Project-42
Posted on September 14, 2021
I was wondering the other day how can I easily upgrade a OL7 to OL8, and looks like Oracle has the exact tool for the process:
Oracle® Linux 8 Performing System Upgrades With Leapp
This is the system I will try to upgrade:
[root@OL7 ~]# head -1 /etc/*rel*
==> /etc/oracle-release <==
Oracle Linux Server release 7.9
==> /etc/os-release <==
NAME="Oracle Linux Server"
==> /etc/prelink.conf.d <==
head: error reading ‘/etc/prelink.conf.d’: Is a directory
==> /etc/redhat-release <==
Red Hat Enterprise Linux Server release 7.9 (Maipo)
==> /etc/system-release <==
Oracle Linux Server release 7.9
==> /etc/system-release-cpe <==
cpe:/o:oracle:linux:7:9:server
[root@OL7 ~]#
First, we need to make sure boot manager is disabled. Since this is a VM, I can not see a boot manager, so we are clear:
[root@OL7 ~]# bootctl status
System:
Machine ID: 01a9ea161568458ba5d6f29e505d4c13
Boot ID: 965df6b728634b0287b3f4059b3c1807
No suitable data is provided by the boot manager. See:
http://www.freedesktop.org/wiki/Software/systemd/BootLoaderInterface
http://www.freedesktop.org/wiki/Specifications/BootLoaderSpec
for details.
Confirm the locale is set to en_US.UTF-8
[root@OL7 ~]# cat /etc/locale.conf
LANG="en_US.UTF-8"
Update the system to make sure you are on latest version and all packages are updated and reboot the system
[root@OL7 ~]# yum update
ol7_UEKR6 | 3.0 kB 00:00:00
ol7_addons | 3.0 kB 00:00:00
ol7_developer | 3.0 kB 00:00:00
[....]
Updated:
bind-export-libs.x86_64 32:9.11.4-26.P2.el7_9.7 btrfs-progs.x86_64 0:5.12.1-1.el7 dhclient.x86_64 12:4.2.5-83.0.1.el7_9.1
dhcp-common.x86_64 12:4.2.5-83.0.1.el7_9.1 dhcp-libs.x86_64 12:4.2.5-83.0.1.el7_9.1 glib2.x86_64 0:2.56.1-9.el7_9
grub2.x86_64 1:2.02-0.87.0.13.el7_9.6 grub2-common.noarch 1:2.02-0.87.0.13.el7_9.6 grub2-pc.x86_64 1:2.02-0.87.0.13.el7_9.6
grub2-pc-modules.noarch 1:2.02-0.87.0.13.el7_9.6 grub2-tools.x86_64 1:2.02-0.87.0.13.el7_9.6 grub2-tools-extra.x86_64 1:2.02-0.87.0.13.el7_9.6
grub2-tools-minimal.x86_64 1:2.02-0.87.0.13.el7_9.6 gssproxy.x86_64 0:0.7.0-30.el7_9 kernel-tools.x86_64 0:3.10.0-1160.42.2.el7
kernel-tools-libs.x86_64 0:3.10.0-1160.42.2.el7 kpartx.x86_64 0:0.4.9-135.0.1.el7_9 krb5-libs.x86_64 0:1.15.1-50.0.1.el7
libxml2.x86_64 0:2.9.1-6.0.3.el7.5 libxml2-python.x86_64 0:2.9.1-6.0.3.el7.5 libzstd.x86_64 0:1.5.0-1.el7
linux-firmware.noarch 999:20210617-999.8.git0f66b74b.el7 nfs-utils.x86_64 1:1.3.0-0.68.0.1.el7.1 openldap.x86_64 0:2.4.44-24.el7_9
oraclelinux-release-el7.x86_64 0:1.0-17.el7 pciutils.x86_64 0:3.5.1-3.0.1.el7 pciutils-libs.x86_64 0:3.5.1-3.0.1.el7
rsyslog.x86_64 0:8.24.0-57.0.1.el7_9.1 selinux-policy.noarch 0:3.13.1-268.0.13.el7_9.2 selinux-policy-targeted.noarch 0:3.13.1-268.0.13.el7_9.2
Replaced:
python-chardet.noarch 0:2.2.1-3.el7
Complete!
[root@OL7 ~]#
[root@OL7 ~]# reboot
Let's install the Oracle Leapp Package now
[root@OL7 ~]# yum install leapp --enablerepo=ol7_leapp,ol7_latest
No package leapp available.
