One of the new features announced with RHEL 7 is the ability to do an in-place upgrade from RHEL 6. This is a long requested addition to the platform, and I’m sure welcomed by a host of folks. So I decided to take a look in my local environment to see what the process entails.
There are two primary components to the upgrade: the preupgrade-assistant and the redhat-upgrade-tool. The procedure is laid out in this Knowledgebase article on the Customer Portal, but the basics are: update the system, run the preupgrade tool to get a report, remediate until you pass, then do the upgrade.
Here’s how it worked out in my environment.
First, if you are running a Satellite server like I am, make sure you check your certificate. The tools are available in a separate child channel for RHEL 6, rhel-x86_64-server-extras-6. I wasn’t able to sync that channel since it wasn’t in the manifest for the current certificate. Once you cut a new certificate in the Customer Portal, you can run a standard sync to pull the channel and the four packages.
[root@ep-sat01 ~]# satellite-sync -c rhel-x86_64-server-extras-6
Now that my Satellite can serve the content, I move over to the target server and start the preupgrade goodness. The tool comes with a command line tool and a web app that you can use to store, examine, and compare reports from multiple hosts. I’m going with that option and going to correct something in the KB article that would make Dan Walsh cry. There is a bugzilla tracker open to add an SELinux policy, but I’m going to add a “works for me” set of commands here.
On the target machine, I’ll add the new Extras channel and install the RPMs.
[root@ep-mgmt01 ~]# rhn-channel --add --channel rhel-x86_64-server-extras-6 Username: satadmin Password: [root@ep-mgmt01 ~]# yum -y install preupgrade-assistant preupgrade-assistant-ui preupgrade-assistant-contents
The web app delivers a localhost-only policy, so I’ll copy the supplied “public” config in its place. You could just as easily modify the policy and include a hostname.
[root@ep-mgmt01 ~]# cd /etc/httpd/conf.d/ [root@ep-mgmt01 conf.d]# cp 99-preup-httpd.conf 99-preup-httpd.conf.local [root@ep-mgmt01 conf.d]# cp 99-preup-httpd.conf.public 99-preup-httpd.conf cp: overwrite `99-preup-httpd.conf'? y
Now for the security parts: First I’ll open port 8099 on the firewall which is where the web app listens, then register that port as an http port with SELinux, and finally change the context on the path the web app uses.
[root@ep-mgmt01 conf.d]# iptables -I INPUT -m state --state NEW -p tcp --dport 8099 -j ACCEPT [root@ep-mgmt01 conf.d]# semanage port -a -t http_port_t -p tcp 8099 [root@ep-mgmt01 conf.d]# chcon -R system_u:object_r:httpd_sys_content_rw_t:s0 /var/lib/preupgrade/
Now, I’m ready to run the tool. Since I’ve gone through the trouble to set up the web app, I’ll upload the results directly to the app from the command line run. I didn’t bother setting up a NameVirtualHost for the server hosting the web app, so you’ll see the IP address in the command instead of the hostname. Check the help (preupg -h) for more options.
[root@ep-mgmt01 ~]# preupg -u http://localhost:8099/submit/ Preupg tool doesn't do the actual upgrade. Please ensure you have backed up your system and/or data in the event of a failed upgrade that would require a full re-install of the system from installation media. Do you want to continue? y/n y Gathering logs used by preupgrade assistant: All installed packages : 01/10 ...finished (time 00:01s) All changed files : 02/10 ...finished (time 03:28s) Changed config files : 03/10 ...finished (time 00:00s) All users : 04/10 ...finished (time 00:00s) All groups : 05/10 ...finished (time 00:00s) Service statuses : 06/10 ...finished (time 00:00s) All installed files : 07/10 ...finished (time 00:03s) All local files : 08/10 ...finished (time 00:04s) All executable files : 09/10 ...finished (time 00:01s) RedHat signed packages : 10/10 ...finished (time 00:00s) <snip> The latest assessment is stored in directory /root/preupgrade Summary information: We found some potential in-place upgrade risks. Read the file /root/preupgrade/result.html for more details. Upload results to UI by command: e.g. preupg -u http://127.0.0.1:8099/submit/ -r /root/preupgrade-results/preupg_results-*.tar.gz . Report submitted successfully. You can inspect it at http://localhost:8099/1/detail/
Ok, successful report run, and you can see where the tool uploaded the reports to the web app. Let’s hit the web app and see what I got. First thing you’ll be asked is if you want to set up a user. I’m going to skip this for now; you can actually set up a user in the UI later.
