Upgrading from IBM Cloud Orchestrator V2.5
You can upgrade from IBM® Cloud Orchestrator V2.5, V2.5.0.1, V2.5.0.1 interim fix 1, V2.5.0.2, V2.5.0.2 LA0005, or V2.5.0.2 LA0006, V2.5.0.3, V2.5.0.4, V2.5.0.4, V2.5.0.4 with DirectDriver LA, V2.5.0.5 to IBM Cloud Orchestrator V2.5.0.6.
Before you begin
- You have the following credentials:
- The root credentials for both the IBM Cloud Orchestrator Server and the IBM Cloud Manager with OpenStack master controllerNote: The credentials for IBM Cloud Manager with OpenStack is not required forIBM Cloud Orchestrator with Keystone topology.
- The admin password, as used to log in to the user interface, for IBM Cloud Manager with OpenStack
- The IBM Cloud Orchestrator password, which is used for the Business Process Manager users bpm_admin and tw_admin, and for the IBM HTTP Server keystore.
- The IBM DB2® user password for IBM Cloud Orchestrator, which is used for db2inst1, if it is different from the IBM Cloud Orchestrator password.
- For hardware prerequisites, see Checking the hardware prerequisites.
- The root credentials for both the IBM Cloud Orchestrator Server and the IBM Cloud Manager with OpenStack master controller
- The IBM Cloud Orchestrator services are running. To check the status of the IBM Cloud Orchestrator services in a non high-availability environment, run the following command as user root on the IBM Cloud Orchestrator Server:
/opt/ibm/ico/orchestrator/scorchestrator/SCOrchestrator.py --status
To check the status of the IBM Cloud Orchestrator services in a high-availability environment, run the lssam command on one of the IBM Cloud Orchestrator Servers.
For more information about verifying the status, see Verifying the installation.
- The IBM Cloud Manager with OpenStack environment is correctly configured. If you modified or updated the IBM Cloud Manager with OpenStack topology after the installation, before upgrading you must run the procedure described in Configuring the OpenStack servers. For more information, see Reconfiguring IBM Cloud Manager with OpenStack after updates. This step is not required for IBM Cloud Orchestrator with Keystone topology.
- The /tmp directory is not mounted with the noexec, nodev, and nosuid options during the upgrade procedure. You can change the /tmp directory configuration after IBM Cloud Orchestrator is upgraded.
- For OpenStack having endpoint on HTTP, configure the integration of OpenStack installation with IBM Cloud Orchestrator. For the actual steps configure, see [Upgrade] Reconfiguring OpenStack having keystone endpoint on HTTP. This step is not required for IBM Cloud Orchestrator with Keystone topology.
- For OpenStack having endpoint on HTTPS, configure the integration of OpenStack installation with IBM Cloud Orchestrator. For the actual steps configure, see [Upgrade] Reconfiguring OpenStack having keystone endpoint on HTTPS. This step is not required for IBM Cloud Orchestrator with Keystone topology.
- If you upgrade from IBM Cloud Orchestrator V2.5.0.2 LA0005 or V2.5.0.2 LA0006, then see step 6 of [Upgrade] Reconfiguring OpenStack having keystone endpoint on HTTPS or step 5 of [Upgrade] Reconfiguring OpenStack having keystone endpoint on HTTP. This step is not required for IBM Cloud Orchestrator with Keystone topology.
- If you are using an external DB2 database instance in a high-availability environment, you configure it for TLS v1.2. For more information, see Configuring external DB2 for TLS v1.2.
- If you plan to upgrade to RHEL 7.4 on your IBM Cloud Orchestrator
and IBM Cloud Manager with OpenStack servers, you run the following upgrading
procedure in the correct order:
- Upgrade to IBM Cloud Manager with OpenStack 4.3 Fix Pack 9.
- Upgrade the IBM Cloud Manager with OpenStack servers to RHEL 7.4.
- Upgrade to IBM Cloud Orchestrator 2.5.0.6.
- Upgrade the IBM Cloud Orchestrator servers to RHEL 7.4.
- Ensure that none of the service requests is in progress.
The NOVA.CONF is reverted to its default values during IBM Cloud Orchestrator fix pack upgrade. During the IBM Cloud Orchestrator fix pack upgrade, the OpenStack RPM installation might cause the default configuration files to be copied on the region server. When the services are upgraded and restarted, the use of default configurations might damage the virtual machines.