Error: Nothing to do
[root@OL7 ~]#
It didn't work at first, but the reason is actually explained by the documentation:
"This warning appears if an oracle-linux-ol7.repo file already exists prior to updating the Oracle Linux 7 packages. The update process creates the .rpmnew file to avoid overwriting any customizations that might be in the current file.
In this case, use the .rpmnew file to guide you in making the necessary modifications to your existing .repo file. Incorporate any new information into your .repo file. The ol7_leapp repository description must be listed in your final oracle-linux-ol7.repo file for the upgrade to proceed."
So, what I did was to replace the default .repo file with the new .rpmnew file:
[root@OL7 yum.repos.d]# ls -lrth
total 36K
-rw-r--r--. 1 root root 276 Feb 16 2021 oracle-softwarecollection-ol7.repo
-rw-r--r--. 1 root root 4.3K May 31 00:55 oracle-linux-ol7.repo <<<<<<<<<<<
-rw-r--r--. 1 root root 1.1K May 31 00:55 oraclelinux-developer-ol7.repo
-rw-r--r--. 1 root root 252 May 31 00:55 oracle-epel-ol7.repo
-rw-r--r--. 1 root root 226 Jun 9 03:57 virt-ol7.repo
-rw-r--r--. 1 root root 2.6K Jun 9 03:57 uek-ol7.repo
-rw-r--r--. 1 root root 4.5K Jun 9 03:57 oracle-linux-ol7.repo.rpmnew <<<<<<<<<<<
[root@OL7 yum.repos.d]# mv oracle-linux-ol7.repo oracle-linux-ol7.repo.bk
[root@OL7 yum.repos.d]# mv oracle-linux-ol7.repo.rpmnew oracle-linux-ol7.repo
[root@OL7 yum.repos.d]#
It should work now:
[root@OL7 yum.repos.d]# yum install leapp --enablerepo=ol7_leapp,ol7_latest
Resolving Dependencies
--> Running transaction check
---> Package leapp.noarch 0:0.12.0-1.0.1.el7_9 will be installed
--> Processing Dependency: python2-leapp = 0.12.0-1.0.1.el7_9 for package: leapp-0.12.0-1.0.1.el7_9.noarch
[....]
Transaction Summary
=====================================================================================================================================================================
Install 1 Package (+35 Dependent packages)
Total download size: 6.1 M
Installed size: 24 M
Is this ok [y/d/N]: y
[....]
Installed:
leapp.noarch 0:0.12.0-1.0.1.el7_9
Dependency Installed:
audit-libs-python.x86_64 0:2.8.5-4.el7 checkpolicy.x86_64 0:2.5-8.el7 dnf.noarch 0:4.0.9.2-2.el7
dnf-data.noarch 0:4.0.9.2-2.el7 json-glib.x86_64 0:1.4.2-2.el7 leapp-deps.noarch 0:0.12.0-1.0.1.el7_9
leapp-repository.noarch 0:0.13.0-2.0.1.el7_9 leapp-repository-deps.noarch 0:0.13.0-2.0.1.el7_9 libcgroup.x86_64 0:0.41-21.el7
libcomps.x86_64 0:0.1.8-14.el7 libdnf.x86_64 0:0.22.5-2.el7 libmodulemd.x86_64 0:1.6.4-1.el7
librepo.x86_64 0:1.8.1-8.el7_9 libreport-filesystem.x86_64 0:2.1.11-53.0.1.el7 librhsm.x86_64 0:0.0.3-3.el7
libsemanage-python.x86_64 0:2.5-14.el7 libsolv.x86_64 0:0.6.34-4.el7 libyaml.x86_64 0:0.1.4-11.el7_0
policycoreutils-python.x86_64 0:2.5-34.0.1.el7 python-IPy.noarch 0:0.75-6.el7 python-backports.x86_64 0:1.0-8.el7
python-backports-ssl_match_hostname.noarch 0:3.5.0.1-1.el7 python-enum34.noarch 0:1.0.4-1.el7 python-ipaddress.noarch 0:1.0.16-2.el7
python-pyudev.noarch 0:0.15-9.el7 python-requests.noarch 0:2.6.0-10.el7 python-setuptools.noarch 0:18.0.1-2.el7
python-six.noarch 0:1.9.0-2.el7 python-urllib3.noarch 0:1.10.2-7.el7 python2-dnf.noarch 0:4.0.9.2-2.el7
python2-hawkey.x86_64 0:0.22.5-2.el7 python2-leapp.noarch 0:0.12.0-1.0.1.el7_9 python2-libcomps.x86_64 0:0.1.8-14.el7
python2-libdnf.x86_64 0:0.22.5-2.el7 setools-libs.x86_64 0:3.3.8-4.el7
Complete!