Click ‘Disable Authentication’ and move on to the next screen, where you’ll see my first run posted.
There’s my local system ep-mgmt01.lab.dlt.com, with a quick summary of status. You can see that the tool thinks I have a high risk level, with six items that require some action and seven more that we need to review. I will need to remediate these to lower our risk and increase the chance of a successful upgrade. Clicking anywhere on the row brings us to the Test Summary section, where we can see the scores for the groups of test run against the system.
Let’s take a look at the Packages groups, since I can see three different things that need action there. The Status column shows a nice graphical view of the line items we should dig into.
I’ll pick the first item in the list, “Packages not signed by Red Hat”.
Ok, nice write up on what the problem is and the reasoning behind the severity level. There’s a link to the list of unsigned packages so I’ll click that to see what the tool picked up.
I know that there are a few packages on the system from EPEL from a project that I don’t care about, so I won’t be taking any action here. There are other things that the tool can help with and will make suggestions for. Let’s look at the “optional channel problems” line.
Here the tool provides a command line option that we can pass to the upgrade process to fix this for us. After you remediate issues, you can rerun the scan and do comparisons against previous reports.
To run this on other systems in the environment, I only need to install the tool and content, then run in upload mode to the web app I set up.
[root@ep-ipa01 ~]# yum -y install preupgrade-assistant preupgrade-assistant-contents [root@ep-ipa01 ~]# preupg -u http://ep-mgmt01:8099/submit/
You can see below that my IdM server has some major issues with in-place upgrades for RHEL 7.
And that’s it for the preupgrade assistant. It’s a good little tool with a nice web interface, useful for estimating your level of effort for moving to RHEL 7. Next time we’ll look at an actual upgrade.
Related Blog Posts
Application Lifecycle, Federal Government, IT Infrastructure, Open Source
You can spend hours scrolling down the rabbit hole of government IT horror stories, which makes the recent launch of the federal website for ordering free COVID tests that much more remarkable. The website worked, and it was surprisingly easy to use. But that success belies decades of underinvestment in digital transformation that has stifled public sector innovation and hardened the government's low-tech image. For example:
Roland Alston
DevSecOps, Open Source
You say “DevOps”, I say “what about DevSecOps?”. But neither exists in a silo. If you’re taking advantage of DevOps tools and methods, you need to integrate DevSecOps into the mix. In other words, IT security must play an integrated role in the full lifecycle of your apps.
But what is DevSecOps? For this, we turn to DLT partner, Red Hat, who has put together a user-friendly guide to DevSecOps.
DLT Solutions
Uncategorized
Article originally posted on GovDesignHub here.
Autodesk University (AU) returns to Las Vegas from November 19-21 – and we have some good news. In addition to discounted conference passes now available on GSA Schedule, Autodesk Certification exams are back at AU 2019!
Caron Beesley
Uncategorized
By Mav Turner, VP, Product Management, SolarWinds
For federal IT pros, moving to a cloud environment is a “when” rather than an “if” proposition. From the government’s recently released Report on IT Modernization, calling for agencies to identify solutions to current barriers regarding agency cloud adoption, to the White House’s draft release of a new “Cloud Smart” policy, which updates the “Cloud First” policy introduced in 2010; cloud migration continues to be a priority.
