This version of Sentinel includes a set of commands to use during the operating system upgrade procedure. These commands ensure Sentinel works correctly after you upgrade the operating system. Before you upgrade Sentinel, ensure that you refer system requirements for compatibility. For information, see Sentinel System Requirements.
Use the following steps to upgrade your operating system:
On the Sentinel server where you want to upgrade your operating system, log in as one of the following:
root user
Non-root user
Open a command prompt and change to the directory where the Sentinel install file was extracted.
Stop the Sentinel services:
rcsentinel stop
(Conditional) If Sentinel was in FIPS mode before the operating system upgrade, NSS database files must be manually upgraded by running the following command:
certutil -K -d sql:/etc/opt/novell/sentinel/3rdparty/nss -X
Follow the on-screen instructions to upgrade the NSS database.
Give full permissions to novell user for the following files:
cert9.db key4.db pkcs11.txt
Upgrade your operating system.
As a root user, set the property vm.max_map_count=262144 in the /etc/sysctl.conf file. After adding the property, run sysctl -p for the changes to take effect.
(Conditional) When upgrading to SLES 15 SP1 or SLES 15 SP2, the following warning is displayed:
warning: Unsupported version of key: V3
You can either ignore the warning or perform a workaround to prevent the warning from being displayed. For more information about the workaround, see the SLES documentation.
(Conditional) If you use Mozilla Network Security Services (NSS), two dependent RPM files libfreebl3-hmac and libsoftokn3-hmac are not installed. Manually install the following RPM files: libfreebl3-hmac and libsoftokn3-hmac.
(Conditional) If you are upgrading from SLES12SP4 to SLES15SP1 or SLES15SP2 in FIPS mode, you must first upgrade the SLES operating system, apply the latest operating system patches, and then start Sentinel.
(Conditional) For RHEL 7.x, run the following command to check whether there are any errors in the RPM database:
rpm -qa --dbpath <install_location>/rpm | grep novell
Example: # rpm -qa --dbpath /custom/rpm | grep novell
If there are any errors, run the following command to fix the errors:
rpm --rebuilddb --dbpath <install_location>/rpm
Example: # rpm --rebuilddb --dbpath /custom/rpm
Run the command mentioned in Step 7 to ensure that there are no errors.
Repeat this procedure on the following:
Collector Managers
Correlation Engines
Restart the Sentinel service:
rcsentinel restart
This step is not applicable for Sentinel HA.
Python Version Dependency for Sentinel Upgrade
Sentinel requires the use of compatible versions of the Python library for its upgrade process to be successful. This becomes really important when you are upgrading from an older version of OS to a new version of OS. For example, from a SLES 11 SP4 based Sentinel to a SLES 15 SP2 based OS version of Sentinel. It will be a good idea to check your Python version before starting the Sentinel upgrade process. If the Python version of the existing Sentinel box changes after an OS upgrade, it is mandatory to follow the steps mentioned below.
Consider an example scenario.
Scenario: Upgrading from Sentinel 8.2 (based on SLES 11 SP4) to Sentinel 8.4 (based on SLES 15 SP2).
In the above scenario, executing the python –V in the SLES 11 SP4 box showed that the Python version used was 2.6.x. We are expecting that after an OS upgrade the Python version will get upgraded to 2.7.x. This difference can potentially cause a compatibility issue which is mentioned below.
After Operating System upgrade and before Sentinel version upgrade:
As the first step of the upgrade, proceed with upgrading the OS from SLES 11 SP4 to SLES 15 SP2. On doing an OS upgrade, there is a possibility that a higher version of the Python library, like Python 2.7.x, was installed in the box. So now, executing the python –V command shows the Python version as 2.7.x. But, in spite of the machine showing this version of Python, there is a good possibility that the Python shared object file (plpython2.so) which was installed with the earlier Sentinel version might still point to a 2.6.x version of Python.
Run the below command:
ldd <sentinel_installation_path>/opt/novell/sentinel/3rdparty/postgresql/lib/postgresql/plpython2.so
The output of this command can tell us on which version of Python the plpython2.so file was built on. For example, libpython2.6.so.1.0 => /usr/lib64/libpython2.6.so.1.0 as output indicates that this.so file is based on 2.6.x version of Python and will not work with a 2.7.x version.
This conflict can result in the upgrade process failing. For resolving this, you must remove the older version of the plpython2.so file (based on 2.6.x) with a newer version of the plpython2.so file (based on 2.7.x) as per the scenario given. There is a good chance that these Python versions are different in your setups and you should use these commands accordingly.
For this, follow the below steps:
Stop Sentinel using the below command:
rcsentinel stop
Switch to the directory where plpython2.so file is present:
cd <sentinel_installation_path>/opt/novell/sentinel/3rdparty/postgresql/lib/postgresql
Remove the existing.so file which is pointing to 2.6.x, using the following command:
rm plpython2.so
Untar the Python 2.7.x.so file (this should be present under <sentinel_installation_path>/opt/novell/sentinel/3rdparty/postgresql/lib/postgresql directory):
tar zxf plpython2.7.so.tar.gz
Set novell user permission for the file:
chown novell:novell plpython2.so
Verify that the file is pointing to the correct Python version (output should now be pointing to the 2.7.x version) by using the below command:
ldd <sentinel_installation_path>/opt/novell/sentinel/3rdparty/postgresql/lib/postgresql/plpython2.so
Once you have completed the above steps and ensured that the plpython2.so file is pointing to the right version of Python, proceed with the Sentinel upgrade process.