发行套件升级和服务器迁移

  • SUSE Multi-Linux Manager 5.0 must be stopped before the upgrade.

  • SUSE Multi-Linux Manager 5.0 is not supported on top of SL Micro 6.1 & SUSE Linux Enterprise Server 15 SP7 as host OS.

SUSE Multi-Linux Manager server hosts that are hardened for security may restrict execution of files from the /tmp folder. In such cases, as a workaround, export the TMPDIR environment variable to another existing path before running mgradm.

例如:

export TMPDIR=/path/to/other/tmp

在 SUSE Multi-Linux Manager 的后续更新中,相关工具将进行优化,届时无需再使用此临时解决方案。

SSL certificates are needed at a later stage. If not using the self-signed generated CA and certificates, ensure you have the following before starting:

  • A certificate authority (CA) SSL public certificate. If you are using a CA chain, all intermediate CAs must also be available.

  • An SSL database private key.

  • An SSL database certificate.

All files must be in PEM format.

The hostname of the SSL server certificate must match the fully qualified hostname of the machine you deploy them on. You can set the hostnames in the X509v3 Subject Alternative Name section of the certificate. You can also list multiple hostnames if your environment requires it. Supported Key types are RSA and EC (Elliptic Curve).

Database SSL certificate requires reportdb and db and the FQDN used to access the report database as Subject Alternative Name.

During a migration the server SSL certificate and CA chain are copied from the source server, meaning that only the database certificates are required

SUSE Multi-Linux Manager 5.0 peripheral servers are always using third-party SSL certificates. If the hub server has generated the certificates for the peripheral server, it needs to generate the certificate for the peripheral database too.

On the hub server, run the following command for each of the peripheral server to migrate.

mgrctl exec -ti -- rhn-ssl-tool --gen-server --dir="/root/ssl-build" --set-country="COUNTRY" \
  --set-state="STATE" --set-city="CITY" --set-org="ORGANIZATION" \
  --set-org-unit="ORGANIZATION UNIT" --set-email="name@example.com" \
  --set-hostname=<hostname>-reportdb --set-cname="example.com" --set-cname=db --set-cname=reportdb

The files to use will be inside the server container and need to be copied to the new peripheral server host:

  1. /root/ssl-build/RHN-ORG-TRUSTED-SSL-CERT as the root CA,

  2. /root/ssl-build/<hostname>-reportdb/server.crt as the db certificate and

  3. /root/ssl-build/<hostname>-reportdb/server.key as the db certificate’s key.

1. Client tools rebranding

SUSE Multi-Linux Manager 5.1 为所有受支持的操作系统推出了一套重新命名的客户端工具。此过渡过程无缝衔接,执行新产品同步的用户仅会注意到通道名称已更新。

Channels named SUSE Manager Client Tools for XYZ, used by clients previously registered with SUSE Multi-Linux Manager 4.3 or 5.0, are no longer available in version 5.1 and will no longer receive updates in 5.1.

尽管迁移后旧版通道仍会分配给现有客户端,但对应的储存库已被去除。

为确保客户端能持续接收更新,用户必须执行以下操作:

  • Mirror the new SUSE Multi-Linux Manager Client Tools for XYZ channels for the relevant products and assign them to the appropriate clients.

  • Unassign the outdated SUSE Manager Client Tools for XYZ channels.

这也意味着,任何基于旧客户端工具的 CLM 项目都必须相应调整。

For example workflow, see Switch to new client tools channels.

2. 从 SLE Micro 5.5 迁移到 SL Micro 6.1

本文提供了经过测试的步骤,用于将部署了 SUSE Multi-Linux Manager 5.0 服务器的 SLE Micro 5.5 主机升级到 SL Micro 6.1 并迁移到 SUSE Multi-Linux Manager 5.1。

2.1. 先决条件

  • SUSE Multi-Linux Manager 5.0 已在 SLE Micro 5.5 上安装并运行。

  • 系统已注册到 SCC 且拥有有效的订阅。

2.2. Distribution upgrade and server migration

过程:从 SUSE Multi-Linux Manager 5.0 迁移到 SUSE Multi-Linux Manager 5.1

  1. Verify current product status.

    SUSEConnect --status-text

    Confirm:

    • 基础操作系统:SUSE Linux Enterprise Micro 5.5

    • 扩展:SUSE Manager Server 5.0 Extension

  2. Ensure the system is updated.

    transactional-update patch

    • If patches were applied, stop the server and then reboot the system before proceeding to migration:

      mgradm stop
reboot

    • 如果未发现更新,可直接进入迁移步骤。

  3. Start the migration.

    transactional-update migration --auto-agree-with-licenses --gpg-auto-import-keys

    按照提示操作,选择可用的迁移目标:SUSE Linux Micro 6.1SUSE Multi-Linux Manager Server Extension 5.1

