Upgrading NS 6.8 on live system to 7

Wake up guys, we are still waiting for a live update from Nethserver 6 to Nethserver 7!! We have a business to run here! Thank you! Otherwise --> please post steps how to upgrade manually. We are talking about security here… You can’t have people reinstall everything on a live system? :frowning:
How to go from here? Nethserver is really great software!!

[mod edit] If you have nothing to add to the discussion, please refrain from posting.

Please, test the backup/restore upgrade procedure! We must be sure it works correctly because it is the base of the live upgrade procedure.

See also Upgrade from NethServer 6 — NethServer 7 Final

I must remark that!

1 Like

Please note that platform security fixes will be available from upstream until November 2020 :wink:

Thanks, David! Always great to get some serious feedback :smiley_cat: It’s a VmWare ESXi 6.5 server where Nethserver 6.8 is running on (so I could ofcourse make a snapshot). Maybe this upcoming weekend I could test it for you guys? It means downtime ofcourse (have to switch cables and such…)… --> Will let you know how things went, can’t wait to run Nethserver 7 here! :smiley:

Ofcourse, but Nethserver 7 means --> CentOS 7, and that’s what we want (to take full advantage of the power of CentOS 7) :slight_smile: But I get where you are coming from! We don’t want sec-holes, at all! :smiley:

1 Like

Ehi Patrick I’m happy to see your strong interest :slight_smile:
Did you test our procedure? Any feedback? We need you to improve it and gather some data

1 Like

Hi Alessio,

Well… I have failed, and it frustrated me very badly (last Friday, in my spare time in the evening at the office)…
While a clean NS6 installation didn’t gave me any setup problems at all (installed auto, for like 90% of the time)…
But okay, let me just tell you in short what happened:
I started with a new virtual machine with basic “overkill” specs (2x cpu / 6GB Ram / 100GB HDD) (on a VmWare ESXi 6.5 server) and installed NS7 exactly as told by Nethserver

Things that I have found out:
1. interface names have been changed in NS7/CentOS 7 (instead of eth0/eth1/eth2/ppp we had in NS6, there were only 3 interfaces shown in NS7 (ens192/ens224/ens320, I believe) (instead of the 4 interfaces I had in NS6), with no local ip addresses at all. I could not login to the backend/webinterface. Only If I gave NS7 a different hostname then what the old NS6 virtual machine had, it would get a DHCP address from the old NS6 router. Of course this is logical, because you can’t have duplicate hostnames/addresses in your network. But it would not “serve” me a local DHCP address out-of-the-box?
(Side-note: we just use the PFSense way to setup our virtual switches in ESXi (except we have used Nethserver as software), located for instance in their manual at: https://doc.pfsense.org/index.php/PfSense_2_on_VMware_ESXi_5 )
Giving NS7 a static ip address through command line would not work either (webinterface not reachable at the address I set it at). I reinstalled NS7 multiple times, but still the same issues. I could only get NS7 to work when I made a second router with NS7 (it would detect my current network settings), next to my NS6 router installation.
After that I could finally enter the Webinterface. (…I felt very n00bish again…)
But this is BY FAR the biggest point of frustration. The interface name changes and you need the same hostname (on a live running system?)… Your backup can’t restore automatically all of your settings if this is not addressed somewehere in the upgrade process (should be converted, right?).
2. The backup could be restored only by using the data restoration (“Backup (data)”) page, but then the old NIC interfaces were added again as new interfaces, after restoration, and they were not copied over or moved over to the new interface names (why?). I could not restore the backup when I had the two VM’s (NS6 and NS7) running. I had to change the exact hostname of NS6 to the exact hostname of NS7, otherwise it would not show any backups in the list. I took some screenshots of NS6 (ifconfig) and then implemented these settings in the webinterface of NS7 beforehand. It would be a nice feauture if the old hostname was asked to restore from?
3. MAC-addresses were not the same as the physical interfaces of my NIC’s in my ESXi? I even started comparing MAC-adresses from NS6 to NS7 with screenshots, but they were completely different… (The virtual machines have the exact same specs…? (except CentOS 7 ofcourse))
4. All of our OpenVPN certificates / users / passwords were gone after restoration of the NS6 backups in NS7. This is also very frustrating. No OpenVPN users could be found anymore. This would mean that I have to give all our external workers a new certificate / username or password (that can take quite some time if you have a lot)…
These were the most frustrating points I came across untill now, and after a few hours of testing and bug-testing I had to go and had to celebrate my weekend, haha.

So, as for my conclusion, the “restore feature” works, and it even installs all modules again, but it’s just having problems with the changes made in CentOS 6 VS CentOS 7.
If you could create workarounds for these mentioned problems I have experienced so far, that would be great. And I would be happy to test it for you.

I can and will try NS7 again and again in a couple of weeks, as I really want NS7 to run in our company (CentOS 7 ftw!!!).
I can only test it in our live situation here, so it will take some time.

I hope I could be helpful with this post.

Having questions? Please do let me know!

Best Regards,

Patrick de Jongh

4 Likes

This report is amazing, thanks for taking the time to test all those issues!
I hope that our @dev_team would take it into account to enhance the procedure.

That’s a great plan! In the meantime, we hope to gather as many upgrade experiences as possible.
Let me know if I can help you with anything :+1:

Is an upgrade tool already available?

There is no tool for in-place upgrade since upstream doesn’t release it.

But the upgrade procedure with backup and restore is almost released, you can try it now :wink:

Just an experiment, long time ago

Time to move forward! Please reply

See Upgrade paths to ns7