DLT Solutions
Federal Fiscal Year End, Uncategorized
The old business adage runs, “Nothing happens until somebody sells something.” To which you might add this corollary: nothing good happens in the absence of strong requirements.
Brian Strosser
IT Perspective, Uncategorized
The latest data on the progress of federal government agencies’ implementation of the Federal Information Technology Acquisition Reform Act (FITARA) was released on June 26 by the House Oversight and Reform Committee as Scorecard 8.0.
Melissa Perez
Cloud Computing, Uncategorized
Key takeaways show how public sector customers are achieving more with cloud.
As cloud continues to transform the public sector, cloud has had its own metamorphosis: from a trendy buzz word to a catalyst for meaningful change, innovation, and more. Last month, AWS hosted its 10th annual AWS Public Sector Summit. The conference brought together more than 17,000 attendees for 2+ days of insights, sessions, and networking, and explored how cloud is fueling the public sector for a limitless future.
Recap
Isabella Jacobovitz
Uncategorized
Many states' fiscal years are quickly coming to an end, and at DLT we’re committed to making the job of the procurement officer as easy as possible as they scramble to make smart and responsible purchasing decisions with remaining taxpayer dollars. Part of this process is raising awareness of what’s new in our extensive portfolio of IT solutions including big data and analysis, cloud, cybersecurity, application lifecycle, digital design, IT consolidation and management, and more.
Brian Strosser
Uncategorized
Earlier this year DLT announced they were selected as the “Master Government Aggregator”
DLT Solutions
Business Applications, Uncategorized
Not all Ivy League schools have massive endowments and bank accounts. Some have to get more creative when looking to build new facilities on a budget – or simply embrace innovative new approaches to design and construction.
DLT Solutions
Business Applications, Uncategorized
It’s that time of year again! Spring is here and Autodesk has commenced its steady roll-out of 2020 software releases.
First off is AutoCAD 2020. Released in late March 2019, AutoCAD 2020 includes interesting and exciting new features. With a subscription to AutoCAD 2020, you’ll get industry-specific toolsets; improved workflows across all your devices – web, mobile, and desktop; and new integrations with cloud storage vendors.
Here’s a round-up of what’s new.
Kirk Fisher
Digital Design, Uncategorized
When we launched GovDesignHub in the spring of 2018, we had one goal in mind – to address the lack of resources, discussion, and analysis available online for those who practice in government digital design ecosystem.
Today, we’re proud to be the only website that showcases government design projects and the technology used to support them and deliver content to help public sector organizations accomplish their missions.
In the words of one of our top contributors, Lynn Allen, of Autodesk fame:
Holly Chapman
Federal Fiscal Year End, Uncategorized
Congress first enacted federal appropriations law in 1809. It’s kept lawyers, contractors, and judges busy ever since. A question arising in many sellers’ minds at this time of year is, what money is available for contracts in more than one fiscal year?
Tom Temin
Digital Design, Uncategorized
New York City Department of Design and Construction (NYC DDC) handles some of the most exciting and dynamic architectural and infrastructure challenges in the world.
Grace_Bergen
Digital Design, IT Perspective, News, Technology, Tips and How-Tos, Uncategorized
The CAD and digital design sector is vast and growing at breakneck speed. It’s expected to reach $11.21 billion by 2023.
Many end-use industries such as automotive, aerospace, entertainment, industrial machinery, civil and construction, electrical and electronics, pharmaceutical, and healthcare, consumer goods, and others, widely use CAD and 3D design-based tools in their development processes.
DLT Solutions
CAD General, Digital Design, IT Perspective, Technology, Uncategorized
Aside from developing one of the sought after building information modeling (BIM) software in the industry today, you’ve got to hand it to the Revit product managers over at Autodesk—they listen.
