Operations Guides

InPlace Appliance Open Suse OS Upgrade

Home

Open Suse to SUSE Linux Enterprise Server (SLES) Migration

Summary

This procedure allows customers to convert Open Suse to a licensed and supported SLES OS and allows inplace upgrade options using the YAST GUI for simplified OS patch management and major release upgrades. This subsription to SLES includes patches, upgrades and access to OS technical support if required.

Prerequisites

Open Suse 15.4 or 15.5.
1. How to check.
  1. Login as admin over ssh
  2. cat /etc/os-release
A SLES subscription purchased from Suse
Internet repository firewall configuration or proxy that allows https over port 443 to https://updates.suse.com

How to Migrate Open Suse to SLES Licensed Subscription OS

Purchase an OS subscription from https://www.suse.com/shop/
1. Select
You will need to retain the email address used to purchase and the Activation Code
1. Login to the Eyeglass vm as admin user over ssh.
2. sudo -s
3. zypper in yast2-migration-sle
4. Once the installation is completed
5. yast
6. select the menu on the right for Migrate to SUSE Linux Enterprise
8. Follow the on screen steps to enter your email address and activation code.
Once this above steps are complete you should have a registered licensed SLES operating system, confirm this using this command
1. cat /etc/os-release
2. You will look for OS ID of SLES
Verify your VM is registered using the Product Registration menu
Done

How to Inplace OS Upgrade SLES licensed OS from 15.4 to 15.x

NOTE: Only licensed SLES appliances offer the GUI upgrade inplace.
Login as admin over ssh
1. sudo -s
2. yast
3. Select the menu option on the right Online Migration
5. Follow the online GUI steps to upgrade to 15.5,
6. NOTE: During the upgrade 2 conflicts will be raised for dependencies, choose continue the upgrade.
7. NOTE: The upgrade can take 30-60 minutes depending on download speeds. A reboot will be completed at the end of the upgrade.
Run Superna Eyeglass 15.5 installer run file after the OS upgrade to repair dependancies.
1. Prepare for upgrade
  1. nano /etc/os-release
    1. Change ID_LIKE from "suse" to "suse opensuse"
    2. press control+x to save and exit
2. Download the Eyeglass upgrade installer file (for 15.5) from support.superna.net portal and scp to Eyeglass appliance
3. Change mode of the upgrade installer file
  1. chmod 777 <name of upgrade file>
4. Execute the upgrade file
  1. ./<name of upgrade file
5. Once completed, login to Eyeglass Web UI to verify

In-Place ECA Appliance OS OpenSuse 15.4 to 15.5 Upgrade

Overview

In-place upgrades of the operating system should only be done if security patches are required for your deployment. Normally the OVA upgrade option is best to upgrade the OS and appliance at the same time. Only use this procedure if directed by support.

	NOTE: The operating system is the customer's responsibility, and assisted upgrades of the OS are not provided under the support contract. The supported method is using new OVA deployment and restoring the configuration for assisted upgrades to a new OS. This procedure is provided "as is" with no support.

	NOTE: Mandatory to take a VM-level snapshot before starting this procedure. The only recovery option on a failed OS upgrade is reverting a snapshot. Support is unable to recover a failed OS upgrade and will request the snapshot is reverted and schedule the OVA upgrade method.

	NOTE: This procedure is only from 15.4 to 15.5
	NOTE: Recently tested with Search & Recover, see note in the procedure to avoid data loss of the index.

	NOTE: This procedure requires an Internet connection

Procedure

Take VM snapshot of each ECA nodes VM
ssh to each ECA Appliance as ecaadmin user
sudo -s
zypper refresh
zypper update
1. It will prompt to continue - answer with “y”

…

The following package requires a system reboot:

kernel-default-5.14.21-150400.24.63.1

113 packages to upgrade, 3 new.

Overall download size: 577.8 MiB. Already cached: 0 B. After the operation, additional 239.9 MiB will be used.

Note: System reboot required.

