How To
Summary
There is a specific path to the upgrade to avoid losing data as the underlying RHEL must also be upgraded to properly support the upgrade to the DataPower 10.5.0.x firmware.
Objective
To successfully upgrade the virtual DataPower appliances running on Linux and preserve the configuration and keys/certs to the 10.5.0.x firmware from either the 2018.4.1.x or the 10.0.1.x levels.
Steps
The 10.5.0.x firmware requires the RHEL level on the host server to be at 8.4 or higher version 8 while the previous versions require RHEL 7.x.
See this page to run a report to confirm the supported RHEL versions for DataPower.
The issue is if you upgrade the RHEL version on the server any existing virtual appliance will be corrupted and the data lost.
The steps for the upgrade are:
1. Confirm the appliance has the secure backup mode enabled by looking on the "System Settings" page in the WebGUI or the "show system" CLI command and look at the "backup mode" if it does not say "secure" open a case with support and request a tool to enable the secure backup mode.
2. Upgrade the DataPower to version 10.5.0.2 (or higher) using the scrypt4 image (such as idg_lx10502.lts.scrypt4) that is available on Fix Central - Note this is only to allow for a secure backup to be taken and is not supported to run in production.
3. Take a secure backup from the appliance. For information see the Secure backup-restore for DataPower.
Note: Save all files including key and certificate files to a local machine after the secure-backup is completed.
4. Upgrade the RHEL from 7.9 to 8.4 or higher version 8 or use a new RHEL 8.4 or higher version 8 server.
5. Remove the old DataPower RPM from the upgraded RHEL 8.x server (if this is not a fresh RHEL installation).
6. Remove "epel-release-latest-7.noarch.rpm" package from the RHEL version 8.x server (if this is not a fresh RHEL installation).
7. Install "epel-release-latest-8.noarch.rpm" package in the RHEL version 8.x server.
8. Install the version 10.5.0.2 RPM packages in the RHEL 8.x server.
9. Perform the initial configuration to have the DataPower appliance accessible from the network.
Note:
If the telnet command "telnet 0.0.0.0 2200" or "telnet 127.0.0.1 2200" is not able to connect with a "Connection refused" error you may need to update the firewall rules on the RHEL 8 server to allow port 2200.
For information on how to work with the firewall in RHEL8 you may check online for information such as this example post: Working with the firewall in RHEL 8.
For information on how to work with the firewall in RHEL8 you may check online for information such as this example post: Working with the firewall in RHEL 8.
10. Restore the configuration using secure-restore with files from step 3.
Once the restore is complete, you may confirm the appliance is working as expected.
11. Upgrade DataPower appliance to the latest 10.5.0.x version as 10.5.0.2 is not suitable for production use.
Document Location
Worldwide
[{"Type":"MASTER","Line of Business":{"code":"LOB45","label":"Automation"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSHPDZ","label":"IBM DataPower Gateway Virtual Edition"},"ARM Category":[{"code":"a8m0z0000004DB1AAM","label":"DataPower-\u003EMGMT (MM)-\u003EOther, please specify-\u003ELinux Install"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]
Was this topic helpful?
Document Information
Modified date:
14 November 2023
UID
ibm17027770