1 person found this helpful
I would go for the new vApp. You can run a migration export from the 5.0.0 system and import it into the new vApp.
1. You will have a newer SuSe release. 5.0.0 (SuSE 11 SP1) 5.8.4 (SuSE 11 SP3)
2. You will have a newer version of vPostgres. 5.0.0 (vPostgres 9.1.3), 5.8.4 (vPostgres 9.1.9)
3. Since you inherited the system, you can make sure any previous user accounts or other unauthorized settings are gone.
Just one caveat.
There is an issue with older agents not being able to initiate communications with the server due to using older protocols.
You should consider upgrading the agents as soon as possible. Upgrading the agents can be done in the UI using the "Agent Commands" feature. You can upgrade many of them at once by using the agent commands feature on a "compatible" group of agents.
I hope this helps.
Thank a lot!!
I agree upgraded postgres etc is a very good idea. We have had issues of the DBs overloading the pipe to VcOPS in the past.
The issue with upgrading the agents via the console (we have one 5.8.0 server I have done this on 5.0.0 agents). Is that I have approximately 800 VMs across different domains and data centers. The protocols issue is in regards to the POODLE exploit correct? To mitigate this in our current environment I did modify a server.xml and replaced:
sslProtocol = "TLS"
That bombed out all our agents (likely due to the fact of us using wildcard certs and not self signed).
I then tried that with protocols="SSLv2Hello,TLSv1.2,TLSv1.1,TLSv1". and restarted the server, but then the front end webpage went down.
I also have an issue where I need to not use the current 5.0 agent dirs since I will be upgrading to 5.8.4 I know it can likely be done that way except I have to rip out those embedded JREs per our security team and i also have to update several hard coded file paths.
Anyway, thanks for the advise!! I am the only Hyperic guy here and this is my first exposure to it so I greatly appreciate the help.
These lines should have worked.
Not sure why the UI would not come up. I don't think these would be related.
You would probably need to post the server.log or open a SR to find out what happened.