  4. Stop the server and then reboot to apply changes.

    mgradm stop
reboot

  5. Perform post-reboot checks.

    校验升级后的操作系统和 SUSE Multi-Linux Manager 扩展:

    cat /etc/os-release
SUSEConnect --status-text

    您应看到以下内容:

    • PRETTY_NAME="SUSE Linux Micro 6.1"

    • SUSE Multi-Linux Manager Server 5.1 Extension

      Enable root SSH access (if required). SL Micro 6.1 disables root login via SSH by default. Edit /etc/ssh/sshd_config.d/sshd.conf:

      PermitRootLogin yes

      并重启服务:

      systemctl restart sshd

      有关详细信息,请参见 SL Micro 上的远程 root 登录

  6. Verify SUSE Multi-Linux Manager tools

    mgradm --version

    预期输出:

    • Version 5.1.11 or higher

    • References 5.1.0 or higher

  7. Upgrade server containers.

    mgradm upgrade podman

    按照提示拉取并配置新的 5.1.0 容器。

  8. Check the running containers:

    podman ps

    您应看到以下内容:

    • server:5.1.0 or higher

    • server-postgresql:5.1.0 or higher

Errors for missing services like uyuni-db or saline during upgrade can be ignored if not installed previously.

2.3. Migration complete

The system is now running SUSE Multi-Linux Manager 5.1 on SL Micro 6.1. Validate your setup before resuming production operations. If you have a SUSE Multi-Linux Manager 5.0 proxy connected to this server, proceed to the Proxy Migration from 5.0 to 5.1 guide to upgrade the proxy host.

2.4. 数据库备份卷

通过 mgradm migrationmgradm upgrade 执行服务器迁移或升级时,会创建一个包含数据库备份的卷。

当 PostgreSQL 数据库有更新的版本时,必须在执行升级流程前将旧数据库存储到单独的位置。为此,mgradm 会动态创建卷 var-pgsql-backup。当迁移或升级完成且用户已验证新系统可按预期正常运行后,可安全去除该卷。

3. 从 SUSE Linux Enterprise Server 15 SP6 升级到 15 SP7

本文提供了经过测试的步骤,用于将部署了 SUSE Multi-Linux Manager 5.0 服务器的 SUSE Linux Enterprise Server 15 SP6 主机升级到部署了 SUSE Multi-Linux Manager 5.1 的 SUSE Linux Enterprise Server 15 SP7。

3.1. 先决条件

  • SUSE Multi-Linux Manager 5.0 已在 SUSE Linux Enterprise Server 15 SP6 上安装并运行。

  • 系统已注册到 SUSE Customer Center (SCC) 且拥有有效的订阅。

  • 继续操作前请务必创建备份。

3.2. Distribution upgrade and server migration

过程:从 SUSE Multi-Linux Manager 5.0 迁移到 SUSE Multi-Linux Manager 5.1

  1. Verify current product status.

    SUSEConnect --status-text

    Confirm:

    • Base OS: SUSE Linux Enterprise Server 15 SP6

    • Extension: SUSE Manager Server 5.0 Extension

  2. Apply all system patches.

    zypper patch

  3. Stop the server, and then reboot if the update stack was updated.

    mgradm stop
reboot

  4. Launch the Zypper migration tool.

    zypper migration

    Zypper 会显示可能的迁移目标以及详细摘要。

  5. 选择适当的目标,并按照提示完成迁移。

  6. After the migration completes, stop the server and then reboot the system.

    mgradm stop
reboot

  7. Perform post-reboot checks:

    Verify upgraded OS and SUSE Multi-Linux Manager extension.

    cat /etc/os-release
SUSEConnect --status-text

    您应看到以下内容:

    • VERSION="15-SP7"

    • SUSE Multi-Linux Manager Server 5.1 Extension for SLE

  8. Verify SUSE Multi-Linux Manager tools version.

    mgradm --version

    预期输出:

    • Version 5.1.11 or higher

    • Image tag 5.1.0 or higher

  9. Upgrade the server containers.

    mgradm upgrade podman

    按照提示拉取新的容器映像并重新配置环境。

  10. Check the running containers.

    podman ps

    预期容器:

    • server:5.1.0 or higher

    • server-postgresql:5.1.0 or higher

3.3. Migration complete

The system is now running SUSE Multi-Linux Manager 5.1 on SUSE Linux Enterprise Server 15 SP7. Validate your setup before resuming production operations. If you have a SUSE Multi-Linux Manager 5.0 proxy connected to this server, proceed with Proxy Migration from 5.0 to 5.1.

3.4. 数据库备份卷

通过 mgradm migrationmgradm upgrade 执行服务器迁移或升级时,会创建一个包含数据库备份的卷。

当 PostgreSQL 数据库有更新的版本时,必须在执行升级流程前将旧数据库存储到单独的位置。为此,mgradm 会动态创建卷 var-pgsql-backup。当迁移或升级完成且用户已验证新系统可按预期正常运行后,可安全去除该卷。