This post describes how to upgrade vRealize Automation 6.2 to 7.x. Before performing this upgrade please read my previous post “vRealize Automation 7 Upgrade Considerations“, this post describes multiple pitfalls and could prevent potential issues.
Done reading? OK then let’s start!
Step 1 : Backup current Installation
Before you do anything backup your current installation! Believe me when I say this is a critical step, if something goes wrong you don’t want to rely only on a VM snapshot…
Step 2 : Shutdown vRealize Automation services on your IaaS server
Shut down services in the following order on the IaaS servers. But be absolutely sure not to shut down the actual machine, otherwise the appliance upgrade will fail.
Each virtual machine has a Management agent, which should be stopped with each set of services.
For deployments that use load balancers, disable all of the secondary nodes and health monitors from the load balancer for the distributed installation.
After shutting down the services check if the Web Repository is running :
https://IaaSFQDN/Repository/Data/MetaModel.svc
This should return a XML page without any errors.
Step 3 : Uninstall Common Components Catalog
If the Common Components Catalog is installed, you must uninstall it before you upgrade. It will appear in Add / Remove Programs on servers hosting the following specific IaaS components :
Stop all vRA services before uninstalling.
Step 4 : Prepare and update the embedded PostgreSQL database
Now the documentation describes the next step as : “Prepare and update the embedded PostgreSQL database if your deployment includes one” but if you open the link attached to this step it says : “If your high-availability deployment relies on a clustered PostgreSQL server, either embedded or external, you must configure each vRealize Automation appliance node for upgrade.”
So only perform this step if your vRA environment relies on a clustered PostgreSQL server!
Locate the secondary vRealize Automation appliance node in your 6.2.x environment.
Open a shell console and stop the vPostgres service. And execute:
|
1 |
service vpostgres stop |
Navigate to /storage/db/pgdata/postgresql.conf and backup the file.
Verify that the archive settings are accurate : archive_mode = off and #archive_command = ”.
Note : There may be multiple entries.
Navigate to the /etc/fstab file and remove lines starting with /dev/sdd, which contain the Wal_Archive write ahead logs.
Navigate to /etc/vcac/server.xml and back-up the file.
Verify that the jdbc:postgresql database connection points to the external IP address of the master Postgres node.
If the connection is not set, edit the /etc/vcac/server.xml file entry jdbc:posgresql that points to the Postgres database and point it to the external IP address of the master Postgres node for external Postgres or master virtual appliance for embedded Postgres.
For example, jdbc:postgresql://1.2.3.4:5432/vcac
Now you can shut down the vRealize Automation appliance.
Repeat the above steps on each vRealize Automation appliance node in your 6.2.x environment.
Locate the master vRealize Automation appliance node and repeat the above steps.
If you are upgrading a 6.2.x high-availability setup with an embedded PostgreSQL database and there is an external Load Balancer pool configured especially for PostgreSQL database, remove the external LB pool for PostgreSQL.
Step 5 : Increase vRealize Automation Appliance hardware resources
Before you proceed with upgrade you must increase hardware resources for each vRealize Automation appliance.
Don’t skip this step! The pre install script will check this :
Upgrade the vCPU to 4 virtual sockets, the vRAM to 18GB and extend the size of Disk 1 to 50 GB.
If there is an existing virtual Disk 4 from a previous vRealize Automation 6.2.x release, delete this disk and add a new virtual disk 4 with 50 GB disk size. If you have two disks, add Disk 3 with 25 GB disk size first and then Disk 4 with 50 GB disk size.
IMPORTANT : Before continuing create a snapshot of the virtual machine.
Step 6 : Create a SaaS Schema and Citext for an external PostgreSQL server
For an external PostgreSQL server, you need to manually create a schema called saas and a citext extension for your vRealize Automation database.
Important :Do not perform these steps if you are using an embedded PostgreSQL database on your vRealize Automation appliances.
If you are using an external clustered PostreSQL database, log in to the master PostgreSQL node. Otherwise, log in to your standalone external PostgreSQL node.
Run the following command to manually create the required saas schema and citext extension.
The following example uses a psql binary path for vPostgres. Your path might be different based on your operating system and the implementation of PostgreSQL that you use.
|
1 2 3 4 5 |
su - postgres -c "/opt/vmware/vpostgres/current/bin/psql -Atw --set ON_ERROR_STOP=on VCAC_DATABASE" << EOF CREATE SCHEMA saas AUTHORIZATION VCAC_USER; CREATE EXTENSION IF NOT EXISTS "citext" SCHEMA saas; EOF |
Replace VCAC_DATABASE and VCAC_USER with your vRealize Automation database name and database user. And yes the default database name and default user name are still vcac.
