Sun Java Enterprise System 2005Q4 Upgrade Guide |
Chapter 5
Directory Proxy ServerThis chapter describes how to upgrade Directory Proxy Server to Java ES 2005Q4 (Release 4): Sun Java System Directory Proxy Server 5.2 2005Q4.
The chapter provides a general overview of upgrade issues and procedures for the different upgrade paths supported by Java ES Release 4. The chapter covers upgrades on both the Solaris and Linux operating systems:
Overview of Directory Proxy Server UpgradesThis section describes the following general aspects of Directory Proxy Server that impact upgrading to Java ES 2005Q4 (Release 4):
About Java ES Release 4
Java ES Release 4 Directory Proxy Server represents only minor bug fixes and improvements. There are no new functional capabilities.
Java ES Release 4 Upgrade Roadmap
Table 5-1 shows the supported Directory Proxy Server upgrade paths to Java ES Release 4. The table applies to both Solaris and Linux operating systems.
Table 5-1 Upgrade Paths to Java ES Release 4:
Sun Java System Directory Proxy Server 5.2 2005Q4Java ES Release
Directory Proxy Server Version
General Approach
Re-configuration Required
Release 3
Sun Java System Directory Proxy Server 5.2 2005Q1
Direct upgrade:
Apply patches and re-configure configuration directory.Automatic re-configuration of data in configuration directory
Release 2
Sun Java System Directory Proxy Server 5.2 2004Q2
Direct upgrade:
Apply patches and re-configure configuration directory.Automatic re-configuration of data in configuration directory
Release 1
Sun One Directory Proxy Server 5.2
Direct upgrade not certified:
But you can use the same approach as upgrading from Release 2.Automatic re-configuration of data in configuration directory
Pre-dates Java ES releases
Sun One Directory Proxy Server 5.2
Direct upgrade not certified:
But you can use the same approach as upgrading from Release 2.Automatic re-configuration of data in configuration directory
Sun One Directory Access Router 5.0 or 5.0 SP1
No direct upgrade:
Upgrade first to Release 3. Refer to the Java Enterprise System 2005Q1 Upgrade and Migration Guide
(http://docs.sun.com/doc/819-0062).Then upgrade from Release 3 to Release 4.
Refer to the Java Enterprise System 2005Q1 Upgrade and Migration Guide
(http://docs.sun.com/doc/819-0062).
Directory Proxy Server Data
Directory Proxy Server makes use of Directory Server for storing configuration data. The data is stored in a specific tree structure within the directory. The Directory Server instance hosting the configuration is referred to as the configuration directory.
In most deployment architectures, the configuration directory is remote from the other components that use it to store configuration information.
The following table shows the type of data that could be impacted by an upgrade of Directory Proxy Server software.
Table 5-2 Directory Proxy Server Data Usage
Type of Data
Location
Usage
Directory Proxy Server configuration data
Configuration directory
Configuration of Directory Proxy Server
Compatibility Issues
Java ES Release 4 Directory Proxy Server does not introduce any interface changes and is backwardly compatible with earlier versions.
Dependencies
Dependencies on other Java ES components can impact the procedure for upgrading and re-configuring Directory Proxy Server software. Directory Proxy Server has dependencies on specific Java ES shared components (see Table 1-6). Directory Proxy Server provides front-end access to Directory Server and uses Administration Server for configuration purposes. Directory Proxy Server therefore has dependencies on both Directory Server and Administration Server.
Upgrading Directory Proxy Server from Java ES Release 3This section includes information about upgrading Directory Proxy Server from Java ES 2005 Q1 (Release 3) to Java ES 2005Q4 (Release 4). The section covers the following topics:
Introduction
When upgrading Java ES Release 3 Directory Proxy Server to Release 4, consider the following aspects of the upgrade process:
- General Upgrade Approach. The upgrade is performed by applying patches to the Java ES Release 3 version. Re-configuration of Directory Proxy Server is achieved by automatically synchronizing the configuration directory with the upgraded software.
