Upgrading and Migrating Oracle Linux Automation Manager

Upgrading the Database to Version 16

To upgrade a database to version 16:

For each Oracle Linux Automation Manager 2.2 nodes, sign in to a terminal.

Stop Oracle Linux Automation Manager.

sudo systemctl stop ol-automation-manager

Log in to the local or remote user account that hosts the database.
```
sudo su - postgres
```
Export the database using the following command that creates a script file containing all the necessary SQL commands and input data to restore the databases. For example, this command creates the olam.dump file in the chosen backup directory.
```
pg_dumpall > /var/tmp/olam.dump
```
Exit the user account that hosts the database.
```
exit
```
Stop the database server.
```
sudo systemctl stop postgresql
```
Remove ( and optionally backup ) existing database data directory. For example, the following command removes and creates a backup file in the home directory.
```
sudo mv /var/lib/pgsql/data/ ~/data.old
```
Remove the current version of the database.
```
sudo dnf remove postgresql
```
Enable the postgresql 16 module stream.
```
sudo dnf module reset postgresql
sudo dnf module enable postgresql:16
```
Note:
For more information about the Postgresql 16 life cycle, see the appendix discussing the application life cycle for stream modules in Oracle Linux: Managing Software on Oracle Linux.
Install the database.
```
sudo dnf install postgresql-server
```
Initialize the database:
```
sudo postgresql-setup --initdb
```
In the /var/lib/pgsql/data/postgresql.conf file, switch the password storage mechanism from md5 to scram-sha-256. For example, the following command makes the switch for you:
```
sudo sed -i "s/#password_encryption.*/password_encryption = scram-sha-256/"  /var/lib/pgsql/data/postgresql.conf
```

Start the database and import the /var/tmp/olam.dump file.

sudo systemctl start postgresql
sudo su - postgres
psql -d postgres -f /var/tmp/olam.dump
exit

Reapply the password to the database user account:
```
sudo -u postgres psql
\password awx
```

Enter and confirm the password for the awx user.

Enter new password for user "awx": 
Enter it again: 
exit

Run the following command to see if the database is available:
```
sudo su - postgres -c "psql -l |grep awx"
```
Output similar to the following is displayed:
```
awx | awx | UTF8 | libc | en_US.UTF-8 | en_US.UTF-8 | | |
```
As the root user, in the /var/lib/pgsql/data/pg_hba.conf file add the following line:
```
host  all  all 0.0.0.0/0 scram-sha-256
```

As the root user, in the /var/lib/pgsql/data/postgresql.conf file in the # CONNECTIONS AND AUTHENTICATION section, a line with the text listen_addresses = followed by the IP address or host name of the database in single quotes. For example:

listen_addresses = '<IP address or host name>'

#listen_addresses = 'localhost'         # what IP address(es) to listen on;
                                        # comma-separated list of addresses;
                                        # defaults to 'localhost'; use '*' for all
                                        # (change requires restart)
#port = 5432                            # (change requires restart)

In the previous example, <IP address or hostname> is the IP address or host name of the database.

If you have a remote database, check that the 5432/tcp port is open on the host running the database. For example, the following commands shows that the ports parameter has the correct port open:

sudo firewall-cmd --list-all

public (active)
target: default
icmp-block-inversion: no
interfaces: enp1s0
sources:
services: cockpit dhcpv6-client ssh
ports: 5432/tcp
protocols:
forward: no
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:

