4 Upgrading from Oracle Traffic Director 11g

This chapter describes how to upgrade from Oracle Traffic Director 11g to Oracle Traffic Director 12c (12.2.1).

The following topics are covered:

Section 4.1, "Preparing to Upgrade to Oracle Traffic Director 12c (12.2.1)"
Section 4.2, "Running 12c (12.2.1) Upgrade Assistant"
Section 4.3, "What Is Upgraded to Oracle Traffic Director 12c (12.2.1)"
Section 4.4, "Post-Upgrade Steps"

4.1 Preparing to Upgrade to Oracle Traffic Director 12c (12.2.1)

Upgrade to 12c (12.2.1) is supported for the following software versions:

Oracle Traffic Director FMW 11g Release 1 (11.1.1.6.0)
Oracle Traffic Director FMW 11g Release 1 (11.1.1.7.0)
Oracle Traffic Director FMW 11g Release 1 (11.1.1.9.0)

Before you upgrade to Oracle Traffic Director 12c (12.2.1), you must follow these steps:

Make sure WLS 12.2.1 is installed into a new FMW_HOME and extended with OTD template.

Note:
For creation of domain, see
Shutdown 11g environment.
Shutdown 12c environment.

Note:
If OTD 11g and 12c installations are on different hosts/machines (for example 11g on OEL5 and 12c on OEL6), then the user has to do one of the following:
Remotely copy ORACLE_HOME and INSTANCE_HOME directories from 11g host to 12c preserving the same path as it was on 11g host.

For example, on 12c host:

# scp -r <11g host>:/otd/oracle_home /otd/oracle_home

# scp -r <11g host>:/otd/instance_home /otd/instance_home

Mount 11g ORACLE_HOME and INSTANCE_HOME paths on 12c host preserving the same path as it was on 11g host.

For example, on 12c host:

# mount <11g host>:/otd/oracle_home on /otd/oracle_home

# mount <11g host>:/otd/instance_home on /otd/instance_home

4.2 Running 12c (12.2.1) Upgrade Assistant

Run 12c Upgrade Assistant to complete the upgrade. The ua script is available under the path:

$FMW_HOME/oracle_common/upgrade/bin/ua

Command Options

Option	Description	Default
logLevel	One of WARNING, TRACE, NOTIFICATION, ERROR, or INTERNAL_ERROR	NOTIFICATION
response	Take user inputs from the specified file and perform the upgrade without any graphics user interface.	Normal GUI operation
examine	Only the examine operation of each selected plug-in will be called. The upgrade operations will be skipped. This can be useful during testing.	Both examine and upgrade is called.

You can run the Upgrade Assistant in the following ways:

Upgrading Oracle Traffic Director in Graphical Mode
Upgrading Oracle Traffic Director in Silent Mode

4.2.1 Upgrading Oracle Traffic Director in Graphical Mode:

Launch the upgrade assistance and follow the steps below:

Welcome screen page is displayed, showing the list of tasks to be done, as shown in Figure 4-1.

Figure 4-1 Welcome Screen

Description of ''Figure 4-1 Welcome Screen''

Click Next to continue.
All Configurations screen page is displayed, select "All Configurations Used By a Domain" and provide the correct domain path, as shown in Figure 4-2.

Figure 4-2 All Configurations

Description of ''Figure 4-2 All Configurations''

Click Next to continue.
Component List screen page is displayed, as shown in Figure 4-3.

Figure 4-3 Component List

Description of ''Figure 4-3 Component List''

Click Next to continue.
Prerequisites screen page is displayed, select all the check boxes, as shown in Figure 4-4.

Figure 4-4 Prerequisites

Description of ''Figure 4-4 Prerequisites''

Click Next to continue.
OTD 11g Instance Home screen page is displayed, provide the path to 11g OTD Instance Home, as shown in Figure 4-5.