Grace_Bergen
CAD General, Digital Design, Technology, Uncategorized
Whether you’re a civil engineer, CAD manager, or anyone working on a digital design project, one thing is certain – you’re never the sole collaborator in the process. Contractors, AEC firms, field personnel, even facilities managers, have their hands in the mix too. And that creates a problem for version control and the potential for incorrect information in the field. How do you know you’re working with the most current information? If you’re using traditional non-digital workflows, it’s a problem you likely encounter once too often.
DLT Solutions
Cloud Computing, Cybersecurity, Data & Storage, IT Perspective, News, Technology, Uncategorized
Another day, another government ransomware victim. On March 22nd, 2018, the city of Atlanta found itself locked out of computers across government offices and facing a ransom demand of $51,000 or $6,800 per computer, GCN reported.
DLT Solutions
Digital Design, Technology, Tips and How-Tos, Uncategorized
If you’re fairly new to Autodesk Revit and looking for ways to quickly get up to speed, Autodesk put together a great webinar that offers tips and tricks to get the most out of your user experience. Topics included:
• How does it differ from AutoCAD?
• What do I need to know to get started?
• What are some best practices for working in Revit?
• What are families and how do I use them?
• Where to learn more and how to get support when problems happen
Grace_Bergen
Cybersecurity, Infrastructure, Technology, Uncategorized
Microsoft Active Directory is a critical tool that helps system administrators manage user privileges and secure their IT infrastructure, yet Active Directory presents several security challenges. Most problematic is that Active Directory’s attack surface is huge. Targets for attack include every domain name user account, admin and security group, domain controller, backup, admin workstation, and admin delegations and privileges. If any one of these targets is compromised, your entire Active Directory can be compromised too.
The Threats
BradleyGernat
Cybersecurity, Infrastructure, IT Perspective, Technology, Uncategorized
Microsoft Active Directory is a critical tool that helps system administrators manage user privileges and secure their IT infrastructure, yet Active Directory presents several security challenges. Most problematic is that Active Directory’s attack surface is huge. Targets for attack include every domain name user account, admin and security group, domain controller, backup, admin workstation, and admin delegations and privileges. If any one of these targets is compromised, your entire Active Directory can be compromised too.
The Threats
BradleyGernat
Cloud Computing, Uncategorized
Are you thinking of moving your databases to the cloud? Perhaps, you’re thinking about transitioning to database-as-a-service (DBaaS)? But what’s involved? What hurdles must be overcome and how do you chart a path to cloud migration of your most sensitive workloads?
Why Move Databases to the Cloud?
Migrating to the cloud offers several benefits to public sector database administrators (DBAs).
BradleyGernat
Open Source
Digital transformation, application modernization, faster service delivery – these terms are being thrown around so much that they’ve become so ubiquitous as to be meaningless.
What is digital transformation after all? For me, the best analogy is Blockbuster versus Netflix. Failing to anticipate the shift to on-demand and streaming entertainment, Blockbuster failed to futureproof its business model. It resisted digital transformation, and paid the price.
victoria.negron
Open Source
With pressure to better respond to evolving agency needs, do more with less, and all that jazz, government agencies are turning to modern tools and DevOps practices to help developers become more efficient in delivering innovative solutions.
victoria.negron
Open Source
Oh DevOps, DevOps.
You hear time and again how it’s the future of application development and deployment. You’re told you need to implement it and engrain its best practices across your organization.
But making a shift from the old way of doing things, however error-prone, slow, or disruptive it may be in comparison to the agility and utility that DevOps promises, is no easy task.
victoria.negron
Open Source
Open source application development and delivery tools provide compelling value for developers and often fill holes that commercial tools, with their relatively fixed function set, can’t fill. But a new report from Forrester, suggests that open source tools can’t do it all.
After surveying 150 U.S. application development and IT professionals, Forrester found that open source tools play an important role in the software delivery pipeline, they aren’t a silver bullet.