- Upgrade Dependencies. While Directory Proxy Server has dependencies on a number of Java ES shared components (see Table 1-6), Java ES Release 4 Directory Proxy Server is compatible with the Release 3 versions of these shared components. Upgrade of these shared components is therefore optional with respect to upgrade of Directory Proxy Server to Release 4.
- Backward Compatibility. Release 4 Directory Proxy Server is backwardly compatible with its Release 3 version.
- Upgrade Rollback. A rollback of the Release 4 upgrade is achieved on Solaris platforms by removing the Release 4 upgrade patches. On the Linux platform, however, there is no procedure for rolling back the Release 4 upgrade.
- Platform Issues. The general approach for upgrading Directory Proxy Server is the same on both Solaris and Linux operating systems, however the patching technologies are different. The upgrade process therefore includes platform-specific procedures.
Release 3 Directory Proxy Server Upgrade
This section describes how to perform an upgrade of Directory Proxy Server from Java ES Release 3 to Java ES Release 4 on both the Solaris and Linux platform. Where a topic depends on platform-specific procedures, the topic will indicate the operating system to which it applies. The section covers the following topics:
Pre-Upgrade Tasks
Before you upgrade Directory Proxy Server, you should perform the tasks described below.
Verify Current Version Information
You can verify the current version of Directory Proxy Server using the following commands:
The output is shown in the following table:
Upgrade Directory Proxy Server Dependencies
It is generally recommended that all Java ES components on a computer system (and in a computing environment) be upgraded to Java ES Release 4.
Directory Proxy Server has hard upgrade dependencies on Directory Server and Administration Server, even when they run on remote computers, so these components should be upgraded before upgrading Directory Proxy Server.
Upgrading of Java ES Release 3 shared components upon which Directory Proxy Server depends is optional, but recommended.
You can upgrade Directory Proxy Server dependencies in the following order, all before you upgrade Directory Proxy Server. You can skip any that might already have been upgraded.
- Shared Components. Instructions for upgrading Java ES shared components to Release 4 are provided in Upgrading Java ES Shared Components.
- Directory Server. Instructions for upgrading Directory Server to Release 4 are provided in Chapter 4, "Directory Server and Administration Server".
Back Up Directory Server Data
The Directory Proxy Server upgrade process modifies configuration directory data. Therefore, before you upgrade, it is recommended that you back up your configuration directory data using the Directory Server Console or a command-line utility such as db2bak.
For more information about backing up Directory Server, see the Sun Java System Directory Server Administration Guide (http://docs.sun.com/doc/817-7613).
Obtain Required Configuration Information and Passwords
Directory Proxy Server must run as the same user and group as Directory Server and Administration Server. That is, they must all run with the same UID and GID.
Upgrading Release 3 Directory Proxy Server (Solaris)
This section discusses considerations that impact the upgrade procedure for Directory Proxy Server followed by a description of the procedure itself.
Upgrade Considerations (Solaris)
The upgrade of Directory Proxy Server software to Java ES Release 4 takes into account the following considerations:
- Any Java ES components using a Directory Proxy Server instance (such as Access Manager, Communications Express, Messaging Server, Portal Server, and so forth) should be shut down before you upgrade that instance. However, many deployment architectures use multiple instances of Directory Proxy Server to provide high availability or scalability. In such cases, you can perform a rolling upgrade of Directory Proxy Server and the Directory Proxy Server clients need not be shut down.
- The upgrade of Directory Proxy Server should only be performed after the upgrade of Administration Server and Directory Server because re-configuration must take place in a particular order.
- Directory Proxy Server must be shut down when patches are being applied, however the associated configuration directory must be running to perform re-configuration.
- In a deployment architecture in which there are multiple instances of Directory Proxy Server running on a single computer (all corresponding to the same installed Directory Proxy Server image), upgrading the Directory Proxy Server image will upgrade all the instances. In such architectures, there is only one Administration Server instance per installed Directory Proxy Server image.
