|
Important
|
If you have installed the Katello plugin, you must use Upgrading Foreman with Katello. |
1. Upgrading overview
Review prerequisites and available upgrade paths below before upgrading your current Foreman installation to Foreman nightly.
1.1. Upgrade paths
You can upgrade to Foreman nightly from Foreman 3.13. For complete instructions on how to upgrade, see Upgrading Foreman.
The high-level steps in upgrading Foreman to nightly are as follows:
-
Upgrade your Foreman server:
-
Upgrade your Foreman server to nightly.
-
-
Upgrade your Smart Proxy servers:
-
Upgrade all Smart Proxy servers to nightly.
-
Smart Proxies at version 3.13 will keep working with your upgraded Foreman server nightly. After you upgrade Foreman server to nightly, you can upgrade your Smart Proxies separately over multiple maintenance windows. For more information, see Upgrading Smart Proxies separately from Foreman.
Foreman services are shut down during the upgrade. Ensure to plan for the required downtime. The upgrade process duration might vary depending on your hardware configuration, network speed, and the amount of data that is stored on the server.
-
Upgrading Foreman server takes approximately 1 – 2 hours.
-
Upgrading Smart Proxy server takes approximately 10 – 30 minutes.
If you have any scripts that use the Hammer CLI tool, ensure that you modify these scripts according to the changes in Hammer. If you have any integrations that use the Foreman REST API, ensure that you modify these integrations according to the changes in the API. For more information about changes in Hammer and API, see Release notes.
1.2. Prerequisites
Upgrading to Foreman nightly affects your entire Foreman infrastructure. Before proceeding, complete the following:
-
Read the Foreman nightly Release Notes.
-
Ensure that you have sufficient storage space on your server. For more information, see Preparing your Environment for Installation in Installing Foreman Server nightly on Enterprise Linux and Preparing your Environment for Installation in Installing Smart Proxy server.
-
Ensure that you have at least the same amount of free space on
/var/lib/pgsqlas that consumed by/var/lib/pgsql/data. Upgrading to Foreman nightly involves a PostgreSQL 12 to PostgreSQL 13 upgrade. The contents of/var/lib/pgsql/dataare backed up during the PostgreSQL upgrade. -
Back up your Foreman server and all Smart Proxy servers. For more information, see Backing Up Foreman server and Smart Proxy server in Administering Foreman.
-
Plan for updating any scripts you use that contain Foreman API commands because some API commands differ between versions of Foreman.
|
Warning
|
If you customize configuration files, manually or using a tool such as Hiera, these changes are overwritten when the maintenance script runs during upgrading or updating.
You can use the --noop option with the foreman-installer to test for changes.
|
1.3. Upgrading Smart Proxies separately from Foreman
You can upgrade Foreman to version nightly and keep Smart Proxies at version 3.13 until you have the capacity to upgrade them too.
All the functionality that worked previously works on 3.13 Smart Proxies. However, the functionality added in the nightly release will not work until you upgrade Smart Proxies to nightly.
Upgrading Smart Proxies after upgrading Foreman can be useful in the following example scenarios:
-
If you want to have several smaller outage windows instead of one larger window.
-
If Smart Proxies in your organization are managed by several teams and are located in different locations.
1.4. Following the progress of the upgrade
Because of the lengthy upgrade time, use a utility such as tmux to suspend and reattach a communication session.
You can then check the upgrade progress without staying connected to the command shell continuously.
For more information, see the tmux manual page.
If you lose connection to the command shell where the upgrade command is running you can see the logs in /var/log/foreman-installer/foreman.log to check if the process completed successfully.
2. Upgrading Foreman
Use the following procedures to upgrade your existing Foreman to Foreman nightly.
2.1. Foreman server upgrade considerations
This section describes how to upgrade Foreman server from 3.13 to nightly. You can upgrade from any minor version of Foreman server 3.13.
-
Review Prerequisites.
-
Note that you can upgrade Smart Proxies separately from Foreman. For more information, see Upgrading Smart Proxies separately from Foreman.
-
Review and update your firewall configuration. For more information, see Preparing your environment for installation in Installing Foreman Server nightly on Enterprise Linux.
-
If you have edited any of the default templates, back up the files either by cloning or exporting them. Cloning is the recommended method because that prevents them being overwritten in future updates or upgrades. To confirm if a template has been edited, you can view its History before you upgrade or view the changes in the audit log after an upgrade. In the Foreman web UI, navigate to Monitor > Audits and search for the template to see a record of changes made. If you use the export method, restore your changes by comparing the exported template and the default template, manually applying your changes.
-
Note that Foreman server upgraded from 3.13 to nightly can use Smart Proxy servers still at 3.13.
You cannot upgrade Foreman server from a RHEL base system that is not operating in FIPS mode to a RHEL base system that is operating in FIPS mode.
To run Foreman server on a Red Hat Enterprise Linux base system operating in FIPS mode, you must install Foreman on a freshly provisioned RHEL base system operating in FIPS mode. For more information, see Preparing your environment for installation in Installing Foreman Server nightly on Enterprise Linux.
2.2. Upgrading a connected Foreman server
Use this procedure for a Foreman server with access to the public internet
|
Warning
|
If you customize configuration files, manually or using a tool such as Hiera, these changes are overwritten when the maintenance script runs during upgrading or updating.