Figure 4-5 OTD 11g Instance Home

Description of ''Figure 4-5 OTD 11g Instance Home''

Click Next to continue.
Examine screen page is displayed, showing the list of tasks done, as shown in Figure 4-6.

Figure 4-6 Examine

Description of ''Figure 4-6 Examine''

Click Next to continue.
Upgrade Summary screen page is displayed, as shown in Figure 4-7.

Figure 4-7 Upgrade Summary

Description of ''Figure 4-7 Upgrade Summary''

Note:
Click on Save Response File.. button to create a ressponse file, which can be used as an input for Command Line upgrade.

Click Next to continue.
Upgrade Progress screen page is displayed, as shown in Figure 4-8.

Figure 4-8 Upgrade Progress

Description of ''Figure 4-8 Upgrade Progress''

Click Next to continue.
Upgrade Success screen page is displayed, as shown in Figure 4-9.

Figure 4-9 Upgrade Success

Description of ''Figure 4-9 Upgrade Success''

Click Close to finish the upgrade.

4.2.2 Upgrading Oracle Traffic Director in Silent Mode

The other mode to upgrade is in the silent mode, run the upgrade UA command with the response file option.

This response file can be generated using the upgrade wizard by choosing the. The 'Upgrade Summary' page provides a 'Save Response File' button for this purpose.

On successful upgrade, a success message is displayed on the console. Log file will be available under this path:

<FMW_HOME>\oracle_common\upgrade\logs

Command Line for silent upgrade (on unix):

Syntax

<MW_HOME>/oracle_common/upgrade/bin/ua -response <response-file> -logLevel <Log-verbosity>

Sample response file:

[GENERAL]
fileFormatVersion = 3

[UAWLSINTERNAL.UAWLS]
pluginInstance = 1
UASVR.path = <PATH-TO-12C-OTD-DOMAIN>

[JRF.JRF_CONFIG_PLUGIN]
pluginInstance = 5

[CAM.SYSCOMP]
pluginInstance = 2

[OTD.CONFIG_UPGRADE]
pluginInstance = 12
INSTANCE_HOME.path = <PATH-TO-11g-OTD-INSTANCE-HOME>

SSL_TOKEN_TABLE.CONFIG_NAME.0.string = <OTD-11G-CONFIG-NAME>
SSL_TOKEN_TABLE.SSL_TOKEN_PIN.0.encryptedPassword = 
<ENCRYPTED-SSL-TOKEN-PIN-FOR-CONFIG-IN-11G>
SSL_TOKEN_TABLE.WALLET_PSWD.0.encryptedPassword = 
<ENCRYPTED-WALLET-PASSWORD-FOR-UPGRADED-CONFIG-IN-12C>

Note:

The SSL_TOKEN* fields are applicable only if the 11g instance has SSL enabled config.

4.3 What Is Upgraded to Oracle Traffic Director 12c (12.2.1)

The following are the changes after upgraded:

File	Status
magnus.conf	Copied as-is
WAF rulesedt files	Copied as-is
cert9.db	Imported to Oracle Wallet
key4.db	Imported to Oracle Wallet
pkcs11.txt	Imported to Oracle Wallet
obj.conf	Modified, see Section 4.3.1, "obj.conf"
server.xml	modified, see Section 4.3.2, "server.xml changes"

4.3.1 obj.conf

SAFs changed:

check-request-limits SAF:

Params removed:

interval

continue

ssl-client-config SAF:

This SAF is no longer supported in 12.2.1. Instead, ssl client config settings within origin-server-pool element in server.xml are used.

As part of upgrade, this SAF will be removed from obj.conf and since in 11g this was a VS specific configuration and in 12.2.1 it is not, a warning message will be logged for manually configuring this in server.xml.