- The Release 4 Directory Proxy Server upgrade patches for Solaris OS are shown in the following table:
Table 5-4 Patches1 to Upgrade Directory Proxy Server on Solaris
Description
SPARC
Solaris 8, 9, & 10
X86
Solaris 9 & 10
Directory Proxy Server
116373-18
116374-18
Directory Proxy Server localization
117017-20
117017-20
1Patch revision numbers are the minimum required for upgrade to Java ES Release 4. If newer revisions become available, use the newer ones instead of those shown in the table.
Upgrade Procedure (Solaris)
The procedure documented below applies to Directory Proxy Server instances residing locally on the computer where the upgrade is taking place.
- Obtain the required patches, based on Table 5-4.
Patches can be downloaded to /tmp from: http://sunsolve.sun.com/pub-cgi/show.pl?target=patches/patch-access
- Log in as root or become superuser.
su -
- Stop the Administration Console if it is running locally.
- Shut down all Java ES components dependent on the Directory Proxy Server instances that are to be upgraded. This step might depend on how Directory Proxy Server is replicated within your deployment architecture.
For information about how to shut down a Java ES component, see its respective administration guide.
- Make sure you have upgraded any Java ES components upon which Directory Proxy Server has hard upgrade dependencies (see Upgrade Directory Proxy Server Dependencies).
- Upgrade Directory Proxy Server.
- Ensure that the configuration directory is running.
If it is local you might have to start it up. If it is remote, check to make sure it is running.
- Apply the Directory Proxy Server patches in Table 5-4.
Be sure to apply the Directory Proxy Server localization patch (117017) before applying the Directory Proxy Server base patch.
patchadd patch_ID
- Confirm that the patch upgrade was successful:
showrev -p | grep patch_ID
The output should return the versions of patch IDs applied in Step b.
- Restart Directory Proxy Server and all Java ES components dependent on Directory Proxy Server.
To restart Directory Proxy Server:
serverRoot/dps-hostName/restart-dps
Upgrading Release 3 Directory Proxy Server (Linux)
This section discusses considerations that impact the upgrade procedure for Directory Proxy Server followed by a description of the procedure itself.
Upgrade Considerations (Linux)
The upgrade of Directory Proxy Server to Java ES Release 4 on the Linux platform takes into account the same considerations as on the Solaris platform (see Upgrade Considerations (Solaris)), except that the Linux Release 4 upgrade patches differ from the Solaris OS patches.
The Release 4 Directory Proxy Server upgrade patch for Linux OS is shown in the following table:
Table 5-5 Patches1 to Upgrade Directory Proxy Server on Linux
Description
Patch ID and RPM names
Directory Proxy Server
118096-08:
sun-directory-proxy-server-5.2-13.i386.rpm
Directory Proxy Server localization
118288-11:
sun-directory-proxy-server-Locale-5.2-16.i386.rpm
1Patch revision numbers are the minimum required for upgrade to Java ES Release 4. If newer revisions become available, use the newer ones instead of those shown in the table.
Upgrade Procedure (Linux)
The procedure documented below applies to Directory Proxy Server instances residing locally on the computer where the upgrade is taking place.
- Obtain the required patch using the patch number and RPM names from Table 5-5. Use this information to obtain the version numbers for the RPM.
Patches can be downloaded to /tmp from: http://sunsolve.sun.com/pub-cgi/show.pl?target=patches/patch-access
- Log in as root or become superuser.
su -
- Stop the Administration Console if it is running locally.
- Shut down all Java ES components dependent on the Directory Proxy Server instances that are to be upgraded. This step might depend on how Directory Proxy Server is replicated within your deployment architecture.
For information about how to shut down a Java ES component, see its respective administration guide.
- Make sure you have upgraded any Java ES components upon which Directory Proxy Server has hard upgrade dependencies (see Upgrade Directory Proxy Server Dependencies).
- Apply the RPMs for Directory Proxy Server.
- Ensure that the configuration directory is running.