DLT Solutions
Open Source
When looking to build a microservice, you may have come across two pieces of advice; start with a monolith, and don’t start with a monolith. For a good number of us developers in the trenches, the point looks irrelevant because we already have a monolith, so one to-do completed and moving on. Not so fast! The discussion goes beyond the greenfield experience of where to start. Instead, within the “don’t start with a monolith” advice
michael.fitzurka
Open Source
With the growing necessity for companies to digitally transform, a lot of emphasis has been given to the microservices architecture, with its improved scalability and distributed design. While these facets may apply to some, adopting microservices is equally about the universal DevOps goals of improving lead times and reducing the batch size of releases, ultimately leading to more flexible and frequent production deployments of higher quality software.
michael.fitzurka
Open Source
2016 was a fantastic year for Open Source in the Enterprise. Red Hat gave us the exciting news that they had become the first $2 billion open-source company. As their first and largest government reseller, DLT was thrilled to have been a part of this journey with Red Hat achieving this benchmark success.
michelle.meadows
Open Source
2016 is/was the year Gartner predicted that DevOps would go mainstream. But a big challenge for government IT operations is how teams can modernize software development while still operating their traditional apps and infrastructure. After all, according to federal CIO Tony Scott, the U.S. government spends 76% of its $88 billion IT budget on operating and maintaining legacy technologies – that’s three times what is spent on modern systems.
DLT Solutions
News, Uncategorized
Declining Spending Begins to Bounce Back with Rising Budgets
Over the past six years, we’ve seen a decline in government spending. But recently, there was been an increase in contract spending that is predicted to continue into fiscal year 2017. According to a study by Bloomberg Government, 60 percent of government spending is consistently on services; knowledge-based services, facility-related services, and technology services. The largest product spending is on technology equipment, with aircraft spending in second.
MayaSmith
News, Uncategorized
NSA Use of Software Flaws for Hacking Posed Risk to Cybersecurity
Recently, the Nation Security Agency’s (NSA) hacking tools were leaked to the public, exposing many vulnerabilities across the internet and putting companies at risk of data breaches. Many say that the NSA should have disclosed each vulnerability as soon as they discovered it so that they could be fixed. Software vendors like Cisco, Juniper and Fortinet are actively working with their customers to ensure that any flaws in their systems are fixed immediately.
MayaSmith
News, Uncategorized
DNC Creates Cybersecurity Advisory Board Following Hack
Following the WikiLeak email dump right before the Democratic National Convention (DNC), the Democratic National Committee is creating a cybersecurity advisory board consisting of four industry experts. The board will be responsible for preventing future attacks on the DNC and making sure its cybersecurity capabilities are up-to-par. The committee will also ensure that those whose data was stolen will be protected so that further information from their accounts does not get leaked.
MayaSmith
News, Uncategorized
The Most Critical Skills Gap: Cybersecurity
Since Target’s hack back in 2013, cybersecurity has been top of mind for organizations, especially those with sensitive information. However, the talent pool of those who are skilled in intrusion detection, secure software development and attack mitigation is not growing at the same rate as the demand. Many reasons contribute to this disconnect, including a lack of training in higher education and a 53% increase in need.
MayaSmith
News, Uncategorized
Technology Is Monitoring the Urban Landscape
MayaSmith
News, Uncategorized
Posing as Ransomware, Windows Malware Just Deletes Victims’ Files
MayaSmith
Uncategorized
It's finally here!
Amazon Web Services (AWS) just announced that the Elastic File System (or "EFS") is a live production service. The service is provisioned out of three regions currently: US-EAST-1, US-WEST-2, and EU-WEST-1.
EFS was originally announced over a year ago at AWS re:Invent in 2015. By AWS standards, the service has been in "preview" for quite some time. I'll admit to you, I was getting a little skeptical that it was going to make it out of preview, but hey, it's good to be wrong sometimes.
Chris Uttenweiler
Digital Design, Uncategorized
The dog days of summer are officially here. So what better time to brush up on your digital design skills. Here are some options for getting ahead of the curve this summer.
Grace_Bergen
News, Uncategorized
Can Cybersecurity Insurance Improve Threat Management?
