebuild it. | ||
- | < | ||
- | yum clean all; yum makecache | ||
- | </ | ||
- | |||
- | To verify the repository is installed and enabled, you can execute the following command: | ||
- | < | ||
- | yum repolist enabled | ||
- | </ | ||
- | and search for " | ||
- | |||
- | Now update the appliance with the following command | ||
- | < | ||
- | yum install sme-upgradeto1712 sme-release -y | ||
- | </ | ||
- | |||
- | Next install the 1712.02 hotfix | ||
- | < | ||
- | su - smestorage | ||
- | cd patches | ||
- | wget https:// | ||
- | ./patch -patch patch_public_html_1712.02.tar.gz | ||
- | exit | ||
- | </ | ||
- | |||
- | After the update is complete, please reboot the system. | ||
- | < | ||
- | reboot | ||
- | </ |