If it is local you might have to start it up. If it is remote, check to make sure it is running.
- Apply the RPMs.
Be sure to apply the Directory Proxy Server localization RPM before applying the Directory Proxy Server base RPM.
rpm -Fvh sun-directory-proxy-server-Locale-5.2-16.i386.rpm
rpm -Fvh sun-directory-proxy-server-5.2-13.i386.rpmThe upgraded settings are automatically synchronized with the configuration directory.
- Restart Directory Proxy Server and all Java ES components dependent on Directory Proxy Server.
To restart Directory Proxy Server:
serverRoot/dps-hostName/restart-dps
Verifying the Upgrade
You can verify successful upgrade of Directory Proxy Server using the following commands:
See Table 5-3 for output values.
Post-Upgrade Tasks
There are no post-upgrade tasks beyond the steps described in Upgrade Procedure (Solaris) and Upgrade Procedure (Linux).
Rolling Back the Upgrade (Solaris)
This section describes considerations that impact the upgrade rollback procedure for Directory Proxy Server, followed by the procedure itself.
Rollback Considerations (Solaris)
The procedure for rolling back the upgrade to Release 4 of Directory Proxy Server is pretty much the reverse of the procedure for upgrading to Release 4. The patches are removed and the configuration directory is re-synchronized.
One special consideration is that when you apply patches, you upgrade the SSL certificate database to a cert8 format. The patch backs up the cert7 data, and then converts it to cert8 format. If you subsequently decide to roll back the upgrade and have added new certificates to the certificate database, you should manually extract these certificates, back out the patches, and then add the certificates back to the previous cert7 format certificate database.
When you roll back an upgrade after having changed the SSL certificate database, you cannot start in SSL mode. To work around this problem, turn off SSL mode, restart Administration Server and Directory Proxy Server, reinstall the certificate, and then enable SSL mode.
Rollback Procedure (Solaris)
- Log in as root or become superuser.
su -
- Stop the Administration Console if it is running locally.
- Shut down all Java ES components dependent on the Directory Proxy Server instances that are to be upgraded. This step might depend on how Directory Proxy Server is replicated within your deployment architecture.
For information about how to shut down a Java ES component, see its respective administration guide.
- Roll back the Directory Proxy Server upgrade.
- Ensure that the configuration directory is running.
If it is local you might have to start it up. If it is remote, check to make sure it is running.
- Remove the Directory Proxy Server patches in Table 5-5.
patchrm patch_ID
- Roll back upgrades to any Java ES components upon which Directory Proxy Server has hard upgrade dependencies, in particular Directory Server and Administration Server.
- Restart Directory Proxy Server and all Java ES components dependent on Directory Proxy Server.
Multiple Instance Upgrades
In some deployment architectures Directory Proxy Server is deployed on multiple computer systems to provide for scalability and to improve availability. For example, you might have Directory Proxy Server components running on multiple computers with a load balancer to distribute the load.
In the case of load-balanced instances of Directory Proxy Server, you can perform a rolling upgrade in which you upgrade the Directory Proxy Server instances sequentially without interrupting service. You upgrade each instance of Directory Proxy Server while the others remain running. You perform the upgrade of each instance as described in Release 3 Directory Proxy Server Upgrade.
Upgrading Directory Proxy Server from Java ES Release 2The procedure for upgrading Java ES 2004Q2 (Release 2) Directory Proxy Server to Release 4 is the same as that for upgrading Release 3 Directory Proxy Server to Release 4, with the exception that the pre-upgrade tasks should include the upgrading to Release 4 of all shared components (see Table 1-6) and all locally-resident product components upon which Directory Proxy Server depends.
Instructions for upgrading Java ES shared components to Release 4 are provided in Chapter 2, "Upgrading Java ES Shared Components".
To upgrade Release 2 Directory Proxy Server to Release 4, use the instructions in Upgrading Directory Proxy Server from Java ES Release 3, except substitute Release 2 wherever Release 3 is referenced.