Veritas NetBackup™ Upgrade Guide
- Introduction
- Planning for an upgrade
- General upgrade planning information
- About upgrade tools
- Upgrade operational notes and limitations
- Master server upgrade
- Media server upgrade
- MSDP upgrade for NetBackup
- Client upgrade
- NetBackup Deployment Management with VxUpdate
- Appendix A. Reference
Upgrading UNIX and Linux server software to NetBackup 8.2
You should schedule your upgrade and reconfiguration for a time when backups do not run. However, the upgrade procedure instructs you to deactivate all policies to ensure that backups do not interfere with the upgrade. You can also temporarily modify policies so that backups do not run while you upgrade and reconfigure NetBackup.
To upgrade UNIX and Linux server software to 8.2
- Log on as the root user on the server.
- If the NetBackup Administration Console is open, you must close it now.
- (Conditional) For clustered environments, perform the following tasks:
If necessary, edit the
bp.conf
and thevm.conf
files as follows:If a
REQUIRED_INTERFACE
entry exists, replace it with aCLUSTER_NAME
entry. Otherwise, add a newCLUSTER_NAME
entry. This entry should be defined as the virtual server name.For a master server, make sure that the first
SERVER
entry matches theCLUSTER_NAME
entry for thebp.conf
file.Take the NetBackup Group offline. Use the command shown:
/opt/VRTSvcs/bin/hares -offline
Freeze the NetBackup Group so that migrations do not occur while the inactive nodes are upgraded. Use the command shown:
/opt/VRTSvcs/bin/hagrp -freeze group -persistent
If you have a VCS cluster configured, you can freeze the NetBackup Group by using the Cluster Manager interface or the command line.
Before you proceed with a cluster upgrade, refer to the NetBackup Clustered Master Server Administrator's Guide for other cluster upgrade requirements.
- For Solaris systems, all of the NetBackup scripts that you may have modified are removed when you run the upgrade script.
For non-Solaris systems, NetBackup scripts that are not covered in Chapter 1 that you modified are removed when you run the upgrade script. More information about this topic is available.
See About automatic file changes from an upgrade.
Save any files that you have modified and want to keep.
- Navigate to the location where the installation images reside. Enter the command that is shown to start the upgrade script:
./install
- Follow the prompts in the installation script to install the NetBackup server binaries.
- (Conditional: For media servers only) If your environment uses an external certificate authority, provide the external certificate authority information at the prompts shown:
Enter the certificate file path or q to skip security configuration: /usr/eca/cert_chain.pem Enter the trust store location or q to skip security configuration: /usr/eca/trusted/cacerts.pem Enter the private key path or q to skip security configuration: /usr/eca/private/key.pem Enter the passphrase file path or q to skip security configuration (default: NONE): /usr/eca/private/passphrase.txt
Note:
Be aware the passphrase file path is optional.
- (Conditional: For media servers only) When prompted, provide the required information for the CRL configuration:
Should a CRL be honored for the external certificate? 1) Use the CRL defined in the certificate. 2) Use the CRL from a file path. 3) Do not use a CRL. q) skip security configuration CRL option (1):
- (Conditional: For media servers only) If you specified Use the CRL from a file path, you must enter the path to the CRL location:
Enter the CRL location path or q to skip security configuration: /usr/eca/crl
- (Conditional: For media servers only) The installer echoes the configuration information you entered and attempts to retrieve details for the external certificate:
External CA values entered: Certificate file path: /usr/eca/cert_chain.pem Trust store file path: /usr/eca/trusted/cacerts.pem Private key file path: /usr/eca/private/key.pem Passphrase file path: /usr/eca/private/passphrase.txt CRL check level: Use the CRL from a file path. CRL location path: /usr/eca/crl Getting external CA certificate details Issued By : CN=IITFRMNUSINT,O=Veritas,OU=iitf Subject Name : CN=cuomovm04,O=Veritas,OU=iitf Expiry Date : Oct 31 17:25:59 2019 GMT SHA1 Fingerprint : 62:B2:C3:31:D5:95:15:85:9D:C9:AE:C6:EA:C2:DF:DF:6D:4B:92:5B Serial Number : 0x6c7fa2743072ec3eaae4fd60085d468464319a Certificate Path : /usr/eca/cert_chain.pem Validating host ECA certificate. NOTE: Depending on the network, this action may take a few minutes. To continue without setting up secure communication, press Ctrl+C.
- (Conditional: For media servers only) If the external certificate enrollment pre-check finishes successfully, select 1 and press Enter to continue.
The external certificate enrollment pre-check is successful. The external certificate is valid for use with master server name How do you want to proceed? 1) Continue the installation using this certificate. 2) Modify the external CA values entered. 3) Abort the installation. Default option (1):
- (Conditional: For media servers only) If the external certificate enrollment pre-check fails, select from the choices shown. The default is 2.
The external certificate enrollment pre-check failed. The external certificate is not valid for use with master server name How do you want to proceed? 1) Continue the installation and set up external certificates later. 2) Modify the external CA values entered. 3) Abort the installation. Default option (2):
- When the script finishes, the binaries are successfully installed.
Proceed to the post-installation procedure.
More information is available.