Step 7 : Upgrade the external PostgreSQL virtual appliance
If you are using another type of PostgreSQL server, such as a community edition or shared PostgreSQL server, do NOT use this procedure.
Open the vRealize Automation appliance management console for the upgrade.
Go to the management console for your virtual appliance by using its fully qualified domain name, https://ApplianceFQDN:5480.
Log in with the user name root and the password you specified when the appliance was deployed.
Click the Update tab.
Click Settings and select a download option for the updates.
Click Status.
Click Check Updates to verify that an update is accessible.
Click Install Updates.
Click OK.
Open the log /opt/vmware/var/log/vami/vami.log file to verify that the upgrade is progressing successfully.
The time it takes for the update to finish depends on your site environment.
Reboot the virtual appliance.
Click the System tab.
Click Reboot and confirm your selection.
Reconnect all PostgreSQL virtual appliances to the load balancer.
Step 8 : Upgrade the vRealize Automation appliance
Open the vRealize Automation appliance management console for the upgrade.
Go to the management console for your virtual appliance by using its fully qualified domain name, https://ApplianceFQDN:5480.
Log in with the user name root and the password you specified when the appliance was deployed.
Click the Services tab and verify that all services except iaas-service are listed as REGISTERED.
Click the Update tab.
Click Status.
Click Check Updates to verify that an update is accessible.
Click Install Updates.
Click OK.
Open the log files to verify that the upgrade is progressing successfully.
/opt/vmware/var/log/vami/updatecli.log
/opt/vmware/var/log/vami/vami.log
/var/log/vmware/horizon/horizon.log
You can continue to follow the progress of the update in the updatecli.log file.
When the upgrade has completed successfully the log file will show the following :
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 |
06/04/2016 09:32:29 [INFO] Update status: Done post-install scripts 06/04/2016 09:32:29 [INFO] Update status: Running VMware tools reconfiguration 06/04/2016 09:32:29 [INFO] Running /opt/vmware/share/vami/vami_reconfigure_tools Configuring VAMI VMware tools service wrapper. vmware-toolbox-cmd is /usr/bin/vmware-toolbox-cmd 06/04/2016 09:32:29 [INFO] Update status: Done VMware tools reconfiguration 06/04/2016 09:32:29 [INFO] Update status: Running finalizing installation 06/04/2016 09:32:29 [INFO] Running /opt/vmware/var/lib/vami/update/data/job/4/manifest_update 06/04/2016 09:32:29 [INFO] Update status: Done finalizing installation 06/04/2016 09:32:29 [INFO] Update status: Update completed successfully 06/04/2016 09:32:29 [INFO] Install Finished Version - 6.2.3.0 Build 3093004 Description - VMware vRealize Appliance 6.2.3 See the VMware vRealize Automation Documentation web page at http://www.vmware.com/info?id=1277 for installation instructions and release notes for VMware vRealize Automation 6.2.3. |
You must upgrade to vCloud Automation Center version 6.1 or later before you upgrade to version 6.2.3.
Note : The updatecli.log log file might display information about the version of vRealize Automation that you are upgrading from.
The time it takes for the update to finish can vary, maybe time for lunch?
After the upgrade is completed the following information is shown :
Now you can reboot the virtual appliance.
Click the System tab.
Click Reboot and confirm your selection.
Log back in to the vRealize Automation appliance management console.
Click the Services tab on the console and verify that all services are running.
Click the Refresh tab to monitor the progress of service startup.
You should see a minimum of 30 services. Verify that all services are registered except iaas-service.
Step 9 : Update Your Single Sign-On Password for VMware Identity Manager
Go to the management console for your virtual appliance by using its fully qualified domain name, https://ApplianceFQDN:5480.
Log in with the user name root and the password you specified when the appliance was deployed.
Select vRA Settings > SSO.
Note :You can safely ignore the error message “SSO server is not connected”.
Enter a new VMware Identity Manager password and click Save Settings.
And reboot the virtual appliance again.
Click the System tab.
Click Reboot and confirm your selection.
Log back in to the vRealize Automation appliance management console.
Click the Services tab on the console and verify that all services are running.
Click the Refresh tab to monitor the progress of service startup.
You should see a minimum of 30 services. Verify that all services are registered except iaas-service.
Step 10 : Update the License Key
Go to the management console for your virtual appliance by using its fully qualified domain name, https://ApplianceFQDN:5480.
Log in with the user name root and the password you specified when the appliance was deployed.