Continue? [y/n/v/...? shows all options] (y): y

...

b. It will also detect some conflicts - answer “yes” to continue:

…

Checking for file conflicts: .......................................................................................................

Detected 1 file conflict:

File /usr/share/bash-completion/completions/lsblk

from install of

util-linux-systemd-2.37.2-150400.8.17.1.x86_64 (Update repository with updates from SUSE Linux Enterprise 15)

conflicts with file from package

util-linux-2.36.2-2.29.x86_64 (@System)

File conflicts happen when two packages attempt to install files with the same name but different contents. If you continue, conflicting files will be replaced losing the previous content.

Continue? [yes/no] (no): yes

…

c. Once completed, a reboot is required

d. Wait till all ECA nodes show that message (to indicate that the zypper update has completed). Before reboot, bring down the ECA cluster by running this command only on ECA node 1:

exit (to exit from sudo, and return to ecaadmin user)

Then execute cluster down command:

ecactl cluster down

e. After the ecactl cluster down process has completed, reboot each ECA nodes: (on ECA node 1, need to enter sudo -s mode, on other ECA nodes, there are still in sudo mode as per step #3. Execute:

reboot

6. After it is rebooted, login again to each ECA nodes as ecaadmin

sudo -s

7. New 4096 bit RSA signing key (Reference: here)

a. The new 4096 bit RSA signing key was also introduced as part of openSUSE Leap 15.5 as well as 15.4 via a maintenance update, additionally a new 4096 bit RSA backports key was introduced.

b. Leap 15.4 users are expected to update their system prior to the upgrade of 15.5.

c. Users of 15.4 release currently need to import key manually with:

rpm --import /usr/lib/rpm/gnupg/keys/gpg-pubkey-29b700a4-62b07e22.asc

d. And also the new 4096 openSUSE Backports key needs to be imported:

rpm --import /usr/lib/rpm/gnupg/keys/gpg-pubkey-25db7ae0-645bae34.asc

8. Backup sudoers file

cp /etc/sudoers /etc/sudoers.bak

9. Update the repo

a. Check if your Leap repos defined in /etc/zypp/repos.d/ are using the $releasever variable already.

sudo grep baseurl /etc/zypp/repos.d/*.repo

b. Example:

…

/etc/zypp/repos.d/repo-backports-debug-update.repo:baseurl=http://download.opensuse.org/update/leap/$releasever/backports_debug/

/etc/zypp/repos.d/repo-backports-update.repo:baseurl=http://download.opensuse.org/update/leap/$releasever/backports/

/etc/zypp/repos.d/repo-debug-non-oss.repo:baseurl=http://download.opensuse.org/debug/distribution/leap/$releasever/repo/non-oss/

…

c. If they are still hard-coded with a particular Leap version number, then you need to modify them first

Example:

sed -i 's/15.4/${releasever}/g' /etc/zypp/repos.d/*.repo

10. Refresh with the new Repos of 15.5

zypper --releasever=15.5 refresh

11. Execute the full distribution upgrade to 15.5

zypper --releasever=15.5 dup

12. It will detect some dependency problems like the following. Choose the solution option to deinstallation the older package. Example:

…

3 Problems:

Problem: the to be installed samba-dsdb-modules-4.13.4+git.187.5ad4708741a-1.34.x86_64 requires 'libsamba-errors.so.1(SAMBA_ERRORS_1)(64bit)', but this requirement cannot be provided

Problem: the installed libsnmp40-5.9.3-150300.15.8.1.x86_64 requires 'snmp-mibs >= 5.9.3', but this requirement cannot be provided

Problem: the installed samba-dsdb-modules-4.15.13+git.636.53d93c5b9d6-150400.3.23.1.x86_64 requires 'libldb.so.2(LDB_2.4.4)(64bit)', but this requirement cannot be provided