[root@OL7 yum.repos.d]#
The Preupgrade command will give information about what to expect and any mayor issues before the upgrade (If you are running this in OCI, please check the documentation since you should be using "--oci" instead of "--oraclelinux")
It will also generate a "answerfile" with the changes that needs to be addressed before the upgrade can be executed
[root@OL7 yum.repos.d]# leapp preupgrade --oraclelinux
==> Processing phase `configuration_phase`
====> * ipu_workflow_config
IPU workflow config actor
==> Processing phase `FactsCollection`
====> * system_facts
Provides data about many facts from system.
====> * tcp_wrappers_config_read
Parse tcp_wrappers configuration files /etc/hosts.{allow,deny}.
====> * selinuxcontentscanner
Scan the system for any SELinux customizations
====> * scancpu
Scan CPUs of the machine.
====> * root_scanner
Scan the system root directory and produce a message containing
[....]
==> Processing phase `Reports`
====> * verify_check_results
Check all dialogs and notify that user needs to make some choices.
====> * verify_check_results
Check all generated results messages and notify user about them.
============================================================
UPGRADE INHIBITED
============================================================
Upgrade has been inhibited due to the following problems:
1. Inhibitor: Possible problems with remote login using root account
2. Inhibitor: Missing required answers in the answer file
Consult the pre-upgrade report for details and possible remediation.
============================================================
UPGRADE INHIBITED
============================================================
Debug output written to /var/log/leapp/leapp-preupgrade.log
============================================================
REPORT
============================================================
A report has been generated at /var/log/leapp/leapp-report.json
A report has been generated at /var/log/leapp/leapp-report.txt
============================================================
END OF REPORT
============================================================
Answerfile has been generated at /var/log/leapp/answerfile <<<<<
[root@OL7 yum.repos.d]#
[root@OL7 yum.repos.d]# cat /var/log/leapp/answerfile
[remove_pam_pkcs11_module_check]
# Title: None
# Reason: Confirmation
# =================== remove_pam_pkcs11_module_check.confirm ==================
# Label: Disable pam_pkcs11 module in PAM configuration? If no, the upgrade process will be interrupted.
# Description: PAM module pam_pkcs11 is no longer available in OL-8 since it was replaced by SSSD.
# Type: bool
# Default: None
# Available choices: True/False
# Unanswered question. Uncomment the following line with your answer
# confirm =
[root@OL7 yum.repos.d]#
To be able to execute the upgrade, we now need to resolve the items from "UPGRADE INHIBITED" section.
In my case:
============================================================
UPGRADE INHIBITED
============================================================
Upgrade has been inhibited due to the following problems:
1. Inhibitor: Possible problems with remote login using root account
2. Inhibitor: Missing required answers in the answer file
Consult the pre-upgrade report for details and possible remediation.
To "respond" to the answerfile we can use the leapp answer command (you can also modify the answerfile instead as documentation mentions)
I also needed to allow SSH root login, something that I'm not sure should be always necessary, but I understand is better to have it enable at least during the upgrade jut to make sure you don't lose full access to the system during the process (I didn't need to restart SSH service before the upgrade though)
[root@OL7 yum.repos.d]# leapp answer --section remove_pam_pkcs11_module_check.confirm=True
[root@OL7 yum.repos.d]#
[root@OL7 yum.repos.d]# grep PermitRootLogin /etc/ssh/sshd_config
PermitRootLogin yes
# the setting of "PermitRootLogin without-password".
[root@OL7 yum.repos.d]#
Once this is done, we can proceed with the upgrade.
It is recommended that you keep a second session logged into the system just in case you lose connectivity.
[root@OL7 yum.repos.d]# leapp upgrade --oraclelinux
==> Processing phase `configuration_phase`
====> * ipu_workflow_config
IPU workflow config actor
==> Processing phase `FactsCollection`
====> * scanclienablerepo
Produce CustomTargetRepository based on the LEAPP_ENABLE_REPOS in config.
====> * system_facts
Provides data about many facts from system.
[....]
====> * check_skip_phase
Skip all the subsequent phases until the report phase.
==> Processing phase `TargetTransactionFactsCollection`
====> * target_userspace_creator
Initializes a directory to be populated as a minimal environment to run binaries from the target system.
