Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision
Previous revision
cloudappliance/smeinplaceupgrade [2018_04_12 11:46] – external edit 127.0.0.1cloudappliance:smeinplaceupgrade [2023_07_06 23:50] (current) – removed steven
Line 1: Line 1:
  
-===== SME Inplace upgrade to 1712 ===== 
-(Last Updated 6th April 2018) 
- 
-The SME Enterprise File Fabric platform is shipped as a virtual appliance, this makes it easy to deploy. The new generation of Enterprise File Fabric has a more comprehensive way to upgrade.  Upgrades from v10.x SME appliance or later are accomplished without the need to redeploy a new virtual machine.  
- 
-Please note that this procedure is written for systems that following "standard" supported deployment architectures, for advanced deployments please contact support. 
- 
-==== Prerequisites ==== 
- 
-Ensure the following prerequisites are met before beginning an upgrade: 
-  * SME version 10.0.X or 1705.X is installed and functional 
-  * Public internet access for download patches 
-  * A complete backup / snapshot has been done of both the system and the database 
-  * Verify API based storage providers have a valid certificate 
- 
-In addition, you must ensure you have full administrator access to the systems.  The following user accounts and passwords will be required: 
-  * smeconfiguser  
-  * root 
-  * appladmin  
-  * organizational admin(s) of your organization 
- 
-During the upgrade, ongoing uploads will be cancelled and the site will be unavailable for a short duration, please schedule downtime accordingly. 
- 
-=== Prepare for the upgrade === 
-To receive upgrades for File Fabric you will need a valid support contract. 
- 
-Start by backing up the appliance. This upgrade will be an upgrade of both software and the database, please do not proceed without a good backup. SME does not support a database rollback, so if something does not go to plan, a system restore will be required. 
- 
- 
-== Checking storage certificates == 
-Version 1712 of the Enterprise File Fabric increases the security requirements for storage providers that are accessed over HTTPS. As a result, self-signed certificates and certificates with missing intermediate chains are not supported by default.  These certificates can either be corrected by the storage administrator or the Enterprise File Fabric can be set to allow these certificates. 
- 
-== Validating storage certificates == 
-Log into the Enterprise File Fabric as the "smeconfiguser" and run the following command against all storage providers accessed over HTTPS: 
- 
-<code> 
-curl https://fqdn.backendstorage.com 
-</code> 
- 
-If curl returns any error of type (60), the storage provider will no longer work with the defaults in v1712.  
- 
-Examples: 
- 
-//Broken chain// 
-<code> 
-curl https://storageFQDN 
-curl: (60) Peer's Certificate issuer is not recognized. 
-More details here: http://curl.haxx.se/docs/sslcerts.html 
-</code> 
- 
-//Self-Signed Certificate// 
-<code> 
-curl https://storageFQDN 
-curl: (60) Peer's certificate issuer has been marked as not trusted by the user. 
-</code> 
- 
-//Expired Certificate// 
-<code> 
-curl https://storageFQDN 
-curl: (60) Peer's Certificate has expired. 
-</code> 
- 
-Note:  The Enterprise File Fabric will not allow use of storage with an expired certificate 
- 
-=== Disabling certificate validation === 
-Storage Made Easy always recommends the use of valid certificates from signed public authorities.  However, to preserve functionally with storage providers added prior to v1712, the following procedure will disable certificate validation: 
- 
-For each storage type that fails curl validation an entry will need to be made in config.inc.php.  Find below the list of valid storage providers and the accompanying variable to disable provider certificate validation: 
- 
-^ Storage Type       ^ variable  ^ 
-| Amplidata |var $ssl\_certificates\_amplidata = '0'; | 
-| BlueMix Object Storage | var $ssl\_certificates\_bluemix = '0';  
-| Caringo Swarm   | var $ssl\_certificates\_caringoswarm = '0'; | 
-| Ceph       | var $ssl\_certificates\_ceph = '0'; | 
-| Cleversafe      | var $ssl\_certificates\_cleversafe = '0'; |      
-| Cloudian     | var $ssl\_certificates\_cloudian = '0'; 
-| Dell EMC Elastic Cloud Storage | var $ssl\_certificates\_dellemc = '0'; | 
-| EMC Atmos S3 |var $ssl\_certificates\_atmoss3 = '0'; 
-| HostingSolutions.it | var $ssl\_certificates\_hostsolit = '0'; 
-| HPHelion | var $ssl\_certificates\_hphelion = '0'; | 
-| IBM Cloud Object Storage| var $ssl\_certificates\_ibmcloud = '0'; 
-| Igneous | var $ssl\_certificates\_igneous = '0'; 
-| Leonovus | var $ssl\_certificates\_leonovus = '0'; | 
-| Minio Object Storage | var $ssl\_certificates\_minio = '0';|   
-| Mirantis | var $ssl\_certificates\_mirantis = '0'; |   
-| Open S3 - S3 Compatible Cloud | var $ssl\_certificates\_opens3 = '0';| 
-| OpenIO | var $ssl\_certificates\_openio = '0'; | 
-| OpenStack | var $ssl\_certificates\_openstack = '0'; 
-| SoftLayer | var $ssl\_certificates\_softlayer = '0'; 
-| Swift v3 | var $ssl\_certificates\_swift = '0'; 
-| SwiftStack | var $ssl\_certificates\_swiftstack = '0'; | 
- 
-If you wish to disable certificate validation for a storage provider that is not on this list, please contact SME at: support@storagemadeeasy.com 
- 
-Log into the SME appliance as smeconfiguser e.g. 
-<code> 
-ssh smeconfiguser@cloudfiles.company.com 
-</code> 
- 
- 
-Change user to root 
-<code> 
-su - 
-</code> 
- 
-Add the required variables to the file: /var/www/smestorage/public_html/config.inc.php below the line:  var $ssl_version = 'tls'; 
-<code> 
-vi /var/www/smestorage/public_html/config.inc.php 
-</code> 
- 
-For example, if the backend storage providers Minio and Ceph have self-signed certificates the following will be added: 
- 
-    var $ssl_version = 'tls'; 
-    var $ssl_certificates_minio = '0'; 
-    var $ssl_certificates_ceph = '0';  
- 
-Once added, save the config.inc.php file and confirm normal Enterprise File Fabric operation against altered storage providers by logging into web console as an Organization Administrator then upload and download a file. 
- 
-=== Upgrade === 
- 
-Log into the SME appliance as smeconfiguser e.g.  
-<code> 
-ssh smeconfiguser@cloudfiles.company.com 
-</code> 
-Change user to root 
-<code> 
-su - 
-</code> 
- 
-Update the File Fabric repository 
-<code> 
-yum install https://download.storagemadeeasy.com/sme-repo-release-latest.rpm 
-</code> 
- 
-Clear the yum cache, and rebuild it.  
-<code> 
-yum clean all; yum makecache 
-</code> 
- 
-To verify the repository is installed and enabled, you can execute the following command: 
-<code> 
-yum repolist enabled 
-</code> 
-and search for "sme-enterprise" in the results. If you don't see it, abandon the upgrade process and contact Support at Storage Made Easy. 
- 
-Now update the appliance with the following command 
-<code> 
-yum install sme-upgradeto1712 sme-release -y 
-</code> 
- 
-Next install the 1712.02 hotfix 
-<code> 
-su - smestorage 
-cd patches 
-wget https://s3.amazonaws.com/smevm/1712/patch_public_html_1712.02.tar.gz 
-./patch -patch patch_public_html_1712.02.tar.gz 
-exit 
-</code> 
- 
-After the update is complete, please reboot the system. 
-<code> 
-reboot 
-</code>