Problem: the to be installed samba-dsdb-modules-4.13.4+git.187.5ad4708741a-1.34.x86_64 requires 'libsamba-errors.so.1(SAMBA_ERRORS_1)(64bit)', but this requirement cannot be provided

deleted providers: samba-client-libs-4.15.13+git.636.53d93c5b9d6-150400.3.23.1.x86_64

not installable providers: libsamba-errors0-4.13.4+git.187.5ad4708741a-1.34.x86_64[openSUSE-Leap-15.3-1]

Solution 1: Following actions will be done:

keep obsolete samba-dsdb-modules-4.15.13+git.636.53d93c5b9d6-150400.3.23.1.x86_64

keep obsolete samba-client-libs-4.15.13+git.636.53d93c5b9d6-150400.3.23.1.x86_64

Solution 2: deinstallation of samba-client-libs-4.15.13+git.636.53d93c5b9d6-150400.3.23.1.x86_64

Solution 3: deinstallation of samba-dsdb-modules-4.15.13+git.636.53d93c5b9d6-150400.3.23.1.x86_64

Solution 4: break samba-dsdb-modules-4.13.4+git.187.5ad4708741a-1.34.x86_64 by ignoring some of its dependencies

Choose from above solutions by number or skip, retry or cancel [1/2/3/4/s/r/c/d/?] (c): 2

Problem: the installed libsnmp40-5.9.3-150300.15.8.1.x86_64 requires 'snmp-mibs >= 5.9.3', but this requirement cannot be provided

not installable providers: snmp-mibs-5.9.3-150300.15.3.1.x86_64[repo-sle-update]

Solution 1: deinstallation of libsnmp30-5.7.3-10.12.1.x86_64

Solution 2: deinstallation of libsnmp40-5.9.3-150300.15.8.1.x86_64

Solution 3: keep obsolete libsnmp30-5.7.3-10.12.1.x86_64

Solution 4: break libsnmp40-5.9.3-150300.15.8.1.x86_64 by ignoring some of its dependencies

Choose from above solutions by number or skip, retry or cancel [1/2/3/4/s/r/c/d/?] (c): 1

Problem: the installed samba-dsdb-modules-4.15.13+git.636.53d93c5b9d6-150400.3.23.1.x86_64 requires 'libldb.so.2(LDB_2.4.4)(64bit)', but this requirement cannot be provided

deleted providers: libldb2-2.4.4-150400.4.11.1.x86_64

Solution 1: Following actions will be done:

keep obsolete libldb2-2.4.4-150400.4.11.1.x86_64

keep obsolete samba-ldb-ldap-4.15.13+git.636.53d93c5b9d6-150400.3.23.1.x86_64

Solution 2: deinstallation of samba-ldb-ldap-4.15.13+git.636.53d93c5b9d6-150400.3.23.1.x86_64

Solution 3: deinstallation of yast2-adcommon-python-1.6-3.3.10.noarch

Solution 4: break samba-dsdb-modules-4.15.13+git.636.53d93c5b9d6-150400.3.23.1.x86_64 by ignoring some of its dependencies

Choose from above solutions by number or skip, retry or cancel [1/2/3/4/s/r/c/d/?] (c): 2

…

13. It will prompt us to continue. Answer with “y”

…

The following 2 packages require a system reboot:

kernel-default-5.14.21-150500.53.2 kernel-preempt-5.3.18-57.3

218 packages to upgrade, 38 to downgrade, 68 new, 1 to reinstall, 8 to remove.

Overall download size: 784.9 MiB. Already cached: 0 B. After the operation, additional 659.5 MiB will be used.

Note: System reboot required.

Continue? [y/n/v/...? shows all options] (y): y

…

14. It detects some conflicts, answer “yes” to continue

…

Detected 3 file conflicts:

File /etc/motd

from install of

openSUSE-release-15.5-lp155.286.1.x86_64 (Main Repository)

conflicts with file from package

eyeglass_cluster_appliance-2.5.12-23175.lp15.4.x86_64 (@System)

File /etc/sudoers

from install of

sudo-1.9.12p1-150500.5.1.x86_64 (Main Repository)

conflicts with file from package

eyeglass_cluster_appliance-2.5.12-23175.lp15.4.x86_64 (@System)

File /usr/share/bash-completion/completions/lsblk

from install of

util-linux-systemd-2.37.4-150500.7.2.x86_64 (Main Repository)

conflicts with file from package

util-linux-2.36.2-2.29.x86_64 (@System)

File conflicts happen when two packages attempt to install files with the same name but different contents. If you continue, conflicting files will be replaced losing the previous content.