Latest Unbreakable Enterprise Kernel Release 6 5.5 MB/s | 23 MB 00:04
Oracle Linux 8 Application Stream (x86_64) 6.2 MB/s | 26 MB 00:04
Oracle Linux 8 BaseOS Latest (x86_64) 6.1 MB/s | 35 MB 00:05
Last metadata expiration check: 0:00:07 ago on Wed Sep 8 12:18:03 2021.
Dependencies resolved.
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
dnf noarch 4.4.2-11.el8 ol8_baseos_latest 539 k
Installing dependencies:
audit-libs x86_64 3.0-0.17.20191104git1c2f876.el8
ol8_baseos_latest 116 k
basesystem noarch 11-5.el8 ol8_baseos_latest 10 k
bash x86_64 4.4.20-1.el8_4 ol8_baseos_latest 1.5 M
brotli x86_64 1.0.6-3.el8 ol8_baseos_latest 323 k
[....]
tzdata noarch 2021a-1.el8 ol8_baseos_latest 473 k
xz-libs x86_64 5.2.4-3.el8 ol8_baseos_latest 94 k
zlib x86_64 1.2.11-17.el8 ol8_baseos_latest 102 k
Transaction Summary
================================================================================
Install 123 Packages
Total download size: 77 M
Installed size: 598 M
Downloading Packages:
(1/123): basesystem-11-5.el8.noarch.rpm 138 kB/s | 10 kB 00:00
(2/123): brotli-1.0.6-3.el8.x86_64.rpm 1.9 MB/s | 323 kB 00:00
(3/123): bzip2-libs-1.0.6-26.el8.x86_64.rpm 1.2 MB/s | 48 kB 00:00
(4/123): audit-libs-3.0-0.17.20191104git1c2f876 245 kB/s | 116 kB 00:00
(5/123): ca-certificates-2020.2.41-80.0.el8_2.n 1.9 MB/s | 391 kB 00:00
(6/123): bash-4.4.20-1.el8_4.x86_64.rpm 3.1 MB/s | 1.5 MB 00:00
[....]
(391/393): btrfs-progs-5.12.1-1.el8.x86_64.rpm 1.6 MB/s | 858 kB 00:00
(392/393): xfsprogs-5.4.0-1.0.1.el8.x86_64.rpm 1.5 MB/s | 1.1 MB 00:00
(393/393): linux-firmware-20210617-999.8.git0f6 4.8 MB/s | 178 MB 00:36
--------------------------------------------------------------------------------
Total 6.2 MB/s | 374 MB 01:00
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Complete!
The downloaded packages were saved in cache until the next successful transaction.
You can remove cached packages by executing 'dnf clean packages'.
==> Processing phase `InterimPreparation`
====> * efi_interim_fix
Adjust EFI boot entry for first reboot
====> * initram_disk_generator
Creates the upgrade initram disk
====> * add_upgrade_boot_entry
Add new boot entry for Leapp provided initramfs.
A reboot is required to continue. Please reboot your system.
Debug output written to /var/log/leapp/leapp-upgrade.log
============================================================
REPORT
============================================================
A report has been generated at /var/log/leapp/leapp-report.json
A report has been generated at /var/log/leapp/leapp-report.txt
============================================================
END OF REPORT
============================================================
Answerfile has been generated at /var/log/leapp/answerfile
[root@OL7 yum.repos.d]#
Once completed, reboot the system.
The system will now apply all the changes for the upgrade, so it will take some time to start.
If you have console connection, is recommended to have it open in order to see what is going on.
And voilà!, we can see how the system is now upgraded:
[vagrant@OL7 ~]$ head -1 /etc/*rel*
==> /etc/oracle-release <==
Oracle Linux Server release 8.4
==> /etc/os-release <==
NAME="Oracle Linux Server"
==> /etc/prelink.conf.d <==
head: error reading '/etc/prelink.conf.d': Is a directory
==> /etc/redhat-release <==
Red Hat Enterprise Linux release 8.4 (Ootpa)
==> /etc/system-release <==
Oracle Linux Server release 8.4
==> /etc/system-release-cpe <==
cpe:/o:oracle:linux:8:4:server
[vagrant@OL7 ~]$
Have a look at some Post-upgrade tasks from the documentation
Completing Post Upgrade Tasks after the process so you make sure you have the system in the best conditions.
In any case, looks like a good tool to do some upgrading, but make sure you double check the pre-upgrade report and never do it on your production systems without proper testing :)
Posted on September 14, 2021
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.