If the remote database host isn't open, run the following command:

sudo firewall-cmd --add-port=5432/tcp --permanent
sudo firewall-cmd --reload

Calculate and update the memory requirements parameters using the following:
```
max_connections = 1024
shared_buffers = total_mem_mb*0.3
work_mem = total_mem_mb*0.03
maintenance_work_mem = total_mem_mb*0.04
```
In the previous example, total_mem_mb is the total memory size in megabytes of the system hosting the database server. For example, if the total available memory on the system were 18 000 MB, then this worksheet would include the following:
```
max_connections = 1024
shared_buffers = 18000*0.3
work_mem = 18000*0.03
maintenance_work_mem = 18000*0.04
```
The final numbers to add are as follows:
```
max_connections = 1024
shared_buffers = 5400MB
work_mem = 540MB
maintenance_work_mem = 720MB
```
Add the calculated values to the /var/lib/pgsql/data/postgresql.conf file.
Start the database server.
```
sudo systemctl restart postgresql
```
Restart all Oracle Linux Automation Manager 2.2 servers.
```
sudo systemctl start ol-automation-manager
```
Verify that Oracle Linux Automation Manager functionality continues as before the database upgrade. See Viewing the Service Mesh for various ways to perform these checks.

Upgrading Release 2.2 to Release 2.3

Use this procedure to upgrade Oracle Linux Automation Manager from 2.2 to 2.3:

Backup the Oracle Linux Automation Manager nodes.
Ensure all hosts have been updated to the latest software versions. For example,
```
sudo dnf update
```
Ensure that the database is upgraded. See Upgrading the Database to Version 16.
Log into a control node or a hybrid node.
```
sudo su -l awx -s /bin/bash
```
Repeat the following command for every hybrid, control, execution, and hop node in the cluster.
```
awx-manage provision_instance --hostname=<hostname or ip address> --listener_port=<listener_port> --node_type=<node_type>
```
In the previous example, the following variables are:
- hostname or IP address is the hostname or IP address of the system running Oracle Linux Automation Manager. The host name or IP address must match the host name or IP addressed used when you configured the /etc/receptor/receptor.conf file node ID (see Configuring and Starting the Control Plane Service Mesh). If hostname is used, the host must be resolvable.
- listener_port is the port number of the node, for example, 27199.
- node_type is the node type. Valid values are, control, execution, hop, or hybrid.
Exit the hybrid or control node session:
```
exit
```
For each Oracle Linux Automation Manager 2.2 node (control, execution, hop, or hybrid), sign in to a terminal and do the following:
1. Stop the system:
```
sudo systemctl stop receptor-awx
sudo systemctl stop ol-automation-manager
```
2. If not already created, create a custom settings file in the /etc/tower/conf.d folder. The settings you specify in custom settings files supersede the settings in /etc/tower/settings.py, preventing software updates from changing the custom settings. To create a custom settings file, do the following:
  1. Create a custom settings file in the /etc/tower/conf.d folder. For example:
```
touch /etc/tower/conf.d/olam.py
```
  2. Add any Oracle Linux Automation Manager specific setting to the new file. For example,the CLUSTER_HOST_ID, DATABASES are some parameters you might want to add. For more information, see Setting up Hosts.
  3. Set the ownership and file permissions for the custom settings file. For example,
```
sudo chown awx:awx /etc/tower/conf.d/olam.py
sudo chmod 0640 /etc/tower/conf.d/olam.py
```
3. Update the system:
```
sudo dnf update oraclelinux-automation-manager-release-el8-2.3
sudo mv /etc/yum.repos.d/oraclelinux-automation-manager-ol8.repo /etc/yum.repos.d/oraclelinux-automation-manager-ol8.repo.OLD
sudo mv /etc/yum.repos.d/oraclelinux-automation-manager-ol8.repo.rpmnew /etc/yum.repos.d/oraclelinux-automation-manager-ol8.repo
sudo dnf update
```
4. If after the update, the /etc/tower/settings.py.rpmnew appears, do the following:
```
sudo mv /etc/tower/settings.py /etc/tower/settings.py.OLD
sudo mv /etc/tower/settings.py.rpmnew /etc/tower/settings.py
```
  Note:
  Consider adding any custom settings made to the /etc/tower/settings.py.OLD file to the /etc/tower/conf.d directory in a similar way as described in step 7.b if you haven't already done so.
5. If the /etc/nginx/conf.d/ol-automation-manager-nginx.conf.rpmnew file appears, then custom modifications were detected in the /etc/nginx/conf.d/ol-automation-manager-nginx.conf file. The changes for the upgrade are contained in the ol-automation-manager-nginx.conf.rpmnew file. In the custom ol-automation-manager-nginx.conf file find the following:
```
    location /favicon.ico { alias /var/lib/awx/venv/awx/lib/python3.9/site-packages/awx/ui/build/static/media/favicon.ico; }

    location /static/ {
        alias /var/lib/awx/venv/awx/lib/python3.9/site-packages/awx/ui/build/static/;
    }
```
  Change them as follows:
```
    location /favicon.ico { alias /var/lib/awx/venv/awx/lib/python3.11/site-packages/awx/ui/build/static/media/favicon.ico; }

    location /static/ {
        alias /var/lib/awx/venv/awx/lib/python3.11/site-packages/awx/ui/build/static/;
    }
```
6. Pull the 2.3 olam-ee image using.
  