Continue? [yes/no] (no): yes

…

15. Once completed, it will suggest a reboot. But DO NOT reboot first

…

Since the last system boot core libraries or services have been updated.

Reboot is suggested to ensure that your system benefits from these updates.

…

16. Before reboot, on each ECA nodes, copy /etc/sudoers.bak back to /etc/sudoers

cp /etc/sudoers.bak /etc/sudoers

17. Once done, reboot each ECA nodes:

reboot

18. After rebooted, re-login via ssh to each ECA nodes as ecaadmin

19. Verify OS version is 15.5 on each ECA nodes, from cat /etc/os-release

NAME="openSUSE Leap"

VERSION="15.5"

ID="opensuse-leap"

ID_LIKE="suse opensuse"

VERSION_ID="15.5"

PRETTY_NAME="openSUSE Leap 15.5"

ANSI_COLOR="0;32"

CPE_NAME="cpe:/o:opensuse:leap:15.5"

BUG_REPORT_URL="https://bugs.opensuse.org"

HOME_URL="https://www.opensuse.org/"

DOCUMENTATION_URL="https://en.opensuse.org/Portal:Leap"

LOGO="distributor-logo-Leap"

20. Download the latest ECA upgrade installer file (for 15.5) from support.superna.net portal and scp that file to ECA node 1

21. Change mode of the upgrade installer file

chmod +x <name of upgrade file>

22. Execute the upgrade file

./<name of upgrade file>

23. NOTE: Only execute this step on ECA VM's. WARNING: Do not execute this step on Search & Recover, data loss will result.
VM's. Once the upgrade process has completed, from ECA node 1, execute the following command (Note: the following command is a one-line command): :

ecactl cluster exec "sudo rm -rf /opt/superna/mnt/zk-ramdisk/* /opt/data/kafka-logs/* \; sudo systemctl restart docker"

24. Once completed, then from ECA node 1, bring up the ECA cluster

ecactl cluster up

25. Wait till cluster up has fully completed. Once completed, login to Eyeglass WebUI and from Eyeglass WebUI Dashboard open the Managed Services icon and verify that all ECA nodes services are in an Active and healthy state.

In-Place Eyeglass Appliance OS OpenSuse 15.4 to 15.5 Upgrade

Overview

	NOTE: The operating system is the customer's responsibility, and assisted upgrades of the OS are not provided under the support contract. The supported method is using new OVA deployment and restoring the configuration for assisted upgrades to a new OS. This procedure is provided "as is" with no support.

	NOTE: Mandatory to take a VM-level snapshot before starting this procedure. The only recovery option on a failed OS upgrade is reverting a snapshot. Support is unable to recover a failed OS upgrade and will request the snapshot is reverted and schedule the OVA upgrade method.

	NOTE: This procedure is only from 15.4 to 15.5

	NOTE: This procedure requires an Internet connection

Procedure

Take VM snapshot of Eyeglass Appliance VM
ssh to Eyeglass Appliance as admin user
sudo -s
zypper refresh
zypper update
1. It will prompt to continue - answer with “y”
  …
  Note: System reboot required.
  Continue? [y/n/v/...? shows all options] (y): y
  ...
2. It will also detect some conflicts - answer “yes” to continue:
  …
  Checking for file conflicts: ....................................................................................[error]
  Detected 1 file conflict:
  
  File /usr/share/bash-completion/completions/lsblk
    from install of
       util-linux-systemd-2.37.2-150400.8.17.1.x86_64 (Update repository with updates from SUSE Linux Enterprise 15)
    conflicts with file from package
       util-linux-2.36.2-2.29.x86_64 (@System)
  
