Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo

All

  • All
back

CTE-U Agent Advanced Configuration Guide for Linux

Upgrading CTE-U on Linux

search

Upgrading CTE-U on Linux

This section describes how to upgrade an existing CTE-U for Linux host to CTE UserSpace for Linux.

Upgrading CTE UserSpace

This section describes the generic instructions for interactively upgrading CTE UserSpace. If there are any changes to this procedure for the current release of CTE UserSpace, those changes will be documented in the CTE UserSpace Release Notes.

If you want to schedule an upgrade to occur the next time the system boots, see Scheduled Upgrade Feature.

  1. Stop any application accessing files in the GuardPoint.

  2. Log on to the host where you will upgrade CTE UserSpace. You must have root access.

  3. Copy or mount the installation file onto the host system.

  4. Start the upgrade by executing the install program for the release to which you want to upgrade. The following command upgrades the product and automatically accepts the CipherTrust Transparent Encryption License Agreement.

    rpm -U <cteu-version>.<build>.rpm (Red hat)

    Example

    rpm -U cte-fuse_10.1.0.52.rpm

    rpm -U <cteu-version>.<build>.rpm --relocate <default path>=<non-default path>

    Example

    rpm -U cte-fuse_10.1.0.52.rpm --relocate /opt/vormetric/DataSecurityExpert/agent=/cteu/agent

    Note

    Make sure that you install the upgrade in the same non-default directory in which you installed CTE-U.

    apt upgrade ./<cteu-version>.<build>.deb (Ubuntu)

    Example

    apt upgrade ./cte-fuse_10.1.0.52.deb (Ubuntu)

  5. To verify that the upgrade was successful, use the vmd -v command:

    vmd -v
Version 10
10.0.0.9074
2022-09-07 14:09:59 (CDT)
Copyright (c) 2009-2022, Thales Inc.  All rights reserved.

Scheduled Upgrade Feature

Note

Scheduled upgrade on reboot is not supported on HDFS nodes.

Warnings for CTE UserSpace for Linux

  • Prior to upgrading your system, perform a backup or take a snapshot of your system.

  • As with prior CTE UserSpace versions, Key Manager connectivity is required during upgrade.

  • Yum updates, or OS patches, should be done prior to CTE UserSpace upgrade on reboot.

  • You may see the following behavior if the upgrade on reboot fails due to a crash, or a power failure, (this is similar to a failure during a normal upgrade).

  • If a crash, or power failure, occurs before the upgrade executes, the upgrade will not take place, and the currently installed CTE UserSpace version continues to run after the reboot. Restart the system to upgrade successfully.

  • If a crash, or power failure, occurs during the upgrade, CTE UserSpace may enter an inconsistent state. Perform a restore from your backup, or roll back to the snapshot that you just took. Then, start the upgrade again.

  • If a crash, or power failure, occurs after a successful upgrade, then the new version will run on the next reboot. No user intervention is required in this case.

  • During reboot or shutdown, all applications and services dependent on CTE UserSpace services must be stopped before a scheduled update takes place. Failure to stop these services can result in an aborted scheduled upgrade during the system reboot. Examples of situations that may cause an aborted upgrade are applications with open files in a CTE UserSpace GuardPoint, or a third party anti-virus software doing periodic scans.

    For examples of how to set up CTE UserSpace start/stop dependencies with other programs, see CTE UserSpace and systemd.

Using the Scheduled Upgrade Feature

The following procedure describes how to use voradmin to schedule an upgrade that will be applied the next time the machine reboots.

  1. If you want to check which version of CTE UserSpace for Linux you currently have installed, use the vmd –v command:

    vmd -v 
Version 10
10.0.0.9074
2022-09-07 14:09:59 (CDT)
Copyright (c) 2009-2022, Thales Inc.  All rights reserved.

  2. To schedule an upgrade on reboot, use the following commands:

    voradmin upgrade schedule <path_to_CTE_installer_binary>  y [-t <custom_extraction_path>]

    where:

    • <path to CTE-U installer> is the full path to the CTE UserSpace installation file for the release to which you want to upgrade.

    • -y is an optional parameter that automatically accepts the prompt and schedules the upgrade. If you do not specify this parameter, you must manually accept the License Agreement before the upgrade can be scheduled.

    For example, if you are upgrading to version 10.0.0.9074 and you want to automatically accept the license agreement and use a custom directory, you would type:

    voradmin upgrade schedule <path-to-CTE-U-package>  -y

  3. If you want to verify that the upgrade was successfully scheduled, use the voradmin upgrade show command:

    voradmin upgrade show
Upgrade on reboot is currently scheduled.
Current CTE-U version is 10.0.0.9074, upgrade on reboot scheduled for CTE-U 10.3.0.65.

  4. Reboot the machine, then log in and verify that the upgrade was successful.

    vmd -v 
Version 10
10.3.0.65
2022-09-07 14:09:59 (CDT)
Copyright (c) 2009-2024, Thales Inc.  All rights reserved.

    Note

    Appropriate logs will be logged in syslog.

Performing a Manual Upgrade When an Upgrade is Already Scheduled

If an administrator runs a manual upgrade after an upgrade has already been scheduled, the scheduled upgrade is cancelled and Manual upgrade proceeds.

To verify that the upgrade succeeded, the administrator can use the vmd –v command:

vmd -v
Version 6, Service Pack 2
7.1.0.66
2022-02-04
Copyright (c) 2009-2022, Thales. All rights reserved.

To cancel an existing scheduled upgrade on reboot: 

    voradmin upgrade cancel 
    Removed symlink /etc/systemd/system/multi-user.target.wants/secfs-upgrade.service.
    Successfully cancelled upgrade on reboot

On this page