  Note:
  If you have set the GLOBAL_JOB_EXECUTION_ENVIRONMENTS and CONTROL_PLANE_EXECUTION_ENVIRONMENT variables as described in Setting up Hosts, ensure that you update these to point to the olam-ee:2.3-ol8 container image. Note that if the olam-ee:2.3-ol8 container image is on a Private Automation Hub server, change the podman pull command as required on the variable and in the following commands.
```
sudo su -l awx -s /bin/bash
podman system migrate
podman pull container-registry.oracle.com/oracle_linux_automation_manager/olam-ee:2.3-ol8
awx-manage makemigrations --merge
awx-manage migrate
awx-manage register_default_execution_environments
exit
```

Restart the following services on all nodes:

sudo systemctl restart nginx
sudo systemctl start receptor-awx
sudo systemctl start ol-automation-manager

Migrating a Single Instance Release 2.3 Deployment to a Clustered Deployment

To migrate a single host instance deployment of Oracle Linux Automation Manager (hybrid node) to a clustered deployment (control, execution, and hop node clusters), do the following:

In a terminal on the hybrid node, stop Oracle Linux Automation Manager.
```
sudo systemctl stop ol-automation-manager
```

Create a database dump file.

sudo su - postgres
pg_dumpall > /var/tmp/olam.dump

Complete the procedures for setting up a remote database in Setting Up a Local or Remote Database with the following exceptions:
1. Before starting the procedure, copy over the dump file to the remote database. For example, using scp.
2. After starting and checking the status of the database in step 7 and 8, import the dump file:
```
sudo su - postgres
psql -d postgres -f /dirwithbackup/olam.dump
exit
```
3. Skip steps 9 through 11 for creating the database user account and creating the database because these are already part of the dump file.
4. Continue the procedure at step 12 until you restart the database.
On the remote database, reapply the password to the database user account:
```
sudo -u postgres psql
\password awx
```

Enter and confirm the password for the awx user.

Enter new password for user "awx": 
Enter it again: 
exit

If the single instance hybrid node had a local database, do the following for a remote database configuration:
1. Return to the Oracle Linux Automation Manager server, and create a custom settings file. For example:
```
sudo touch /etc/tower/conf.d/olam.py
```
2. Add the following DATABASES fields to the custom settings file:
```
DATABASES = {
    'default': {
        'ATOMIC_REQUESTS': True,
        'ENGINE': 'awx.main.db.profiled_pg',
        'NAME': 'awx',
        'USER': 'awx',
        'PASSWORD': 'password',
        'HOST': 'database hostname or ip address',
        'PORT': '5432',
    }
}
```
  In the previous example, database hostname or ip address is the hostname or IP address of the remote database. If hostname is used, the host must be resolvable. password is the password for your remote database, if you have configured one.