Select vRA Setting > Licensing tab.
Enter the license key information in the vRealize Automation appliance.
And click Submit Key.
Step 11 : Migrate the Identity Store to the VMware Identity Manager
Create a Local User Account for your Tentants
Log in to the vRealize Automation console with the default system administrator username administrator and password.
The console location is https://ApplianceFQDN/vcac/.
Select your tentant.
Select the Local Users tab and click New.
Create a local user account to assign to the tenant administrator role.
Note : The local user name should be unique to the vsphere.local active directory.
Click OK.
Click the Administrators tab.
Enter the local user name in the Tenant administrators search box and press Enter.
Click Finish.
Repeat these steps for each of your tenants.
Log out of the console.
Connect your Active Directory to a Tentant
Log in to the tentant console with the created Local Users username from the last step.
The console location is https://ApplianceFQDN/vcac/org/
Navigate to Administration > Directories Management > Directories.
Click Add Directory.
Enter a unique directory name.
Select Active Directory over LDAP when using non-Native Active Directory.
Lease This Directory Supports DNS Services selected.
Enter the Distinguished Name (DN) of the starting point for directory server searches.
Enter the full distinguished name (DN), including common name (CN), of an Active Directory user account that has privileges to search for users.
Enter the Active Directory password for the account that can search for users.
Click Test Connection to test the connection to the configured directory.
Click Save & Next.
The Select the Domains page with the list of domains appears.
Accept the default domain setting and click Next.
Verify that the attribute names are mapped to the correct Active Directory attributes .
Click Next.
Select the groups and users you want to synchronize.
Click Save.
Click the New icon.
Enter the user domain and click Find Groups.
Click Select to select the groups you want to synchronize.
Click Next.
On the Select Users page, select the users you want to synchronize and click Next.
Review the users and groups are syncing to the directory and click Sync Directory.
The directory synchronization process takes some time and it happens in the background.
For deployments that use load balancers, follow the next two steps.
Navigate to Administration > Directories Management > Identity Providers and click on your new identity provider.
Scroll to the bottom of the page and update the value for the IdP Hostname property to point to the FQDN for the vRealize Automation load balancer.
Step 12 : Migrate Multiple Tenant and IaaS Administrators
Use the tenant migration tool to migrate your tenant administrators into your newly synchronized vsphere.local tenant. Otherwise, you can manually add them to the vsphere.local tenants.
Go to the management console for your virtual appliance by using its fully qualified domain name, https://ApplianceFQDN:5480.
Select the vRA Settings > SSO tab.
Right-click Identity Stores Migration Tool and select Copy Link Address.
Login to your 6.2.x SSO virtual appliance with SSH .
And run the following commands :
|
1 2 3 4 |
cd /tmp wget --no-check-certificate <CopiedLinkAddres> unzip vra-sso-migration.zip cd bin |
Edit the migration.properties file in the bin folder to change the value of property vra.system.admin.username from administrator to administrator@vsphere.local with the full address including tenant extension.
Enter the command ./reassign-tenant-administrators to migrate your tenants and IaaS administrators to your newly synchronized vsphere.local tenant.
Log in to the vRealize Automation appliance default tenant as tenant administrator and for each tenant verify that under the Administrators tab you can see the list of migrated tenant administrators.
Step 13 : Download and install updates for IaaS.
Perform the upgrade in the following sequence :
The Management Agent is updated automatically.
Before continuing, verify that Microsoft .NET Framework 4.5.2 or later is installed on the IaaS installation machines and you are logged on as the vRA service account.
Enter the URL for the Windows installer download page.
For example, https://ApplianceFQDN:5480/installer, where FQDN is the name of the primary (master) vRealize Automation appliance node.
Right click the IaaS installer link and select Run As Administrator.
When prompted, save the installer file, setup__vcac-ApplianceFQDN@5480.exe, to the desktop.
Note : As same as the previous versions do NOT change the file name!
Click Next.
Select “I Accept the terms in the license agreements”.
Click Next.
Fill in the username and password, select “Accept Certificate” and click Next.
Click Next.
Review the prerequisites and click Next.
Fill in the username and password, deselect use SSL for database connection if necessary and click Next.
Note : This form can differ from the shown example if the environment is deployed as a distributed environment, please review your settings!
Load the SSO default tenant, download the certificate, fill in the credentials and select test and finally select test IaaS.
Review the settings and click Upgrade.
Click Next
And that’s it! Enjoy all the new features of vRealize Automation 7 :).
Reference
Upgrading from vRealize Automation 6.2 to 7.0.1: Link