Following the Brussels, Belgium terrorist attacks back in March, the U.S. House Homeland Security Cybersecurity Subcommittee met to discuss cyberinsurance and how to better promote cybersecurity best practices in general. Many are still questioning whether cyberinsurance will help solve the problem of threat, but the Department of Homeland Security believes it can, by acting as an incentive for better security practices within agencies.
MayaSmith
Digital Design, Uncategorized
Reality capture technology as a means of capturing existing as-built conditions has been around for some time. Terrestrial laser scanning or LiDAR is just one example of reality capture (or recap) at work. But recap hasn’t always been easy. Scanning techniques are often expensive and the task of incorporating and manipulating large data sets (point clouds) during the design process is tricky.
AndreJones
News, Uncategorized
This All-Star Team Plans to Jumpstart 100 Cybersecurity Companies in 3 Years
MayaSmith
Cybersecurity, Uncategorized
I’m fed up. Better yet, I’m “F.U.D.-ed” up. In every cybersecurity conference, in every threat report, in every blog and every bit of cybersecurity marketing literature I see one tiresome theme: “The bad guys are after us! It’s getting worse every day! How will we fix it? Can we fix it? There’s no magic bullet! The cyber sky is falling, run for your cyber life!” In other words, an unrelenting stream of– Fear, Uncertainty, and Doubt.
Don Maclean
Digital Design, Uncategorized
There are less than six months to go until Autodesk University (AU) lights up Las Vegas November 15-17, 2016 for its annual convergence of CAD professionals looking to learn, connect and explore the best in digital design.
But what do we know about the event so far? Here’s what:
Caron Beesley
News, Uncategorized
Why Small Bites Make Sense for Cloud
Karen Petraska, service executive for computing services at NASA, spoke at last week’s AWS Public Sector Summit about taking small bites before fully committing to the cloud. Trial contracts, for one, are an easy way to slowly introduce the cloud into your environment while still leaving room to expand and adjust accordingly. Petraska also discussed NASA’s use of “non-specific ordering,” which allows NASA employees to use a refillable card when buying cloud services.
MayaSmith
Cybersecurity, Uncategorized
Data leaks, data breaches, blah, blah, blah. Sometimes the attention-grabbing headlines just sound like too much noise.
What’s lacking in most of today’s reporting is the real truth about how government agencies are hacked and what agencies are doing to counter those attacks. Those are the details that can help agencies improve their defenses to face future challenges.
AndreJones
IT Perspective, Uncategorized
When news broke last month that the Pentagon is still using 1970s-era floppy disks to run its nuclear program, most of us expressed incredulity. Unless you happen to work for the federal government that is.
According to federal CIO Tony Scott, the U.S. government spends 76% of its $88 billion IT budget on operating and maintaining out-of-date technologies – that’s three times what is spent on modern systems.
Shayna_Williams
Data & Storage, Uncategorized
Growing data volumes and burgeoning virtual workloads are putting increasing pressure on public sector data center power and storage systems, while also taking a toll on staff and tax payer dollars.
Performance silos, forklift upgrades and increasing licensing costs are forcing organizations to change how they do business. But agencies can turn this situation around in a flash!
Shayna_Williams
Data & Storage, Uncategorized
Data backup is a fundamental part of good IT and business management. But in the public sector it’s also the law. Established by President Obama in 2011, the National Archives and Records Administration maintains a comprehensive backup of all records of important transactions, actions, and other communications.
Although data backup sounds like a simple enough concept, the actual practice of consistently performing reliable backups and staying compliant with mandates and regulations offers up many significant challenges:
Caron Beesley
Digital Design, Uncategorized
Building Information Modeling (BIM) isn’t a concept that springs to mind for enabling the delivery of reliable, high-quality electric service. Yet, BIM is increasingly helping U.S. and global utilities deliver more reliable, higher quality service.
Grace_Bergen