4.3.2 server.xml changes

These server.xml elements no longer support:

<server>:<cluster> and its sub-elements (<local-host>, <instance>, <failover-group>)
<server>:<platform>
<server>:<ssl-client>
<server>:<user>
<server>:<pkcs11>:<allow-bypass>
<server>:<pkcs11>:<token> and its sub-elements (<name>, <pin>, <enabled>)
<server>:<tcp-listener>:<ssl>:<tls-session-tickets-enabled
<server>:<http-listener>:<ssl>:<tls-session-tickets-enabled>
<server>:<tcp-listener>:<ssl>:<strict-sni-vs-host-match>
<server>:<http-listener>:<ssl>:<strict-sni-vs-host-match>
<server>:<tcp-listener>:<ssl>:<tls-rollback-detection>
<server>:<http-listener>:<ssl>:<tls-rollback-detection>

The following cipher elements under <server>:<tcp-listener>:<ssl>:<ssl3-tls-ciphers> and <server>:<http-listener>:<ssl>:<ssl3-tls-ciphers>

<SSL_RSA_WITH_DES_CBC_SHA>
<SSL_RSA_FIPS_WITH_DES_CBC_SHA>
<SSL_RSA_EXPORT_WITH_RC4_40_MD5>
<SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5>
<TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA>
<TLS_RSA_EXPORT1024_WITH_RC4_56_SHA>
<SSL_RSA_WITH_NULL_MD5>
<SSL_RSA_WITH_NULL_SHA>
<TLS_ECDHE_RSA_WITH_NULL_SHA>
<TLS_ECDHE_ECDSA_WITH_NULL_SHA>
<SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA>
<TLS_RSA_WITH_CAMELLIA_256_CBC_SHA>
<TLS_RSA_WITH_CAMELLIA_128_CBC_SHA>
<TLS_RSA_WITH_SEED_CBC_SHA>
<SSL_RSA_WITH_RC4_128_MD5>

server.xml elements modified:

<server>:<pkcs11>:<crl-path> moved to <server>:<crl>:<crl-path>
<server>:<http-listener>:<ssl>:<tls> changed to <server>:<http-listener>:<ssl>:<tls10>
<server>:<tcp-listener>:<ssl>:<tls> changed to <server>:<tcp-listener>:<ssl>:<tls10>

<server>:<http-listener>:<ssl>:<server-cert-nickname> should be replaced by

<server>
  <http-listener>
    <ssl>
      <cert>
        <subject/>
        <serial-number/>
        <issuer/>
      </cert>
    </ssl>
  </http-listener>
</server>

<server>:<tcp-listener>:<ssl>:<server-cert-nickname> should be replaced by

<server>
  <tcp-listener>
    <ssl>
      <cert>
        <subject/>
        <serial-number/>
        <issuer/>
      </cert>
    </ssl>
  </tcp-listener>
</server>

<server>:<virtual-server>:<ssl>:<server-cert-nickname> should be replaced by

<server>
  <virtual-server>
    <ssl>
      <cert>
        <subject/>
        <serial-number/>
        <issuer/>
      </cert>
    </ssl>
  </virtual-server>
</server>

<server>:<origin-server-pool>:<type> with value as "https" change it to

<server>
  ...
  <origin-server-pool>
    <type>http</type>
    <ssl/>
  </origin-server-pool>
  ...
</server>

<server>:<origin-server>:<enabled> changed to <server>:<origin-server>:<mode>

<enabled>true</enabled> => <mode>enabled</mode>
<enabled>false</enabled> => <mode>disabled</mode>

4.4 Post-Upgrade Steps

Review the following list of post-upgrade tasks you might have to perform after using the Upgrade Assistant to upgrade to Oracle Traffic Director 12c (12.2.1):

OTD system component instances must be created post-upgrade by targeting the system component configurations to machines using Fusion Middleware Control or WLST.
OTD is generally configured for failover and thus, the failover groups may need to be created post-upgrade.
Creation of instances and failover groups is a deployment task and thus, these steps are best handled outside upgrade as post-upgrade steps.
Any references in the OTD config files to the paths outside of INSTANCE_HOME and ORACLE_HOME may not be accessible post-upgrade. This should be configured manually.