Upgrading CDF

Follow the Checklist: Upgrading Your Environment to ensure a successful upgrade.

As part of the process, you must upgrade CDF. The following upgrade options are available.

• Upgrading CDF Automatically with arcsight-install
• Upgrading CDF Automatically with autoUpgrade
• Upgrading CDF Manually

We recommend performing the automatic installation with arcsight-install, as it is the easiest to use. However, if the automatic installation method does not meet your needs, you can upgrade manually.

Upgrading CDF Automatically with arcsight-install

This is the simplest method for upgrading CDF, as it also will automatically perform required pre-upgrade and post-upgrade actions, which may contain installation bug fixes or workarounds usually described in release notes or known issues for manual installation.

To perform the automatic upgrade with arcsight-install:

1. Download the upgrade files for CDF to a download directory (referred to as <download_directory>) to a secure network location.
2. Navigate to {unzipped-installer-dir}.
3. Run the following command:
   ./arcsight-install --cmd upgrade --tmp-folder /my/tmp/folder

Where tmp-folder is the name of your temporary upgrade directory.

4. The upgrade will run without interruption. After the upgrade completes, remove the temporary folder by running the command:
   rm -rf <path_to_custom_temporary_folder

Upgrading CDF Automatically with autoUpgrade

The automated upgrade of CDF is performed using a single command and requires no interaction until completion of each phase. Typically, each automated upgrade phase takes around 1 hour for a cluster with 3 master nodes and 3 worker nodes. The process must be run from one of the cluster nodes.

• Preparing the Upgrade Manager
• Configuring Passwordless Communication
• Downloading the Upgrade File
• Performing the CDF Automatic Upgrade
• Removing the Auto-upgrade Temporary Directory from UM

Preparing the Upgrade Manager

Automatic upgrade should be run from a host that for purposes of these instructions is known as the upgrade manager. The upgrade manager (UM) may be one of the following host types:

• One of the cluster nodes
• A host outside the cluster (a secure network location)

 

Configuring Passwordless Communication

You must configure passwordless SSH communication between the UM and all the nodes in the cluster.

1. Run the following command on the UM to generate key pair.

   ssh-keygen -t rsa

2. Run the following command on the UM to copy the generated public key to every node of your cluster.

   ssh-copy-id -i ~/.ssh/id_rsa.pub root@<node_fqdn_or_ip>

 

Downloading the Upgrade File

Download the upgrade files for CDF to a download directory (referred to as <download_directory>) on the UM.

There are three directories involved in the auto-upgrade process:

1. An auto-upgrade directory /tmp/autoUpgrade will be auto generated on the UM. It will store the upgrade process steps and logs.
2. A backup directory /tmp/CDF_202005_upgrade will be auto generated on every node (approximate size 1.5 GB).
3. A working directory will be auto generated on the UM and every node at the location provided by the - d parameter The upgrade package will be copied to this directory. (approximate size 9 GB). The directory will be automatically deleted after the upgrade.
   The working directory can be created manually on UM and every node and then passed as -d parameter to the auto-upgrade script. If you are a non-root user on the nodes inside the cluster, make sure you have permission to this directory.

 

Performing the CDF Automatic Upgrade

To perfom the CDF automatic upgrade using autoUpgrade:

1. Log in to the master node where you downloaded the upgrade files.
2. Change to the following directory:

   {unzipped-installer-dir}/installers/cdf/

3. Run the following command:

   ./autoUpgrade -d /path/to/working_directory -n {any_cluster_node_adress_or_ip}

   For example:

   ./autoUpgrade -d /tmp/upgrade -n yourdomain-masternode1.yourenterprise.net

 

Removing the Auto-upgrade Temporary Directory from UM

The auto-upgrade temporary directory contains the upgrade steps and logs.

To upgrade another cluster from the same UM, remove that directory using the following.

rm -rf /tmp/autoUpgrade

 

Upgrading CDF Manually

Beginning with the master node1, upgrade your CDF infrastructure on every node of the cluster. Rrun the following process on each node.

1. Run the following command:

   mkdir /tmp/upgrade-download

2. From the Downloading the Installation Packages for an On-Premises Deployment section, copy the CDF bits.

   arcsight-platform-installer-<version>.zip to /tmp/upgrade-download

3. Unzip the upgrade package by running these commands.

   cd /tmp/upgrade-download
   unzip arcsight-platform-installer-<version>.zip

4. Run the following commands on each node (follow this pattern: master1, master2, master3, to worker1, worker2, worker3, etc.).

   cd /tmp/upgrade-download/arcsight-platform-installer-<version>/installers/cdf

   ./upgrade.sh -i

5. On the initial master node1, run the following commands to upgrade CDF components.

   cd /tmp/upgrade-download/arcsight-platform-installer-<version>/installers/cdf

   ./upgrade.sh -u

6. Clean the unused docker images by running the following commands on all nodes (masters and workers). This can be executed simultaneously.

   cd /tmp/upgrade-download/arcsight-platform-installer-<version>/installers/cdf

   ./upgrade.sh -c

7. To verify the cluster status, complete the following steps:
   1. Check the CDF version on each node by running the command:

      cat ${K8S_HOME}/version.txt

   2. Check the status of CDF on each node by running these commands:

      cd ${K8S_HOME}/bin
      ./kube-status.sh

8. To avoid possible "incorrect API route" error message while accessing IdM administration execute following line as root user on your master node:

   kubectl patch ing itom-idm-admin -ncore --type json -p '[{"op":"add","path":"/spec/rules/0/host","value":"'$(kubectl get cm -ncore base-configmap -ojsonpath='{.data.EXTERNAL_ACCESS_HOST}')'"}]'