Set the ownership and file permissions for the custom settings file:

sudo chown awx:awx /etc/tower/conf.d/filename.py
sudo chmod 0640 /etc/tower/conf.d/filename.py

In the previous example, filename is the name of the custom settings file. For example,

sudo chown awx:awx /etc/tower/conf.d/olam.py
sudo chmod 0640 /etc/tower/conf.d/olam.py

Stop the local database.
```
sudo systemctl stop postgresql
```

Open the ports used for the Service Mesh.

sudo firewall-cmd --add-port=27199/tcp --permanent
sudo firewall-cmd --reload

Start Oracle Linux Automation Manager.

sudo systemctl start ol-automation-manager

Backup and remove the existing database data directory. For example, the following command creates a backup file in the home directory and then removes the database:
```
sudo mv /var/lib/pgsql/data/ ~/data.old
sudo dnf remove postgresql 
```
Run the following command:
```
sudo su -l awx -s /bin/bash
```
Run the following commands.
```
awx-manage deprovision_instance --hostname=<hostname or IP address>
awx-manage unregister_queue --queuename default
awx-manage unregister_queue --queuename tower 
awx-manage provision_instance --hostname=<hostname or IP address> --node_type=control
awx-manage register_queue --queuename=controlplane --hostnames=<hostname or IP address>
awx-manage add_receptor_address --instance=<hostname or ip address> --address=<hostname or ip address> --port=<listener_port> --canonical
exit
```
In the previous example, hostname or IP address is the hostname or IP address of the system running Oracle Linux Automation Manager. The host name or IP address must match the host name or IP addressed used when you configured the /etc/receptor/receptor.conf file node ID (see Configuring and Starting the Control Plane Service Mesh). If hostname is used, the host must be resolvable. You only need to unregister tower if it exists and is no longer used. listener_port is the port number of the node, for example, 27199.
In the custom settings file (for example, /etc/tower/conf.d/olam.py), append the DEFAULT_EXECUTION_QUEUE_NAME and DEFAULT_CONTROL_PLANE_QUEUE_NAME fields:
```
DEFAULT_EXECUTION_QUEUE_NAME = 'execution'
DEFAULT_CONTROL_PLANE_QUEUE_NAME = 'controlplane'
```
If you have playbooks designed to run longer than the default reaper timeout of 60 seconds, add the REAPER_TIMEOUT_SEC parameter to the custom settings file to increase the timeout. For example,
```
REAPER_TIMEOUT_SEC=<longest_playbook_time>
```
In the previous example, <longest_playbook_time> is number of seconds that exceeds the duration of the longest playbook runtime.

Restart Oracle Linux Automation Manager.

sudo systemctl restart  ol-automation-manager.service

The original upgraded node is now converted into a control node. You must now add one more execution node for the upgraded cluster to be fully functional. For all other members of the cluster, follow the procedures described in Preparing the Database and Hosts, except for setting up a remote database, because this is already completed. Then, follow the procedures for installing and configuring all other hosts as part of the cluster, as described in Installing Oracle Linux Automation Manager in a Clustered Deployment.

Migrating Playbooks to Oracle Linux Automation Engine Release 2.3

Test any Oracle Linux Automation Engine release 2.2 playbooks to verify whether they function with Oracle Linux Automation Manager release 2.3. You might need to update playbooks because the upstream projects have made changes such as, the number of modules, some modules have become collections, and some modules have been merged into other modules or collections.

Verify that the playbooks are using the correct versions of python as described in Oracle Linux Automation Manager 2.3: Release Notes. For custom execution environments, review the overview section in Oracle Linux Automation Manager 2.3: Private Automation Hub User's Guide.

9 Upgrading and Migrating Oracle Linux Automation Manager

Upgrading the Database to Version 16

Upgrading Release 2.2 to Release 2.3

Migrating a Single Instance Release 2.3 Deployment to a Clustered Deployment

Migrating Playbooks to Oracle Linux Automation Engine Release 2.3