Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Kevin_Orrison
Collaborator

R80.10 to R80.30 Management Server Upgrade

I'm going to be upgrading my management server from R80.10 to R80.30 soon. I know an advanced upgrade to a new server is recommended for the new kernel and file system. I guess I'm just curious how many people are upgrading to R80.30 like that. I've heard from a few other Check Point admins that are just doing in place upgrades. I guess my question is, is it worth the effort to migrate to a new VM in my case?

0 Kudos
10 Replies
Dima_M
Employee
Employee

Hi Kevin,

We've upgraded the OS kernel to 3.10 in R80.20, while kernel upgrade will happen during inplace upgrade  file system will change from ext3 to XFS only on new installation, hence we recommend to go with advanced upgrade in your case to enjoy the benefits (Enlarged system storage, I/O performance, better compression).

But in general, moving "inplace" between minor versions is the recommended way, we're working to make these upgrades even better and you'll feel it in your next upgrade..

0 Kudos
FedericoMeiners
Advisor

If you are working on a virtualized enviroment I would recommend export + fresh install, the process is really quick and easy.

____________
https://www.linkedin.com/in/federicomeiners/
0 Kudos
Maarten_Sjouw
Champion
Champion

I finished a MDS R80.10 to R80.30 migration a couple of months ago and last weekend in a second attempt I migrated a 3 set of MDS servers from R77.30 to R80.30 exactly with that method:
Build a new server with R80.30, give it a temp IP
When you are ready to go this is what you do:
stop the CP services (mdsstop/cpstop)
start the migration export (use the upgrade guide)
once done change the IP of your original management server(s)
change the IP of the new machine to the original IP of the management server
start the FTW and finish it
move the export file from the old to the new server
use the commands from the manual to import the exportfile
start the cp services (cpstart/mdsstart).
run your check ups to make sure everything looks ok
install database (on every domain)
install policy(ies)
check logging.
Regards, Maarten
0 Kudos
Kevin_Orrison
Collaborator

I appreciate the response!
0 Kudos
Kevin_Orrison
Collaborator

Did you export logs from the old server using "migrate export -l"?

If so, did you re-index the logs?

0 Kudos
Maarten_Sjouw
Champion
Champion

In my case it was an MDS and I used mds_setup however I did not copy the logs nor the indexes.
There was about 2,5TB in logs for the 80.10 MDS and copying that into a tgz file would take even more space that is not avalable.
If I would have moved all files over to the new server it would start indexing by itself, however there is a default setting for the number of days it will index, IIRC that is around 14.
Regards, Maarten
0 Kudos
Kevin_Orrison
Collaborator

I am going to use the same IP as the existing SMS like you did too. This being the case, did you have to do anything with licensing on the new server once it had the original IP? 

0 Kudos
Maarten_Sjouw
Champion
Champion

Nope, licensing and everything else is preserved.
Regards, Maarten
0 Kudos
Kevin_Orrison
Collaborator

good to know.

0 Kudos
Kevin_Orrison
Collaborator

Thanks for the replies!

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events