  File conflicts happen when two packages attempt to install files with the same name but different contents. If you continue, conflicting files will be replaced losing the previous content.
  Continue? [yes/no] (no): yes
  …
3. Once completed, it will require a reboot
4. Before reboot, stop sca service
  systemctl stop sca
5. After the sca service is stopped, reboot appliance:
  reboot

6. After it is rebooted, re-login to Eyeglass SSH again as admin user

sudo -s

7. New 4096 bit RSA signing key (Reference: here)

a. The new 4096 bit RSA signing key was also introduced as part of openSUSE Leap 15.5 as well as 15.4 via a maintenance update, additionally a new 4096 bit RSA backports key was introduced.

b. Leap 15.4 users are expected to update their system prior to the upgrade of 15.5.

c. Users of 15.4 release currently need to import key manually with:

rpm --import /usr/lib/rpm/gnupg/keys/gpg-pubkey-29b700a4-62b07e22.asc

d. And also the new 4096 openSUSE Backports key needs to be imported:

rpm --import /usr/lib/rpm/gnupg/keys/gpg-pubkey-25db7ae0-645bae34.asc

8. Backup sudoers file

cp /etc/sudoers /etc/sudoers.bak

9. Update the repo

a. Check if your Leap repos defined in /etc/zypp/repos.d/ are using the $releasever variable already.

sudo grep baseurl /etc/zypp/repos.d/*.repo

b. Example:

…

/etc/zypp/repos.d/repo-backports-debug-update.repo:baseurl=http://download.opensuse.org/update/leap/$releasever/backports_debug/

/etc/zypp/repos.d/repo-backports-update.repo:baseurl=http://download.opensuse.org/update/leap/$releasever/backports/

/etc/zypp/repos.d/repo-debug-non-oss.repo:baseurl=http://download.opensuse.org/debug/distribution/leap/$releasever/repo/non-oss/

…

c. If they are still hard-coded with a particular Leap version number, then you need to modify them first

Example:

sed -i 's/15.4/${releasever}/g' /etc/zypp/repos.d/*.repo

10. Refresh with the new Repos of 15.5

zypper --releasever=15.5 refresh

11. Execute the full distribution upgrade to 15.5

zypper --releasever=15.5 dup

12. It will detect some dependency problems like the following. Choose the solution option to deinstallation the older package. Example

…

Problem: the installed libsnmp40-5.9.3-150300.15.8.1.x86_64 requires 'snmp-mibs >= 5.9.3', but this requirement cannot be provided

not installable providers: snmp-mibs-5.9.3-150300.15.3.1.x86_64[repo-sle-update]

Solution 1: deinstallation of libsnmp30-5.7.3-10.12.1.x86_64

Solution 2: deinstallation of libsnmp40-5.9.3-150300.15.8.1.x86_64

Solution 3: keep obsolete libsnmp30-5.7.3-10.12.1.x86_64

Solution 4: break libsnmp40-5.9.3-150300.15.8.1.x86_64 by ignoring some of its dependencies

Choose from above solutions by number or cancel [1/2/3/4/c/d/?] (c): 1

…

13. It will prompt us to continue. Answer with “y”

…

The following 2 packages require a system reboot:

kernel-default-5.14.21-150500.53.2 kernel-preempt-5.3.18-57.3

217 packages to upgrade, 27 to downgrade, 45 new, 1 to reinstall, 4 to remove.

Overall download size: 748.9 MiB. Already cached: 0 B. After the operation, additional 660.4 MiB will be used.

Note: System reboot required.