You can use the --noop option with the foreman-installer to test for changes.
|
-
Stop all Foreman services:
# foreman-maintain service stop
-
Take a snapshot or create a backup:
-
On a virtual machine, take a snapshot.
-
On a physical machine, create a backup.
-
-
Start all Foreman services:
# foreman-maintain service start
-
Optional: If you made manual edits to DNS or DHCP configuration in the
/etc/zones.confor/etc/dhcp/dhcpd.conffiles, back up the configuration files because the installer only supports one domain or subnet, and therefore restoring changes from these backups might be required. -
Optional: If you made manual edits to DNS or DHCP configuration files and do not want to overwrite the changes, enter the following command:
# foreman-installer \ --foreman-proxy-dhcp-managed=false \ --foreman-proxy-dns-managed=false
-
In the Foreman web UI, navigate to Hosts > Discovered hosts. On the Discovered Hosts page, power off and then delete the discovered hosts. From the Select an Organization menu, select each organization in turn and repeat the process to power off and delete the discovered hosts. Make a note to reboot these hosts when the upgrade is complete.
-
Update operating system packages:
# dnf upgrade
-
Update repositories:
# dnf upgrade https://yum.theforeman.org/releases/nightly/el9/x86_64/foreman-release.rpm
-
Stop all services:
# foreman-maintain service stop
-
Update the required packages:
# dnf upgrade
-
Run the installer:
# foreman-installer
-
Determine if the system needs a reboot:
# dnf needs-restarting --reboothint
-
If the previous command told you to reboot, then reboot the system:
# reboot
2.3. Performing post-upgrade tasks
-
Optional: If the default provisioning templates have been changed during the upgrade, recreate any templates cloned from the default templates. If the custom code is executed before and/or after the provisioning process, use custom provisioning snippets to avoid recreating cloned templates. For more information about configuring custom provisioning snippets, see Creating Custom Provisioning Snippets in Provisioning hosts.
2.4. Upgrading Smart Proxy servers
This section describes how to upgrade Smart Proxy servers from 3.13 to nightly.
-
Review Prerequisites.
-
You must upgrade Foreman server before you can upgrade any Smart Proxy servers. Note that you can upgrade Smart Proxies separately from Foreman. For more information, see Upgrading Smart Proxies separately from Foreman.
-
Ensure the Smart Proxy has the correct organization and location settings in the newly upgraded Foreman server.
-
Review and update your firewall configuration prior to upgrading your Smart Proxy server. For more information, see Preparing Your Environment for Smart Proxy Installation in Installing a Smart Proxy Server nightly on Enterprise Linux.
-
Create a backup.
-
On a virtual machine, take a snapshot.
-
On a physical machine, create a backup.
For information on backups, see Backing Up Foreman server and Smart Proxy server in Administering Foreman.
-
-
Update repositories:
# dnf upgrade https://yum.theforeman.org/releases/nightly/el9/x86_64/foreman-release.rpm
-
Update the required packages:
# dnf upgrade
-
Run the installer:
# foreman-installer
-
Determine if the system needs a reboot:
# dnf needs-restarting --reboothint
-
If the previous command told you to reboot, then reboot the system:
# reboot
-
Optional: If you made manual edits to DNS or DHCP configuration files, check and restore any changes required to the DNS and DHCP configuration files using the backups made earlier.
-
Create a backup or take a snapshot.
For more information on backups, see Backing Up Foreman server and Smart Proxy server in Administering Foreman.
-
In the Foreman web UI, navigate to Monitor > Jobs.
-
Click Run Job.
-
From the Job category list, select Maintenance Operations.
-
From the Job template list, select Smart Proxy Upgrade Playbook.
-
In the Search Query field, enter the host name of the Smart Proxy.
-
Ensure that Apply to 1 host is displayed in the Resolves to field.
-
In the target_version field, enter the target version of the Smart Proxy.
-
In the whitelist_options field, enter the options.
-
Select the schedule for the job execution in Schedule.
-
In the Type of query section, click Static Query.
2.5. Upgrading the external database
You can upgrade an external database from Enterprise Linux 8 to Enterprise Linux 9 while upgrading Foreman from 3.13 to nightly.
-
Create a new Enterprise Linux 9 based host for PostgreSQL server that follows the external database on Enterprise Linux 9 documentation.
-
Install PostgreSQL version 13 on the new Enterprise Linux host.
-
Create a backup.
-
Restore the backup on the new server.
-
If Foreman reaches the new database server via the old name, no further changes are required. Otherwise reconfigure Foreman to use the new name:
# foreman-installer \ --foreman-db-host newpostgres.example.com \ --katello-candlepin-db-host newpostgres.example.com \ --foreman-proxy-content-pulpcore-postgresql-host newpostgres.example.com
Appendix A: Troubleshooting permission issues
Foreman upgrades perform pre-upgrade checks. If the pre-upgrade check discovers permission issues, it fails with an error similar to the following one:
2024-01-29T20:50:09 [W|app|] Could not create role 'Ansible Roles Manager': ERF73-0602 [Foreman::PermissionMissingException]: some permissions were not found:
If you see an error like this on your Foreman server, identify and remedy the permission issues.
-
On your Foreman server, identify permission issues:
# foreman-maintain health check --label duplicate_permissions
-
Fix permission issues:
# foreman-rake db:seed
-
Rerun the check to ensure no permission issues remain:
# foreman-maintain health check --label duplicate_permissions