UPGRADE of Oracle AVDF (Audit Vault and Database Firewall) console from 12.2.0.11 to 20.3

-

  

1.   Pre-Requisites

 

1.     Backup the current Audit Vault console:

If the Audit vault server is installed in a VM, it is recommended to take a VM snapshot before starting the upgrade process.

 

2.      Release Existing Tablespace that are retrieved manually:

If existing tablespaces are not released that will fail the pre-upgrade procedure.

To release the tablespaces follow this procedure:

 

                                                                                I.            Log in to the Audit Vault Server console as super administrator.

 

                                                                              II.            Navigate to Settings, and then to Archiving.

 

                                                                            III.            Click Retrieve.

 

                                                                            IV.            You will find a list of tablespaces retrieved.

 

                                                                              V.            Select and release all the tablespaces.

     

3.      Pre-upgrade RPM Boot Device Greater than 2 TB:

The pre-upgrade RPM performs necessary space checks for the boot device. In case the boot device is greater than 2 TB, then the upgrade process may fail. The boot device should be less than 2 TB before the upgrade process can begin.

 

4.      Pre-upgrade RPM Boot Partition Space Check Warning:

 The pre-upgrade RPM performs necessary space checks in the boot partition. In case there is not enough space in the boot partition, the upgrade process may fail. The boot partition should have at least 500 MB before the upgrade process can begin.

 

 

2.   Software Download

 

A.    Download The Files :

A.      Go to Oracle Support

B.      Go to Patches and Updates

C.      Select the Product or family (Advanced) in the left panel

D.     Type Oracle Audit Vault and Database firewall in Product

E.      Select 20.3 in the release drop down

F.       Click search


G.      Select the latest patch (32114482 for us)

H.      Click the following .zip files to download them on your system:

 

a)      32114482_1of4.zip avdf-upgrade-20.3.0.0.0-part1.iso AVDF_20_3_readme.html

b)      32114482_2of4.zip avdf-upgrade-20.3.0.0.0-part2.iso

c)32114482_3of4.zip avdf-upgrade-20.3.0.0.0-part3.iso avdf-pre-upgrade-20.3.0.0.0.zip

d)32114482_4of4.zip avdf-20.3.0.0.0-utility.zip Deprecated-     Cipher-Removal.zip

I.      After unzipping the .zip files there will be two parts :

a)      avdf-pre-upgrade-20.3.0.0.0.zip and

b)      avdf-upgrade-20.3.0.0.0-part1.iso

c)      avdf-upgrade-20.3.0.0.0-part2.iso

d)      avdf-upgrade-20.3.0.0.0-part3.iso

J.     Combine the three ISO files into one ISO file on a different machine other than the Audit Vault server

a)      Linux:

# cat avdf-upgrade-20.3.0.0.0-part1.iso avdf-upgrade-20.3.0.0.0-part2.iso avdf-upgrade-20.3.0.0.0-part3.iso > avdf-upgrade-20.3.0.0.0.iso

b)      Microsoft Windows:

copy /b avdf-upgrade-20.3.0.0.0-part1.iso+avdf-upgrade-20.3.0.0.0-part2.iso+avdf-upgrade-20.3.0.0.0-part3.iso avdf-upgrade-20.3.0.0.0.iso.

 

 

A.    Install Oracle AVDF Pre-Upgrade RPM:

 

You must install the pre-upgrade RPM. It puts the system into a state that can be safely upgraded after it checks for suitable space on the file system. When the pre-upgrade RPM is installed, it re-arranges free space on the appliance so that there is enough room to copy the upgrade files to the appliance and start the installation. After the upgrade, the space for the upgrade files is given back to the file system.

 

The avdf-pre-upgrade-20.3.0.0.0.zip executable includes the upgrade prerequisites and also checks that the platform conditions are met prior to the upgrade

 

o   Prerequisite

 

In case of high availability environment, before running the pre-upgrade RPM, check the failover status on the primary Audit Vault Server. The failover status should not be STALLED. If the failover status is STALLED, then wait for a while and check the status again. If the status is not changing, then contact Oracle Support.

 

Follow these steps to check the failover status on the primary Audit Vault Server:

 

Log in to the primary Audit Vault Server console as oracle user.

 

Run the following command:

 

/usr/local/dbfw/bin/setup_ha.rb  --status

 

Our server was in stand alone mode. for HA configuration you need to run the pre-upgrade rpm in both the servers. Secondary node 1st then the primary.

o   Run Pre-Upgrade RPM

 

a)      Unzip the bundle using the command

 

unzip avdf-pre-upgrade-20.3.0.0.0.zip

 

a)      Run the following command to install the avdf-pre-upgrade-20.3.0.0.0-0_210128.0600.x86_64.rpm:

 

rpm -i /root/avdf-pre-upgrade-20.3.0.0.0-0_210128.0600.x86_64.rpm

  • The following message appears:

 

SUCCESS: The upgrade media can now be copied to '/var/dbfw/upgrade'.