The IBM Cloud Orchestrator Upgrade documentation reminds you to replace the backed up copies of the original configuration files after the upgrade. However, during upgrade itself these default settings are used and the services are restarted.
As a resolution, reduce the IBM Cloud Orchestrator vCenter service account permissions to read only during upgrade operation.
- If you are using a Public Cloud Gateway (PCG) that is
configured with IBM Cloud Orchestrator in HTTP and you want to
reconfigure the IBM Cloud Orchestrator to HTTPS, then delete the
Public Cloud Gateway HTTP endpoints from keystone. Run the
following script from the IBM Cloud Orchestrator
installation directory to delete the Public Cloud Gateway HTTP
endpoints from keystone:
delete_pcg_endpoints.sh response_file user_name
- If Public Cloud Gateway is configured on IBM Cloud Orchestrator V2.5.0.3 HTTPS, then ensure that it is in stop state before you upgrade.
- If you have IBM Cloud Orchestrator V2.5.0.4 with DirectDriver LA,
then do the following tasks:
- Uninstall DirectDriver LA manually before you proceed with V2.5.0.6 upgrade. For more details about the procedure, see Uninstalling DirectDriver LA.
- Manually delete all offerings of DirectDriver PowerVC and VMware to avoid duplicate offerings post the upgrade.
About this task
- Download directory: /opt/ico_download
- Install directory:
- In V2.5: /opt/ico_install/V2500
- In V2.5.0.1: /opt/ico_install/2.5.0-CSI-ICO-FP0001
- In V2.5.0.1 interim fix 1: /opt/ico_install/2.5.0.1-CSI-ICO-IF0001
- In V2.5.0.2: /opt/ico_install/2.5.0-CSI-ICO-FP0002
- In V2.5.0.3: /opt/ico_install/2.5.0-CSI-ICO-FP0003
- In V2.5.0.4: /opt/ico_install/2.5.0-CSI-ICO-FP0004
- In V2.5.0.5: /opt/ico_install/2.5.0-CSI-ICO-FP0005
It also assumes that, for the upgrade to IBM Cloud Orchestrator V2.5.0.6, the upgrade directory is /opt/ico_install/2.5.0-CSI-ICO-FP0006.
If different directories were used, adjust the example commands as appropriate.For the complete list of all part numbers for IBM Cloud Orchestrator, see Passport Advantage eAssemblies list at http://www-01.ibm.com/support/docview.wss?uid=swg27045668. To download appropriate image files, see Downloading the required image files.
Procedure
What to do next
- If IBM Cloud Orchestrator V2.5.0.6 upgrade is for HTTPS configuration, then import Self-service user interface certificate in an OpenStack server. For the actual procedure, see Importing SCUI certificate in an OpenStack Server.
- If you are using a different locale other than EN in a non-high availability installation, then restart IBM Cloud Orchestrator services, Business Process Manager, and the operating system of the IBM Cloud Orchestrator node after upgrade.
- As the installation paths are changed for Self-service user interface and Public Cloud Gateway, do the following steps after upgrade is complete:
- Check and update the credentials/contents of the following Public Cloud Gateway configuration files from old installation path
(<INSTALL_ROOT>/pcg/etc/) to new installation path
(<INSTALL_ROOT>/wlp/usr/servers/pcg/etc/).
- flavors.json
- credentials.json
- config.json
- admin.json
- Check and update the credentials/contents of the Self-service user interface files from old installation path (<INSTALL_ROOT>/scui/etc/) to new installation path (<INSTALL_ROOT>/wlp/usr/servers/scui/etc/).
- After your move or backup all the Public Cloud Gateway and Self-service user interface-related files, delete the old installation paths.
- Restart Public Cloud Gateway and Self-service user interface
services:
- systemctl restart pcg
- systemctl restart scui
- Check and update the credentials/contents of the following Public Cloud Gateway configuration files from old installation path
(<INSTALL_ROOT>/pcg/etc/) to new installation path
(<INSTALL_ROOT>/wlp/usr/servers/pcg/etc/).
- If you upgraded from IBM Cloud Orchestrator V2.5.0.4 with
DirectDriver LA, then do the following steps:
- Modify the region to add a dataClusterName.
- When you upgrade, the <ICO_HOME>/HTTPServer/conf/ihs.conf gets overwritten and the earlier changes are lost. Reconfigure ihs.conf again for DirectDriver. For the actual steps to reconfigure, see Configure IBM HTTP Server for DirectDriver section at Prerequisites.