Continue? [y/n/v/...? shows all options] (y): y

…

14. It detects some conflicts, answer “yes” to continue

…

Checking for file conflicts: ....................................................................................[error]

Detected 7 file conflicts:

File /etc/lighttpd/conf.d/magnet.conf

from install of

lighttpd-mod_magnet-1.4.69-bp155.1.6.x86_64 (Main Repository)

conflicts with file from package

eyeglass_deps-2.5.11-23140.lp15.4.x86_64 (@System)

File /etc/lighttpd/conf.d/proxy.conf

from install of

lighttpd-1.4.69-bp155.1.6.x86_64 (Main Repository)

conflicts with file from package

eyeglass_deps-2.5.11-23140.lp15.4.x86_64 (@System)

File /etc/lighttpd/lighttpd.conf

from install of

lighttpd-1.4.69-bp155.1.6.x86_64 (Main Repository)

conflicts with file from package

eyeglass_deps-2.5.11-23140.lp15.4.x86_64 (@System)

File /etc/lighttpd/modules.conf

from install of

lighttpd-1.4.69-bp155.1.6.x86_64 (Main Repository)

conflicts with file from package

eyeglass_deps-2.5.11-23140.lp15.4.x86_64 (@System)

File /etc/motd

from install of

openSUSE-release-15.5-lp155.286.1.x86_64 (Main Repository)

conflicts with file from package

eyeglass_deps-2.5.11-23140.lp15.4.x86_64 (@System)

File /etc/sudoers

from install of

sudo-1.9.12p1-150500.5.1.x86_64 (Main Repository)

conflicts with file from package

eyeglass_deps-2.5.11-23140.lp15.4.x86_64 (@System)

File /usr/share/bash-completion/completions/lsblk

from install of

util-linux-systemd-2.37.4-150500.7.2.x86_64 (Main Repository)

conflicts with file from package

util-linux-2.36.2-2.29.x86_64 (@System)

File conflicts happen when two packages attempt to install files with the same name but different contents. If you continue, conflicting files will be replaced losing the previous content.

Continue? [yes/no] (no): yes

…

15. Once completed, it will suggest a reboot. But DO NOT reboot first

…

Since the last system boot core libraries or services have been updated.

Reboot is suggested to ensure that your system benefits from these updates.

…

16. Before reboot, copy /etc/sudoers.bak back to /etc/sudoers

cp /etc/sudoers.bak /etc/sudoers

17. Stop sca service

systemctl stop sca

18. Reboot Eyeglass appliance: reboot

19. After rebooted, re-login via ssh to Eyeglass as admin user

20. Verify OS version is 15.5 on Eyeglass appliance , from cat /etc/os-release

NAME="openSUSE Leap"

VERSION="15.5"

ID="opensuse-leap"

ID_LIKE="suse opensuse"

VERSION_ID="15.5"

PRETTY_NAME="openSUSE Leap 15.5"

ANSI_COLOR="0;32"

CPE_NAME="cpe:/o:opensuse:leap:15.5"

BUG_REPORT_URL="https://bugs.opensuse.org"

HOME_URL="https://www.opensuse.org/"

DOCUMENTATION_URL="https://en.opensuse.org/Portal:Leap"

LOGO="distributor-logo-Leap"

21. Elevate

sudo -s

22. Unlink symbolic links

unlink /opt/superna/document_generator/startOrientDb.sh

unlink /opt/superna/document_generator/databaseScriptSca.sh

unlink /opt/superna/document_generator/eyeglassAnalyzer

unlink /opt/superna/document_generator/dbmanager

unlink /opt/superna/document_generator/orientDBManager

23. Continue by providing “y” answer

…

The following 3 NEW packages are going to be installed:

glibc-devel libxcrypt-devel linux-glibc-devel

3 new packages to install.

Overall download size: 1.8 MiB. Already cached: 0 B. After the operation, additional 7.5 MiB will be used.

Continue? [y/n/v/...? shows all options] (y): y

…

24. Download the Eyeglass upgrade installer file (for 15.5) from support.superna.net portal and scp to Eyeglass appliance

25. Change mode of the upgrade installer file

chmod 777 <name of upgrade file>

26. Execute the upgrade file

./<name of upgrade file>

27. Once completed, login to Eyeglass Web UI to verify