 

The upgrade can then be started by running: /usr/bin/avdf-upgrade

1.   Upgrade Process

 

§  Transfer the ISO File To The Appliance

 

·       Log in to the appliance as user support.

 

·       Copy the avdf-pre-upgrade-20.3.0.0.0.zip file as follows:

 

scp remote_host:/path/to/ avdf-upgrade-20.3.0.0.0.iso

to “/var/dbfw/upgrade” dir which was newly created.

§  Start The Upgrade Script

 

The upgrade script mounts the ISO, changes to the correct working directory, executes the upgrade process, and then after the upgrade process is complete, unmounts the ISO.

 

If you use a network (ssh) connection to upgrade the appliance, ensure the connection is reliable. You may also need to set the connection to keepalive. If you are using ssh from the Oracle Linux command line, you can use the ServerAliveInterval option, for example as follows:

 

# ssh -o ServerAliveInterval=20

Run the screen command as user root. Using the screen command prevents network disconnections interrupting the upgrade. If the session terminates, resume as follows:

·       Connect as user support.

·       Switch to user root.

·       Run command screen -r

 

·       Press y to continue

 


·       Reboot the VM

·       This will ask for root user and password

 

This will start the installation process:

 

**This will upgrade all its components by its own including agents** 

·       After Upgrade completes verify the console version 





 

·       The appliance database will also be upgraded to 19c. Here the job is done ! It will take around 5 to 7 hours depending on the DB size.



NOTE:

The agents will be upgraded automatically, login to the console and verify the agent’s status and the audit trail status.




Reference: Oracle doc ID- E93405-11
Have fun !!










Comments

Post a Comment

Popular posts from this blog

R12.2 Log file locations

-
Few Logfile location on EBS R12.2.X Admin server   -   $FMW_HOME/user_projects/domains/EBS_domain_$TWO_TASK/servers/AdminServer/logs/AdminServer.log oacore logfile  -  $FMW_HOME/user_projects/domains/EBS_domain_$TWO_TASK/servers/oacore_server1/logs/oacore_server1.log oacore out file  -  $FMW_HOME/user_projects/domains/EBS_domain_$TWO_TASK/servers/oacore_server1/logs/oacore_server1.out oacore diagnostic log -  $FMW_HOME/user_projects/domains/EBS_domain_$TWO_TASK/servers/oacore_server1/logs/oacore_server1-diagnostic.log oafm logfile -  $FMW_HOME/user_projects/domains/EBS_domain_$TWO_TASK/servers/oafm_server1/logs/oafm_server1.log oafm outfile -  $FMW_HOME/user_projects/domains/EBS_domain_$TWO_TASK/servers/oafm_server1/logs/oafm_server1.out oafm diagnostic log  - $FMW_HOME/user_projects/domains/EBS_domain_$TWO_TASK/servers/oafm_server1/logs/oafm_server1-diagnostic.log form server log  - $FMW_HOME/user_projects/domain...
Read more

Cloning

-
Apps 11i Multinode to single node To see if your environment is ready for the Cloning with Rapid Clone, please check the Metalink Note   230672.1. NOTE: The initial system has ONE APPL_TOP on one node (apps.localdomain) and the DB tier on another node (db.localdomain).     These easy to follow steps will allow you to move or clone Oracle applications from one location to another. This can be essential when moving from a multi-node system to single-node system. It may seem complex, but by approaching such a task one stage at a time it will become much easier under understand this technical process. 1.   Maintain Snapshot information (on the APPS node)     adadmin -> 2. Maintain Applications Files menu -> 5. Maintain snapshot information -> 2. Update current view snapshot 2. Prepare the source system database tier for cloning       cd <RDBMS ORACLE_HOME>/appsutil/scripts/<CONTEXT_NAME...
Read more

Oracle Kye-vault Installation (Version 21.4 ) ( Chapter -I )

-
Image
Interesting story behind this: I have received a customer requirement for a DBA position, and the main criteria was: the DBA must know oracle key vault, for their security solution project. I have received around 25/30 resumes where everyone has written, they know Oracle key-vault. While interviewing, someone saying it's a security file 😆, someone saying it's a parameter that exists since 12c on-words 😀, others saying it's a tool like oracle wallet & TDE 😟. Everyone disappointed me, although it's just a matter of little more detail reading of  (https://docs.oracle.com/en/database/oracle/key-vault/21.4/).   So thought of writing this blog and share it across for quick understanding.  Note: I have done this installation/deployment of  appliance image in my VM ware server. Created a 300Gigs vm with 8 GB of RAM & 2 vCPUs, and deployed it. Very simple.  Oracle Kye-vault is a security solution soft appliance from Oracle . It comes as an ISO image from...
Read more