[Freeipa-users] Upgrade from 4.1.4
Prashant Bapat
prashant at apigee.com
Thu Nov 5 07:28:28 UTC 2015
Looks like there are issues with dogtag and tomcat8.
http://pki.fedoraproject.org/wiki/Tomcat_8
On 5 November 2015 at 11:32, Prashant Bapat <prashant at apigee.com> wrote:
> New issue with upgrade.
>
> I setup a test IPA server. Its on AWS EC2 instance in a VPC. Fedora 21.
> freeipa 4.1.4.
>
> Upgraded OS from F21 --> F22 --> F23. All OK.
>
> Once in F23 *ipactl start* command tells me an upgrade is needed.
>
> Ran* ipa-server-upgrade* command. This command seems to do everything but
> somehow fails during upgrading the PKI (Tomcat). Now the tomcat service
> wont start. Other components are upgraded to 4.2.2 but Tomcat is down.
>
> Attached is the *ipaupgrade.log* and *catalina.2015-11-05.log*.
>
> Any help appreciated.
>
> Thanks.
> --Prashant
>
> On 5 November 2015 at 06:31, Prashant Bapat <prashant at apigee.com> wrote:
>
>> Great idea! Is that possible ? Any documentation on how to do this would
>> be very helpful.
>>
>> Thanks.
>>
>> On 4 November 2015 at 19:17, Rob Crittenden <rcritten at redhat.com> wrote:
>>
>>> Martin Kosek wrote:
>>> > On 11/04/2015 10:27 AM, Prashant Bapat wrote:
>>> >> Ack. But in a live replicated setup wont upgrading from F21->F22 and
>>> >> F22->F23 take a long time. I mean couple of hours ?
>>> >
>>> > It will take some outage time, yes. But if you have appropriate number
>>> of
>>> > replicas and are upgrading one by one, you should be fine - the
>>> clients should
>>> > fail over to other replicas.
>>> >
>>> >> Are there any other ways to do this. Perhaps do a fresh install of
>>> F23 and
>>> >> then restore data from FreeIPA 4.1.4 (F21) ?
>>> >
>>> > FreeIPA upgrade also updates the data themselves. Restoring old data
>>> and
>>> > configuration files on fresh F23 using full backup + running the
>>> upgrade may
>>> > work, but there may be also a lot of hurdles. It is not really a
>>> tested approach.
>>>
>>> Or he could one by one install a new F23 system and configure it as a
>>> new master to replace one of the old ones until they are all running F23.
>>>
>>> I'm pretty sure backup/restore only works within the same version.
>>>
>>> rob
>>>
>>> >
>>> >>
>>> >> On 4 November 2015 at 14:52, Martin Kosek <mkosek at redhat.com> wrote:
>>> >>
>>> >>> On 11/04/2015 10:15 AM, Lukas Slebodnik wrote:
>>> >>>> On (04/11/15 14:37), Prashant Bapat wrote:
>>> >>>>> Hi All,
>>> >>>>>
>>> >>>>> We rolled out freeipa in our setup somewhere in beginning of 2015.
>>> Since
>>> >>>>> then there have been couple of new releases. Latest being 4.2.3.
>>> >>>>>
>>> >>>>> The FreeIPA servers are installed on Fedora 21 hosts and at this
>>> point
>>> >>>>> there is no direct way of upgrading to 4.2.3 unless we also
>>> upgrade the
>>> >>> OS.
>>> >>>>> The COPR repos do not support Fedora 21.
>>> >>>>>
>>> >>>> Fedora 23 was released yesterday.
>>> >>>> It means then Fedora 21 will be out of support in a month.
>>> >>>> I would definitelly recomment to upgrade it to newer Fedora.
>>> >>>
>>> >>> +1. I did the same actually for FreeIPA demo which was also running
>>> on F21
>>> >>> before:
>>> >>> http://www.freeipa.org/page/Demo
>>> >>> I had to do it in two steps: F21->F22, F22->F23.
>>> >>>
>>> >>> If you make sure that F22->F23 upgrade updates to
>>> freeipa-4.2.3-1.fc23 or
>>> >>> later
>>> >>> (https://bodhi.fedoraproject.org/updates/FEDORA-2015-4d94884a7e), it
>>> >>> should
>>> >>> work just fine.
>>> >>>
>>> >>>> If you do not want t upgrade so often you might use FreeIPA
>>> >>>> on CentOS 7
>>> >>>>
>>> >>>> LS
>>> >>>>
>>> >>>
>>> >>>
>>> >>
>>> >
>>>
>>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20151105/289b3147/attachment.htm>
More information about the Freeipa-users
mailing list